Hi
Today I have encountered a very strange issue with PBR (In a client site)
the client had in his main office a 6509 Cat simple PBR based on a match of
an ACL redirecting to a specific next hop (IP) all working well.
on his branch side he had a 3750 stack catalyst I have configured the same
simple PBR just different ip address on the ACL and next hop up to now all
is good, now the wired part.
in the branch office we tested initially the PBR with the next hop device
not there and I saw that although the next hop is not there and my trace
should be dropped I can still trace to the other side and it is not
redirecting the traffic according to the PBR, so I started troubleshooting
my very simple PBR and I saw that the packets are matching my ACL as well as
the PBR also did a debug ip policy and saw that the catalyst (3750) say he
do redirect the packets to the next hop, but on the PC trace I do not see
the trace going to the indicated next hop and trace is completed
fine although the next hop (indicated in the PBR is physically not
connected).
I tough I lost my mind tried the same scenario in the 6509 series and it was
working as expected when the next hop was not there packets where dropped
and when I returned the next hop unit then packets went trough.
Notice that when I connected physically the next hop unit on the 3750 then
the trace went trough the defined next hop in the PBR, acting like there was
an sla agent but there was not!
did someone had experience such issue?
-- Shiran Guez MCSE CCNP NCE1 JNCIA-ER CCIE #20572 http://cciep3.blogspot.com http://www.linkedin.com/in/cciep3 Blogs and organic groups at http://www.ccie.netReceived on Mon May 18 2009 - 00:27:57 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:43 ART