cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
872
Views
25
Helpful
9
Replies

Problem with set ip default next-ip on 3064

blackmetal
Level 1
Level 1

Hello,
i have a N3K-3064pq-10gx and i have a pbr for some of my VLANs with set IP default next-hop 1.2.3.4 and have a static route for default route in my switch but the problem here is my traffic routes have been matched with this static route and does not use the assigned PBR, is there any way to exclude default static route from pbr ? so my internal routing will keep in nexus but other traffic will match with his pbr.
thank you.

9 Replies 9

after config the PBR are you apply policy in interface?

blackmetal
Level 1
Level 1

yes i have applied pbr on the interface vlan and when i use set ip next-ip its working but when i use set ip defalt next-hop its not working and match with default static rote.

Hello
The reason is the PBR statement, set ip default next-hop will will check the rib table first for a forwarding address is an entry exist then  the rtr will route via the rib entry only if no rib entry exists will the set ip default next-hop come into play.


What you need to do is change the route-map statement
route-map xx
no set ip default next-hop
set ip next-hop xxx


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

blackmetal
Level 1
Level 1

Hello,

in this case how can i keep my local routing inside my nexus ? because i have some prefixes which i do not want use pbr and i want keep routing inside my nexus, if i use set ip nexthop it will reroute the traffic from my second router.

Hello

In this case you match your route-map PBR with a extended access-list on the specific source destination addressing you wish to policy route


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

config PBR with match only for this VLAN 

other VLAN will use default route.

 

note:-wihtout match the PBR will match all packet.

 

blackmetal
Level 1
Level 1

see for example i have interface vlan id 20 and it has 192.168.1.1/24 and i have vlan 30 and it has 192.168.2.1/24 and i have applied pbr only for vlan id 20 to set next hop to 1.2.3.4 in this case when 192.168.1.1 want to reach 192.168.2.1 will use 1.2.3.4 as next hop and doe snot use local routing and when i use set ip default it will not work(my mean is PBR)

I do not have much experience with the 3064. I do know that there are quite a few Cisco switches whose implementation of PBR does support set ip next-hop but does not support set ip default next-hop. I wonder if that is the case here?

 

But most of the time if the version does not support set ip default next-hop then attempting to configure this will result in an error message. The original post seems to indicate that it was configured and accepted. Perhaps we might get some insight from show run.

HTH

Rick

Friend 
ip default next-hop don't mean that the default route for this VLAN will go through this next-hop
when we use PBR we ignore the RIB of router it in simple way manual forwarding of packet.
when packet match the ACL of the PBR the PBR simply forward the packet to next-hop "through outing interface connect to this next-hop" you config in set ip next-hop.

NOW what about set ip default next-hop it 
the router will first check the RIB if there is entry for destination then it will forward packet according to RIB
if there is no entry for destination and there is PBR match then i will use next-hop and it outing interface to forward the packet.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco