Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy based routing

Hello,

I am setting up PBR. Looking at my configuration, will the next hop apply for both access lists 100 and 101? or will access-list 101 use 192.168.0.1 as the next up? I was hoping acl 101 will use 10.10.10.1 as next up.

router configuration:

route-map policy-based-routing permit 10

match ip address 100

set ip next-hop 192.168.10.1

route-map policy-based-routing permit 20

match ip address 101

set ip next-hop 10.10.10.1

access-list 100 permit ip 10.10.10.0 0.0.0.255 192.168.10.0 0.0.0.255

access-list 100 deny ip 10.10.10.0 0.0.0.255 any

access-list 101 permit ip 10.10.10.0 0.0.0.255 any

access-list 101 deny ip any any

ip route 0.0.0.0 0.0.0.0 10.10.10.1

3 REPLIES

Re: Policy based routing

With policy routing you only need to specify what differs from the default. You seem to be making it more complicated than nescessary while your default route points to 10.10.10.1.

Therefore you do not need a policy route statement for that next-hop and hence you can skip the following part from your policy:

route-map policy-based-routing permit 20

match ip address 101

set ip next-hop 10.10.10.1

Regards,

Leo

Re: Policy based routing

Paul,

All you need is the following configuration.

route-map policy-based-routing permit 10

match ip address 100

set ip next-hop 192.168.10.1

access-list 100 permit ip 10.10.10.0 0.0.0.255 192.168.10.0 0.0.0.255

ip route 0.0.0.0 0.0.0.0 10.10.10.1

with the above configuration applied to the correct incoming interface, all traffic from 10.10.10.0 destined to 192.168.10.0 will use the next hop from the route map and all other traffic wil use the default route

HTH

Narayan

New Member

Re: Policy based routing

Thanks guys for your help

124
Views
0
Helpful
3
Replies
CreatePlease login to create content