cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
536
Views
0
Helpful
4
Replies

PBR question

codflanglers
Level 1
Level 1

I have an existing route map on my core that matches incoming traffic on a particular subnet and sets its next hop. That's all working as expected.

I now have a requirement to match another subnet and if it is destined for the subnet above, allow it to continue but if it is destined for anywhere else then set its next hop to the one above.

Maybe its been a long day, but is there a way I can do this? It doesn't have to use a route map, any method would do.

Thanks

1 Accepted Solution

Accepted Solutions

Hmm...

Let's say you have 192.168.1.0/24 and 192.168.2.0/24

You could create a route map and deny that route like:

access-list 100 permit ip 192.168.1.0 0.0.0.255 5.5.5.0 0.0.0.255

access-list 100 permit ip 192.168.2.0 0.0.0.255 any

access-list 101 permit ip 192.168.2.0 0.0.0.255 5.5.5.0 0.0.0.255

 

route-map Test deny 10

match ip address 101

route-map Test permit 20

match ip address 100

set ip next-hop 10.10.10.10

 

I think that's what you're looking for. If 192.168.2.0/24 tries to go to 5.5.5.0/24, it will route normally. All other traffic will route via the 20 sequence number.

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

4 Replies 4

John Blakley
VIP Alumni
VIP Alumni

So you want the policy to match on the new subnet, and if it's going to the destination in the prior sequence number, you want that to route normally? Or do you want it to go to the next hop that you specified in the other route map?

HTH,

John

HTH, John *** Please rate all useful posts ***

If it is destined for the subnet above, route normally. If it is for any other destination then set a next hop.

Hmm...

Let's say you have 192.168.1.0/24 and 192.168.2.0/24

You could create a route map and deny that route like:

access-list 100 permit ip 192.168.1.0 0.0.0.255 5.5.5.0 0.0.0.255

access-list 100 permit ip 192.168.2.0 0.0.0.255 any

access-list 101 permit ip 192.168.2.0 0.0.0.255 5.5.5.0 0.0.0.255

 

route-map Test deny 10

match ip address 101

route-map Test permit 20

match ip address 100

set ip next-hop 10.10.10.10

 

I think that's what you're looking for. If 192.168.2.0/24 tries to go to 5.5.5.0/24, it will route normally. All other traffic will route via the 20 sequence number.

HTH,

John

HTH, John *** Please rate all useful posts ***

Awesome John, exactly what I need. Thanks