08-21-2012 05:39 AM - edited 03-03-2019 06:43 AM
Hi All,
I have a C3825, and have been using standard ACLs and a PBR to route certain HTTP traffic via an alternative default gateway:
route-map RTRMAP-OfficeLAN permit 10
match ip address RTRMAP-OfficeLAN-toADSL
set ip next-hop x.x.x.x
This is working absolutely fine, and as expected, all traffic matching the ACL is being sent to x.x.x.x
However, we have recently expanded our network, and I am now receiving various networks via BGP from various sources. All BGP incoming via iBGP is tagged in communities:
Community (expanded) access list 100
permit 37xxx:100
Community (expanded) access list 200
permit 37xxx:200
Community (expanded) access list 300
permit 37xxx:300
Community (expanded) access list 400
permit 37xxx:400
Community (expanded) access list 500
permit 37xxx:500
All communities are also matching prefixes when executing either 'sh ip bgp community 37xxx:100' or 'sh ip bgp community-list 100'
What I am trying to achieve, is create an EXCEPTION for the policy route. Traffic matching the community lists, must be forwarded based on the routers routing table, whilst traffic maching the ACL, must be sent via the policy route...
route-map RTRMAP-OfficeLAN permit 5
match community 100 200 300 400 500
!
route-map RTRMAP-OfficeLAN permit 10
match ip address RTRMAP-OfficeLAN-toADSL
set ip next-hop x.x.x.x
My logic dictates to me that the above should work, but looking at the route-map, I get matches on seq 5 and pacets are exiting the route-map as expected (first matched). However no traffic that does NOT match community 100,200,300,400 or 500 and that DOES match the RTRMAP-OfficeLAN-toADSL never matches.
The counters on the route-map for seq 5 is increasing, but no counters are increasing at seq 10.. It's almost as if seq 5 is matching all traffic.
Am I missing something?
Many thanks,
Chris.
08-21-2012 11:55 AM
Hi,
you can't use community-list for PBR afaik it only accepts ACLs for matching.
Regards.
Alain
Don't forget to rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide