i have a N3K-3064pq-10gx and i have a pbr for some of my VLANs with set IP default next-hop 184.108.40.206 and have a static route for default route in my switch but the problem here is my traffic routes have been matched with this static route and does not use the assigned PBR, is there any way to exclude default static route from pbr ? so my internal routing will keep in nexus but other traffic will match with his pbr.
yes i have applied pbr on the interface vlan and when i use set ip next-ip its working but when i use set ip defalt next-hop its not working and match with default static rote.
The reason is the PBR statement, set ip default next-hop will will check the rib table first for a forwarding address is an entry exist then the rtr will route via the rib entry only if no rib entry exists will the set ip default next-hop come into play.
What you need to do is change the route-map statement
no set ip default next-hop
set ip next-hop xxx
in this case how can i keep my local routing inside my nexus ? because i have some prefixes which i do not want use pbr and i want keep routing inside my nexus, if i use set ip nexthop it will reroute the traffic from my second router.
In this case you match your route-map PBR with a extended access-list on the specific source destination addressing you wish to policy route
see for example i have interface vlan id 20 and it has 192.168.1.1/24 and i have vlan 30 and it has 192.168.2.1/24 and i have applied pbr only for vlan id 20 to set next hop to 220.127.116.11 in this case when 192.168.1.1 want to reach 192.168.2.1 will use 18.104.22.168 as next hop and doe snot use local routing and when i use set ip default it will not work(my mean is PBR)
I do not have much experience with the 3064. I do know that there are quite a few Cisco switches whose implementation of PBR does support set ip next-hop but does not support set ip default next-hop. I wonder if that is the case here?
But most of the time if the version does not support set ip default next-hop then attempting to configure this will result in an error message. The original post seems to indicate that it was configured and accepted. Perhaps we might get some insight from show run.
ip default next-hop don't mean that the default route for this VLAN will go through this next-hop
when we use PBR we ignore the RIB of router it in simple way manual forwarding of packet.
when packet match the ACL of the PBR the PBR simply forward the packet to next-hop "through outing interface connect to this next-hop" you config in set ip next-hop.
NOW what about set ip default next-hop it
the router will first check the RIB if there is entry for destination then it will forward packet according to RIB
if there is no entry for destination and there is PBR match then i will use next-hop and it outing interface to forward the packet.