cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2426
Views
5
Helpful
14
Replies

PBR

davidKamal2000
Level 1
Level 1

Hi All,

i have 2 sites connected to each other via 2 links (MPLS and Metro-E)

Site1> MPLS router (ip from site 2 10.154.90.13)>Site2

i would like to say if the traffic coming from site 2  source ip subnets (172.16.0.0 and 192.168.0.0) going to site 1 destination subnets(10.154.128.0 and 10.154.112.0 ) so traffic path from site 2 to site one use this next hop (the internal ip for MPLS routes in site 2 )

is that configuration do what i need ?


route-map site2-TO-site1 permit 10
match ip address site2-TO-site1-ACL
set ip next-hop 10.154.90.13


ip access-list extended site2-TO-site1-ACL

permit ip 172.16.0.0 0.0.255.255 10.154.128.0 0.0.0.255
permit ip 172.16.0.0 0.0.255.255 10.154.112.0 0.0.15.255
permit ip 192.168.0.0 0.0.255.255 10.154.128.0 0.0.0.255
permit ip 192.168.0.0 0.0.255.255 10.154.112.0 0.0.15.255

 

Router(config)# interface ?????? (where i should apply this PBR) can that be applied to trunk interface?
Router(config-if)#ip policy site1-TO-sitePBR.png

1 Accepted Solution

Accepted Solutions

 

You need to apply the PBR on all the L3 interfaces for those subnets. 

 

Jon

View solution in original post

14 Replies 14

Jon Marshall
Hall of Fame
Hall of Fame

 

It's not clear where you are trying to apply the PBR so could you draw a quick schematic or explain it a little more clearly. 

 

PBR is a L3 feature so you would not apply it to a trunk interface. 

 

Jon

Jon ,
attached diagram
is the ACL can have 4 lines like that and included in one PBR?
is the logic is and or or ?
where i should apply this PBR?

 

You can have multiple lines in your acl and it is checked one line at a time, so basically an or operation.

 

However it is still not clear from your diagram where you are meant to apply the PBR ie. you apply it on the L3 interface where the traffic arrives so is this a L3 switch or router that then connects to the 10.154.90.13 router ? 

 

Jon

 

 

 

yes it is from Cat 6807 to Metro E router

192 going to core switch via vlan different than 172 vlan
so where i should apply the PBR?

 

You will need to apply the PBR on all the L3 interfaces that the traffic arrives on. 

 

If it is a L3 switch I assume that will be the SVIs for the 172.16.x.x and 192.168.x.x subnets. 

 

Jon

Jon
If i have 10 vlans in this ip range 172.16.x.x and 10 vlans is 182.168 ip range on L3 Switch
Where should I apply the PBR?

 

You need to apply the PBR on all the L3 interfaces for those subnets. 

 

Jon

Thanks Jon so much

 

No problem, glad to help. 

 

Jon

Hello

 


@davidKamal2000 wrote:

Hi All,

i have 2 sites connected to each other via 2 links (MPLS and Metro-E)

Site1> MPLS router (ip from site 2 10.154.90.13)>Site2

i would like to say if the traffic coming from site 2  source ip subnets (172.16.0.0 and 192.168.0.0) going to site 1 destination subnets(10.154.128.0 and 10.154.112.0 ) so traffic path from site 2 to site one use this next hop (the internal ip for MPLS routes in site 2 )

is that configuration do what i need ?


Hello David

Just wondering if you need to use PBR at all-  There is a conditional route bgp feature called "backdoor" which may be applicable in this situation which will allow you to route between sites for local routes over the metro link instead of using the mpls

 

I am not saying this applicable as at this time as I am still a bit unclear on your current routing topology -I am assuming you use BGP for the mpls connections, do you use any igp for the site-stie connections?

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

assuming you use BGP for the mpls connections, yes
do you use any igp for the site-stie connections no

between the 2 sites ( mpls for 10.x.x.x ip range ) but Metro E i need it for (192 and 172 ip ranges)

Thanks Paul
Appreciate
Review Cisco Networking for a $25 gift card