Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
0
Helpful
5
Replies

How is PBR applied under the interface of the configured service instance?

Go to solution
9813108aa
Level 1
Level 1

‎09-14-2020 10:45 AM

Hello

 

I tried to configure PBR under the interface of the configured service instance, but the route-map did not match any traffic anyway. What is the problem?

 

#sh acce

Extended IP access list 100
10 permit ip any any

 

#sh route-map

route-map 10, deny, sequence 10
Match clauses:
ip address (access-lists): 100
Set clauses:
Policy routing matches: 0 packets, 0 bytes

 

#show  int g1

interface GigabitEthernet1
no ip address
ip policy route-map 10
negotiation auto
no keepalive
no mop enabled
no mop sysid
spanning-tree link-type shared
service instance 1 ethernet
encapsulation untagged
l2protocol forward stp
!
service instance 10 ethernet
encapsulation dot1q 10
rewrite ingress tag pop 1 symmetric
storm-control unicast cir 20000
storm-control broadcast cir 20000
storm-control multicast cir 20000
!

 

Vincent

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎09-14-2020 02:10 PM

Vincent

 

I am a bit puzzled about the very limited amount of config that you shared with us. Probably the most important thing that I notice is that you ip policy route-map 10 is applied to an interface that has no IP address. You can not successfully activate an IP activity like PBR on an interface that is not processing IP.

 

I am also surprised that the single instance in the route map uses deny. I certainly do not know much about your environment and what you are trying to achieve but I would have expected to use permit. And I am surprised that the acl does permit any any. If all traffic is to be processed by PBR then you do not need a match clause, and only need the set clause.

 

I also note that the interface references service instance 1 ethernet but then you show us service instance 10 ethernet

HTH

Rick

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎09-14-2020 11:49 AM

I am not sure you looking to configure PBR - your config does not match : here is example :

 

https://www.mustbegeek.com/configure-policy-based-routing-on-cisco-router/#.X1-7D2i2lhE

 

If you looking QoS please advise what is the goal ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎09-14-2020 02:10 PM

Vincent

 

I am a bit puzzled about the very limited amount of config that you shared with us. Probably the most important thing that I notice is that you ip policy route-map 10 is applied to an interface that has no IP address. You can not successfully activate an IP activity like PBR on an interface that is not processing IP.

 

I am also surprised that the single instance in the route map uses deny. I certainly do not know much about your environment and what you are trying to achieve but I would have expected to use permit. And I am surprised that the acl does permit any any. If all traffic is to be processed by PBR then you do not need a match clause, and only need the set clause.

 

I also note that the interface references service instance 1 ethernet but then you show us service instance 10 ethernet

HTH

Rick
0 Helpful

Go to solution
9813108aa
Level 1
Level 1
In response to Richard Burts

‎09-14-2020 07:28 PM

Hello Rick

 

You noticed that my interface does not have an IP address, because this is dot1q 10 that uses instance to match, so there cannot be an IP address on this interface, but you say "You can not successfully activate an IP activity like PBR on an interface that is not processing IP."
I want to know how can I apply PBR under an interface without an IP address?

 

Vincent

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to 9813108aa

‎09-15-2020 10:20 AM

Vincent

 

You ask how you can apply PBR to an interface that has no IP address. I do not believe that there is a way to do that. I have not done PBR with service instance, so can not offer advice based on experience. But I would guess that you would apply the ip policy command on whatever interface does get the IP address. Where is the IP for your service instance set up?

 

HTH

Rick
0 Helpful

Go to solution
9813108aa
Level 1
Level 1
In response to Richard Burts

‎09-15-2020 10:30 AM

Hello Rick

 

Thank you for your reply. Now I know that PBR cannot be used on the interface set by the service instance. I use VPLS on ASR1000, so I will use the service instance, but I also use mpls-te, so I want to use PBR to select a specific tunnel As the next hop, I will look for other ways to work in this environment

 

Thanks again for your reply!

 

Vincent

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card