[c-nsp] Sup1a MSFC2 Policy Based Routing

Trent Lloyd lathiat at bur.st
Tue Dec 26 20:32:01 EST 2006 

Hi Jason,

One of the guys here was fiddling with this on our 6500 w/SUP1A-MSFC2
and was seeing some similar problems, what was worse is a few random
packets from *other interfaces* did hit the route-map and that caused
some extra funkyness, not sure whats going on there but we haven't
visited it again since -- do let me know if you find a solution.

Are you guys running MLS?

Cheers,
Trent

On Tue, Dec 26, 2006 at 06:18:24PM -0500, Jason Ford wrote:
> Richard,
> 
> Tried setting it to 4.4.4.9 (which would be the ip address assigned to 
> my interface on g1/1) and still no luck. It just seems that the BGP 
> route is overshadowing the PBR. It doesn't forward the traffic out as 
> the route-map tells it to. This is why I was perplexed in the first place :)
> 
> Any other ideas or suggestions would be greatly appreciated.
> 
> Regards,
> 
> jaosn
> 
> Richard Gallagher wrote:
> > Try setting the next-hop to the directly connected address that 
> > 4.4.4.10  is reachable via.
> >
> > Jason Ford wrote:
> >> Hey all,
> >>
> >> I am having some problems getting policy based routing (using a 
> >> access-list to identify source) working on a 6500 with a Sup1a / 
> >> MSFC2 card. Background of the setup is the following:
> >>
> >> 1. Have 4 BGP peers using equal weight in and out for routing choices.
> >> 2. 6500 is running in Native IOS with version 
> >> c6sup12-ps-mz.121-26.E3.bin and c6msfc2-boot-mz.121-26.E3.bin.
> >>
> >> I am trying to use source based routing to control one of my subnets 
> >> outbound traffic to use a lower cost BGP peer over the other 3. The 
> >> source address in this case we will use 1.1.1.0/28 and is directly 
> >> connecting to f 3/10. The BGP peer router I want the traffic to go 
> >> out is 4.4.4.10 and is directly connected to g 1/1. So I setup the 
> >> following route-map and identify the source network via an 
> >> access-list with the following configuration.
> >>
> >> access-list 180 permit ip 1.1.1.0 0.0.0.16 any
> >>
> >> route-map peer-out permit 10
> >>  match ip address 180
> >>  set ip next-hop 4.4.4.10
> >>
> >> This is where I get a bit lost. I assigned this route map to the 
> >> interface in which the 1.1.1.0 network was attached with this.
> >>
> >> interface f 3/10
> >> ip policy route-map peer-out
> >>
> >> I don't see the policy routing matches increasing when I do a show 
> >> route-map peer-out. On top of that, if I traceroute from any server 
> >> in the 1.1.1.0/28 network to the outside world, it still uses the BGP 
> >> preferred route from the route table. Is there something I am doing 
> >> wrong here to override the outbound traffic for this subnet to go 
> >> over a desired BGP peer?
> >>
> >> Any help would be greatly appreciated.
> >>
> >> Regards,
> >>
> >> jason
> >>
> >>
> >> _______________________________________________
> >> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list