Support User Manuals

Cisco Systems ME3400G2CSA Switch User Manual

Open as PDF

of 885

32-78

Cisco ME 3400 Ethernet Access Switch Software Configuration Guide

78-17058-01

Chapter 32 Configuring IP Unicast Routing

Configuring Protocol-Independent Features

Enabling PBR

By default, PBR is disabled on the switch. To enable PBR, you must create a route map that specifies

the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR

for that route map on an interface. All packets arriving on the specified interface matching the match

clauses are subject to PBR.

PBR can be fast-switched or implemented at speeds that do not slow down the switch. Fast-switched

PBR supports most match and set commands. PBR must be enabled before you enable fast-switched

PBR. Fast-switched PBR is disabled by default.

Packets that are generated by the switch, or local packets, are not normally policy-routed. When you

globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR.

Local PBR is disabled by default.

Beginning in privileged EXEC mode, follow these steps to configure PBR:

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

route-map map-tag [permit | deny] [sequence

number]

Define any route maps used to control where packets are

output, and enter route-map configuration mode.

map-tag—A meaningful name for the route map. The ip

policy route-map interface configuration command uses this

name to reference the route map. Multiple route maps might

share the same map tag name.

(Optional) If permit is specified and the match criteria are

met for this route map, the route is policy-routed as controlled

by the set actions. If deny is specified, the route is not

policy-routed.

sequence number (Optional)— Number that shows the

position of a new route map in the list of route maps already

configured with the same name.

Step 3

match ip address {access-list-number |

access-list-name} [...access-list-number |

...access-list-name]

Match the source and destination IP address that is permitted

by one or more standard or extended access lists.

If you do not specify a match command, the route map applies

to all packets.

Step 4

set ip next-hop ip-address [...ip-address] Specify the action to take on the packets that match the

criteria. Set next hop to which to route the packet (the next hop

must be adjacent).

Step 5

exit Return to global configuration mode.

Step 6

interface interface-id Enter interface configuration mode, and specify the interface

to configure.

Step 7

no shutdown Enable the interface if necessary. By default, UNIs are

disabled and NNIs are enabled.

previous next