[c-nsp] IOS-XR and PBR
Lee Starnes
lee.t.starnes at gmail.com
Thu Sep 11 03:15:32 EDT 2014
Hi Oliver,
Since we have no default routes and all backbone links are full BGP minus
default route, I am going to assume that the second permit statement won't
work here. Would this just get specified as any since the first entry would
be matched for local netblocks and it would not go further in the ACL?
These special case customers all are fed from a single 6509 to the border
router that contains their one carrier of choice, but that border router
contains several backbone links and each border router also having links to
each other. I suspect that for simplifying this, we can match against
traffic on the link coming from that 6509 to the border router.
Thanks for the pointers.
-Lee
On Wed, Sep 10, 2014 at 11:09 PM, Oliver Boehmer (oboehmer) <
oboehmer at cisco.com> wrote:
>
> >
> >I am looking to setup some policy based routing on an IOS-XR router. From
> >what I understand, XR does not have PBR, but ABF. When looking at how ABF
> >works, I don¹t see how to set a next hop route (only next hop per TCP
> >port).
>
> well, you can direct any traffic matching an ACE (be it layer 3 or 4) to a
> chosen next-hop.
>
> >My question then would be, how does one accomplish this on XR? What
> >I need to do is allow a particular IP block to only have access to one of
> >our backbone carriers and not the others. We have their /24 only announced
> >out the one carrier, but for outbound traffic, I want to make sure their
> >traffic remains on that carrier but also have access to our local routes
> >(all our local customers and local networks). Is this something that can
> >be
> >done with ABF
>
> Yes, it can be done, but possibly a bit more difficult:
>
> ipv4 access-list ABF
> permit CUST/24 <your-own-netblocks>
> permit CUST/24 0.0.0.0/0 next-hop <your-upstream-provider>
>
> not sure how your topology looks and where you would need to apply this
> forwarding rule, but the next-hop can be directly connected or resolve via
> some form of tunnel (including LDP/LSP).
>
> oli
>
>
More information about the cisco-nsp
mailing list