Policy based routing question
mrblackmamba343
Inactive Imported Users Posts: 136
in CCNP
if I want to route traffic from loopback1 1.1.1.1(r1) to network 2.2.2.2 which is of a router(r2) with a next hop of 192.168.1.1.
Shouldn't this do the trick?
access-list 101 permit ip host 1.1.1.1 host 2.2.2.2
route-map to-r2 permit 10
match ip address 101
set ip next-hop 192.168.1.1
route-map to-r2 permit 20
interface loopback1(r1)
ip policy route-map to-r2
For some reason it is not working for me. Traffic to 2.2.2.2 from loopback1 is still going across the default route
Im testing this in a GNS3 lab on my PC
Shouldn't this do the trick?
access-list 101 permit ip host 1.1.1.1 host 2.2.2.2
route-map to-r2 permit 10
match ip address 101
set ip next-hop 192.168.1.1
route-map to-r2 permit 20
interface loopback1(r1)
ip policy route-map to-r2
For some reason it is not working for me. Traffic to 2.2.2.2 from loopback1 is still going across the default route
Im testing this in a GNS3 lab on my PC
Comments
-
mattau Member Posts: 218the policy routemap needs to be applied on an inbound interface not a loopback. So if you have R1 and then R1 has links to next hop 192.168.1.1 then it needs to be applied on R1 inbound on the segment accepting the traffic into R1.
Additionally if you want PBR to work
conf t
no ip cef
_____________________________________
CCNP ROUTE - passed 20/3/12
CCNP SWITCH - passed 25/10/12
CCNP TSHOOT - passed 11/12/12 -
bermovick Member Posts: 1,135 ■■■■□□□□□□Are you sure IP cef has to be turned off? I don't seem to remember having to disable it in my labs.
I do agree though that traffic sourced from the router always seems ... tricky. I always throw another router into the mix and turn it into a host via the 'no ip routing' and 'ip default-gateway' commands.Latest Completed: CISSP
Current goal: Dunno -
mattau Member Posts: 218from my experience it does (disclaimer - this is purely on dynamips) I have racked my brain over this cef and pbr topic and alot of people say the same thing. if you do debug ip policy with cef on you will find that the policy is matched but never executed. If you can get it to work with cef please let me know because i would love to try
even on ipv6 i couldnt get pbr to work with cef.
i turn cef off things work like you would expect
also another thing that has caught me out with pbr. you cannot use prefix lists. acl's only - i once spent 3 hours trying to figure out why it wasnt working due to me using prefix lists_____________________________________
CCNP ROUTE - passed 20/3/12
CCNP SWITCH - passed 25/10/12
CCNP TSHOOT - passed 11/12/12 -
mrblackmamba343 Inactive Imported Users Posts: 136the policy routemap needs to be applied on an inbound interface not a loopback. So if you have R1 and then R1 has links to next hop 192.168.1.1 then it needs to be applied on R1 inbound on the segment accepting the traffic into R1.
Additionally if you want PBR to work
conf t
no ip cef
2.2.2.2 and 1.1.1.1 all both loopback address on both routers.
So in this in case the inbound interface is the loopback -
mrblackmamba343 Inactive Imported Users Posts: 136I found out in gns3 applying policy maps to loopbacks may not work as desired.
I put the source address on a "phyiscal interface" and applied the PBR. Everything works fine.