Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
621
Views
0
Helpful
3
Replies

Policy based routing qry!

amar_5664
Level 1
Level 1

‎04-17-2012 07:58 PM - edited ‎03-04-2019 04:03 PM

Guys,

I have a question regarding PBR that i have set up and the packet forward behaviour that is confusing me..

Setup as below

[Network A]--- Router with PBR---- Router with PBR----- Switch with PBR ----- (Interface a shared Trunk)Cisco ASA (multicontext FW) ---- [Network B]

                                                                                          |_ _ _ _ _ _ _ _(Interface b dedicated Vlan) _ _|

I have configured PBR along the path till Switch and can see packets being matched in route-map... when i set next hop ip as IP of Cisco ASA interface that is shared i dont see any packets being matched on the switch. While if i change next hop ip as IP of Cisco ASA dedicated inteface i see packets being matched.

Switch is learning same MAC for shared interface which is running multiple VLANS, is switch confusing on where to send the frame/packet when multiple IPs/networks are on same mac address?

I guess my question would be how can i achieve PBR on trunk interface? How would switch forward packets to appropriate IP on ASA?

Any help will be appreciated.

Cheers

AP

Labels:
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎04-27-2012 01:40 AM

Hello Amar,

what is the switch model and the IOS version running on it?

PBR works inbound and should be able to support an SVI L3 interface that is associated to a VLAN permitted on a L2 trunk.

However, there are caveats and limitations that are platform specific so it is important to provide further information on the involved switch

Hope to help

Giuseppe

0 Helpful

amar_5664
Level 1
Level 1
In response to Giuseppe Larosa

‎04-29-2012 04:51 PM

Hi Giuseppe,

Please refer below

Switch Ports Model              SW Version            SW Image                

------ ----- -----              ----------            ----------              

*    1 24    WS-C3750G-24T      12.2(50)SE2           C3750-IPSERVICESK9-M

The current template is "desktop routing" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  3K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    11K
    number of directly-connected IPv4 hosts:        3K
    number of indirect IPv4 routes:                 8K
  number of IPv4 policy based routing aces:         0.5K
  number of IPv4/MAC qos aces:                      0.5K
  number of IPv4/MAC security aces:                 1K

let me know if require further information....

thanks

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to amar_5664

‎04-30-2012 06:07 AM

Hello Amar,

your switch should be fine for PBR

you can find PBR configuration guidelines here

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_50_se/configuration/guide/swiprout.html#wp1210866

note:

This software release does not support PBR when processing IPv4 and IPv6 traffic. 

there are other constraints that are described in the configuration guide.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card