Hi,
I've been doing some studying on PBR and I'm having trouble finding out why
traffic that destined for the local device bypasses the PBR policy.
Example:
ip access-list extended DROP-ACL
permit icmp any any
route-map DROP-MAP
match ip address DROP-ACL
set interface null 0
inter ser 0/0/0.1
ip policy route-map DROP-MAP
According to debug ip packet the packet is being routed via the RIB and
would lead be to believe that PBR should affect it. (see below "routed via
RIB")
IP: s=54.1.1.254 (Serial0/0/0.1), d=150.1.6.6, len 100, input feature,
Policy Routing(58), rtype 0, forus FALSE, sendself FALSE, mtu 0
IP: s=54.1.1.254 (Serial0/0/0.1), d=150.1.6.6, len 100, input feature, MCI
Check(63), rtype 0, forus FALSE, sendself FALSE, mtu 0
IP: tableid=0, s=54.1.1.254 (Serial0/0/0.1), d=150.1.6.6 (Loopback0), routed
via RIB
IP: s=54.1.1.254 (Serial0/0/0.1), d=150.1.6.6, len 100, rcvd 4
IP: s=54.1.1.254 (Serial0/0/0.1), d=150.1.6.6, len 100, stop process pak for
forus packet
IP: s=150.1.6.6 (local), d=54.1.1.254 (Serial0/0/0.1), len 100, sending
IP: s=150.1.6.6 (local), d=54.1.1.254 (Serial0/0/0.1), len 100, sending full
packet
I was expecting PBR to drop all ICMP traffic received on the ser 0/0/0.1
interface that needed to be routed but it does not seem to affect traffic to
local loopback. I did some debugging (debug ip policy) and it appears the
traffic never hits the PBR.
So my question is really does traffic destined for the local device bypass
the routing decision? Any if possible does anyone know where this is
document? Now before you say I should look it up, I just spent the last
hour looking for it and was unable to find any specific about how PBR
handles external traffic to the local device.
Thanks for your help in advance.
Andy
Blogs and organic groups at http://www.ccie.net
Received on Wed Jan 15 2014 - 13:05:23 ART
This archive was generated by hypermail 2.2.0 : Sat Feb 01 2014 - 10:24:52 ART