[c-nsp] ASR 9K + source based routing

Jason Lixfeld jason at lixfeld.ca
Thu Apr 6 08:06:07 EDT 2017 

Hi,

A cursory look appears to suggest that your configuration is incorrect.  The example from the Support Forum link you referenced seems to corroborate that?

<snip>
ipv4 access-list abf-1

10 permit ipv4 any 100.100.100.0/24 nexthop1 VRF RED ipv4 1.1.1.1 nexthop2 VRF BLUE ipv4 2.2.2.2 nexthop3 ipv4 3.3.3.3

</snip>

<snip>
ipv4 access-list abf-default 

10 permit ipv4 any 100.100.100.0/24 nexthop1   



Int Ten Gig 0/1/0/0

vrf BLUE

Ipv4 addres 30.30.30.1/24

ipv4 access-list abf-default ingress

</snip>

Sent from my iPhone

> On Apr 6, 2017, at 4:54 AM, Nemeth Laszlo <csirek at cooler.hu> wrote:
> 
> Hi All,
> 
> I have a ASR9K1 with IOS XR 4.3.2 . Yes i know it is an old image, but rock stable in our environment.
> 
> Today a made a source based routing: if the source packet is comming from 1.1.1.0/24 range the nexthop have to be 2.2.2.2
> 
> The config is this:
> 
> RP/0/RSP0/CPU0:asr01#sh run interface bundle-ether 100.79
> 
> interface Bundle-Ether100.79
> description V79
> mtu 9164
> ipv4 mtu 9100
> ipv4 address 10.0.0.1 255.255.255.0
> load-interval 30
> encapsulation dot1q 79
> ipv4 access-group acl_vlan79_in ingress
> 
> 
> This bundle interface is the Te 0/0/2/0 and 0/0/2/1
> 
> 
> I use netflow on interface Te 0/0/2/2 and 0/0/2/3 just for info....
> 
> The acl_vlan79 is this:
> 
> RP/0/RSP0/CPU0:asr01#sh access-lists acl_vlan79_in
> 
> ipv4 access-list acl_vlan79_in
> 55 permit ipv4 1.1.1.0 0.0.0.255 any nexthop1 ipv4 2.2.2.2
> 100 deny ipv4 any any
> 
> But it doesn't work, the packet goes to the default gateway. The 2.2.2.2 nexthop is a connected IP on interface BE 100.2 (this interface ip address is  2.2.2.1/28)
> 
> RP/0/RSP0/CPU0:asr01#sh access-lists ipv4 acl_vlan79_in hardware ingress location 0/0/CPU0
> 
> ipv4 access-list acl_vlan79_in
> 55 permit ipv4 1.1.1.0 0.0.0.255 any (11011457 hw matches)
> 100 deny ipv4 any any (1292262 hw matches)
> 
> So in the ACL doesn't show the nexthop the end of the line of 55 like the examples (https://supportforums.cisco.com/document/145271/abf-acl-based-forwarding-asr9k) shows me.
> 
> Any idea what is the wrong?
> 
> Thanks
> Laszlo
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list