Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Policy Based Routing not working correctly

PBR is not functioning correctly. Here is the configuration:

ip access-list extended PBR

10 permit icmp any host 10.1.2.3

route-map PBR permit 10

match ip address PBR

set ip next-hop 172.16.251.1

interface FastEthernet0/0.2

ip policy route-map PBR

Scenario:

Host behind int f0/0.2 traces to host 10.1.2.3.

Packets are not being sent to the next hop getting this when I debug ip policy:

"policy rejected -- normal forwarding"

10.1.2.3 is not in the routing table

same thing when I change the set command to point at the nexthop interface.

Can anyone assist?

12 REPLIES
Hall of Fame Super Gold

Re: Policy Based Routing not working correctly

Anthoney

Perhaps we would understand the issue better if you would post a more complete configuration.

Is 10.1.2.3 a reachable address?

HTH

Rick

Community Member

Re: Policy Based Routing not working correctly

Yes but the router has only a default route to reach it. What else do you need in the way of configurations?

Community Member

Re: Policy Based Routing not working correctly

Please send the output of

sh ip route 172.16.251.X

Community Member

Re: Policy Based Routing not working correctly

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks

S 172.16.251.1/32 is directly connected, Tunnel0

C 172.16.251.0/24 is directly connected, Tunnel0

Hall of Fame Super Blue

Re: Policy Based Routing not working correctly

Anthoney

Your next-hop is directly connected. Could you try either

1) set ip next-hop

OR

2) set interface tunnel0 instead of set ip next-hop

Jon

Community Member

Re: Policy Based Routing not working correctly

I already tried the interface command and it doesnt work either. 172.16.251.1 is the other end of the tunnel. The router has 2 default routes for all other routes. The route I am attempting to push the traffic to has a higher AD than the one thr router is choosing.

Hall of Fame Super Blue

Re: Policy Based Routing not working correctly

Anthoney

1) Can you check that you are getting hits on your PBR acl

2) Have you tried running "debug ip policy"

Jon

Community Member

Re: Policy Based Routing not working correctly

I am getting hits

Extended IP access list PBR

10 permit icmp host 205.105.5.153 any log (23 matches)

the debug shows the following:

FIB policy rejected(no match) - normal forwarding

Community Member

Re: Policy Based Routing not working correctly

I am getting hits

Extended IP access list PBR

10 permit icmp host 205.105.5.153 any log (23 matches)

the debug shows the following:

FIB policy rejected(no match) - normal forwarding

Hall of Fame Super Blue

Re: Policy Based Routing not working correctly

Anthoney

I appreciate you are trying to keep addresses private but apart from the fact that the ip address has changed in the access-list PBR it has also gone from being any to 10.2.1.3 to 205.1.5.5.153 to any.

This is confusing somewhat.

Could you perhaps post

1) running-config

2) "sh ip route"

3) "sh ip int brief"

Jon

Community Member

Re: Policy Based Routing not working correctly

Sorry about the confusion. I disabled CEF and now it works. I was under the impression that it works with CEF.

Hall of Fame Super Blue

Re: Policy Based Routing not working correctly

Anthoney

No problem, glad you got it working and thanks for letting us know.

Jon

349
Views
0
Helpful
12
Replies
CreatePlease to create content