Solved: Hi, Configuration looks ok.

GRANT3779 · ‎09-12-2014

Hi,

I have a server 10.44.129.34 in VLAN 501. Default GW for the server is SVI 501 on my core switch.

I want to apply PBR so that any traffic from this server routes out a specific next hop plugged into my core switch - 10.44.141.6.

I have the following so far -

sh route-map
route-map CServ, permit, sequence 10
Match clauses:
ip address (access-lists): CV_PBR
Set clauses:
ip next-hop 10.44.141.6
Policy routing matches: 0 packets, 0 bytes

#sh access-lists
Extended IP access list CV_PBR
10 permit ip host 10.44.129.34 any

route-map CServ permit 10
match ip address CV_PBR
set ip next-hop 10.44.141.6

Do I apply the route-map to the VLAN 501 interface? Also, any traffic not matching my ACL, does this then get routed as normal? I'm concerned about affecting other traffic so want to ensure the above is suffice.

Thanks

Akash Agrawal · ‎09-12-2014

Hi,

Configuration looks ok. Yes you need to apply policy on the SVI interface. PBR policy application is bypassed if no match is found so no service impact to other traffic.

sample config

interface config on switchport SVI

interface gi0/2

switchport

switchport mode trunk

vlan 100

int vla100

ip address 10.1.1.1 255.255.255.0

ip policy route-map pbr

https://supportforums.cisco.com/discussion/10812056/pbr-svi-and-next-hop

http://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15-2_4_S/configuration/guide/3800x3600xscg/swpbr.html

--Pls dont forget to rate helpful posts--

Regards,

Akash

View solution in original post

Akash Agrawal · ‎09-12-2014

Hi,