- Cisco Community
- Technology and Support
- Service Providers
- MPLS
- MPLS L3 VPN with Policy Routing
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MPLS L3 VPN with Policy Routing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-18-2012 03:19 AM
Hi All,
Your urgent help is hereby sought for the scenario as follows:
Four PE routers (R2,4,5,and XR1) each with its connected CE. Running static route everywhere except in the core.
The VPN policy actually took place on the R2, which has connection to R1 as the CE.
R1 has three loopbacks, which is conditioned to be reachable by each of the CEs (R7,8,XR2) at other ends.
After completion of the LAB, all the PEs can see routes from the other ends that concerns them as expected, unfortunately only XR2 can reach 1.1.1.20 on the CE1, while CE7 and CE8 could not reach 1.1.1.7 and 1.1.1.8 on the CE1 as expected.
Any help to resolve this issue shall be greatly appreciated. Also do let me know if further info is require?.
XR1 = 1.1.1.1 (XR1 in my good dream)
R2 = 2.2.2.2
R4 = 4.4.4.4
R5 = 5.5.5.5
R2#sr | sec router bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN_A
no synchronization
network 1.1.1.20 mask 255.255.255.255
exit-address-family
!
address-family ipv4 vrf VPN_B
no synchronization
network 1.1.1.7 mask 255.255.255.255
exit-address-family
!
address-family ipv4 vrf VPN_C
no synchronization
network 1.1.1.8 mask 255.255.255.255
exit-address-family
R2#
R2#sr | sec ip route
ip route vrf VPN_A 1.1.1.20 255.255.255.255 POS1/0 172.16.12.1
ip route vrf VPN_B 1.1.1.7 255.255.255.255 POS1/0 172.16.12.1
ip route vrf VPN_C 1.1.1.8 255.255.255.255 POS1/0 172.16.12.1
alias exec sir sh ip route
R2#
R2#sr | sec route-map
ip policy route-map VPN_A_B_C
route-map VPN_A_B_C permit 10
match ip address VPN_A
set vrf VPN_A
route-map VPN_A_B_C permit 20
match ip address VPN_B
set vrf VPN_B
route-map VPN_A_B_C permit 30
match ip address VPN_C
set vrf VPN_C
R2#sr | sec ip access-l
ip access-list standard VNP_A
permit 1.1.1.20
ip access-list standard VNP_B
permit 1.1.1.7
ip access-list standard VNP_C
permit 1.1.1.8
R2#
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 13, main routing table version 13
6 network entries using 912 bytes of memory
6 path entries using 312 bytes of memory
6/6 BGP path/bestpath attribute entries using 792 bytes of memory
3 BGP extended community entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2088 total bytes of memory
BGP activity 7/1 prefixes, 7/1 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 32 33 13 0 0 00:24:29 1
4.4.4.4 4 100 32 33 13 0 0 00:24:28 1
5.5.5.5 4 100 31 33 13 0 0 00:24:26 1
R2#
R2#
R2#sh bgp vpnv4 unicast all
BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VPN_A)
*> 1.1.1.20/32 172.16.12.1 0 32768 i
*>i20.20.20.20/32 1.1.1.1 0 100 0 i
Route Distinguisher: 100:2 (default for vrf VPN_B)
*> 1.1.1.7/32 172.16.12.1 0 32768 i
*>i7.7.7.7/32 4.4.4.4 0 100 0 i
Route Distinguisher: 100:3 (default for vrf VPN_C)
*> 1.1.1.8/32 172.16.12.1 0 32768 i
*>i8.8.8.8/32 5.5.5.5 0 100 0 i
R2#sh vrf ipv4
Name Default RD Protocols Interfaces
VPN_A 100:1 ipv4
VPN_B 100:2 ipv4
VPN_C 100:3 ipv4
R2#
R2#sr int pos 1/0
interface POS1/0
ip vrf receive VPN_A
ip vrf receive VPN_B
ip vrf receive VPN_C
ip address 172.16.12.2 255.255.255.0
ip policy route-map VPN_A_B_C
end
R2#
====================================================
R1 is a CE connected to PE (R2)
R1#sr int pos 3/0
interface POS3/0
vrf forwarding VPN_A
ip address 172.16.102.1 255.255.255.0
end
R1#siib | ex dow
Interface IP-Address OK? Method Status Protocol
POS2/0 172.16.12.1 YES NVRAM up up
Loopback117 1.1.1.7 YES NVRAM up up
Loopback118 1.1.1.8 YES NVRAM up up
Loopback120 1.1.1.20 YES NVRAM up up
R1#
=============================================================
This is PE (XR1, i wished)
XR1#ping vrf VPN_A 172.16.102.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.102.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/36/44 ms
XR1#
XR1#sr | in ip route
ip route vrf VPN_A 20.20.20.20 255.255.255.255 172.16.102.2
XR1#sh run | sec router bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN_A
no synchronization
network 20.20.20.20 mask 255.255.255.255
exit-address-family
XR1#
XR1#sh bgp vpnv4 unicast all 1.1.1.20 255.255.255.255
BGP routing table entry for 100:1:1.1.1.20/32, version 4
Paths: (1 available, best #1, table VPN_A)
Not advertised to any peer
Local
2.2.2.2 (metric 4) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/29
XR1#sh bgp vpnv4 unicast all
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VPN_A)
*>i1.1.1.20/32 2.2.2.2 0 100 0 i
*> 20.20.20.20/32 172.16.102.2 0 32768 i
XR1#
=================================================================
This is anoth PE connected to CE (R7)
R4#sr | sec router bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN_B
no synchronization
network 7.7.7.7 mask 255.255.255.255
exit-address-family
R4#
R4#sh run | be ip route
ip route vrf VPN_B 7.7.7.7 255.255.255.255 172.16.47.7
R4#sr int pos 2/0
Building configuration...
Current configuration : 84 bytes
!
interface POS2/0
vrf forwarding VPN_B
ip address 172.16.47.4 255.255.255.0
end
R4#ping vrf VPN_B 172.16.47.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.47.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/48/96 ms
R4#
R4#sh bgp vpnv4 unicast all 1.1.1.7 255.255.255.255
BGP routing table entry for 100:2:1.1.1.7/32, version 4
Paths: (1 available, best #1, table VPN_B)
Not advertised to any peer
Local
2.2.2.2 (metric 2) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:2
mpls labels in/out nolabel/30
R4#
R4#sh bgp vpnv4 unicast vrf VPN_B
BGP table version is 4, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VPN_B)
*>i1.1.1.7/32 2.2.2.2 0 100 0 i
*> 7.7.7.7/32 172.16.47.7 0 32768 i
R4#
==================================================================
This is another CE connected to R8
R5#sr | se router bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf VPN_C
no synchronization
network 8.8.8.8 mask 255.255.255.255
exit-address-family
R5#
R5#sr | se ip route
ip route vrf VPN_C 8.8.8.8 255.255.255.255 172.16.58.8
alias exec sir sh ip route
R5#
R5#sr int pos 5/0
Building configuration...
Current configuration : 84 bytes
!
interface POS5/0
vrf forwarding VPN_C
ip address 172.16.58.5 255.255.255.0
end
R5#ping vrf VPN_C 172.16.58.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.58.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/36/48 ms
R5#
R5#sh bgp vpnv4 unicast all 1.1.1.8 255.255.255.255
BGP routing table entry for 100:3:1.1.1.8/32, version 4
Paths: (1 available, best #1, table VPN_C)
Not advertised to any peer
Local
2.2.2.2 (metric 3) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:3
mpls labels in/out nolabel/31
R5#
R5#sh bgp vpnv4 unicast rd 100:3
BGP table version is 4, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:3 (default for vrf VPN_C)
*>i1.1.1.8/32 2.2.2.2 0 100 0 i
*> 8.8.8.8/32 172.16.58.8 0 32768 i
R5#
===================================================
Thanking you all in advance,
O.A
- Labels:
-
MPLS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2012 05:00 PM
You must enter the ip policy route-map command before the ip vrf receive command can be enabled. With the VRF Selection Using Policy-Based Routing implementation of the VRF selection feature, a route map filters the VRF routes. If a match and set operation occurs in the route map but there is no receive entry in the local VRF table, the packet is dropped.
Can you reconfigure as below interface pos1/0 again and give a shot?
R2#sr int pos 1/0
interface POS1/0
ip policy route-map VPN_A_B_C ==> Before IP vrf receive command
ip vrf receive VPN_A
ip vrf receive VPN_B
ip vrf receive VPN_C
ip address 172.16.12.2 255.255.255.0
HTH
Regards
Saurabh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-21-2012 07:14 AM
Hi Saurabh,
A very big thanks for your reponse because i know it takes time going through all the configs before anyone could reply to my query. Nonetheless, your proposed solution could not resolve the issue yet.
Please see below for the removal and replacement of the configs on POS1/0 of R2 (PE) towards R1 (CE). Despite doing as prescribed the configs reverted back when you do a show run of the interface.
R1#siib | in up
POS2/0 172.16.12.1 YES NVRAM up up
Loopback117 1.1.1.7 YES NVRAM up up Conditioned to reach R7 7.7.7.7 only, not working
Loopback118 1.1.1.8 YES NVRAM up up Conditioned to reach R8 8.8.8.8 only, it's not working
Loopback120 1.1.1.20 YES NVRAM up up Conditioned to reach XR2 20.20.20.20 only, it's working
R1#
R1#sr | se ip route
ip route 0.0.0.0 0.0.0.0 172.16.12.2
R1#
While pinging on the CE (R1) i enabled the debup ip policy on R2, please see the section below maybe it could help diagonise what i am missing?.
R1#ping 7.7.7.7 source 1.1.1.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.7
.....
Success rate is 0 percent (0/5)
R1#ping 8.8.8.8 source 1.1.1.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.8
.....
Success rate is 0 percent (0/5)
R1#ping 20.20.20.20 source 1.1.1.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.20
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 124/163/196 ms
Here Corresponding outputs on R2
===========================
R2#sr int pos 1/0
Building configuration...
Current configuration : 159 bytes
!
interface POS1/0
ip vrf receive VPN_A
ip vrf receive VPN_B
ip vrf receive VPN_C
ip address 172.16.12.2 255.255.255.0
ip policy route-map VPN_A_B_C
end
R2#ct
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int pos 1/0
R2(config-if)#shu
R2(config-if)#
*Aug 21 13:18:37.095: %LINK-5-CHANGED: Interface POS1/0, changed state to administratively down
*Aug 21 13:18:38.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface POS1/0, changed state to down
R2(config-if)#defa
R2(config-if)#default int pos 1/0
% Can not find information about VRF RECEIVE entry
% Can not find information about VRF RECEIVE entry
% Can not find information about VRF RECEIVE entry
Interface POS1/0 set to default configuration
R2(config)#int pos 1/0
R2(config-if)#ip poli
R2(config-if)#ip policy rou
R2(config-if)#ip policy route-map VPN_A_B_C
R2(config-if)#ip vrf receive VPN_A
R2(config-if)# ip vrf receive VPN_B
R2(config-if)# ip vrf receive VPN_C
R2(config-if)#ip address 172.16.12.2 255.255.255.0
R2(config-if)#no shut
R2(config-if)#
*Aug 21 13:19:41.131: %LINK-3-UPDOWN: Interface POS1/0, changed state to up
*Aug 21 13:19:42.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface POS1/0, changed state to up
R2(config-if)#^Z
R2#
R2#
R2#
*Aug 21 13:19:45.423: %SYS-5-CONFIG_I: Configured from console by console
R2#wr
Building configuration...
[OK]
R2#
R2#
R2#sr int pos 1/0
Building configuration...
