OER w/ PBR questions

Unanswered Question
Feb 13th, 2008
User Badges:

When I followed the document OER Application-Aware Routing: PBR at:

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a00804d679f.html#wp1047623


It seemed that it basically created an OER policy map that then began to use OER on the traffic classes I wanted. I kept the originally learning in place and it seemed like it was changing links for both the configured PBR applications and the learned routes.


What I am trying to accomplish is to force certain types of traffic (IPSec, HTTP) out of one exit interface and then perform OER on all other traffic. Is this done using a extened ACL with a deny statement? Is this even possible?


Thanks.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
aghaznavi Tue, 02/19/2008 - 11:20
User Badges:
  • Silver, 250 points or more

The command syntax used for the OER implementation is

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [log | log-input] [time-range time-range-name] [fragments]

http://www.cisco.com/en/US/docs/ios/oer/configuration/guide/oer-vpn_gre_exit.html#wp1054453

Joseph W. Doherty Tue, 02/19/2008 - 17:11
User Badges:
  • Super Bronze, 10000 points or more

Can't guarantee this, but what you might have to do is:


1) have all traffic prefer (w/o PfR) the path you want some traffic (IPSec and HTTP) to use


2) exclude same traffic (IPSec and HTTP) from PfR


3) allow PfR to learn and control remaining traffic


[edit]

I recall excluding traffic from OER is done via an OER policy map, don't recall exactly how

Actions

This Discussion