[c-nsp] Sup1a MSFC2 Policy Based Routing

[Rudy Setiawan]

Hi Jason, 

try this out modify the access-list using from a bigger prefixes such as /24
-> /25 then so on until you hit the targets. (Just want to check pattern
matching).

I don't see why the pattern would not match your access-list.
Can you do a show ip route 1.1.1.0/28?

Is that particular route-map applied to any interface other than the f3/0?
And f3/0 has only that particular block (1.1.1.0/28) or it has secondaries?

If it's easier what you can do is to make that route-map dedicated to that
specific interface (this will work if you do not have secondaries attach to
that particular interface).

So your route-map will look something like this:

Route-map peer-out permit 10
Set ip next-hop <next gateway>

That route-map will see... I will forward any to that <next gateway> ...
this will match everything and 1.1.1.0/28 will be routed to that <next
gateway>

The above is just a workaround.


Regards,
Rudy



------------------------------

Message: 4
Date: Tue, 26 Dec 2006 23:42:53 -0500
From: Jason Ford <jason at chatinara.com>
Subject: Re: [c-nsp] Sup1a MSFC2 Policy Based Routing
To: Rudy Setiawan <rudy at rudal.com>
Cc: cisco-nsp at puck.nether.net
Message-ID: <4591F9CD.1080800 at chatinara.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Rudy,

It appears you got the issue. On the match permit 20, I see the packets 
increase and the route-map must be working. Now how do we explain the 
fact that the access-list isn't getting matched when I am trying to get 
the source addresses directly attached to that port defined to any host? 
It seems that:

access-list 180 permit ip 1.1.1.0 0.0.0.15 any

should get all of the ip addresses that flow from the severs to the 6500 
then be routed out the next-hop I define.

Seems you have identified where exactly the problem is however doesn't 
explain why the packets aren't getting picked up.

jason