Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Policy-routing on 3550 12T

IOS used: c3550-i5q3l2-mz.121-22.EA3.bin

I try to policy-route packets coming from a certain source (160.160.160.0/24)to a next-hop ip address:

route-map from_server permit 10

match ip address 160

set ip next-hop 192.168.1.1

access-list 160 permit ip 160.160.160.0 0.0.0.255 any

interface GigabitEthernet0/1

ip policy route-map from_server

The next-hop IP is in the routing table, nevertheless the packets matched with ACL 160 are not policy-routed.

What am I doing wrong? Any ideas?

Thanks a lot

Florian

  • Other Network Infrastructure Subjects
6 REPLIES
VIP Purple

Re: Policy-routing on 3550 12T

Hello Florian,

is GigabitEthernet0/1 the inbound interface on your switch, as in the schematic drawing below ?

Network 160.160.160.0/24 --> GigabitEthernet0/1 --> Outgoing interface

Keep in mind that the route-map must be applied to the inbound interface, that is in your case the first interface that network 160.160.160.0 hits...

Regards,

GP

New Member

Re: Policy-routing on 3550 12T

GP

Your schematic drawing is correct and I have

applied the route-map to the inbound interface as you mentioned.

Thanks

Florian

VIP Purple

Re: Policy-routing on 3550 12T

Hello Florian,

can you post the full configuration of the 3550 ? Maybe something else is not quite right...

Regards,

GP

New Member

Re: Policy-routing on 3550 12T

Hi GP,

I have another service-policy on the ingress interface that is actually marking dscp based on different source addresses. Could it be that this policy is somehow affecting the policy-route attached to the same ingress interface?

The rest is just standard. I will try to post the config in the next update.

Thanks for your help.

Florian

New Member

Re: Policy-routing on 3550 12T

You probably need to do this to get PBR to work:

**

You must modify the SDM template to enable the switch to support the 144-bit Layer 3 TCAM. Use

the sdm prefer extended-match, sdm prefer access extended-match, or the sdm prefer routing

extended-match global configuration commands to reformat the TCAM space allocated to unicast

routing in the default, access, or routing template, respectively. Reformatting the unicast routing

TCAM reduces by half the number of supported unicast routes in the template.

**

This is from the configuration guide for the 3550.

New Member

Re: Policy-routing on 3550 12T

Hi all

Thanks for your posts, I have finally found the problem.

The next-hop IP was not a directly connected , it was another IP address (loopback) of the neighbor router I was "next-hopping" to. This address was announced via BGP.

Nevertheless, the policy-routing with a next-hop setting only seems to work if this next-hop IP address is directly connected.

Thanks

Florian

150
Views
0
Helpful
6
Replies
This widget could not be displayed.