From: Jason Cash (cash2001@swbell.net)
Date: Wed Dec 11 2002 - 02:32:49 GMT-3
Trying to setup policy routing, and I am a bit confused I have R3
policing incoming packets from R5.
153.1.204.4 (Lo1 on R4) is set to goto S0
153.1.244.4 (Lo2 on R4) is set to goto E0
R5
|
| \
R2 (S0) R3 (S1)
\ \ /
\ /
\ /
/ \
/ \
/ \
R1 R4
Here is the config on R3:
interface Serial0
ip address 153.1.200.3 255.255.255.0
encapsulation frame-relay
no ip route-cache
ip ospf network point-to-point
no ip mroute-cache
frame-relay map ip 153.1.200.4 304 broadcast
no frame-relay inverse-arp
!
interface Serial1
ip address 153.1.53.67 255.255.255.224
no ip route-cache
no ip mroute-cache
ip policy route-map new
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip classless
no ip http server
!
access-list 101 permit ip any host 153.1.204.4
access-list 102 permit ip any host 153.1.244.4
route-map new permit 10
match ip address 101
set interface Serial0
!
route-map new permit 20
match ip address 102
set interface Ethernet0
route-map new permit 30
Here is the config on R4:
interface Loopback0
ip address 153.1.104.1 255.255.255.0
!
interface Loopback1
ip address 153.1.204.4 255.255.255.0
ip ospf network point-to-point
!
interface Loopback2
ip address 153.1.244.4 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0
ip address 153.1.43.44 255.255.255.128
no ip route-cache
no ip mroute-cache
no keepalive
!
interface Serial0
ip address 153.1.200.4 255.255.255.0
encapsulation frame-relay
no ip route-cache
ip ospf network point-to-point
no ip mroute-cache
frame-relay map ip 153.1.200.3 403 broadcast
no frame-relay inverse-arp
!
interface Serial1
no ip address
no ip route-cache
no ip mroute-cache
shutdown
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
Without the 'ip policy route-map new' the packets get to R4: (with E0
shut down on R3)
r3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
r3(config)#int s1
r3(config-if)#no ip policy route-map new
r3(config-if)#
ts#5
[Resuming connection 5 to r5 ... ]
r5#trace 153.1.204.4
Type escape sequence to abort.
Tracing the route to 153.1.204.4
1 153.1.53.67 8 msec 4 msec 4 msec
2 153.1.200.4 12 msec * 12 msec
When I implement the route policy it just times out:
r3(config-if)# ip policy route-map new
r3(config-if)#^Z
ts#5
[Resuming connection 5 to r5 ... ]
r5#trace 153.1.204.4
Type escape sequence to abort.
Tracing the route to 153.1.204.4
1 153.1.53.67 8 msec 8 msec 8 msec
2 * *
Don't know what the deal is.here is the 'debug ip policy 101' on R3 with
the policy enable on S1:
r3#sh log
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0
flushes, 0 overruns)
Console logging: level debugging, 1245 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 1245 messages logged
Logging Exception size (4096 bytes)
Trap logging: level informational, 99 message lines logged
Log Buffer (4096 bytes):
05:58:56: %SYS-5-CONFIG_I: Configured from console by console
05:59:14: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:14: IP: route map new, item 10, permit
05:59:14: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:14: IP: Serial1 to Serial0 153.1.204.4
05:59:17: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:17: IP: route map new, item 10, permit
05:59:17: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:17: IP: Serial1 to Serial0 153.1.204.4
05:59:20: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:20: IP: route map new, item 10, permit
05:59:20: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:20: IP: Serial1 to Serial0 153.1.204.4
Here is the 'deb ip pack 101 det' output: I see an encap failed, but
what am I missing?
r3#sh log
Log Buffer (4096 bytes):
05:58:56: %SYS-5-CONFIG_I: Configured from console by console
05:59:14: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:14: IP: route map new, item 10, permit
05:59:14: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:14: IP: Serial1 to Serial0 153.1.204.4
05:59:17: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:17: IP: route map new, item 10, permit
05:59:17: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:17: IP: Serial1 to Serial0 153.1.204.4
05:59:20: IP: s=153.1.53.68 (Serial1), d=153.1.204.4, len 28, policy
match
05:59:20: IP: route map new, item 10, permit
05:59:20: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
policy routed
05:59:20: IP: Serial1 to Serial0 153.1.204.4
06:03:29: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0),
g=153.1.204.4, len 28, forward
06:03:29: UDP src=36186, dst=33437
06:03:29: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
encapsulation failed
06:03:29: UDP src=36186, dst=33437
06:03:32: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0),
g=153.1.204.4, len 28, forward
06:03:32: UDP src=41743, dst=33438
06:03:32: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
encapsulation failed
06:03:32: UDP src=41743, dst=33438
06:03:35: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0),
g=153.1.204.4, len 28, forward
06:03:35: UDP src=38450, dst=33439
06:03:35: IP: s=153.1.53.68 (Serial1), d=153.1.204.4 (Serial0), len 28,
encapsulation failed
06:03:35: UDP src=38450, dst=33439
.
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:44 GMT-3