Filter
Top Products
32-77
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
78-17058-01
Chapter 32 Configuring IP Unicast Routing
Configuring Protocol-Independent Features
With PBR, you classify traffic using access control lists (ACLs) and then make traffic go through a
different path. PBR is applied to incoming packets. All packets received on an interface with PBR
enabled are passed through route maps. Based on the criteria defined in the route maps, packets are
forwarded (routed) to the appropriate next hop.
• If packets do not match any route map statements, all set clauses are applied.
• If a statement is marked as deny, packets meeting the match criteria are sent through normal
forwarding channels, and destination-based routing is performed.
• If a statement is marked as permit and the packets do not match any route-map statements, the
packets are sent through the normal forwarding channels, and destination-based routing is
performed.
For more information about configuring route maps, see the “Using Route Maps to Redistribute Routing
Information” section on page 32-73.
You can use standard IP ACLs to specify match criteria for a source address or extended IP ACLs to
specify match criteria based on an application, a protocol type, or an end station. The process proceeds
through the route map until a match is found. If no match is found, or if the route map is a deny, normal
destination-based routing occurs. There is an implicit deny at the end of the list of match statements.
If match clauses are satisfied, you can use a set clause to specify the IP addresses identifying the next
hop router in the path.
For details about PBR commands and keywords, see the Cisco IOS IP Command Reference, Volume 2 of
3: Routing Protocols, Release 12.2. For a list of PBR commands that are visible but not supported by the
switch, see Appendix C, “Unsupported Commands in Cisco IOS Release 12.2(25)EX.”
PBR Configuration Guidelines
Before configuring PBR, you should be aware of this information:
• Multicast traffic is not policy-routed. PBR applies to only to unicast traffic.
• You can enable PBR on a routed port or an SVI.
• You can apply a policy route map to an EtherChannel port channel in Layer 3 mode, but you cannot
apply a policy route map to a physical interface that is a member of the EtherChannel. If you try to
do so, the command is rejected. When a policy route map is applied to a physical interface, that
interface cannot become a member of an EtherChannel.
• You can define a maximum of 246 IP policy route maps on the switch.
• You can define a maximum of 512 access control entries (ACEs) for PBR on the switch.
• To use PBR, you must first enable the routing template by using the sdm prefer routing global
configuration command. PBR is not supported with the VLAN or default template. For more
information on the SDM templates, see Chapter 6, “Configuring SDM Templates.”
• VRF and PBR are mutually-exclusive on a switch interface. You cannot enable VRF when PBR is
enabled on an interface. In contrast, you cannot enable PBR when VRF is enabled on an interface.
• The number of TCAM entries used by PBR depends on the route map itself, the ACLs used, and the
order of the ACLs and route-map entries.
• Policy-based routing based on packet length, IP precedence and TOS, set interface, set default next
hop, or set default interface are not supported. Policy maps with no valid set actions or with set
action set to Don’t Fragment are not supported.