05-28-2012 09:22 AM - edited 03-07-2019 06:56 AM
Hi all,
Good Morning!
Need to confirm config of route-map below.
I created ACL 113
access-list 113 permit tcp any any eq www
Then i created route-map for it
route-map policy permit 10
match ip address 113
set ip next-hop 2.2.2.2
Now i created ACL
access-list 114 permit tcp any any eq 443
access-list 114 permit tcp any any eq telnet
Now i created route-map for this without any sequence number
Will this work now without sequence number 20?
When i do
sh route-map
route-map policy, permit, sequence 10
Match clauses:
ip address (access-lists): 113 114
Set clauses:
ip next-hop 2.2.2.2 3.3.3.3
Policy routing matches: 0 packets, 0 bytes
it shows both acl 113 and 114 need to know if this route-map config will work or not?
Thanks
MAhesh
Solved! Go to Solution.
05-28-2012 09:39 AM
05-28-2012 09:26 AM
Hello Mahesh,
your configuration performs a logical OR of the two IP ACLs
if a packet matches ACL 113 or it matches ACL 114 the PBR action of setting an ip next-hop will take place.
The configuration is correct if you need to use the same IP next-hop for both types of traffic, otherwise you need a new route-map clause with a different sequence number and a different set action.
Edit:
actually there are two IP next-hops defined in the set section, in this case first next-hop is used and if it is unavailable ( no ARP entry) the second next-hop will be used. The action as described above applies to traffic matching one of the two ACLs.
if you want to have different IP next-hops you need two route-map clauses/blocks
Hope to help
Giuseppe
05-28-2012 09:34 AM
Hi Giuseppe,
When you say
if you want to have different IP next-hops you need two route-map clauses/blocks
Does it mean route map with 2 sequence numbers say 10 and 20?
Thanks
MAhesh
05-28-2012 09:39 AM
Hello Mahesh,
yes I do mean that
Hope to help
Giuseppe
05-28-2012 09:44 AM
Hi Giuseppe,
Thanks again.
Seems need to learn lot from this forum.
Regards
MAhesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: