Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

OER w/ PBR questions

When I followed the document OER Application-Aware Routing: PBR at:

It seemed that it basically created an OER policy map that then began to use OER on the traffic classes I wanted. I kept the originally learning in place and it seemed like it was changing links for both the configured PBR applications and the learned routes.

What I am trying to accomplish is to force certain types of traffic (IPSec, HTTP) out of one exit interface and then perform OER on all other traffic. Is this done using a extened ACL with a deny statement? Is this even possible?



Re: OER w/ PBR questions

The command syntax used for the OER implementation is

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [log | log-input] [time-range time-range-name] [fragments]

Super Bronze

Re: OER w/ PBR questions

Can't guarantee this, but what you might have to do is:

1) have all traffic prefer (w/o PfR) the path you want some traffic (IPSec and HTTP) to use

2) exclude same traffic (IPSec and HTTP) from PfR

3) allow PfR to learn and control remaining traffic


I recall excluding traffic from OER is done via an OER policy map, don't recall exactly how