[c-nsp] PBR noob question
Adam Greene
maillist at webjogger.net
Tue Jun 24 09:06:42 EDT 2008
Sorry for the late reply ... Nick's "ip local policy route-map" suggestion was exactly what I needed. Thanks!
Adam
----- Original Message -----
From: Nick Griffin
To: Adam Greene
Cc: cisco-nsp at puck.nether.net
Sent: Thursday, June 19, 2008 5:58 PM
Subject: Re: [c-nsp] PBR noob question
You can source traces from any interface on the router, try "trace" "enter" for extended options. You won't be able to test this from the router itself unless you configure "ip local policy", to perform local policy routing.
Nick Griffin
On Thu, Jun 19, 2008 at 4:49 PM, Adam Greene <maillist at webjogger.net> wrote:
Hi,
I'm setting up basic PBR on a remote router (3640, IOS 12.3(26)) and am having some problems testing whether it's working.
====
access-list 20 permit 10.10.60.1 0.0.1.255
!
route-map Special_Subnet
match ip address 20
set ip default next-hop 10.10.34.2
!
int f1/0
ip address 192.168.2.1 255.255.255.252
!
int f2/0
ip address 10.10.34.1 255.255.255.252
!
int f3/0
ip address 172.20.20.1 255.255.255.0
ip address 10.10.60.1 255.255.254.0 secondary
ip policy route-map Special_Subnet
!
ip route 0.0.0.0 0.0.0.0 192.168.2.2
====
I guess the main question is, when I ping from the router CLI, to an IP address not in the routing table, with a source address of 10.10.60.1, will the ping packets be sent to 10.10.34.2? Or will only the packets sent by hosts in the 10.10.60.0/23 range, connected to int f3/0, be sent to 10.10.34.2?
Unfortunately, the IOS doesn't support the /source option on traceroute commands, so I can't test in that way, and at the moment, I have nothing connected to int f3/0 in the 10.10.60.1/23 range ....
Thanks for your help,
Adam
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list