route-map question

Unanswered Question
Nov 5th, 2008

Hi, i am trying to pass only an IP to use a leased line to make the traffic faster. Setup core-switch branch 1 (6509)to router1 leased connected to router2 leased line to coreswitch branch 2 (6509).

config on branch 1


Extended IP access list email

10 permit tcp host host

20 permit tcp host host


route-map smtp permit 9

match ip address email

set ip next-hop

applied on int vlan 3

ip policy route-map smtp

when i ping the coreswitch on branch2 it goes thru the leased line but when i ping a server it goes thru our WAN? any idea why?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dhananjoy chowdhury Wed, 11/05/2008 - 22:02

I believe , your ACL for the route map should be "permit ip" instead of "permit tcp".

If you are doing a ping(ICMP packet) to the server the traffic is not matched by the ACL its taking the WAN path.

tcordier Thu, 11/06/2008 - 07:29

Your access-list will only match tcp packets. Any other protocol will not be matched, and are not affected. ICMP for instance, is not matched. So I don't think the behavior you observe is related to the PBR configuration you show.

If you want to match on SMTP packets I would also specify the SMTP port to make sure other tcp traffic (such as http) is not matched:

permit tcp host host eq smtp

If you want test it, you can issue a

telnet 25

rather than a ping. If you want your access list to match on ping packets, you need to specify icmp as protocol:

permit icmp host host

HTH, Thomas

Alcides Miguel Mon, 03/14/2011 - 01:24

but if only want to match smtp traffic you must be aware of using * ip * insted you must use the protocol´s you want and especify the ports... that way you have a granullar control of whats is going through that link


This Discussion