[c-nsp] About Problem on Policay based routing

Sun Jan 23 07:46:42 EST 2011

Try using the recursive option, so it forwards packets to default when the next-hop is unavailable

route-map dst_80 q
match ip address 101
set ip next-hop recursive 202.53.x.x

Or, if not available in your version (unlikely) ,try adding a secondary next-hop to the route-map

route-map dst_80 q
match ip address 101
set ip next-hop 202.53.x.x 202.53.y.y 202.53.z.z 
! and so on...

Or you could use a combination of rtr track and verify-availability, read more about this here:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtpbrtrk.html

Hope this helps,
Ziv

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Md. Jahangir Hossain
Sent: Sunday, January 23, 2011 8:28 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] About Problem on Policay based routing

Dear concern:

We faced  problem policy based routing (PBR) on my cisco SAR 7606 router.

When my next hop down into my route-map packet not forwarded to destination using by default routing table but we got icmp to any destination. can any one  please check the config and IOS version  what is wrong my config or IOS ?

Bellow by configuration and IOS version:

ip access-list extended 101 permit tcp any any eq www ip access-list extended 102 permit tcp any eq www any   

route-map dst_80 q
match ip address 101
set ip next-hop 202.53.x.x             

route-map src_80
match ip address 102
set ip next-hop 202.53.x.x             

interface gigabit interface 

description {client}
ip policy route-map dst_80 

interface gigabit interface 

description [Internet]
ip policy route-map src_80 

######################################################

SAR-7606#sh version 
Cisco IOS Software, c7600s3223_rp Software (c7600s3223_rp-ADVENTERPRISEK9-M), Version 12.2(33)SRD2a, RELEASE SOFTWARE (fc2)

ROM: System Bootstrap, Version 12.2(17r)S6, RELEASE SOFTWARE (fc1)
BOOTLDR: Cisco IOS Software, c7600s3223_rp Software (c7600s3223_rp-ADVENTERPRISEK9-M), Version 12.2(33)SRD2a, RELEASE SOFTWARE (fc2)

 SAR-7606 uptime is 1 year, 9 weeks, 5 days, 23 hours, 2 minutes
Uptime for this control processor is 1 year, 9 weeks, 5 days, 22 hours, 52 minutes
System returned to ROM by power-on (SP by power-on)
System restarted at 13:07:24 BD Sun Nov 15 2009
System image file is "sup-bootdisk:c7600s3223-adventerprisek9-mz.122-33.SRD2a.bin"
Last reload type: Normal Reload

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************

The information contained in this e-mail message and its attachments is confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender, and then delete the message from your computer.  Thank you!

******** This mail was sent via Mail-SeCure System.********

************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************