09-28-2010 02:15 PM - edited 03-06-2019 01:13 PM
Hi,
I have two Catalyst 3750 in stack configuration. They have c3750-ipservicesk9-mz.122-55.SE.bin IOS.
I have ip policy configured on interface vlan, but I can not see this ip policy route-map command in show running!!!!
When I enter sh ip policy, also I don't see this policy for that vlan.
With sh class-map I see that traffic is routed by that policy based routing and with sh ip access-lists I see matches.
So, it seems that everything works fine, but I don't see PBR configuration in my show running!!!
Anyone have same problem?
Is this some bug?
Regards,
Vlaho
Solved! Go to Solution.
09-30-2010 04:37 AM
You'll need IP Services to do PBR and a routing SDM template:
1) By 'show sdm prefer' command - you will see that there is no memory allocation for pbr instances.
2) Configure 'sdm prefer routing'
3) save and reload the switch for these changes to take effect.
09-28-2010 10:30 PM
Hi There,
I think you need to apply ip policy route-map abc on fas or gi ingterface.
if possible to provide me PBR configuration
Cheers!!!
09-29-2010 12:54 AM
Hi,
here is an the output from my console.
First here is sh run and there is current configuration.
ip policy route-map DisasterRecovery is not shown in configuration and in sh ip policy command.
It is not possible to put ip policy command on gi interfaces!
At the end, I configured again ip policy command on interface vlan, it is permitted, but cann't see on configuration.
Consola output:
3750#sh run
!
interface Vlan64
description SERVERI
ip address 10.A.64.1 255.255.255.0 <----- NO ip policy command
!
!
ip local policy route-map DisasterRecovery
!
!
ip access-list extended DisasterRecovery
permit ip 10.A.64.0 0.0.0.255 10.B.64.0 0.0.0.255
permit ip 10.A.65.0 0.0.0.255 10.B.65.0 0.0.0.255
!
route-map DisasterRecovery permit 10
match ip address DisasterRecovery
set ip next-hop 10.A.60.36
!
route-map DisasterRecovery permit 20
!
!
!
end
3750#sh ip policy
Interface Route map
local DisasterRecovery <----- NO ip DisasterRecovery policy
3750#sh ip access-lists
Extended IP access list DisasterRecovery
10 permit ip 10.A.64.0 0.0.0.255 10.B.64.0 0.0.0.255 (15 matches)
20 permit ip 10.A.65.0 0.0.0.255 10.B.65.0 0.0.0.255 (10 matches)
3750#sh route-map DisasterRecovery
route-map DisasterRecovery, permit, sequence 10
Match clauses:
ip address (access-lists): DisasterRecovery
Set clauses:
ip next-hop 10.A.60.36
Policy routing matches: 25 packets, 2710 bytes <----- policy works
route-map DisasterRecovery, permit, sequence 20
Match clauses:
Set clauses:
Policy routing matches: 191001 packets, 282764144 bytes
3750#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3750(config)#interf gi 1/0/15
3750(config-if)#ip ?
Interface IP configuration subcommands:
access-group Specify access control for packets
admission Apply Network Admission Control
arp Configure ARP features
auth-proxy Apply authenticaton proxy
device IP device tracking
dhcp Configure DHCP parameters for this interface
igmp IGMP interface commands
verify verify
vrf VPN Routing/Forwarding parameters on the interface
3750(config-if)#interf vlan 64
3750(config-if)#ip policy route-map DisasterRecovery <----- policy configured on vlan interface
3750(config-if)#end
3750#sh run interf vlan 64
Building configuration...
Current configuration : 82 bytes
!
interface Vlan64
description SERVERI
ip address 10.A.64.1 255.255.255.0 <----- NO ip policy command
end
3750#
09-29-2010 01:23 AM
Hi,
I have never seen the global ip local policy route-map command before, but I wonder if it is clashing with the appilcation of an interface-level ip policy?
ip local policy route-map is described here:
http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_i1gt.html#wp1107972
Regards, Ash.
09-29-2010 05:06 AM
Hi,
Packets that are generated by the router are not normally policy routed. With command ip local policy route-map they are routed and I put this command to test PBR configuration from router.
When I don't have this command PBR doesn't work for packets originated from router.
Regards,
Vlaho
09-30-2010 04:37 AM
You'll need IP Services to do PBR and a routing SDM template:
1) By 'show sdm prefer' command - you will see that there is no memory allocation for pbr instances.
2) Configure 'sdm prefer routing'
3) save and reload the switch for these changes to take effect.
09-30-2010 02:17 PM
Thanks Sandeep!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide