Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Route map no match

Hi,

what is the reason for not having any match, in the acl for the route-map?

Current configuration : 1731 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 192.168.0.1 255.255.255.0
!
interface Loopback1
 ip address 192.168.1.1 255.255.255.0
!
interface Loopback200
 ip address 196.0.0.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 195.0.0.1 255.255.255.0

 ip policy route-map r_teste
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial1/0
 ip address 10.0.0.2 255.255.255.252
 serial restart-delay 0
!
interface Serial1/1
 ip address 172.16.0.2 255.255.255.252
 serial restart-delay 0
 clock rate 128000
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 192.168.0.0
 network 192.168.1.0
 neighbor 10.0.0.1 remote-as 200
 neighbor 172.16.0.1 remote-as 300
 no auto-summary
!
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.16.0.1
!
!
!
access-list 40 permit any
!
route-map anuncia1 permit 20
 match ip address 20
!
route-map anuncia0 permit 10
 match ip address 10
!
route-map r_teste permit 10
 match ip address 40
 set ip default next-hop 10.0.0.1
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end

R2#ping 192.168.55.1 source 195.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.55.1, timeout is 2 seconds:
Packet sent with a source address of 195.0.0.1
.....
Success rate is 0 percent (0/5)
R2#sh access-lists
Standard IP access list 10
    10 permit 192.168.0.0, wildcard bits 0.0.0.255
Standard IP access list 20
    10 permit 192.168.1.0, wildcard bits 0.0.0.255
Standard IP access list 30
    10 permit 195.0.0.0, wildcard bits 0.0.0.255
Standard IP access list 40
    10 permit any
Extended IP access list 100
    10 permit ip any 192.168.55.0 0.0.0.255
R2#

is possible without changing the bgp?

thanks

 

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions

hi,you should be testing or

hi,

you should be testing or pinging behind R2.

3 REPLIES

hi,you should be testing or

hi,

you should be testing or pinging behind R2.

HelloIn you post , A match is

Hello

In your post , A match is made on each stanza with just a match statement  defined by an acl and that traffic is routed normally

The route-map stanza with a set statement, Policy Based Routing is initiated relating to the matched acl

 

res

Paul

Please don't forget to rate any posts that have been helpful. Thanks.

Enabling Local PBRPackets

Default PBR:

All packets received on an interface (ingress) with PBR enabled are entertained, first they should match through ACL then forward to next hop. if a match is exist (through ACL) but not forward to next hop then do nothing this packet especially for ICMP packet. 

 

I think you need  Local PBR:

Packets that are generated by the router are not normally policy-routed. To enable local PBR for such packets, indicate which route map the router should use by using the following command in global configuration mode:

ip local policy route-map TEST

Regards,

kazim

 

 

106
Views
0
Helpful
3
Replies