Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACL based Forwarding in Cisco 12000

I have Cisco 12000 router running on XR 4.1.1 where i need to do below configuration.

 

track up_01
type rtr 103 reachability
track up_02
type rtr 113 reachability
track down_01
type rtr 104 reachability
track down_02
type rtr 114 reachability
!
ipv4 access-list DOWN
100 permit tcp any eq www any nexthop track down_02 1.1.1.2
110 permit tcp any gt 1044 any nexthop track down_02 1.1.1.2
200 permit tcp any eq www any nexthop track down_01 1.1.2.2
210 permit tcp any gt 1044 any nexthop track down_01 1.1.2.2
500 permit ipv4 any any
!
ipv4 access-list UP
100 permit tcp any any eq www nexthop track up_02 1.1.3.2
110 permit tcp any any gt 1044 nexthop track up_02 1.1.3.2
200 permit tcp any any eq www nexthop track up_01 1.1.4.2
210 permit tcp any any gt 1044 nexthop track up_01 1.1.4.2
500 permit ipv4 any any
!
 
interface x/x/x
description **UPLINK**
ipv4 address a.a.a.a b.b.b.b
bundle minimum-active links 1
load-interval 30
ipv4 access-group DOWN ingress
!


Issue is that i can not use NextHop option in ACL, Seems that is not available in XR 4.1.1 

I found different opinion in http://www.cisco.com/c/en/us/td/docs/routers/xr12000/software/xr12k_r4-2/addr_serv/command/reference/b_ipaddr_cr42xr12k/b_ipaddr_cr42xr12k_chapter_01.html#wp5137027590

 

Do anyone have suggestion to do this config or any alternate configuration

Everyone's tags (5)
1 REPLY
Cisco Employee

hi there,yeah you need PBR or

hi there,

yeah you need PBR or ABF for this configlet you're showing.

dont believe that the GSR has that capability in that release.

If I see it right, then you need minimally 420+ for this functionality.

But also pay attention to the engine type cards you have, because there is likely a dependency there also.

xander

Xander Thuijs CCIE #6775 Principal Engineer ASR9000, CRS, NCS6000 & IOS-XR
53
Views
0
Helpful
1
Replies