OER w/ PBR questions

Unanswered Question
Feb 13th, 2008
User Badges:

When I followed the document OER Application-Aware Routing: PBR at:


It seemed that it basically created an OER policy map that then began to use OER on the traffic classes I wanted. I kept the originally learning in place and it seemed like it was changing links for both the configured PBR applications and the learned routes.

What I am trying to accomplish is to force certain types of traffic (IPSec, HTTP) out of one exit interface and then perform OER on all other traffic. Is this done using a extened ACL with a deny statement? Is this even possible?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
aghaznavi Tue, 02/19/2008 - 11:20
User Badges:
  • Silver, 250 points or more

The command syntax used for the OER implementation is

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [log | log-input] [time-range time-range-name] [fragments]


Joseph W. Doherty Tue, 02/19/2008 - 17:11
User Badges:
  • Super Bronze, 10000 points or more

Can't guarantee this, but what you might have to do is:

1) have all traffic prefer (w/o PfR) the path you want some traffic (IPSec and HTTP) to use

2) exclude same traffic (IPSec and HTTP) from PfR

3) allow PfR to learn and control remaining traffic


I recall excluding traffic from OER is done via an OER policy map, don't recall exactly how


This Discussion