Solved: PBR troubbleshooting

B@B@r · ‎11-08-2017

Dear all,

i am trying to learning PBR my topology is mentioned above i am using EIGRP and i have two gateways one is 256k and other is 512K so eigrp choose 512K as high bandwidth.

so now i am tyring to do is that if pc pings to ip 22.22.22.22 it would go through s1/0

but i failed

here is my configuration of R1 for PBR

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

ip local policy route-map gateway
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
access-list 100 permit ip host 1.1.1.2 host 22.22.22.22
!
route-map gateway permit 1
match ip address 100
set ip next-hop 10.12.0.2
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

but my result is still the default route set by eigrp

PC1> trace 22.22.22.22
trace to 22.22.22.22, 8 hops max, press Ctrl+C to stop
1 1.1.1.1 15.626 ms 16.111 ms 21.796 ms
2 10.13.0.2 46.880 ms 53.051 ms 53.038 ms
3 *22.22.22.22 84.309 ms (ICMP type:3, code:3, Destination port .

i need your assistance..

DaSt-1986 · ‎11-08-2017

If you want to use PBR you have to apply it somewhere. I see you create the route-map, but I don't see you applying it to the inbound interface. You should apply it to the inbound interface so it knows what to do with the packets it receives.

To apply it, use the following command:

interface Fa0/0
 ip policy route-map gateway

The command that you've entered now (ip local policy route-map gateway) is only applicable to data coming from the router itself (that is, coming from the control plane instead of the data plane).

View solution in original post

B@B@r · ‎11-08-2017

again clear topology

Georg Pauwen · ‎11-08-2017

Hello,

my first thought is: are both routes in your routing table ? Can you post the output of:

show ip route

and

show ip eigrp topology

B@B@r · ‎11-08-2017

Thankyou

NO, show ip route just show me one route i.e 10.13.0.2

YES, Show ip eigrp topolog have the both routes. ie 10.13.0.2 and 10.12.0.2

Georg Pauwen · ‎11-08-2017

Hello,

you need to get both routes into your routing table. Configure:

variance 2

under your EIGRP process...

B@B@r · ‎11-08-2017

why ?

i dont want load-balancing

supposed one route is VIP and 1.1.1.2 is our boss . so if i gonna configure variance so rest of host can access this route....

paul driver · ‎11-08-2017

Hello

@Georg Pauwen wrote:

Hello,

you need to get both routes into your routing table. Configure:

variance 2

under your EIGRP process...

Hello Georg

PBR isnt required unless the OP want to use PBR, and neither is the Variance feature thats for Equal Cost Load Balancing and as you can see the the prefix is in the topology table, so the rtr is aware of it -

What you can do is manipulate the eigrp distance metric from the least preffered advertsing rtr for that route.

Example:

access-list 10 permit 22.22.22.0 0.0.0.255
router eigrp
distance 91 10.13.0.2 0.0.0.0 10

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

B@B@r · ‎11-08-2017

Thankyou for reply

Paul,

i dont want to mess with AD and want to do PBR to change the routing decision.

Georg Pauwen · ‎11-08-2017

Hello,

what do you want to accomplish ? Your PBR takes care of the routing, you can specify who is allowed to take the route or not. But you need the route in the routing table to start out with...

B@B@r · ‎11-08-2017

i simply want to accomplish that without changing the Variance and AD , if we ping from 1.1.1.2 the reply should be from the interface serial 1/0 i.e 10.12.0.2. which is not happening there might be a misconfiguration in PBR.

i am learning CCNP . i am doing my labs standalone....

and you know in that case if you stuck then it sucks....

paul driver · ‎11-08-2017

Hello

@Georg Pauwen wrote:

Hello,

what do you want to accomplish ? Your PBR takes care of the routing, you can specify who is allowed to take the route or not. But you need the route in the routing table to start out with...

Apologies Georg this is incorrect - you dont need the route in the route table to PBR in eigrp, The route in the rib is ONLY specifying the BEST route , but all routes learned by the eigrp rtr are in the topology table so PBR can be accomplished.

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

DaSt-1986 · ‎11-08-2017

@paul driver wrote:

Hello

@Georg Pauwen wrote:

Hello,

what do you want to accomplish ? Your PBR takes care of the routing, you can specify who is allowed to take the route or not. But you need the route in the routing table to start out with...

Apologies Georg this is incorrect - you dont need the route in the route table to PBR in eigrp, The route in the rib is ONLY specifying the BEST route , but all routes learned by the eigrp rtr are in the topology table so PBR can be accomplished.

res

Paul

You don't even need the route in the EIGRP table; as long as the next hop is reachable, PBR will work. You can even play with the 'default' command to make it only choose a PBR next-hop when a next-hop in the routing table is unavailable.

B@B@r · ‎11-08-2017

paul,

yes agreed.......

routing table is just showing you the best route,

but not all the possible route (secondary route) or Backup routes.

Backup routes will be active if your best route failed...

So PFB is applied on all possbile routes that are in toplology tables for specific host or network...

:)

thank you all

DaSt-1986 · ‎11-08-2017

If you want to use PBR you have to apply it somewhere. I see you create the route-map, but I don't see you applying it to the inbound interface. You should apply it to the inbound interface so it knows what to do with the packets it receives.

To apply it, use the following command:

interface Fa0/0
 ip policy route-map gateway

The command that you've entered now (ip local policy route-map gateway) is only applicable to data coming from the router itself (that is, coming from the control plane instead of the data plane).

B@B@r · ‎11-08-2017

Hi

yeah it works,

thank-you.

But then in which scenario we use R(Config)# ip local policy route-map gateway

of-course i understand my mistake that i should be apply it in interface inbound because packet will generate from that interface and PBR take care of it before going to routeing table decision.

but in which case i use it Locally.