Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
790
Views
3
Helpful
4
Replies

ip route policy LAB - what am I doing wrong?

Go to solution
anestis.iliadis
Level 1
Level 1

‎02-01-2013 01:48 AM - edited ‎03-04-2019 06:54 PM

Hi all,

I'm doing a route-policy LAB and it's driving me crazy! I must be doing something wrong but have no idea what... so please help me out.

ok so we have

LAN A 192.168.4.0     /25

LAN B 192.168.4.128 /25  <-- want to PBR

the objective is to set a different next hop address depending on whether the source ip is from LAN A or LAN B... easy enough.

The problem is that in the route-map that does the policy routing, if I match the addresses using an ACL it works fine. Then I thought, I'd try a prefix list but it doesn't work at all... here's what I mean

a) ACL

ip access-list 11 permit 192.168.4.128 0.0.0.127

route-map TEST1 permit 10

match ip addr 11

set ip next hop <some IP>

          -works fine

b) Prefix-list

ip prefix-list PREF seq 5 permit 192.168.4.128/25

route-map TEST2 permit 10

match ip addr prefix-list PREF

set ip next hop <some IP>

          -doesn't work

now the reason that is driving me crazy is that with b) EVERYTHING is matched and forwarded by PBR.

I did debug ip policy and for some reason even 172.16.x.x addresses are matched and forwarded by PBR.

I thought to myself, ok maybe the prefix list is wrong... fair enough, then nothing should be matched, or maybe a combination of LANA,LANB but not everything even different class IPs, right?!!

Any idea what is going on?

thank you,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to anestis.iliadis

‎02-01-2013 02:23 AM

Hi,

for the router it is like there was no match statement so it is match everything.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎02-01-2013 02:05 AM

Hi,

you can't use prefix-lists for PBR, they can't match the source IP of a packet because they are used to match routes.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Go to solution
anestis.iliadis
Level 1
Level 1
In response to cadet alain

‎02-01-2013 02:15 AM

Hi Alain,

do you mind elaborating a little bit please? Any reason why everything is matched?

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to anestis.iliadis

‎02-01-2013 02:23 AM

Hi,

for the router it is like there was no match statement so it is match everything.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
anestis.iliadis
Level 1
Level 1
In response to cadet alain

‎02-03-2013 01:34 AM

Thank you for the answer it's very clear why now! I can't believe I missed that!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card