From: Jian Gu (guxiaojian@gmail.com)
Date: Wed Aug 02 2006 - 16:16:04 ART
Could you try taking off the first PBR policy rule? the hardware entry for
the whole destination prefix will be pointing to the local interface because
connected subnet is always preferred. For the second policy rule, make sure
you have ARP entry for the nexthop IP address.
On 8/2/06, Geert Nijs <geert.nijs@simac.be> wrote:
>
> All,
>
> I am breaking my head over this one:
>
> I am sitting at a core switch and i want to configure the following:
>
> I have a remote subnet x which is routed to my core switch.
> I have this same subnet also configured locally on the switch:
> int vlan A
> ip address x.x.x.x
> shut
>
> the vlan is shut. Of course from the moment i unshut the vlan, all traffic
> to the remote site
> is dropped and all is routed locally (since vlan is directly connected it
> takes precedence over the remotely
> learned vlan).
>
> What i want to do now is the following:
>
> I want to route ALL traffic to the remote subnet, even if i have a locally
> connected subnet, EXCEPT for 1 ip address in this vlan. This ip address, i
> want to route to the locally connected interface.
>
> I tried policy based routing like:
>
> route-map FORCEVPN, permit, sequence 10
> Match clauses:
> ip address (access-lists): 199 ------------------> match
> single destination ip address
> Set clauses:
> set ip interface vlan 50 ->>>>>>>>> put
> on local vlan
> Policy routing matches: 0 packets, 0 bytes
> route-map FORCEVPN, permit, sequence 20
> Match clauses:
> ip address (access-lists): 198 -------------------------> match
> complete destination subnet x
> Set clauses:
> ip next-hop 10.129.4.1 ----------------> use
> remote gateway so that it gets routed remotely
> Policy routing matches: 1 packets, 60 bytes
>
>
> Unfortunatly, it does not work ? from the moment i unshut the vlan ->
> everything gets dropped. PBR does not seem to intercept the packets
> Hardware is C6500 with S720 running 12.2(18)SXF4
>
> Any ideas ?
>
> regards,
> Geert
>
>
> #####################################################################################
> Simac N.V. trades under the commercial name Simac ICT Belgium.
> This e-mail and any attached files are confidential and may be legally
> privileged.
> If you are not the addressee, any disclosure, reproduction, copying,
> distribution,
> or other dissemination or use of this communication is strictly
> prohibited.
> If you have received this transmission in error please notify Simac
> immediately
> and then delete this e-mail.
>
> Simac has taken all reasonable precautions to avoid virusses in this
> email.
> Simac does not accept liability for damage by virusses, for the correct
> and complete
> transmission of the information, nor for any delay or interruption of the
> transmission,
> nor for damages arising from the use of or reliance on the information.
>
> All e-mail messages addressed to, received or sent by Simac or Simac
> employees
> are deemed to be professional in nature. Accordingly, the sender or
> recipient of
> these messages agrees that they may be read by other Simac employees than
> the official
> recipient or sender in order to ensure the continuity of work-related
> activities
> and allow supervision thereof.
>
> #####################################################################################
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:55 ART