Re: policy routing woes (w/ correction)

From: John Matus (john_matus@hotmail.com)
Date: Mon Apr 18 2005 - 19:09:42 GMT-3

• Next message: Mark Lasarko: "ip cef?"
• Previous message: John Matus: "RE: policy routing woes"
• Maybe in reply to: John Matus: "policy routing woes (w/ correction)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

i was actually trying to only route local traffic, not transit traffic

>From: "Jim Nguyen" <nhatquang@thiennam.org>
>To: "John Matus"
><john_matus@hotmail.com>,<kenbar3@gmail.com>,<ccielab@groupstudy.com>
>Subject: Re: policy routing woes (w/ correction)
>Date: Sat, 16 Apr 2005 13:44:21 +0700
>
>You donot need to add that statement ( route-map policy deny 20) to the
>policy because the router will treat all other packets that are no match
>base on
>its routing table as usual. In this case, you want to apply route-policy
>all traffic from R1 to 130.1.3.0/24 ( the match condition) through R2, so
>the access-list used for match condition shoud be
>
>access-list 150 permit ip any 130.1.3.0 0 0.0.0.255
>
>and the route-map:
>
>route-map policy permit 10
> match ip add 150
> set ip next-hop 150.1.124.2
>
>then apply this route-map to incoming interfaces on R1 rather than outgoing
>interfaces so all packets received on interfaces with policy-based routing
>enabled are considered for policy-based routing. We can also add ip local
>policy route-map to the router to have all local traffic policed.
>
>http://www.cisco.com/warp/public/cc/techno/protocol/tech/plicy_wp.htm
>
>----- Original Message -----
> From: John Matus
> To: nhatquang@thiennam.org ; kenbar3@gmail.com ; ccielab@groupstudy.com
> Sent: Saturday, April 16, 2005 11:48 AM
> Subject: Re: policy routing woes (w/ correction)
>
>
> i want to route all ip traffic and if there is no match then i don't
>want to
> policy route anything, hence my initial statement of:
>
> route-map policy deny 20
>
> how would you build this route-map?
>
>
> >From: "Jim Nguyen" <nhatquang@thiennam.org>
> >To: "John Matus"
> ><john_matus@hotmail.com>,<kenbar3@gmail.com>,<ccielab@groupstudy.com>
> >Subject: Re: policy routing woes (w/ correction)
> >Date: Sat, 16 Apr 2005 11:18:48 +0700
> >
> >for me, you missed 2 things! what kind of traffic do you want to apply
> >Route Policy to?
> >And how does the router treat all other packets which donot fall into
>the
> >traffic class?
> > ----- Original Message -----
> > From: John Matus
> > To: kenbar3@gmail.com ; ccielab@groupstudy.com
> > Sent: Saturday, April 16, 2005 10:17 AM
> > Subject: RE: policy routing woes (w/ correction)
> >
> >
> > still denied.......here is the debug with the route-map policy
>PERMIT 20
> >
> > 02:20:54.115: IP: s=130.1.124.1 (local), d=130.1.3.3, len 100,
>policy
> >match
> > *Mar 1 02:20:54.115: IP: route map policy, item 20, permit
> > *Mar 1 02:20:54.115: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > policy rejected -- normal forwarding
> > *Mar 1 02:20:54.235: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > policy match
> > *Mar 1 02:20:54.235: IP: route map policy, item 20, permit
> > *Mar 1 02:20:54.235: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > policy rejected -- normal forwarding
> > *Mar 1 02:20:54.351: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > policy match
> > *Mar 1 02:20:54.351: IP: route map policy, item 20, permit
> >
> > >From: "Ken Bartlinski" <kenbar3@gmail.com>
> > >To: "'John Matus'"
><john_matus@hotmail.com>,<ccielab@groupstudy.com>
> > >Subject: RE: policy routing woes (w/ correction)
> > >Date: Fri, 15 Apr 2005 23:10:18 -0400
> > >
> > >John,
> > >
> > >Try changing your statement from "route-map policy deny 20" to
> >"route-map
> > >policy permit 20". I believe you are blocking a lot more than you
> >intend to
> > >with this statement.
> > >
> > >Ken
> > >
> > >-----Original Message-----
> > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
>Behalf Of
> > >John
> > >Matus
> > >Sent: Friday, April 15, 2005 9:59 PM
> > >To: ccielab@groupstudy.com
> > >Subject: policy routing woes (w/ correction)
> > >
> > >ok......the topology.....
> > >
> >
> >R1----------------------R2-----------------------R3--------130.1.3.0
> > >---- ------
> > > ------ ---------R4-----------------
> > >
> > >
> > >R1 has 2 paths to R3, through R2 and R4. i'm using eigrp so the
>paths
> >are
> > >equal cost at the moment. i decided to use policy routing to
>perfer
> >the
> > >path thru R2 over R4 to get to the 130.1.3.0 subnet on r3.
> > >
> > >R1
> > >int s0/0
> > >no ip route-cache
> > >
> > >ip local policy route-map policy
> > >access-list 1 permit 130.1.3.0 0.0.0.255
> > >
> > >route-map policy permit 10
> > >match ip add 1
> > >set ip next-hop 150.1.124.2
> > >route-map policy deny 20
> > >
> > >
> > >
> > >my debug show that the policy routing fails but i have no idea WHY
> ><cry>
> > >here is the debug:
> > >
> > >Mar 1 01:38:53.475: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy
> > >
> > >match
> > >*Mar 1 01:38:53.475: IP: route map policy, item 20, deny
> > >*Mar 1 01:38:53.475: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy rejected -- normal forwarding
> > >*Mar 1 01:38:53.595: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy match
> > >*Mar 1 01:38:53.595: IP: route map policy, item 20, deny
> > >*Mar 1 01:38:53.595: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy rejected -- normal forwarding
> > >*Mar 1 01:38:53.711: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy match
> > >*Mar 1 01:38:53.711: IP: route map policy, item 20, deny
> > >r1#
> > >*Mar 1 01:38:53.711: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy rejected -- normal forwarding
> > >*Mar 1 01:38:53.827: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy match
> > >*Mar 1 01:38:53.827: IP: route map policy, item 20, deny
> > >*Mar 1 01:38:53.827: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy rejected -- normal forwarding
> > >*Mar 1 01:38:53.943: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy match
> > >*Mar 1 01:38:53.943: IP: route map policy, item 20, deny
> > >*Mar 1 01:38:53.947: IP: s=130.1.124.1 (local), d=130.1.3.3, len
>100,
> > >policy rejected -- normal f
> > >
> > >
> > >what am i doing wrong???????
> > >
> > >_________________________________________________________________
> > >Dont just search. Find. Check out the new MSN Search!
> > >http://search.msn.click-url.com/go/onm00200636ave/direct/01/
> > >
> >
> >_______________________________________________________________________
> > >Subscription information may be found at:
> > >http://www.groupstudy.com/list/CCIELab.html
> > >
> >
> > _________________________________________________________________
> > Is your PC infected? Get a FREE online computer virus scan from
>McAfee.
> > Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> >
> >
>_______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
> _________________________________________________________________
> Dont just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/onm00200636ave/direct/01/
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

• Next message: Mark Lasarko: "ip cef?"
• Previous message: John Matus: "RE: policy routing woes"
• Maybe in reply to: John Matus: "policy routing woes (w/ correction)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:55:00 GMT-3