[c-nsp] 3560/3750 policy routing

Adrian Chadd adrian at creative.net.au
Mon Nov 2 22:35:34 EST 2009


Please read the Cisco 3750 IOS configuration guide. It specifically
states that PBR and VRF on the same interface is not permitted.

There is also apparently a PBR and fast-PBR mode which if i recall
does something akin to either software or hardware switching.
I'm not sure of the details. It is all in the IOS configuration
guide though!

2c,


Adrian


On Mon, Nov 02, 2009, Ge Moua wrote:
> >> Note that PBR on these platforms is very limited in supported 
> route-map match options, e.g. per cco:
> 
> I concur; I can't seem to do anything beyond some basic match & set; the 
> IOS complained when I tried som SET commands with VRF parameters.  I 
> suppose this is really a switch platform and not a true router platform.
> 
> 
> Regards,
> Ge Moua | Email: moua0100 at umn.edu
> 
> Network Design Engineer
> University of Minnesota | Networking & Telecommunications Services
> 
> 
> 
> Daniska, Tomas wrote:
> >>-----Original Message-----
> >>From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> >>bounces at puck.nether.net] On Behalf Of Peter Rathlev
> >>Sent: Tuesday, November 03, 2009 12:01 AM
> >>To: Ryan West
> >>Cc: cisco-nsp
> >>Subject: Re: [c-nsp] 3560/3750 policy routing
> >>
> >>
> >>It has been running IOS 12.2(50)SE1 IP Services "all its life" (some
> >>months).
> >>
> >>When we started using it I was a little nervous if it would cope (and
> >>posted on this list about it too) but it performs splendidly for us.
> >>
> >>    
> >
> >I second this, 12.2(50)SE3, doing some PBR-based VoIP spliting to
> >different SBCs, all done in HW.
> >
> >
> >Note that PBR on these platforms is very limited in supported route-map
> >match options, e.g. per cco:
> >
> >********************
> >When configuring match criteria in a route map, follow these guidelines:
> >
> >-Do not match ACLs that permit packets destined for a local address. PBR
> >would forward these packets, which could cause ping or Telnet failure or
> >route protocol flapping.
> >
> >-Do not match ACLs with deny ACEs. Packets that match a deny ACE are
> >sent to the CPU, which could cause high CPU utilization.
> >********************
> >
> >Did your matching ACLs meet the no-deny requirement?
> >
> >
> >--
> >
> >deejay
> >
> > 
> >
> >__________ Informacia od ESET NOD32 Antivirus, verzia databazy 4565
> >(20091102) __________
> >
> >Tuto spravu preveril ESET NOD32 Antivirus.
> >
> >http://www.eset.sk
> > 
> >_______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
> >  
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -


More information about the cisco-nsp mailing list