Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2179
Views
0
Helpful
6
Replies

ip policy route-map

Go to solution
Amafsha1
Level 2
Level 2

‎07-18-2018 07:16 PM - edited ‎07-24-2018 10:41 AM

Hello folkds, I'm new to learning PBR, but I'm not exactly quite sure what is happening here:

 

nexus- Core#

interface Vlan2185
no ip redirects
ip address 10.60.1.3/24
no ipv6 redirects
ip router eigrp 1
ip passive-interface eigrp 1
ip policy route-map test-route-map
hsrp version 2
hsrp 285
ip 10.60.1.1
ip dhcp relay address 172.18.250.4
no shutdown

 

 

nexus-Core# sh route-map test-route-map
route-map test-route-map, permit, sequence 10
Match clauses:
ip address (access-lists): test-access-list
Set clauses:
ip next-hop 172.18.250.200

 


nexus-core# sh ip access-lists test-access-list

IP access list test-access-list
10 permit ip addrgroup test-servers 67.x.222.0/24

 

 

I'm not exactly sure what to make of this from the perspective of coming into int vlan 2185 or coming out of int vlan 2185.  If I'm understanding this correctly, any traffic that comes into int vlan 2185 with a source of 67.x.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200?  Anything else with any other source will just continue into int vlan 2185 until it finds its switchport correct?  As far as coming out of int vlan 2185, I don't think it would be possible for a source address of 67.x.222.0/24 so the source address will always most likely be 10.60.1.x and that in turn will just get routed normally through the core without hitting the route-map.  Sorry if I'm way off.  Thank you

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Furose M
Level 3
Level 3

‎07-23-2018 08:32 PM

any traffic that comes into int vlan 2185 with a source of 67.182.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200.

 

Anything else with any other source will just be routed using normal routing table.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Furose M
Level 3
Level 3

‎07-23-2018 08:32 PM

any traffic that comes into int vlan 2185 with a source of 67.182.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200.

 

Anything else with any other source will just be routed using normal routing table.

0 Helpful

Go to solution
Amafsha1
Level 2
Level 2
In response to Furose M

‎07-24-2018 10:41 AM

Thank you sir. So what about traffic coming out of vlan 2185?  I guess that just moves along without it hitting the policy correct?

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Amafsha1

‎07-24-2018 02:38 PM

Hello,

 

indeed, traffic originating in your VLAN 2185 will have a source IP of 10.60.1.0/24 and will hence not hit the route map, but be routed using the configured routing mechanism.

0 Helpful

Go to solution
Amafsha1
Level 2
Level 2
In response to Georg Pauwen

‎07-24-2018 02:47 PM

Thank you sir!

0 Helpful

Go to solution
a.alekseev
Level 7
Level 7
In response to Furose M

‎07-24-2018 03:20 PM

it's not correct

any inbound traffic for interface Vlan2185 with a source in "addrgroup test-servers" and destination in 67.182.222.0/24 will hit the next hop rule route-map and be redirected to 172.18.250.200.

Anything else with any other source will just be routed using normal routing table.
0 Helpful

Go to solution
Amafsha1
Level 2
Level 2
In response to a.alekseev

‎02-09-2020 11:43 AM

you mean outbound right?

 

Any ip in the addrgroup that is coming from the 10.160 network that is destined for the 67.222 network  will be redirected to 172.18.250.200 ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card