Current configuration : 159 bytes
!
interface POS1/0
ip vrf receive VPN_A
ip vrf receive VPN_B
ip vrf receive VPN_C
ip address 172.16.12.2 255.255.255.0
ip policy route-map VPN_A_B_C
end
R2#
R2#
R2#debug ip poli
R2#debug ip policy
Policy routing debugging is on
R2#
*Aug 21 13:21:03.611: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy match
*Aug 21 13:21:03.615: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, PBR Counted
*Aug 21 13:21:03.615: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy routed set vrf
*Aug 21 13:21:03.619: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy match
*Aug 21 13:21:03.623: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:03.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, set vrf
*Aug 21 13:21:03.627: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:05.599: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy match
*Aug 21 13:21:05.599: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, PBR Counted
*Aug 21 13:21:05.603: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy routed set vrf
*Aug 21 13:21:05.615: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy match
*Aug 21 13:21:05.619: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:05.619: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, set vrf
*Aug 21 13:21:05.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:07.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy match
*Aug 21 13:21:07.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, PBR Counted
*Aug 21 13:21:07.627: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy routed set vrf
*Aug 21 13:21:07.639: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy match
*Aug 21 13:21:07.639: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:07.639: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, set vrf
*Aug 21 13:21:07.643: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:09.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy match
*Aug 21 13:21:09.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, PBR Counted
*Aug 21 13:21:09.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy routed set vrf
*Aug 21 13:21:09.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy match
*Aug 21 13:21:09.623: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:09.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, set vrf
*Aug 21 13:21:09.627: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:11.611: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy match
*Aug 21 13:21:11.611: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, PBR Counted
*Aug 21 13:21:11.611: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, FIB policy routed set vrf
*Aug 21 13:21:11.619: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy match
*Aug 21 13:21:11.619: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:11.619: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, set vrf
*Aug 21 13:21:11.623: IP: s=1.1.1.7 (POS1/0), d=7.7.7.7, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:17.079: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy match
*Aug 21 13:21:17.079: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, PBR Counted
*Aug 21 13:21:17.083: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy routed set vrf
*Aug 21 13:21:17.095: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy match
*Aug 21 13:21:17.099: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:17.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, set vrf
*Aug 21 13:21:17.107: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:19.079: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy match
*Aug 21 13:21:19.079: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, PBR Counted
*Aug 21 13:21:19.083: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy routed set vrf
*Aug 21 13:21:19.095: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy match
*Aug 21 13:21:19.099: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:19.099: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, set vrf
*Aug 21 13:21:19.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:21.091: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy match
*Aug 21 13:21:21.091: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, PBR Counted
*Aug 21 13:21:21.091: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy routed set vrf
*Aug 21 13:21:21.095: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy match
*Aug 21 13:21:21.099: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:21.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, set vrf
*Aug 21 13:21:21.107: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:23.075: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy match
*Aug 21 13:21:23.075: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, PBR Counted
*Aug 21 13:21:23.079: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy routed set vrf
*Aug 21 13:21:23.091: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy match
*Aug 21 13:21:23.091: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:23.095: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, set vrf
*Aug 21 13:21:23.099: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:25.099: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy match
*Aug 21 13:21:25.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, PBR Counted
*Aug 21 13:21:25.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, FIB policy routed set vrf
*Aug 21 13:21:25.103: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy match
*Aug 21 13:21:25.107: IP: route map VPN_A_B_C, item 10, permit
*Aug 21 13:21:25.111: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, set vrf
*Aug 21 13:21:25.111: IP: s=1.1.1.8 (POS1/0), d=8.8.8.8, len 100, policy rejected -- normal forwarding
R2#
*Aug 21 13:21:30.207: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy match
*Aug 21 13:21:30.207: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, PBR Counted
*Aug 21 13:21:30.207: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy routed set vrf
*Aug 21 13:21:30.391: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy match
*Aug 21 13:21:30.391: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, PBR Counted
*Aug 21 13:21:30.395: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy routed set vrf
*Aug 21 13:21:30.575: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy match
*Aug 21 13:21:30.575: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, PBR Counted
*Aug 21 13:21:30.579: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy routed set vrf
*Aug 21 13:21:30.743: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy match
*Aug 21 13:21:30.743: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, PBR Counted
*Aug 21 13:
R2#21:30.743: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy routed set vrf
*Aug 21 13:21:30.903: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy match
*Aug 21 13:21:30.907: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, PBR Counted
*Aug 21 13:21:30.911: IP: s=1.1.1.20 (POS1/0), d=20.20.20.20, len 100, FIB policy routed set vrf
R2#
I look forward to your kind reply as usual,
Regards,
O.A
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: