Re: Policy-Based Routing Question

msrohman · ‎06-11-2009

Hi all,

I applied a basic policy-map to a 6513 L3 switch today. I'm routing two users over another path for User-Acceptance-Testing. The policy map works. The users were able to trace-route to the destination. The source IP addresses in the access-list are getting routed using the next-hop in the route-map statement.

However, I don't see any counters increasing when I perform a 'show route-map' command. Am I missing something?

The config and show command is below:

route-map fact-set-test-user permit 10

match ip address 101

set ip next-hop 172.30.1.2

access-list 101 permit ip host 172.30.20.3 164.55.2.0 0.0.0.255

access-list 101 permit ip host 172.30.20.3 164.55.3.0 0.0.0.255

access-list 101 permit ip host 172.30.20.60 164.55.2.0 0.0.0.255

access-list 101 permit ip host 172.30.20.60 164.55.3.0 0.0.0.255

access-list 101 permit ip host 172.30.20.3 164.55.4.0 0.0.0.255

access-list 101 permit ip host 172.30.20.60 164.55.4.0 0.0.0.255

interface Vlan8

ip policy route-map fact-set-test-user

MSFC1#sh route-map

route-map fact-set-test-user, permit, sequence 10

Match clauses:

ip address (access-lists): 101

Set clauses:

ip next-hop 172.30.1.2

Policy routing matches: 0 packets, 0 bytes

Thanks for your help

-Mike

Jon Marshall · ‎06-11-2009

Mike

An educated guess would be that PBR is performed in hardware on the 6500 ie. it is done by the PFC (Policy Feature Card). Because it is done in hardware the counters are not incremented.

This is definitely the case for acl's performed in hardware ie. no counters incremented so it would seem logical that is what is happening here.

Jon

johnspaulding · ‎06-15-2009

Do you hit counts on the ACL's? If so than that should tell you that your PBR is matching and working.

kishan1984 · ‎06-15-2009

In tracert output did you see the hop 172.30.1.2 set by you,if yes than it is working fine,and counters are not incrementing because it will increase only if processed by switch/Router cpu.