Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Policy-Based Routing on 3560 switches


Runing a 3560 on IOS c3560-ipservices-mz.122-25.SEE3.bin (which states PBR is available in Feature Navigator), and also with routing SDM template.

SLHX3530#sh sdm prefer

The current template is "desktop routing" template.

The selected template optimizes the resources in

the switch to support this level of features for

8 routed interfaces and 1024 VLANs.

number of unicast mac addresses: 3K

number of IPv4 IGMP groups + multicast routes: 1K

number of IPv4 unicast routes: 11K

number of directly-connected IPv4 hosts: 3K

number of indirect IPv4 routes: 8K

number of IPv4 policy based routing aces: 512

number of IPv4/MAC qos aces: 512

number of IPv4/MAC security aces: 1K

However, it will not allow the below route-map config to be used in a PBR statement when applied to a layer-3 physical interface:


route-map STIG-traffic-to-FW permit 10

match ip address 2

set ip next-hop

set interface Null0


access-list 2 remark For_STIG_traffic_route_map_to_FW

access-list 2 permit any


int f0/8

ip address

ip policy route-map STIG-traffic-to-FW


The below error message appears:

000064: May 7 18:45:22: %PLATFORM_PBR-3-UNSUPPORTED_RMAP: Route-map STIG-traffi

c-to-FW not supported for Policy-Based Routing

It will only accept the below route-map:

route-map STIG-traffic-to-FW permit 10

set ip next-hop

This seems to semi-work, with mixed results. It does not however allow full design needed. Can anyone advise why this doesn't work with the IOS/config above, and if there is a quick easy solution (upgrade to a different IOS level with proven results)?



Hall of Fame Super Blue

Re: Policy-Based Routing on 3560 switches


Unfortunately not all route-map commands are supported on Catalyst switches. The "set interface" command is not supported on the 3560 even with the latest IOS - 12.2(50)SE -


New Member

Re: Policy-Based Routing on 3560 switches

found out it's a hardware restriction.... many thanks.