Enabling Pbr - Cisco ME 3400G-2CS - Ethernet Access Switch Software Configuration Manual

Configuring Protocol-Independent Features

Enabling PBR

By default, PBR is disabled on the switch. To enable PBR, you must create a route map that specifies
the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR
for that route map on an interface. All packets arriving on the specified interface matching the match
clauses are subject to PBR.
PBR can be fast-switched or implemented at speeds that do not slow down the switch. Fast-switched
PBR supports most match and set commands. PBR must be enabled before you enable fast-switched
PBR. Fast-switched PBR is disabled by default.
Packets that are generated by the switch, or local packets, are not normally policy-routed. When you
globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR.
Local PBR is disabled by default.
Beginning in privileged EXEC mode, follow these steps to configure PBR:
Command
Step 1 configure terminal
Step 2
route-map map-tag [permit | deny] [sequence
number]
Step 3
match ip address {access-list-number |
access-list-name} [...access-list-number |
...access-list-name]
Step 4
set ip next-hop ip-address [...ip-address]
Step 5
exit
Step 6 interface interface-id
Step 7
no shutdown
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
32-78
Chapter 32
Purpose
Enter global configuration mode.
Define any route maps used to control where packets are
output, and enter route-map configuration mode.
map-tag—A meaningful name for the route map. The ip
policy route-map interface configuration command uses this
name to reference the route map. Multiple route maps might
share the same map tag name.
(Optional) If permit is specified and the match criteria are
met for this route map, the route is policy-routed as controlled
by the set actions. If deny is specified, the route is not
policy-routed.
sequence number (Optional)— Number that shows the
position of a new route map in the list of route maps already
configured with the same name.
Match the source and destination IP address that is permitted
by one or more standard or extended access lists.
If you do not specify a match command, the route map applies
to all packets.
Specify the action to take on the packets that match the
criteria. Set next hop to which to route the packet (the next hop
must be adjacent).
Return to global configuration mode.
Enter interface configuration mode, and specify the interface
to configure.
Enable the interface if necessary. By default, UNIs are
disabled and NNIs are enabled.
Configuring IP Unicast Routing
78-17058-01