07-18-2018 07:16 PM - edited 07-24-2018 10:41 AM
Hello folkds, I'm new to learning PBR, but I'm not exactly quite sure what is happening here:
nexus- Core#
interface Vlan2185
no ip redirects
ip address 10.60.1.3/24
no ipv6 redirects
ip router eigrp 1
ip passive-interface eigrp 1
ip policy route-map test-route-map
hsrp version 2
hsrp 285
ip 10.60.1.1
ip dhcp relay address 172.18.250.4
no shutdown
nexus-Core# sh route-map test-route-map
route-map test-route-map, permit, sequence 10
Match clauses:
ip address (access-lists): test-access-list
Set clauses:
ip next-hop 172.18.250.200
nexus-core# sh ip access-lists test-access-list
IP access list test-access-list
10 permit ip addrgroup test-servers 67.x.222.0/24
I'm not exactly sure what to make of this from the perspective of coming into int vlan 2185 or coming out of int vlan 2185. If I'm understanding this correctly, any traffic that comes into int vlan 2185 with a source of 67.x.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200? Anything else with any other source will just continue into int vlan 2185 until it finds its switchport correct? As far as coming out of int vlan 2185, I don't think it would be possible for a source address of 67.x.222.0/24 so the source address will always most likely be 10.60.1.x and that in turn will just get routed normally through the core without hitting the route-map. Sorry if I'm way off. Thank you
Solved! Go to Solution.
07-23-2018 08:32 PM
any traffic that comes into int vlan 2185 with a source of 67.182.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200.
Anything else with any other source will just be routed using normal routing table.
07-23-2018 08:32 PM
any traffic that comes into int vlan 2185 with a source of 67.182.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200.
Anything else with any other source will just be routed using normal routing table.
07-24-2018 10:41 AM
Thank you sir. So what about traffic coming out of vlan 2185? I guess that just moves along without it hitting the policy correct?
07-24-2018 02:38 PM
Hello,
indeed, traffic originating in your VLAN 2185 will have a source IP of 10.60.1.0/24 and will hence not hit the route map, but be routed using the configured routing mechanism.
07-24-2018 02:47 PM
Thank you sir!
07-24-2018 03:20 PM
02-09-2020 11:43 AM
you mean outbound right?
Any ip in the addrgroup that is coming from the 10.160 network that is destined for the 67.222 network will be redirected to 172.18.250.200 ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide