No packet match when configure virtual template

Unanswered Question
Jan 30th, 2007

Dear All,

There is no match ip address for access-list, but do see traffic passing by and BGP is established well.

There is virtual template configured for the router, below is the interface configuration:

RouterA#sh run int s0

Building configuration...

Current configuration : 332 bytes

!

interface Serial0

bandwidth 384

no ip address

encapsulation frame-relay IETF

ip route-cache flow

no ip mroute-cache

load-interval 30

frame-relay class MAXCIR

frame-relay traffic-shaping

no frame-relay inverse-arp

frame-relay lmi-type ansi

end

RouterA#sh run int s0.100

Building configuration...

Current configuration : 255 bytes

!

interface Serial0.100 point-to-point

bandwidth 208

ip access-group ACL in

no cdp enable

frame-relay class voip

frame-relay interface-dlci 100 ppp Virtual-Template1

end

RouterA#

RouterA#sh run int virtual-access1

Building configuration...

Current configuration : 134 bytes

!

interface Virtual-Access1

bandwidth 345

ip address 23.22.23.74 255.255.255.252

max-reserved-bandwidth 100

load-interval 30

end

RouterA#

RouterA#sh run int virtual-template1

Building configuration...

Current configuration : 265 bytes

!

interface Virtual-Template1

bandwidth 345

ip address 23.22.23.74 255.255.255.252

max-reserved-bandwidth 100

service-policy output HQV_OFFICE

load-interval 30

ppp multilink

ppp multilink fragment delay 10

ppp multilink interleave

end

When i do show ip access-list ACL:

sh ip access-l ACL

Extended IP access list ACL

10 permit ip any any <<< No match

RouterA#sh int s0.100

Serial0/0/0.100 is up, line protocol is up

Hardware is GT96K Serial

MTU 1500 bytes, BW 208 Kbit, DLY 20000 usec,

reliability 255/255, txload 27/255, rxload 83/255 <<< Traffic is passing

Encapsulation FRAME-RELAY IETF

Last clearing of "show interface" counters never

Couldn't figure out why it happened, any idea?

Thank You,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
mheusinger Wed, 01/31/2007 - 00:27

Hi,

as far as I understand, you are using PPP over Frame-relay. So the FR interface will only "see" PPP traffic and your ACL - looking for IP - will get no matches.

Can you try to apply the ACL to the Virtual-Template1 and check the result?

Hope this helps! Please use the rating system.

Regards, Martin

Actions

This Discussion