cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11875
Views
20
Helpful
11
Replies

Route-Map not taken on 3850 IP Services

Something odd I am seeing.

Trying to use a 3850 L3 switch running IP Services, XE ver 03.03.03SE,   to do some policy routing on one of the VLAN interfaces.

Interface VLAN 10

ip address 208.x.y.z 255.255.255.0

ip policy route-map Use_Route1

 

It seems to take the command but when I look back with a show run interface vlan 10, it is not there.

Also when I look at the show route policy it indicates that 0 packets have been processed.

Is this a bug or am I missing something?

1 Accepted Solution

Accepted Solutions

Hi Richard,

Cisco 3850 even running on full IP services image will not support verify-availability command to track with IP SLA.

If you enable terminal monitor or configure the device using console you can see the syslog message when you try to configure the route-map with set ip next-hop verify-availability command

%PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map <name> not supported for Policy-Based Routing

You can see the route-map command showing up in the config BUT as soon as you try to apply to interface vlan10 the command will be not be applied and PBR will not work.

I hope Cisco find way to fix this!!

 

Workaround:

You can use EEM Applet with IP SLA

event manager applet internet_up

event syslog pattern "%TRACKING-5-STATE: 1 ip sla 1 reachability Down->Up"

action 2.0 cli command "enable"

action 3.0 cli command "config t"
 action 3.2 cli command "interface Vlan10"
 action 3.3 cli command "ip policy router-map Use_Internet"
 action 3.4 cli command "exit"

 

event manager applet internet_down

event syslog pattern "%TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down"

action 2.0 cli command "enable"

action 3.0 cli command "config t"
 action 3.2 cli command "interface Vlan10"
 action 3.3 cli command "no ip policy router-map Use_Internet"
 action 3.4 cli command "exit"

 

repeat the same process for other IP SLA tracking you have

 

hope this helps

Santhosh

View solution in original post

11 Replies 11

John Blakley
VIP Alumni
VIP Alumni

I don't have 3850s in my environment, but a lot of the time you need to change the sdm template that the switch is using. Take a look here:

 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/system_management/configuration_guide/b_sm_3se_3850_cg/b_sm_3se_3850_cg_chapter_01011.html

 

HTH, John *** Please rate all useful posts ***

thanks for the pointer, but it seems like the sdm prefer advanced was already in place so this is not the answer at this time.

I have a similar problem but in my case the 3850 is running 03.02.03.SE IP Base and will not accept the ip policy route-map command on the VLAN interface.  Do I need to IP Services running to support a per VLAN i?

Thanks... 

Hi,

 

Try "sdm prefer routing" on global configuration mode. I've had a similar problem before and this command could solve it.

 

 

this command is not accepted by the 3850.  Just "sdm prefer advanced" which was already in place.

would you share your route-map configuration?

Here are redacted parts of the config:

ip access-list extended FORCE_TRAFFIC_OUT_TWInternet
 permit ip 199.mmm.nnn.0 0.0.0.255 any
 permit ip 72.kkk.lll.0 0.0.0.255 any
 permit ip 208.aaa.bbb.0 0.0.0.255 any
 permit ip 199.iii.jjj.0 0.0.0.255 any
ip access-list extended Subnets_To_Internet
 permit ip 208.ccc.ddd.0 0.0.0.255 any
 permit ip 208.eee.fff.0 0.0.0.255 any
 permit ip 74.ggg.hhh.0 0.0.0.255 any

...

route-map Use_Internet permit 10
 match ip address Subnets_To_Internet
 set ip next-hop verify-availability 208.xxx.yyy.8 2 track 1
!
route-map Use_Internet permit 20
 match ip address FORCE_TRAFFIC_OUT_TWInternet
 set ip next-hop verify-availability 208.xxx.yyy.2 1 track 2

IP SLA's are working correctly

Interface Vlan 10

ip address 208.xxx.yyy.13 255.255.255.224

It accepts the "ip policy router-map Use_Internet" command but does not show up

Running ios-xe version 03.03.03 with Ipservices

 

Ok, This is what i thought

As 3850s do not support "sdm prefer routing", the only way you can make it work, is remove "verify-availability" and only use "set ip next-hop" command without tracking .

 

HTH

i really appropriate this answer, it helps me in my working environment so much

thank you RICHARD MESSINGER

Hi Richard,

Cisco 3850 even running on full IP services image will not support verify-availability command to track with IP SLA.

If you enable terminal monitor or configure the device using console you can see the syslog message when you try to configure the route-map with set ip next-hop verify-availability command

%PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map <name> not supported for Policy-Based Routing

You can see the route-map command showing up in the config BUT as soon as you try to apply to interface vlan10 the command will be not be applied and PBR will not work.

I hope Cisco find way to fix this!!

 

Workaround:

You can use EEM Applet with IP SLA

event manager applet internet_up

event syslog pattern "%TRACKING-5-STATE: 1 ip sla 1 reachability Down->Up"

action 2.0 cli command "enable"

action 3.0 cli command "config t"
 action 3.2 cli command "interface Vlan10"
 action 3.3 cli command "ip policy router-map Use_Internet"
 action 3.4 cli command "exit"

 

event manager applet internet_down

event syslog pattern "%TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down"

action 2.0 cli command "enable"

action 3.0 cli command "config t"
 action 3.2 cli command "interface Vlan10"
 action 3.3 cli command "no ip policy router-map Use_Internet"
 action 3.4 cli command "exit"

 

repeat the same process for other IP SLA tracking you have

 

hope this helps

Santhosh

Hi Santhosh,

Do we need to configure authentication for applet to run commands or it will handle it automatically?

 

Regards,

Sonain

Sonain
Review Cisco Networking for a $25 gift card