Policy based routing

Unanswered Question
Jun 14th, 2008
User Badges:


I have done a policy based routing and attached the policy to the interface. But none of the packets are marking.

route-map name permit 10

match ip address 150

set ip next-hop.

And attached this to an ATN subinterface as;

ip policy route-map name

Can any one help to identify the reason of this;

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
foxbatreco Sat, 06/14/2008 - 01:28
User Badges:
  • Bronze, 100 points or more

Pls post the config of show route-map as well as the ACL 150!!!

drnteam Sat, 06/14/2008 - 01:39
User Badges:

route-map APS-ToDIC, permit, sequence 10

Match clauses:

ip address (access-lists): 150

Set clauses:

ip next-hop (IP)

Policy routing matches: 0 packets, 0 bytes

10 permit ip host (Destination)

foxbatreco Sat, 06/14/2008 - 02:58
User Badges:
  • Bronze, 100 points or more

Try changing the acl to 150 permit ip any.

am sure you must hav given the correct NH but just as a re-check,pls check the NH ip as well.

Let us know the output once u test this.

Pls rate if this helps!!!

Richard Burts Sat, 06/14/2008 - 08:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

The original post says that the route map is assigned to the interface. But it does not tell whether the interface is the source interface where the packets arrive or is the destination interface where the packets are sent out. PBR needs the route map to be on the source interface and not the destination interface.



drnteam Sun, 06/15/2008 - 00:36
User Badges:


The route map is assigned on the source interfce where the VLAN is active. But the WAN interface (where the branch is connected)is in other router.

thotsaphon Sun, 06/15/2008 - 11:42
User Badges:
  • Gold, 750 points or more


To make sure that the packets from to the host(Destination) pass through the ATN sub-interface. Set ip next-hop command will be used for the connected next-hop.

If you correctly configure then it should work.

Is that a production router? "debug ip policy" is a good command to ensure that has been correctly configured.




This Discussion