Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎10-16-2015

PBR Is not working on a CER 2048C when it knows the local route

[ Edited ]

I am not sure if I was clear in my first post so I am going to attempt to clarify.

I have a server that is connected to the CER 2048C using vlan 50.  The server IP address is 192.168.1.6.  I want all traffic coming from the server to be directed into an ASA that is also connected to teh same router.  The INSIDE interface of the ASA has an IP address of 192.168.200.2.   I used PBR to route the traffic into the ASA.  See the ACL, route-map, and interface config in first post.  And the next-hop ip address is DC.

SSH@cr.pvd0008.ri#show ip route 192.168.200.2
Type Codes - B:BGP D:Connected I:ISIS OSmiley SurprisedSPF R:RIP SSmiley Frustratedtatic; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
ISIS Codes - L1:Level-1 L2:Level-2
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 sSmiley Frustratedham Link
STATIC Codes - dSmiley Very HappyHCPv6
        Destination        Gateway         Port          Cost          Type Uptime src-vrf
1       192.168.200.0/30   DIRECT          eth 1/37      0/0           D    34d8h  -



This works perfect for subnets that have no entry in teh routing table, but does not work for the subnets that I have routed through GRE tunnels also configured on the same router.


SSH@cr.pvd0008.ri#show interface tunnel 1
Tunnel1 is up, line protocol is up
  Hardware is Tunnel
  Tunnel source  XXX.XXX.XXX.XXX
  Tunnel destination is XXX.XXX.XXX.XXX
  Tunnel mode gre ip
  Port name is PVD0008-TUN-PHL0001
  Internet address is: 10.50.0.1/30
  Tunnel TOS 0, Tunnel TTL 255, Tunnel MTU 1476 bytes
  Keepalive is Enabled : Interval 10, No.of Retries 3
  Total Keepalive Pkts Tx: 296935, Rx: 296957

SSH@cr.pvd0008.ri#show interface tunnel 3
Tunnel3 is up, line protocol is up
  Hardware is Tunnel
  Tunnel source  XXX.XXX.XXX.XXX
  Tunnel destination is XXX.XXX.XXX.XXX
  Tunnel mode gre ip
  Port name is TUNNEL-TO-BOS0011
  Internet address is: 10.50.0.18/30
  Tunnel TOS 0, Tunnel TTL 255, Tunnel MTU 1476 bytes
  Keepalive is Enabled : Interval 10, No.of Retries 3
  Total Keepalive Pkts Tx: 296933, Rx: 296886

The traffic from the server at 192.168.1.6 destined for the subnets routed through the GRE tunnels uses the GRE tunnels and ignores the PBR.

SSH@cr.pvd0008.ri#show ip route 10.106.96.0   
Type Codes - B:BGP D:Connected I:ISIS OSmiley SurprisedSPF R:RIP SSmiley Frustratedtatic; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
ISIS Codes - L1:Level-1 L2:Level-2
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 sSmiley Frustratedham Link
STATIC Codes - dSmiley Very HappyHCPv6
        Destination        Gateway         Port          Cost          Type Uptime src-vrf
1       10.106.96.0/20     10.50.0.2       gre_tnl 1     1/1           S    3h41m  -

SSH@cr.pvd0008.ri#show ip route 10.106.112.0
Type Codes - B:BGP D:Connected I:ISIS OSmiley SurprisedSPF R:RIP SSmiley Frustratedtatic; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
ISIS Codes - L1:Level-1 L2:Level-2
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 sSmiley Frustratedham Link
STATIC Codes - dSmiley Very HappyHCPv6
        Destination        Gateway         Port          Cost          Type Uptime src-vrf
1       10.106.112.0/20    10.50.0.17      gre_tnl 3     1/1           S    16d15h -
SSH@cr.pvd0008.ri#show ip route 10.100.0.0  
Type Codes - B:BGP D:Connected I:ISIS OSmiley SurprisedSPF R:RIP SSmiley Frustratedtatic; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
ISIS Codes - L1:Level-1 L2:Level-2
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 sSmiley Frustratedham Link
STATIC Codes - dSmiley Very HappyHCPv6
        Destination        Gateway         Port          Cost          Type Uptime src-vrf
1       10.100.0.0/16      10.51.0.5       gre_tnl 11    1/1           S    2d0h   -
SSH@cr.pvd0008.ri#show ip route 172.21.0.0
Type Codes - B:BGP D:Connected I:ISIS OSmiley SurprisedSPF R:RIP SSmiley Frustratedtatic; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
ISIS Codes - L1:Level-1 L2:Level-2
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 sSmiley Frustratedham Link
STATIC Codes - dSmiley Very HappyHCPv6
        Destination        Gateway         Port          Cost          Type Uptime src-vrf
1       172.21.0.0/16      10.51.0.5       gre_tnl 11    1/1           S    2d0h   -

Any feedback or input into why this is happening would be appreciated.

Thanks.


Post by User[id=101417,login=chrissmith321] has message uid 89421.


Link to post: Re: PBR Is not working on a CER 2048C when it knows the local route

 

Edited by Admin:  Post was filtered.  Reset Subject line.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.