02-11-2011 03:07 AM - edited 03-04-2019 11:23 AM
Suppose I have the below config:
Scenario:
source: 10.10.10.0/24
destination: 20.20.20.1
static next hop ip: 10.10.20.3
route map ip next hop: 10.10.30.3
Config:
ip access-list extended PBR
permit ip 10.10.10.0 0.0.0.255 host 20.20.20.1
route-map PBR permit 10
match ip address PBR
set ip next-hop: 10.10.30.3
interface vlan 2
desc "Test Vlan"
ip add 10.10.10.1 255.255.255.0
ip policy route-map PBR
ip route 20.20.20.1 255.255.255.255 10.10.10.20.3
Question:
1. If a traffic from 10.10.10.0/24 subnet destined to 20.20.20.1, then will it take the next hop ip defined in static route or the set ip next-hop defined in route map?
2. If in case the answer is it depends, then how can we influence the traffic to go to the set ip next-hop defined in the route map? Assuming both links are up.
The goal here is to have the set ip next-hop defined in the route map as primary link and the next hop ip defined in static route as alternate if the primary link fails.
Solved! Go to Solution.
02-11-2011 04:18 AM
Hi Ebertson,
Packets matching the access list will be routed to the ip set in your route map unless the outbound interface is not up in which case the router will try to route the packet using it's routing table.
In a nutshell cisco PBR logic goes something like this: Try PBR first, and if PBR's route does not work, or the packet matches a route map deny statement, try to route as usual.
You can reverse this logic if you want by adding a "default" key word to your route map.
route-map PBR
match ip address 101
set ip default next-hop x.x.x.x
The logic here would be Try to route as usual (not including the default route) if no normal route is available then use the PBR
The only other gotcha that I can think of is that PBR only works on packets that are inbound on the interface that your policy is applied to .
All the best. Please let me know if this was helpful.
Peter
Sent from Cisco Technical Support iPhone App
02-11-2011 04:18 AM
Hi Ebertson,
Packets matching the access list will be routed to the ip set in your route map unless the outbound interface is not up in which case the router will try to route the packet using it's routing table.
In a nutshell cisco PBR logic goes something like this: Try PBR first, and if PBR's route does not work, or the packet matches a route map deny statement, try to route as usual.
You can reverse this logic if you want by adding a "default" key word to your route map.
route-map PBR
match ip address 101
set ip default next-hop x.x.x.x
The logic here would be Try to route as usual (not including the default route) if no normal route is available then use the PBR
The only other gotcha that I can think of is that PBR only works on packets that are inbound on the interface that your policy is applied to .
All the best. Please let me know if this was helpful.
Peter
Sent from Cisco Technical Support iPhone App
02-11-2011 04:49 AM
Hi Peter,
Thank you for being generous in sharing your knowledge. It is indeed very helpful!
Regards,
Erbertson
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide