From: Michael Zuo (mzuo@ixiacom.com)
Date: Wed Nov 08 2006 - 21:06:03 ART
Thanks for the reply. Jian, you mentioned that my original prefix-list
was not correct (ip prefix-list 10 seq 5 permit 142.1.0.0/24). I
thought I was supposed to match the destination IP subnet with the
prefix-list? It should've matched the source of the trace packets?
thanks
________________________________
From: Jian Gu [mailto:guxiaojian@gmail.com]
Sent: Wednesday, November 08, 2006 10:07 AM
To: Michael Zuo
Cc: Hafizur Rahman (Europe); ccielab@groupstudy.com
Subject: Re: local policy route-map not working for me
Small correction, for traceroute you do need to match UDP, your
configuration works with ping.
On 11/8/06, Jian Gu < guxiaojian@gmail.com <mailto:guxiaojian@gmail.com>
> wrote:
This configuration should work (and it works in my setup), the reason
your original configuration did not work is not because it is a prefix
list, it is because your prefix list was not configured correctly. When
Cisco IOS router does a ping it will consult its unicast routing table
and use the IP address of outgoing interface's IP address as Ping
packet's source IP address.
On 11/7/06, Michael Zuo < mzuo@ixiacom.com <mailto:mzuo@ixiacom.com> >
wrote:
Still does not work, I change the configuration to:
ip access-list extended PING
permit icmp any host 142.1.0.4
!
route-map PING permit 10
match ip address PING
set ip next-hop 142.1.46.4
still:
R6(config-ext-nacl)#do trace 142.1.0.4
Type escape sequence to abort.
Tracing the route to 142.1.0.4
1 204.12.1.3 4 msec 0 msec 4 msec
2 142.1.0.4 32 msec * 28 msec
Any ideas on how I can debug?
Thanks...
-----Original Message-----
From: Hafizur Rahman (Europe) [mailto:hafizur.rahman@uk.didata.com]
Sent: Monday, November 06, 2006 11:37 PM
To: Michael Zuo; ccielab@groupstudy.com
Subject: RE: local policy route-map not working for me
Hi Michael
Try using extended ACl instead of prefix list
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Michael Zuo
Sent: 07 November 2006 07:09
To: ccielab@groupstudy.com
Subject: local policy route-map not working for me
Hi All,
I am having a problem with my local policy routing and can not figure
out why it is not working:
Topology:
=======
R3, R4 and R6 forms a triangle
Networks:
=======
Between R3, R4: 142.1.34.0/24
Between R3, R6: 204.12.1.0/24
Between R4, R6: 142.1.46.0/24
R4 also have IP address 142.1.0.4
OSPF is configured in a way that ping from R6 to 142.1.0.4 would go thru
R3 first (R3 touches area 0)
I am trying to use policy routing to route ICMP from R6 directly over
the connection between R4 and R6 which is not in OSPF
Configuration
=======
R6:
router ospf 1
log-adjacency-changes
network 54.1.3.6 0.0.0.0 area 3
network 204.12.1.6 0.0.0.0 area 3
ip local policy route-map PING
!
ip prefix-list 10 seq 5 permit 142.1.0.0/24
!
!
route-map PING permit 10
match ip address prefix-list 10
set ip next-hop 142.1.46.4
Result
=====
R6(config)#do trace 142.1.0.4
Type escape sequence to abort.
Tracing the route to 142.1.0.4
1 204.12.1.3 0 msec 0 msec 4 msec
2 142.1.0.4 28 msec * 28 msec
R6(config)#
R6#sh ip loc pol
Local policy routing is enabled, using route map PING
route-map PING, permit, sequence 10
Match clauses:
ip address prefix-lists: 10
Set clauses:
ip next-hop 142.1.46.4
Policy routing matches: 5 packets, 320 bytes
Which means R6 still go thru R3 first before getting to R4!! Also, the
packet count in "sh ip loc pol" does not increase
Am I missing something obvious? How do I debug further?
Thanks a bunch!!
This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:45 ART