02-13-2008 11:31 AM - edited 03-03-2019 08:41 PM
When I followed the document OER Application-Aware Routing: PBR at:
http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a00804d679f.html#wp1047623
It seemed that it basically created an OER policy map that then began to use OER on the traffic classes I wanted. I kept the originally learning in place and it seemed like it was changing links for both the configured PBR applications and the learned routes.
What I am trying to accomplish is to force certain types of traffic (IPSec, HTTP) out of one exit interface and then perform OER on all other traffic. Is this done using a extened ACL with a deny statement? Is this even possible?
Thanks.
02-19-2008 11:20 AM
The command syntax used for the OER implementation is
access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [log | log-input] [time-range time-range-name] [fragments]
http://www.cisco.com/en/US/docs/ios/oer/configuration/guide/oer-vpn_gre_exit.html#wp1054453
02-19-2008 05:11 PM
Can't guarantee this, but what you might have to do is:
1) have all traffic prefer (w/o PfR) the path you want some traffic (IPSec and HTTP) to use
2) exclude same traffic (IPSec and HTTP) from PfR
3) allow PfR to learn and control remaining traffic
[edit]
I recall excluding traffic from OER is done via an OER policy map, don't recall exactly how
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide