Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3715
Views
0
Helpful
3
Replies

PBR and prefix-lists

Go to solution
johnnylingo
Level 5
Level 5

‎04-25-2007 05:46 PM - edited ‎03-03-2019 04:42 PM

I'm doing a test of PBR, and it seems to work fine with access-lists, but I'd like to use prefix-lists and rather than behaving the same, it instead matches all packets regardless of source address. Config:

interface Vlan1

ip address 192.168.1.1 255.255.255.0

ip policy route-map TEST

!

ip prefix-list Servers permit 192.168.1.128/25

!

route-map TEST permit 10

match ip address prefix-list Servers

set ip next-hop 192.168.1.2

set ip next-hop verify-availability

!

# debug ip policy

Apr 26 01:46:08.192: IP: s=192.168.1.5 (Vlan1), d=66.246.246.52, len 518, FIB policy match

Apr 26 01:46:08.192: IP: s=192.168.1.5 (Vlan1), d=66.246.246.52, g=192.168.1.2, len 518, FIB policy routed

Works as expected:

ip access-list standard Servers

permit 192.168.1.128 0.0.0.127

!

route-map TEST permit 10

match ip address Servers

set ip next-hop 192.168.1.2

set ip next-hop verify-availability

!

#debug ip policy

Apr 26 01:52:58.578: IP: s=192.168.1.5 (Vlan1), d=66.246.246.52, len 78, FIB policy rejected(no match) - normal forwarding

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎04-25-2007 06:11 PM

John,

The prefix-list feature was designed to perform routing protocol route filtering and it is therefore not supported in a PBR context.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎04-25-2007 06:11 PM

John,

The prefix-list feature was designed to perform routing protocol route filtering and it is therefore not supported in a PBR context.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
johnnylingo
Level 5
Level 5
In response to Harold Ritter

‎04-25-2007 07:17 PM

Interesting. This was my suspicion, but I noticed it is supported with OER.

0 Helpful

Go to solution
johnnylingo
Level 5
Level 5

‎05-02-2007 08:25 AM

I've also noticed it doesn't seem to work with Named ACLs. This works:

access-list 1 permit 192.168.1.128 0.0.0.127

!

route-map TEST permit 10

match ip address 1

set ip next-hop 192.168.1.2

set ip next-hop verify-availability

!

This does not:

ip access-list standard Servers

permit 192.168.1.128 0.0.0.127 log

!

route-map VoIP-T1 permit 10

match ip address Servers

set ip next-hop 192.168.1.2

set ip next-hop verify-availability

!

My IOS version is 12.4(7e)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card