04-16-2019 06:39 AM - edited 04-16-2019 06:45 AM
Hello experts.
I have a requirement to route some traffic out of a separate Internet gateway - aka not the default gateway.
Happy with access-lists and PBR generally, my quandary is this.
On the 6500 I configure an access-list:
ip access-list extended MIA-Bypass
permit ip #.#.#.# 0.0.0.7 host url.co.uk
So I'm filtering the source to be a small subnet for test purposes and I am going to use this with a route-map with a set ip next-hop command.
All looks good, however when I look at the router running config I see it has translated the FQDN to a static IP address - I know the destination uses a round-robin solution for resilience with multiple address, hence this is no use to me.
What I hope for is to be able to use a route-map with an ACL to FQDN's - am I missing something?
My configuration is
ip access-list extended MIA-Bypass
permit ip #.#.#.# 0.0.0.7 host url.co.uk
route-map MIA-Bypass permit 10
match ip address MIA-Bypass
set ip next-hop #.#.#.#
int vlan 902
ip policy route-map MIA-Bypass
However when I look back at the configuration I see the router has changed the ACL from:
ip access-list extended MIA-Bypass
permit ip #.#.#.# 0.0.0.7 host url.co.uk
to:
ip access-list extended MIA-Bypass
permit ip #.#.#.# 0.0.0.7 host <IP address>
Is there a way round this, so I can use an ACL with an FQDN to use with a route-map?
With regards
Dave
04-16-2019 07:26 AM
04-16-2019 08:35 AM
Jaderson, thankyou.
I have been looking at this url, I've found the command passthrou-domain-list is not recognised with our current software version - looks like I'll need a software upgrade to be able to do some of the route-maps.
Thanks for your time.
Regards
Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide