[f-nsp] Policy based routing question

Randy McAnally rsm at fast-serv.com
Mon Feb 15 18:35:39 EST 2010 

Dumb question maybe, but are you applying the same map to all VRRP enabled routers?

-- 
Randy

---------- Original Message -----------
From: Joseph Hardeman <jwhardeman at gmail.com> 
To: foundry-nsp at puck.nether.net 
Sent: Mon, 15 Feb 2010 18:23:35 -0500 
Subject: Re: [f-nsp] Policy based routing question

> Ok,
> 
> I now have a little more idea on what is causing my problems.  Its VRRP causing my ip policy route-map to not work.  When I remove VRRP from a VLAN I am testing with my route-map works properly but stops working when I re-apply the VRRP Config.
> 
> Any ideas on why VRRP would break a ip policy route-map?
> 
> Thanks everyone
> 
> Joe
> 
> On Mon, Feb 15, 2010 at 12:32 AM, Joseph Hardeman <jwhardeman at gmail.com> wrote:
> Hi Everyone,
> 
> I have a question about Policy based routing.  I have setup my access-list and route-map like the examples I have found online and also tried it with the example in a Manual I have for the Foundry.  On a VLAN with multiple subnets its not working.  I have all of the subnets included right now in the access-list I setup and I have set the next-hop in my route-map, but I can't seem to get it to send that traffic through the next hop I want too.  It is instead using BGP routing to send the traffic out for these subnets.
> 
> interface ve 200
> ip address a.a.a.a 255.255.255.128
> ip address b.b.b.b 255.255.255.128
> ip address c.c.c.c 255.255.255.0
> ip address d.d.d.d 255.255.255.128
> ip policy route-map test-next-hop
> 
> access-list 30 permit a.a.a.a 0.0.0.127
> access-list 30 permit c.c.c.c 0.0.0.255
> access-list 30 permit b.b.b.b 0.0.0.127
> access-list 30 permit d.d.d.d 0.0.0.127
> access-list 30 permit e.e.e.e 0.0.0.127
> 
> route-map  test-next-hop permit  10
> match ip address  30
> set ip next-hop z.z.z.z
> 
> When I apply this route-map to a vlan with a single subnet it works just fine and is sending the outbound traffic to the next hop I told it to, just not on the vlan with multiple subnets.  Anyone know why it might be having this problem?  And how to fix it?
> 
> Thanks for any insight or help.
> 
> Joe
> 
------- End of Original Message -------
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20100215/4dd4c276/attachment.html>

More information about the foundry-nsp mailing list