From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Sat Mar 03 2001 - 20:23:15 GMT-3
Johnny,
I did a test also and I seem to get the same results all the time. Trace
works fine with PBR. I'm still hoping to see the debugs of "debug ip
policy" on the router with PBR configured, while the ping and trace, then
extended ping and trace are being done at the same time. This should settle
this once and for all...:-)
Nigel..
----- Original Message -----
From: Johnny Dedon <johnny.dedon@exodus.net>
To: Chuck Larrieu <chuck@cl.cncdsl.com>; Larry Roberts
<lroberts22@uswest.net>; CCIE_Lab Groupstudy List <ccielab@groupstudy.com>
Sent: Saturday, March 03, 2001 4:40 PM
Subject: Re: Policy routing Sanity Check
> Chuck,
> I have tested this out and you are very correct. The Trace follows the
> route map but the ping does not.
> This is how I think it works. A trace is like any other routed data
packet
> and routers move it along hop by hop until the destination is reached or
> until the maximum hops are exceeded. A ping however is treated
differently
> by the router. Each router receiving the ping looks only at the
destination
> address and forwards to all routes in its table that have a route to that
> destination. I use ping with record route and I saw that the ping took
all
> available routes. (I have three). Since ping is based on the echo
everyone
> is just listening for the reply(or destination) no source really needed
> except when it reaches its destination and needs to be turned around.
Does
> this make sense to you?
> Johnny Dedon
> Senior Staff Consultant
> Exodus Professional Services
> johnny.dedon@exodus.net
> www.exodus.net
> ----- Original Message -----
> From: "Chuck Larrieu" <chuck@cl.cncdsl.com>
> To: "Larry Roberts" <lroberts22@uswest.net>; " CCIE_Lab Groupstudy List"
> <ccielab@groupstudy.com>
> Sent: Saturday, March 03, 2001 2:32 AM
> Subject: RE: Policy routing Sanity Check
>
>
> > According to the Doc CD, ICMP redirects are disabled by default. But not
> to
> > argue, I entered the command on both the global config and the interface
> in
> > question.
> >
> > No dice, as shown below.
> >
> > Reply to request 4 (16 ms). Received packet has options
> > Total option bytes= 40, padded length=40
> > Record route:
> > (10.10.2.2)
> > (20.253.253.5)
> > (20.254.254.5)
> > (20.6.6.1)
> > (20.254.254.6)
> > (20.253.253.6)
> > (10.10.2.1)
> > (10.202.12.2) <*>
> > (0.0.0.0)
> > End of list
> >
> > Chuck
> >
> > -----Original Message-----
> > From: Larry Roberts [mailto:lroberts22@uswest.net]
> > Sent: Saturday, March 03, 2001 12:22 AM
> > To: Chuck Larrieu; CCIE_Lab Groupstudy List
> > Subject: Re: Policy routing Sanity Check
> >
> > Hi Chuck,
> >
> > Try this, turn off icmp redirects on the hub router with the following
> > command - no ip redirects. With ping the router will redirect the icmp
> > packets to another router if it has a better path.
> >
> > Hope this helps,
> > Larry R.
> >
> > ----- Original Message -----
> > From: "Chuck Larrieu" <chuck@cl.cncdsl.com>
> > To: "CCIE_Lab Groupstudy List" <ccielab@groupstudy.com>
> > Sent: Saturday, March 03, 2001 12:43 AM
> > Subject: Policy routing Sanity Check
> >
> >
> > > 'Cuz it ain't behaving the way I think it is supposed to.
> > >
> > > In my current setup I want IP traffic from my OSPF domain bound for my
> > EIGRP
> > > domain to take a certain path. So on my OSPF hub router I have a
policy
> in
> > > place that directs all traffic bound for the 20.0.0.0 domain to a
> > particular
> > > router.
> > >
> > > Trace takes the desired path, but ping does not. Captures using the
> > extended
> > > ping command, as well as the trace command results follow. Also, my
> > relevant
> > > configurations follow. Notice that the route-map sets the next hop to
> > > 10.10.5.5 Notice that the trace goes through 10.10.5.5 Notice that
ping
> > > goes by a completely different path.
> > >
> > > On the access-list, I added the first line specifying ICMP after
> noticing
> > > the failure of the original access-list, which consisted only of the
> > second
> > > line, was not working.
> > >
> > > OK all you comedians out there, here is my straight line for the
> evening.:
> > > Am I nuts or is this not working the way it is supposed to?
> > >
> > > Hub router relevant configuration
> > >
> > > interface Serial0.1 point-to-point
> > > ip address 10.10.2.1 255.255.255.0
> > > no ip directed-broadcast
> > > ip policy route-map R1POLICY
> > > frame-relay interface-dlci 102
> > >
> > > access-list 101 permit icmp any 20.0.0.0 0.255.255.255
> > > access-list 101 permit ip any 20.0.0.0 0.255.255.255
> > > route-map R1POLICY permit 10
> > > match ip address 101
> > > set ip next-hop 10.10.5.5
> > >
> > >
> > > spoke route relevant data traces
> > >
> > > Router_2#trace 20.6.6.1
> > >
> > > Type escape sequence to abort.
> > > Tracing the route to 20.6.6.1
> > >
> > > 1 10.10.2.1 4 msec 4 msec 4 msec
> > > 2 10.10.5.5 24 msec 8 msec 8 msec
> > > 3 20.254.254.6 12 msec * 12 msec
> > > Router_2#
> > >
> > > ( one of the extended ping with record option replies - all of them
are
> > the
> > > same )
> > >
> > > Reply to request 4 (16 ms). Received packet has options
> > > Total option bytes= 40, padded length=40
> > > Record route:
> > > (10.10.2.2)
> > > (20.253.253.5)
> > > (20.254.254.5)
> > > (20.6.6.1)
> > > (20.254.254.6)
> > > (20.253.253.6)
> > > (10.10.2.1)
> > > (10.202.12.2) <*>
> > > (0.0.0.0)
> > > End of list
> > >
> > > Chuck
> > > ----------------------
> > > I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your
> life
> > as
> > > it has been is over ( if you hope to pass ) From this time forward,
you
> > will
> > > study US!
> > > ( apologies to the folks at Star Trek TNG )
> > >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:19 GMT-3