Pbr Configuration Guidelines - Cisco Catalyst 3560-X Software Configuration Manual
Hide thumbs
Also See for Catalyst 3560-X:
- Command reference manual (1188 pages) ,
- Software configuration manual (1438 pages) ,
- Manual (276 pages)
Table of Contents
Advertisement
Configuring Protocol-Independent Features
With PBR, you classify traffic using access control lists (ACLs) and then make traffic go through a
different path. PBR is applied to incoming packets. All packets received on an interface with PBR
enabled are passed through route maps. Based on the criteria defined in the route maps, packets are
forwarded (routed) to the appropriate next hop.
•
•
•
For more information about configuring route maps, see the
Information" section on page
You can use standard IP ACLs to specify match criteria for a source address or extended IP ACLs to
specify match criteria based on an application, a protocol type, or an end station. The process proceeds
through the route map until a match is found. If no match is found, normal destination-based routing
occurs. There is an implicit deny at the end of the list of match statements.
If match clauses are satisfied, you can use a set clause to specify the IP addresses identifying the next
hop router in the path.
For details about PBR commands and keywords, see the Cisco IOS IP Command Reference, Volume 2 of
3: Routing Protocols, Release 12.4. For a list of PBR commands that are visible but not supported by the
switch, see
PBR configuration is applied to the whole stack, and all switches use the stack master configuration.
This software release does not support Policy-Based Routing (PBR) when processing IPv4 and IPv6
Note
traffic.
PBR Configuration Guidelines
•
•
•
•
•
•
•
•
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
1-100
If packets do not match any route map statements, all set clauses are applied.
If a statement is marked as permit and the packets do not match any route-map statements, the
packets are sent through the normal forwarding channels, and destination-based routing is
performed.
For PBR, route-map statements marked as deny are not supported.
1-96.
Appendix 1, "Unsupported Commands in Cisco IOS Release 15.0(2)SE and Later."
To use PBR, you must have the IP services feature set enabled on the switch or stack master.
Multicast traffic is not policy-routed. PBR applies to only to unicast traffic.
You can enable PBR on a routed port or an SVI.
The switch does not support route-map deny statements for PBR.
You can apply a policy route map to an EtherChannel port channel in Layer 3 mode, but you cannot
apply a policy route map to a physical interface that is a member of the EtherChannel. If you try to
do so, the command is rejected. When a policy route map is applied to a physical interface, that
interface cannot become a member of an EtherChannel.
You can define a maximum of 246 IP policy route maps on the switch or switch stack.
You can define a maximum of 512 access control entries (ACEs) for PBR on the switch or switch
stack.
When configuring match criteria in a route map, follow these guidelines:
–
Do not match ACLs that permit packets destined for a local address. PBR would forward these
packets, which could cause ping or Telnet failure or route protocol flappping.
–
Do not match ACLs with deny ACEs. Packets that match a deny ACE are sent to the CPU, which
could cause high CPU utilization.
Chapter 1
Configuring IP Unicast Routing
"Using Route Maps to Redistribute Routing
OL-25303-03
Advertisement
Table of Contents
Troubleshooting
