Basic Route-Map Configuration

Answered Question
Feb 18th, 2009

I need assistance in creating a route-map that will filter all traffic coming from 10.8.5.0/24 and send it to the next hop (10.0.0.9). Right now, when I ping 2.2.2.2/32 it takes the blue path. I want to use route-map to force traffic orginating from 10.8.5.0/24 to take the red path. Attached is the network diagram and the configuration from a L3 switch (3550), which I'm using as a router. Thank you in advance.

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 7 years 11 months ago

Hello David,

two notes:

I wouldn't use the log option in the ACL used in the route-map this can be a problem in production

use debug ip policy to see PBR in effects

b) I don't understand Vlan3 that is on that switch but probablyou used it for test

the config looks like fine and also the place where you have applied inbound on link with sa6 is the right one

Hope to help

Giuseppe

Correct Answer by Jon Marshall about 7 years 11 months ago

David

On your 3550 switch you have used the wrong route-map name ie. you have

interface FastEthernet0/46

description SA06 Fa0/0

no switchport

ip address 10.0.0.14 255.255.255.252

ip policy route-map pbr

speed 10

duplex full

spanning-tree portfast

!

but your policy map is called test ie.

route-map test permit 10

description route 10.8.5.0 to fa0/1

match ip address pbr

set ip next-hop 10.0.0.9

so under fa0/46 interface

SA01-R1(config)# int fa0/46

SA01-R1(config-if)# no ip policy route-map pbr

SA01-R1(config-if)# ip policy route-map test

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Jon Marshall Wed, 02/18/2009 - 10:02

David

On your 3550 switch you have used the wrong route-map name ie. you have

interface FastEthernet0/46

description SA06 Fa0/0

no switchport

ip address 10.0.0.14 255.255.255.252

ip policy route-map pbr

speed 10

duplex full

spanning-tree portfast

!

but your policy map is called test ie.

route-map test permit 10

description route 10.8.5.0 to fa0/1

match ip address pbr

set ip next-hop 10.0.0.9

so under fa0/46 interface

SA01-R1(config)# int fa0/46

SA01-R1(config-if)# no ip policy route-map pbr

SA01-R1(config-if)# ip policy route-map test

Jon

Correct Answer
Giuseppe Larosa Wed, 02/18/2009 - 10:05

Hello David,

two notes:

I wouldn't use the log option in the ACL used in the route-map this can be a problem in production

use debug ip policy to see PBR in effects

b) I don't understand Vlan3 that is on that switch but probablyou used it for test

the config looks like fine and also the place where you have applied inbound on link with sa6 is the right one

Hope to help

Giuseppe

Actions

This Discussion