Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4287
Views
0
Helpful
2
Replies

static route vs route map with regards to next hop ip

Go to solution
erbertson
Level 1
Level 1

‎02-11-2011 03:07 AM - edited ‎03-04-2019 11:23 AM

Suppose I have the below config:

Scenario:

source: 10.10.10.0/24

destination: 20.20.20.1

static next hop ip: 10.10.20.3

route map ip next hop: 10.10.30.3

Config:

ip access-list extended PBR

permit ip 10.10.10.0 0.0.0.255 host 20.20.20.1

route-map PBR permit 10

match ip address PBR

set ip next-hop: 10.10.30.3

interface vlan 2

desc "Test Vlan"

ip add 10.10.10.1 255.255.255.0

ip policy route-map PBR

ip route 20.20.20.1 255.255.255.255 10.10.10.20.3

Question:

1.  If a traffic from 10.10.10.0/24 subnet destined to 20.20.20.1, then will it take the next hop ip defined in static route or the set ip next-hop defined in route map?

2.  If in case the answer is it depends, then how can we influence the traffic to go to the set ip next-hop defined in the route map? Assuming both links are up.

The goal here is to have the set ip next-hop defined in the route map as primary link and the next hop ip defined in static route as alternate if the primary link fails.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
PAnsell86
Level 1
Level 1

‎02-11-2011 04:18 AM

Hi Ebertson,

Packets matching the access list will be routed to the ip set in your route map unless the outbound interface is not up in which case the router will try to route the packet using it's routing table.

In a nutshell cisco PBR logic goes something like this: Try PBR first, and if PBR's route does not work, or the packet matches a route map deny statement, try to route as usual.

You can reverse this logic if you want by adding a "default" key word to your route map.

route-map PBR

match ip address 101

set ip default next-hop x.x.x.x

The logic here would be Try to route as usual (not including the default route) if no normal route is available then use the PBR

The only other gotcha that I can think of is that PBR only works on packets that are inbound on the interface that your policy is applied to .

All the best. Please let me know if this was helpful.

Peter

Sent from Cisco Technical Support iPhone App

View solution in original post

0 Helpful
2 Replies 2

Go to solution
PAnsell86
Level 1
Level 1

‎02-11-2011 04:18 AM

Hi Ebertson,

Packets matching the access list will be routed to the ip set in your route map unless the outbound interface is not up in which case the router will try to route the packet using it's routing table.

In a nutshell cisco PBR logic goes something like this: Try PBR first, and if PBR's route does not work, or the packet matches a route map deny statement, try to route as usual.

You can reverse this logic if you want by adding a "default" key word to your route map.

route-map PBR

match ip address 101

set ip default next-hop x.x.x.x

The logic here would be Try to route as usual (not including the default route) if no normal route is available then use the PBR

The only other gotcha that I can think of is that PBR only works on packets that are inbound on the interface that your policy is applied to .

All the best. Please let me know if this was helpful.

Peter

Sent from Cisco Technical Support iPhone App

0 Helpful

Go to solution
erbertson
Level 1
Level 1
In response to PAnsell86

‎02-11-2011 04:49 AM

Hi Peter,

Thank you for being generous in sharing your knowledge.   It is indeed very helpful!

Regards,

Erbertson

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card