Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

how to configure ip policy route-map at router

Hello,

Can some body tell us if this configuration is o.k.?

we are applying access-list and ip police route-map to redirect traffic to other next-hope but when we use show access-list we can not see any match.

int fastethernet 0/0

     ip address 10.128.10.1 255.255.255.252

     ip policy route-map ZZZ

int fastethernet 0/1

     ip address 10.5.0.0 255.255.0.0

access-list xxx

permit 10.5.0.0 0.0.255.255 10.2.0.0 0.0.255.255

route-map ZZZ permit 10

match ip address xxx

set ip next-hop 10.5.106.1

when we use show access-list we do not any match.

when we use the command: ip access-group xxx in the interface 0/0 we can see matchs when we use show access-list xxx.

Question: we have to use the command: ip access-group so ip police route-map can work?

Waiting your answer.

Roger

Everyone's tags (1)
1 REPLY
Hall of Fame Super Blue

Re: how to configure ip policy route-map at router

Roger

If you use "ip access-group ..." you are applying the acl to the interface. You don't need to do that with PBR, you simply use it in the route-map.

Your config looks wrong though. You want to PBR traffic from 10.5.x.x which presumably comes in on your fa0/1 interface because that has a 10.5.x.x address so you should apply the policy map there but you have applied it to fa0/0 ?

PBR must be applied to the interface on the router that the packets arrive on.

Jon

498
Views
5
Helpful
1
Replies