cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4770
Views
5
Helpful
9
Replies

Policy based routing on interface VLAN ( Core 4507R+E)

moataz_mamdouh
Level 1
Level 1

Hello

 

I have a serious problem on my core switch where PBR is not matching my traffic which in turn affect the source based routing I configured

for some reason i do not know the ACL is not matching my traffic 

I have many VLANs and their respective SVI are the default gateways for the computers in my network

 

ip access-list extended test
 permit ip 10.251.60.0 0.0.0.255 any

route-map test permit 10
 match ip address test
 set ip next-hop 10.250.254.190

int vlan 260

ip add 10.251.60.254 255.255.255.0

ip policy route-map test

 

route-map test, permit, sequence 10
  Match clauses:
    ip address (access-lists): test
  Set clauses:
    ip next-hop 10.250.254.190
Nexthop tracking current: 0.0.0.0
10.250.254.190, fib_nh:0,oce:0,status:0

  Policy routing matches: 0 packets, 0 bytes

 

any help is appreciated

9 Replies 9

Richard Burts
Hall of Fame
Hall of Fame

The configuration seems reasonable (which is the most that I can say since there is much that we do not know about the switch). My first question would be about the configured next hop. Is 10.250.254.190 a valid address, is it on a connected interface, and is it reachable (can you ping it)?

 

HTH

 

Rick

HTH

Rick

Yes i can ping from any place inside the network

So can you tell me more about 10.250.254.190? Especially is it an address that is connected to an interface on the switch where you are trying to do Policy Based Routing?

 

HTH

 

Rick

HTH

Rick

This is the IP address of the giga0/0 of a router connected to the core switch

i will tell you another thing 

local policy is working fine 

It is interesting that local policy is working fine. Does it use the same route map as the interface policy routing? Perhaps we will need to see more of the switch config to figure out what is the problem.

 

HTH

 

Rick

HTH

Rick

yes it is using the same route-map

what configuration you want to check 

this is the IOS 

cat4500es8-universalk9.SPA.03.03.01.XO.151-1.XO1.bin

 

show ip local policy        
Local policy routing is enabled, using route map test
route-map test, permit, sequence 10
  Match clauses:
    ip address (access-lists): test
  Set clauses:
    ip next-hop 10.250.254.191
Nexthop tracking current: 0.0.0.0
10.250.254.191, fib_nh:0,oce:0,status:0

  Policy routing matches: 46 packets, 3110 bytes

 

show ip access-lists test
Extended IP access list test
    10 permit ip 10.251.60.0 0.0.0.255 any (46 matches)

moataz_mamdouh
Level 1
Level 1

My problem was resolved , I had to remove a static route configured on the core switch 

 

I am glad that your problem is resolved. Thank you for posting back to the forum and telling us that it is resolved and what you did to resolve it.

 

HTH

 

Rick

HTH

Rick
Review Cisco Networking for a $25 gift card