PBR/Router-generated traffic?

Tiziana Cassar · ‎04-23-2012

Hi,

I am implementing PBR on an ISR 1921 router. I have created a route-map to match FTP, VPN, HTTPS and HTTP traffic and route this traffic outside a particular interface and another route-map to match SMTP traffic and route it via another interface. I am testing the route-map by generating for example FTP traffic, and checking that packets are marked as being matched when I run #show route-map and #show access-list. For VPN, FTP and SMTP, the show commands make sense and show that all is working as expected.

What is strange is that I am NOT generating any HTTP or HTTPS traffic but I am still getting the route-map and access-list counters continuously incrementing. I even installed wireshirk on the 3 laptops I am using for testing, and no HTTP/HTTPS traffic is being noticed. Any ideas what this could be? Is the router generating some traffic itself? (I did read that the router-generated traffic is NOT matched by the route-map unless specified and I have turned the Cisco Configuration Professional in case it is using HTTP/HTTPS).

Here is the related config:

interface GigabitEthernet0/0

description $ETH-LAN$ (this is the interface which is seeing the traffic)

ip address 192.168.11.1 255.255.255.0

....

ip policy route-map route_traffic_to_outside

.....

ip access-list extended ISP1

permit tcp object-group Internal_Network any eq smtp

ip access-list extended ISP2

permit object-group FTP object-group Internal_Network any

permit object-group VPN object-group Internal_Network any

permit tcp object-group Internal_Network any eq www

....

route-map route_traffic_to_outside permit 1

match ip address ISP1

set interface FastEthernet0/0/0

!

route-map route_traffic_to_outside permit 2

match ip address ISP2

set interface FastEthernet0/0/1

Any clues would be appreciated as I cannot understand what is happening.

Thanks,

Tiziana