Hello Sameer, I hope this email finds you 'peachy' and doing super. ;-)
Not sure I understand what it is you are trying to accomplish. It sounds
like you do not want seq 10 to match?
When you deny all packets via the access list ... then what will be left to
match for this route-map sequence? Nothing ...
Is this what you are seeing / describing?
A simple note concerning route-maps - access lists are for matching or not
matching. Not deny or permit as in interface ACLs ... so this adds a lot of
flexibility to your design and what you can do with your routing and
design.
Complicated configs? Yes, you betcha. You can get quite granular in your
matching and excluding statements. PBR comes before normal routing ... so a
lot you can do.
Here is Cisco's PBR page.
http://www.cisco.biz/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml
You can also find a lot of good info on youtube, just search for PBR, and
the CCIE vendors websites. Can someone suggest a good vendor link? So many
talented people work for these companies, I am constantly in awe.
A good youtube search:
http://www.youtube.com/results?search_type=search_playlists&search_query=cisco+policy+based+routing&uni=1
HTH,
Andrew Lissitz
.
On Sat, Jan 23, 2010 at 8:28 AM, sameer khan <khanzadap_at_hotmail.com> wrote:
> hey all gr8 ppl
>
> to best of my understanding empty acl have a implicit deny. but i m getting
> confused about the following
>
> route-map PBR-Customer, permit, sequence 10
> Match clauses:
> ip address (access-lists): acl-1
> Set clauses:
> ip next-hop 10.0.0.1
>
> route-map PBR-Customer, permit, sequence 20
> Match clauses:
> ip address (access-lists): acl-2
> Set clauses:
> ip next-hop 192.168.0.1
>
>
> #show access-lists acl-1
> Extended IP access list acl-1
>
> route-map seq 20 is not getting hit as it should because there is an
> implicit
> deny in acl-1. but if i put deny any any i.e. :
>
> show access-list acl-1
> Extended IP access list acl-1
> 10 deny ip any any (806 matches)
>
> everything works fine as it should. PBR is applied on 3560. Can some one
> highlight the logic
>
>
> Best regards
>
>
> _________________________________________________________________
> Got a cool Hotmail story? Tell us now
> http://clk.atdmt.com/UKM/go/195013117/direct/01/
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Andrew Lee Lissitz all.from.nj_at_gmail.com Blogs and organic groups at http://www.ccie.netReceived on Sat Jan 23 2010 - 12:05:19 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:42 ART