Policy routing on 4507

tech · ‎05-14-2004

I have layer 3 switching enabled on a 4507. I am trying to policy route using the default next hop command. When it does not find a match in the routing table, it seems to drop the packet and "debug ip policy" shows that it is not performing policy routing. Relevant config:

interface Vlan2

ip address 10.10.1.1 255.255.255.0

ip policy route-map map1

interface Vlan3

ip address 10.10.10.1 255.255.255.0

access-list 10 permit 10.10.1.6

route-map map1 permit 10

match ip address 10

set ip default next-hop 10.10.10.3

ip route 0.0.0.0 0.0.0.0 10.10.10.5

Thanks,

RJ

kkalaycioglu · ‎05-17-2004

Hi,

"set ip default next hop " command policy routes a packet if there's not an explicit route for destination of that packet. So if a packet sourced form 10.10.1.6 is destined for an network which is in the route table you can't policy route this packet using set ip def next hop. If you want to policy route all the packets coming from 10.10.1.6 try using "set ip next hop"

Regards.

tech · ‎05-17-2004

Thanks for the reply.

I have tried both "ip next hop" and "ip default next hop" and policy routing is not working. In my first post, I mentioned that there is not an explicit route to the destination (an Internet web site) so the packet should be sent out the default route and be policy routed.

Thanks,

RJ

kkalaycioglu · ‎05-17-2004

Hello,

What do you see when you issue show route-map command? THis command output includes a field "policy routing matches".

tech · ‎05-19-2004

The problem was not in the Cisco switch. The default next hop was not routing correctly back to the switch so packets were being lost after the vlan interface.

Thanks,

RJ