[c-nsp] Another bughunt, this time VRF PBR
David Freedman
david.freedman at uk.clara.net
Sun Sep 27 10:27:45 EDT 2009
wonder if anybody has come across this before,
in 12.4(15)T, configuring a virtual-access per-user such:
Framed-IP-Address = 10.0.0.1,
Cisco-AVPAIR += "lcp:interface-config=ip policy route-map TEST\nip vrf receive TEST\n",
Cisco-AVPAIR += "ip:route=vrf TEST 192.168.100.0 255.255.255.0 10.0.0.1"
The policy map simply uses an access list to match source 192.168.100.0/24 and set vrf TEST.
But results in the following vrf CEF table:
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
10.0.0.1/32 receive
192.168.100.0/24 10.0.0.1 (?)
224.0.0.0/4 drop
224.0.0.0/24 receive
255.255.255.255/32 receive
#sh ip cef vrf TEST 192.168.100.0 internal
192.168.100.0/24, version 32, epoch 0
0 packets, 0 bytes
tag information set
local tag: assigned-when-resolved-later
Flow: Origin AS 0, Peer AS 0, mask 24
via 10.0.0.1, 0 dependencies, recursive
unresolved
refcount 5
The lack of being able to resolve the per-user static results in a label being assigned
and distributed to other PE routers, but this label not being retained internally!
(so traffic is dropped on ingress)
This is obviously broken but can't find the bugID, closest I can find is CSCse37042
This also does not appear to be a feature restriction as far as I can tell from the documentation.
configuring a manual static to the next-hop also results in this odd behaviour.
Any help appreciated.
TIA
------------------------------------------------
David Freedman
Group Network Engineering
Claranet Limited
http://www.clara.net
More information about the cisco-nsp
mailing list