Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
691
Views
0
Helpful
6
Replies

Policy-routing on 3550 12T

flreize
Level 1
Level 1

‎11-18-2005 02:25 AM - edited ‎03-03-2019 12:51 AM

IOS used: c3550-i5q3l2-mz.121-22.EA3.bin

I try to policy-route packets coming from a certain source (160.160.160.0/24)to a next-hop ip address:

route-map from_server permit 10

match ip address 160

set ip next-hop 192.168.1.1

access-list 160 permit ip 160.160.160.0 0.0.0.255 any

interface GigabitEthernet0/1

ip policy route-map from_server

The next-hop IP is in the routing table, nevertheless the packets matched with ACL 160 are not policy-routed.

What am I doing wrong? Any ideas?

Thanks a lot

Florian

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎11-18-2005 02:34 AM

Hello Florian,

is GigabitEthernet0/1 the inbound interface on your switch, as in the schematic drawing below ?

Network 160.160.160.0/24 --> GigabitEthernet0/1 --> Outgoing interface

Keep in mind that the route-map must be applied to the inbound interface, that is in your case the first interface that network 160.160.160.0 hits...

Regards,

GP

0 Helpful

flreize
Level 1
Level 1
In response to Georg Pauwen

‎11-18-2005 02:42 AM

GP

Your schematic drawing is correct and I have

applied the route-map to the inbound interface as you mentioned.

Thanks

Florian

0 Helpful

Georg Pauwen
VIP
VIP
In response to flreize

‎11-18-2005 04:37 AM

Hello Florian,

can you post the full configuration of the 3550 ? Maybe something else is not quite right...

Regards,

GP

0 Helpful

flreize
Level 1
Level 1
In response to Georg Pauwen

‎11-22-2005 12:21 AM

Hi GP,

I have another service-policy on the ingress interface that is actually marking dscp based on different source addresses. Could it be that this policy is somehow affecting the policy-route attached to the same ingress interface?

The rest is just standard. I will try to post the config in the next update.

Thanks for your help.

Florian

0 Helpful

schmij01
Level 1
Level 1
In response to flreize

‎11-22-2005 06:41 AM

You probably need to do this to get PBR to work:

**

You must modify the SDM template to enable the switch to support the 144-bit Layer 3 TCAM. Use

the sdm prefer extended-match, sdm prefer access extended-match, or the sdm prefer routing

extended-match global configuration commands to reformat the TCAM space allocated to unicast

routing in the default, access, or routing template, respectively. Reformatting the unicast routing

TCAM reduces by half the number of supported unicast routes in the template.

**

This is from the configuration guide for the 3550.

0 Helpful

flreize
Level 1
Level 1
In response to schmij01

‎11-24-2005 11:51 PM

Hi all

Thanks for your posts, I have finally found the problem.

The next-hop IP was not a directly connected , it was another IP address (loopback) of the neighbor router I was "next-hopping" to. This address was announced via BGP.

Nevertheless, the policy-routing with a next-hop setting only seems to work if this next-hop IP address is directly connected.

Thanks

Florian

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card