[c-nsp] PBR noob question
Nick Griffin
nick.jon.griffin at gmail.com
Thu Jun 19 17:58:46 EDT 2008
You can source traces from any interface on the router, try "trace" "enter"
for extended options. You won't be able to test this from the router itself
unless you configure "ip local policy", to perform local policy routing.
Nick Griffin
On Thu, Jun 19, 2008 at 4:49 PM, Adam Greene <maillist at webjogger.net> wrote:
> Hi,
>
> I'm setting up basic PBR on a remote router (3640, IOS 12.3(26)) and am
> having some problems testing whether it's working.
>
> ====
> access-list 20 permit 10.10.60.1 0.0.1.255
> !
> route-map Special_Subnet
> match ip address 20
> set ip default next-hop 10.10.34.2
> !
> int f1/0
> ip address 192.168.2.1 255.255.255.252
> !
> int f2/0
> ip address 10.10.34.1 255.255.255.252
> !
> int f3/0
> ip address 172.20.20.1 255.255.255.0
> ip address 10.10.60.1 255.255.254.0 secondary
> ip policy route-map Special_Subnet
> !
> ip route 0.0.0.0 0.0.0.0 192.168.2.2
> ====
>
> I guess the main question is, when I ping from the router CLI, to an IP
> address not in the routing table, with a source address of 10.10.60.1,
> will the ping packets be sent to 10.10.34.2? Or will only the packets sent
> by hosts in the 10.10.60.0/23 range, connected to int f3/0, be sent to
> 10.10.34.2?
>
> Unfortunately, the IOS doesn't support the /source option on traceroute
> commands, so I can't test in that way, and at the moment, I have nothing
> connected to int f3/0 in the 10.10.60.1/23 range ....
>
> Thanks for your help,
> Adam
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list