Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
948
Views
0
Helpful
3
Replies

Support for Policy-Based routing on HWIC-4ESW card?

dtparker
Level 1
Level 1

‎11-09-2010 09:30 AM - edited ‎03-04-2019 10:24 AM

I have the following config::

!
interface Vlan 10
ip address 10.45.61.129 255.255.255.240
ip virtual-reassembly in
ip tcp adjust-mss 1380
ip policy route-map 10-Net
!
route-map 10-Net permit 10
match ip address 107
set ip next-hop 192.168.112.126 192.168.112.122
!

access-list 107 deny   ip 10.45.61.128 0.0.0.15 host 192.168.1.2
access-list 107 permit ip 10.45.61.128 0.0.0.15 any

!

Interface FastEthernet 0/0/0

switchport access vlan 10

!

In theory, everything sould route via the policy with the exception of traffic to the 192.168.1.2 host.  Yet, the policy route is never used. IOS 15.1.2(T1).

Given that the syntax is accepted, it seems like this should work, but it does not.  Any help for this issue?

Thanks,

Dave Parker

Perimeter eSecurity

Labels:
0 Helpful
3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

‎11-09-2010 11:59 PM

Hi Dave,

On 1841 series routers, the PBR is performed by the IOS. The HWIC-4ESW is not responsible for the PBR.

I have just verified a simple PBR configuration on my 1841 with the HWIC-4ESW card (IOS 12.4(25d) Advanced IP Services) using the VLAN 2, and it seems to be working just fine. Let's double check your configuration first. If that does not turn out to solve the issue then perhaps there is a bug in your IOS - you are running quite a bleeding-edge version and I would be somewhat reserved about it.

To verify your configuration please have a look at the following:

  • What does the show route-map 10-Net say about the count of policy-routed packets?
  • Does the show access-list 107 show any hits on individual entries?
  • Is the IP address 192.168.112.126 and 192.168.112.122 reachable? Is it a directly-reachable address (on a directly connected interface)?
  • What does the traceroute/tracert performed from a PC in the VLAN10 say?

Best regards,

Peter

0 Helpful

dtparker
Level 1
Level 1
In response to Peter Paluch

‎11-10-2010 10:24 AM

Thank you, Peter, With the help of the commands you sugggested, I can now see this is working as I expected it

would.  My difficulty was slightly different, and not acutally PBR related at all, I actually have 2 HWIC-4ESW cards

in this particular 1841, and I did not have the switch stacking set up correctly.  So nothing on the second HWIC

would route at all via PBR or otherwise.

Dave Parker

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to dtparker

‎11-10-2010 10:42 AM

Hi Dave,

Oh, you mean the switchport stacking-partner command? Yes, that is an obscure one. But I'm glad you've got it running after all.

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card