[nsp] RE: Policy Based Routing

Tobias Seda nocadmin at nbi.ispkenya.com
Mon Feb 9 14:48:28 EST 2004 

Hi

I am having trouble configuring PBR on a cisco 12.0(a17)T IOS, Cisco 1605R
for a small network running two frame relay sub-interfaces.

One Interface is carrying Internet traffic to an ISP while the other is
connecting to another remote office.

If I check packet counter on the route map for ISP I can see something, but
it seems like the packets are not leaving the router to the destination,
because I cannot ping any host on ISP network except the remote interface,
like wise to the other Interface.

Any idea out there..?

regards

Tobias

FYI
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>

route-map traffic-redirect, permit, sequence 10
  Match clauses:
    ip address (access-lists): 1
  Set clauses:
    ip precedence priority
    ip next-hop 64.86.238.25
  Policy routing matches: 15579 packets, 2108650 bytes
route-map traffic-redirect, permit, sequence 20
  Match clauses:
    ip address (access-lists): 2
  Set clauses:
    ip precedence critical
    ip next-hop 10.1.1.5
  Policy routing matches: 16138 packets, 1099194 bytes
GiroLTD#
<><><><><<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><

interface Ethernet0
 ip address 192.168.111.1 255.255.255.0 secondary
 ip address 64.86.235.1 255.255.255.248 secondary
 ip address 132.0.0.54 255.255.255.0
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 ip policy route-map traffic-redirect
 fair-queue 64 256 0
!
interface Serial0
 no ip address
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 encapsulation frame-relay IETF
 ip route-cache policy
 ip policy route-map traffic-redirect
 no logging event subif-link-status
 no logging event dlci-status-change
!
interface Serial0.1 point-to-point
 description 64K Internet Link to ISPKenya.
 ip address 64.86.238.26 255.255.255.252
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp

GiroLTD#conf t
Enter configuration commands, one per line.  End with
GiroLTD(config)#int e0
GiroLTD(config-if)#no ip ad
GiroLTD(config-if)#no ip address 64.86.235.1 255.255.2
GiroLTD(config-if)#no ip address 64.86.235.1 255.255.2
GiroLTD(config-if)#end
GiroLTD#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname GiroLTD
!
enable secret 5 $1$RIOJ$XQP4haYXV4eaK8aS7oxV01
enable password 7 130C04020E0517
!
ip subnet-zero
no ip domain-lookup
ip domain-name ispkenya.com
ip name-server 212.49.87.2
ip name-server 64.86.231.5
!
!
!
interface Ethernet0
 ip address 192.168.111.1 255.255.255.0 secondary
 ip address 132.0.0.54 255.255.255.0
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 ip policy route-map traffic-redirect
 fair-queue 64 256 0
!
interface Serial0
 no ip address
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 encapsulation frame-relay IETF
 ip route-cache policy
 ip policy route-map traffic-redirect
 no logging event subif-link-status
 no logging event dlci-status-change
!
interface Serial0.1 point-to-point
 description 64K Internet Link to ISPKenya.
 ip address 64.86.238.26 255.255.255.252
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 frame-relay interface-dlci 22
!
interface Serial0.2 point-to-point
 description 64K Data Link to Reuters
 ip address 10.1.1.6 255.255.255.252
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 frame-relay interface-dlci 21
!
router rip
 network 10.0.0.0
 network 192.1.1.0
!
ip nat inside source list 1 interface Serial0.1 overlo
ip classless

[ip route 0.0.0.0 0.0.0.0 10.1.1.5] TEMPORARY 4 TEST

!
access-list 1 permit 132.0.0.0 0.0.0.255
access-list 2 permit 192.168.111.0 0.0.0.255
route-map traffic-redirect permit 10
 match ip address 1
 set ip precedence priority
 set ip next-hop 64.86.238.25
!
route-map traffic-redirect permit 20
 match ip address 2
 set ip precedence critical
 set ip next-hop 10.1.1.5
!
snmp-server community ispkpub RO
snmp-server community ispkpriv RW
!
line con 0
 transport input none
line vty 0 4
 password 7 112E101718300507490D3C
 login
!
end

GiroLTD#

More information about the cisco-nsp mailing list