What about someone playing proxy arp ?
Without knowing the topology, it's hard to know what could be going on...
-Carlos
shiran guez @ 17/05/2009 18:27 -0200 dixit:
> Hi
>
>
> Today I have encountered a very strange issue with PBR (In a client site)
> the client had in his main office a 6509 Cat simple PBR based on a match of
> an ACL redirecting to a specific next hop (IP) all working well.
>
> on his branch side he had a 3750 stack catalyst I have configured the same
> simple PBR just different ip address on the ACL and next hop up to now all
> is good, now the wired part.
>
> in the branch office we tested initially the PBR with the next hop device
> not there and I saw that although the next hop is not there and my trace
> should be dropped I can still trace to the other side and it is not
> redirecting the traffic according to the PBR, so I started troubleshooting
> my very simple PBR and I saw that the packets are matching my ACL as well as
> the PBR also did a debug ip policy and saw that the catalyst (3750) say he
> do redirect the packets to the next hop, but on the PC trace I do not see
> the trace going to the indicated next hop and trace is completed
> fine although the next hop (indicated in the PBR is physically not
> connected).
>
> I tough I lost my mind tried the same scenario in the 6509 series and it was
> working as expected when the next hop was not there packets where dropped
> and when I returned the next hop unit then packets went trough.
>
> Notice that when I connected physically the next hop unit on the 3750 then
> the trace went trough the defined next hop in the PBR, acting like there was
> an sla agent but there was not!
>
> did someone had experience such issue?
>
-- Carlos G Mendioroz <tron_at_huapi.ba.ar> LW7 EQI Argentina Blogs and organic groups at http://www.ccie.netReceived on Mon May 18 2009 - 06:38:16 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:43 ART