[nsp] Policy routing next-hop
Sam Stickland
sam_ml at spacething.org
Fri Oct 3 19:56:51 EDT 2003
Thanks for the reply :)
It's on a Cat6500 so CEF is always running.
Had just discoverd the 'ip local policy route-map map-tag' command myself.
Now that I've enabled that, if I attempt pings from the router, with the
correct source-address they are policy routed (verified by debug ip policy).
However, traffic arriving from the LAN on that VLAN still isn't being
corrected routed, which is odd.
Sam
----- Original Message -----
From: "Raymond, Steven" <steven_raymond at eli.net>
To: "Sam Stickland" <sam_ml at spacething.org>
Cc: "Cisco Nsp" <cisco-nsp at puck.nether.net>
Sent: Saturday, October 04, 2003 12:44 AM
Subject: RE: [nsp] Policy routing next-hop
> I was just reviewing the same topic recently. Success seems to hinge upon
> your switching method. If you are not running CEF, it appears you have to
> have the command "ip route-cache policy" on the interface:
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c
> /qcpart1/qcpolicy.htm#5751
>
> Also, how were you testing that it worked or not? It seems that traffic
> originating from the router is not PBRed unless you use this command: "ip
> local policy route-map map-tag".
>
> May be obvious, but "next-hop" is supposed to be directly-connected.
>
> Dunno, hope this helps. Haven't gotten this working myself but maybe
these
> thoughts can give you some ideas.
>
>
> > -----Original Message-----
> > From: Sam Stickland [mailto:sam_ml at spacething.org]
> > Sent: Friday, October 03, 2003 4:34 PM
> > To: Cisco Nsp
> > Subject: [nsp] Policy routing next-hop
> >
> >
> > Hi,
> >
> > I'm trying to route all traffic on a specific VLAN out to a different
> > router.
> >
> > I've tried the following:
> >
> > access-list 30 permit ip a.b.c.0 0.0.0.255
> >
> > route-map sendviaWxyz permit
> > match ip address 30
> > set next-hop w.x.y.z
> >
> > int vlan 3
> > ip policy route-map sendviaWxyz
> >
> > Vlan 3 is VLAN on our LAN, that I want to send out via a
> > specific peer.
> >
> > With no joy.. Have even tried using an extended access-list
> > with 'permit ip
> > any any', and routemaps with no match clauses and routemaps
> > with 'match
> > interface vlan3' etc. etc.
> >
> > I'm really stumped, so I'd appreciate any idea's anyone might have.
> >
> > This is on a Cat6500 with a Sup2-MFSC2-PFC2 and IOS 12.1(11r)E1a
> >
> > Thanks,
> >
> > Sam
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
More information about the cisco-nsp
mailing list