[c-nsp] Policy based routing - Packets being punted to CPU
Andy S
tswmmeejsdad at gmail.com
Mon Apr 16 20:55:32 EDT 2012
Hi There,
A quick questions in relation to the following policy based routing
configuration for a Cisco 6500.
Example:
interface TenGigabitEthernet9/8
ip address 10.10.10.10 255.255.255.252
no ip redirects
ip directed-broadcast
ip route-cache flow
ip policy route-map MY-TEST
!
route-map MY-TEST permit 10
match ip address MY-TEST-ACL
set ip next-hop 192.168.255.10
set ip df 0
!
route-map MY-TEST permit 20
1/ Does having the permit 20 rule cause all my packets to be punted to the
CPU???
According to the output below, I believe this is happening as a result of
the permit 20 rule.
#show tcam interface tenGigabitEthernet 9/8 acl in ip
* Global Defaults shared
Entries from Bank 0
Entries from Bank 1
permit ip any 224.0.0.0 15.255.255.255
punt ip any any
2/ If point one is true, can I just remove the permit 20 rule which I
believe will stop all packets being punted to the CPU?
I don't believe policy-maps have an implicit deny at the end, so packets
that don't match permit 10 should continue to be routed using the routing
table. Is this true also?
Thanks.
Andy
More information about the cisco-nsp
mailing list