From: Jay Hennigan (jay@xxxxxxxx)
Date: Fri Sep 14 2001 - 17:36:48 GMT-3
On Fri, 14 Sep 2001, Peter Slow wrote:
> okay.... so someone tell me why it isnt functioning...
> "header compression is disabled
> Probe proxy name replies are disabled
> Policy routing is enabled, using route map POLICY-10
> Network address translation is disabled"
>
> says it should be....
[snippage]
> I can't seem to make policy routing work here. the route maps have been
> applied to the interfaces, i've tried matching in the route maps on all
> srts
> of stuff, but nothing seems to make them function.
>
> im trying to make 10.0.0.1 the next hop for anything over an NBMA
> network.
> the problems are on the spoke routers.
Hmmm... Is the below config for a spoke or for the hub? If the hub,
I only see one DLCI.
> here are a config and a debug. i'm having this same problem on two of my
> routers, so im assuming its something that i've misconfigured.
> I've never needed to route on policy before, and this has me very
> confused
OK, some guidelines:
Policy routing applies to packets *arriving* on an interface. Because
you've specified it on the serial interface only, it will not apply to
packets arriving on the FastEther subinterface or sourced by the router.
Traffic coming from the frame interface (where the route map is applied)
matching any destination (per access-list 1) will be forwarded to
10.0.0.1 (per the route map set statement).
Any other traffic will follow the regular IP routing table rules.
If this is what you wanted to accomplish, you're testing it wrong.
I suspect that it is not what you want to accomplish, as you have
a single interface-dlci on the main interface and no frame-relay map
statements. Thus your policy would only serve to forward packets
arriving from frame DLCI 201 back where they came from, which doesn't
seem very useful.
If it is what you wanted to accomplish, test it with an extended ping
and specify a source interface of Serial 3/0.
If you want to policy-route traffic arriving on the FastEther interface
to 10.0.0.1, then apply the ip policy statement to that interface and
try an extended ping from that as a source.
If you want a standard ping sourced from the router to follow the policy,
then you will need to use the "ip local policy" command.
* Let us know what you're trying to accomplish.
* Remember that policy routing applies only to packets arriving on the
interface to which the policy is applied.
* Remember to use extended pings to test the appropriate source interface.
* Use ip local policy to policy-route packets sourced from the router itself.
> router2#sh run
> Building configuration...
[portions not applying to this problem snipped...]
> Current configuration : 1737 bytes
> !
> hostname router2
> !
> frame-relay switching
^^^^^^^^^^^^^^^^^^^^^
Why???
> interface Loopback0
> ip address 10.2.0.1 255.255.255.0
> ip ospf network point-to-point
> !
> interface FastEthernet0/0.2
> encapsulation isl 2
> ip address 192.168.0.99 255.255.255.128
> no ip redirects
> !
> interface Serial3/0
> ip address 10.0.0.2 255.255.0.0
> encapsulation frame-relay
> ip route-cache policy
> ip policy route-map POLICY-10
> frame-relay interface-dlci 201
> frame-relay lmi-type cisco
> !
> router ospf 1
> log-adjacency-changes
> area 23 stub
> network 10.0.0.0 0.0.255.255 area 0
> network 10.2.0.0 0.0.0.255 area 23
> neighbor 10.0.0.1 priority 1
> !
> ip classless
> !
> access-list 1 permit any
> !
> route-map 10 permit 10
> !
> route-map POLICY-10 permit 10
> match ip address 1
> set ip next-hop 10.0.0.1
> !
> route-map POLICY-10 permit 65535
> !
> end
-- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net NetLojix Communications, Inc. - http://www.netlojix.com/ WestNet: Connecting you to the planet. 805 884-6323 **Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:18 GMT-3