I applied policy without ACL and i see following command and see
counter increased but after few second it stopped, what does that
means?
Does my policy work and because of Hardware base PBR it is not showing counter?
R1#show route-map
route-map FOO, permit, sequence 10
Match clauses:
Set clauses:
ip next-hop xx.xxx.xxx.xxx
Policy routing matches: 149 packets, 22718 bytes
On Thu, Jun 23, 2016 at 3:12 PM, Nick Cutting <ncutt...@edgetg.com> wrote:
> The “match interface” route-map sub command command is for routing policy,
> it will not work with PBR
>
>
>
> Many route map match entries will be accepted in the command interpreter,
> but they will not work for the job you want the route-map to do.
>
> The same is true of various entries for IGP vs EGP protocols, when using
> route-maps for routing policy.
>
>
>
> Just set the ACL to:
>
>
>
> ip access-list extended ACl-PBR-MATCH-ANY
>
> permit ip any any
>
>
>
>
>
>
>
> From: Satish Patel [mailto:satish....@gmail.com]
> Sent: Thursday, June 23, 2016 2:24 PM
> To: Nick Cutting; Cisco Network Service Providers
> Subject: Re: [c-nsp] PBR two default gateway
>
>
>
> Why do i need ACL if i want to match all IPs behind same interface
> like f0/1? I want to route any traffic coming from interface f0/1.
>
> On Thu, Jun 23, 2016 at 2:21 PM, Nick Cutting <ncutt...@edgetg.com> wrote:
>> You need to match the traffic of the source and destination, in an ACL in
>> the route-map.
>> Yours probably being :
>>
>> ACL-PBR-SUBNET-A
>> Permit XX.xx.xx.xx 0.0.0.255 any
>>
>> route-map FOO permit 10
>> match ip address ACL-PBR-SUBNET-A
>> set ip next-hop x.x.x.x
>>
>> then "debug ip policy" to watch it firing, or not firing (if this is not
>> in production yet)
>>
>> You must test from behind the router - from a host on the subnet ) - as
>> self-generated traffic requires another type of PBR (local policy)
>>
>>
>> -----Original Message-----
>> From: cisco-nsp [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
>> Satish Patel
>> Sent: Thursday, June 23, 2016 1:46 PM
>> To: Cisco Network Service Providers
>> Subject: [c-nsp] PBR two default gateway
>>
>> I have router with two subnet A & B connected on related physical
>> interface. and we have two ISP link so i want to send subnet A to ISP-A and
>> subnet B to ISP-B.
>>
>> is it enough if i do this or do i need to use match interface F1/1?
>> Because i want to do whatever coming from my source interface go to ISP-A
>> and rest will use ip route 0.0.0.0 0.0.0.0 ISP-B
>>
>> !
>> interface FastEthernet1/1
>> description subnet-A
>> ip address x.x.x.x 255.255.255.0
>> ip policy route-map FOO
>> !
>> !
>> route-map FOO permit 10
>> set ip next-hop x.x.x.x
>> !
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
