RE: Making connected less preferred than remote route.......

From: Hafizur Rahman \(UK\) (hafizur.rahman@uk.didata.com)
Date: Wed Aug 02 2006 - 14:26:22 ART

• Next message: Jai Prakash: "Re: bandwith shaper"
• Previous message: Elias Chari: "Re: NBAR and MQC"
• Maybe in reply to: Geert Nijs: "Making connected less preferred than remote route......."
• Next in thread: Jian Gu: "Re: Making connected less preferred than remote route......."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Have you done any debug ip policy to check if there is any match. Also you have configured "ip local policy" globally

        -----Original Message-----
        From: nobody@groupstudy.com on behalf of Geert Nijs
        Sent: Wed 02/08/2006 17:52
        To: ccielab@groupstudy.com
        Cc:
        Subject: Making connected less preferred than remote route.......
        
        

        All,
        
        I am breaking my head over this one:
        
        I am sitting at a core switch and i want to configure the following:
        
        I have a remote subnet x which is routed to my core switch.
        I have this same subnet also configured locally on the switch:
        int vlan A
         ip address x.x.x.x
         shut
        
        the vlan is shut. Of course from the moment i unshut the vlan, all traffic to the remote site
        is dropped and all is routed locally (since vlan is directly connected it takes precedence over the remotely
        learned vlan).
        
        What i want to do now is the following:
        
        I want to route ALL traffic to the remote subnet, even if i have a locally connected subnet, EXCEPT for 1 ip address in this vlan. This ip address, i want to route to the locally connected interface.
        
        I tried policy based routing like:
        
        route-map FORCEVPN, permit, sequence 10
          Match clauses:
            ip address (access-lists): 199 ------------------> match single destination ip address
          Set clauses:
            set ip interface vlan 50 ->>>>>>>>> put on local vlan
          Policy routing matches: 0 packets, 0 bytes
        route-map FORCEVPN, permit, sequence 20
          Match clauses:
            ip address (access-lists): 198 -------------------------> match complete destination subnet x
          Set clauses:
            ip next-hop 10.129.4.1 ----------------> use remote gateway so that it gets routed remotely
          Policy routing matches: 1 packets, 60 bytes
        
        
        Unfortunatly, it does not work ? from the moment i unshut the vlan -> everything gets dropped. PBR does not seem to intercept the packets
        Hardware is C6500 with S720 running 12.2(18)SXF4
        
        Any ideas ?
        
        regards,
        Geert
        
        #####################################################################################
        Simac N.V. trades under the commercial name Simac ICT Belgium.
        This e-mail and any attached files are confidential and may be legally privileged.
        If you are not the addressee, any disclosure, reproduction, copying, distribution,
        or other dissemination or use of this communication is strictly prohibited.
        If you have received this transmission in error please notify Simac immediately
        and then delete this e-mail.
        
        Simac has taken all reasonable precautions to avoid virusses in this email.
        Simac does not accept liability for damage by virusses, for the correct and complete
        transmission of the information, nor for any delay or interruption of the transmission,
        nor for damages arising from the use of or reliance on the information.
        
        All e-mail messages addressed to, received or sent by Simac or Simac employees
        are deemed to be professional in nature. Accordingly, the sender or recipient of
        these messages agrees that they may be read by other Simac employees than the official
        recipient or sender in order to ensure the continuity of work-related activities
        and allow supervision thereof.
        #####################################################################################
        
        _______________________________________________________________________
        Subscription information may be found at:
        http://www.groupstudy.com/list/CCIELab.html
        

-----------------------------------------
Dimension Data - providing global IP based solutions and services
for over 20 years supported locally from a single point of contact

This email is confidential. If you are not the intended recipient
then you must not copy it, forward it, use it for any purpose, or
disclose it to another person.

Please also note that the author of this email is not authorised
to; make any offers capable of acceptance unless expressly stated
in a validly dated and attached document which shall be subject to
the terms and conditions stated therein or, conclude any contract
on behalf of Dimension Data by email.

Although Dimension Data has taken reasonable precautions to ensure
no viruses are present in this email, the company cannot accept
responsibility for any loss or damage arising from the use of this
email or attachments.

• Next message: Jai Prakash: "Re: bandwith shaper"
• Previous message: Elias Chari: "Re: NBAR and MQC"
• Maybe in reply to: Geert Nijs: "Making connected less preferred than remote route......."
• Next in thread: Jian Gu: "Re: Making connected less preferred than remote route......."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:55 ART