Difference between revisions of "Route-map Cisco IOS"

From Teknologisk videncenter
Jump to: navigation, search
m (New page: Policy-Based Routing or PBR with Cisco IOS. == Enabling PBR on 3560 Switch platform == On the 3560 Switch platform you get the message '''%PLATFORM_PBR-4-SDM_MISMATCH: PBR requires...)
 
m (References)
 
(29 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
__TOC__
 
[[Policy-Based Routing]] or [[PBR]] with Cisco IOS.
 
[[Policy-Based Routing]] or [[PBR]] with Cisco IOS.
 +
= Introduction =
 +
Route-maps are often used with Routing Protocols such as [[BGP]] and use [[Prefix-list Cisco IOS|Prefix-lists]]
 
== Enabling PBR on 3560 Switch platform ==
 
== Enabling PBR on 3560 Switch platform ==
 
On the 3560 Switch platform you get the message '''%PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing''' when you apply a route-map to a Interface.
 
On the 3560 Switch platform you get the message '''%PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing''' when you apply a route-map to a Interface.
 +
*'''Remember:''' Use ''terminal monitor'' if you are not on the ''console'' to receive messages from the console.
 +
 +
This is because the '''SDM''' (Switch Database Management) template. The SDM manages the layer 2 and layer 3 switching information that is maintained in the Ternary Content Addressable Memory ([[Cisco TCAM|TCAM]]). The [[Cisco TCAM|TCAM]] is used for forwarding lookups. See <ref>*[http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_se/configuration/guide/swsdm.html 3560 Configuring SDM Templates]</ref>. There are some unsupported commands on IOS 12.2-25<ref>http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_see/configuration/guide/swuncli.html</ref>
 +
 +
[[IP CEF Cisco|CEF]] uses default Source/Destination load sharing, ensuring same path for the packetstreams.<ref>http://www.cisco.com/en/US/docs/ios/12_2/switch/configuration/guide/xcfcefc.html</ref>
  
This is because the '''SDM''' (Switch Database Management) template. The SDM manages the layer 2 and layer 3 switching information that is maintained in the Ternary Content Addressable Memory (TCAM). The TCAM is used for forwarding lookups.
 
  
 
Looking at the default configuration the switch had the following SDM configuration.
 
Looking at the default configuration the switch had the following SDM configuration.
 
<source lang=cli>
 
<source lang=cli>
Core2(config-if)#<input>do sh sdm prefer</input>
+
Core2#<input>sh sdm prefer</input>
 
  The current template is "desktop default" template.
 
  The current template is "desktop default" template.
 
  The selected template optimizes the resources in
 
  The selected template optimizes the resources in
Line 33: Line 40:
 
Core2#<input>reload</input>  
 
Core2#<input>reload</input>  
 
</source>
 
</source>
 +
==== After reboot ====
 +
<source lang=cli>
 +
Core2#<input>sh sdm prefer</input>
 +
The current template is "desktop routing" template.
 +
The selected template optimizes the resources in
 +
the switch to support this level of features for
 +
8 routed interfaces and 1024 VLANs.
 +
 +
  number of unicast mac addresses:                  3K
 +
  number of IPv4 IGMP groups + multicast routes:    1K
 +
  number of IPv4 unicast routes:                    11K
 +
    number of directly-connected IPv4 hosts:        3K
 +
    number of indirect IPv4 routes:                8K
 +
  number of IPv4 policy based routing aces:        <notice>512</notice>
 +
  number of IPv4/MAC qos aces:                      512
 +
  number of IPv4/MAC security aces:                1K
 +
</source>
 +
 +
== Example ==
 +
Lots of limitations on 3560 platform. Default route to 192.168.1.0/24 to 10.0.0.30 gateway all other to 10.0.0.34 gateway
 +
<source lang=cli>
 +
ip access-list extended ISP-CON1
 +
remark Internally used nets denied. They should be routed by the FIB
 +
deny  ip 192.168.1.0 0.0.0.255 10.0.0.0 0.255.255.255
 +
deny  ip 192.168.1.0 0.0.0.255 192.168.0.0 0.127.255.255
 +
permit ip 192.168.1.0 0.0.0.255 any
 +
!
 +
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
 +
!
 +
route-map HETH permit 5
 +
match ip address ISP-CON1
 +
set ip next-hop 10.0.0.30
 +
!
 +
route-map HETH permit 10
 +
match ip address prefix-list DEFAULT
 +
set ip next-hop 10.0.0.34
 +
</source>
 +
==Example 2==
 +
 +
<source lang=cli>
 +
interface Vlan28
 +
description TKUVLAN_308
 +
ip address 192.168.146.1 255.255.255.0
 +
ip helper-address 172.16.4.77
 +
ip helper-address 172.16.4.66
 +
ip pim sparse-mode
 +
ip policy route-map EX308
 +
ip igmp query-interval 125
 +
!
 +
ip access-list extended R308
 +
permit ip 192.168.146.0 0.0.0.255 any
 +
!
 +
route-map EX308 permit 10
 +
match ip address R308
 +
set ip next-hop 172.16.4.16
 +
</source>
 +
 
= Links =
 
= Links =
 
*[http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a00801f3b54.shtml Cisco Policy-Based Routing Using the set ip default next-hop and set ip next-hop Commands Configuration Example]
 
*[http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a00801f3b54.shtml Cisco Policy-Based Routing Using the set ip default next-hop and set ip next-hop Commands Configuration Example]
{{#css:
+
* [http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009481d.shtml Cisco Understanding Policy Routing]
   
+
 
    pre {   font-family: Lucida Console; font-weight: bold; font-size: 14px; color: #00FF00; background: black; margin: 10px 50px; width: 800px; line-height: 200%; overflow: auto;}
+
=References=
}}
+
<references/>
 +
{{Source cli}}
 +
[[category:Cisco]][[Category:CCNP3]]

Latest revision as of 14:33, 10 June 2015

Policy-Based Routing or PBR with Cisco IOS.

Introduction

Route-maps are often used with Routing Protocols such as BGP and use Prefix-lists

Enabling PBR on 3560 Switch platform

On the 3560 Switch platform you get the message %PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing when you apply a route-map to a Interface.

  • Remember: Use terminal monitor if you are not on the console to receive messages from the console.

This is because the SDM (Switch Database Management) template. The SDM manages the layer 2 and layer 3 switching information that is maintained in the Ternary Content Addressable Memory (TCAM). The TCAM is used for forwarding lookups. See [1]. There are some unsupported commands on IOS 12.2-25[2]

CEF uses default Source/Destination load sharing, ensuring same path for the packetstreams.[3]


Looking at the default configuration the switch had the following SDM configuration. 

Core2#<input>sh sdm prefer</input>
 The current template is "desktop default" template.
 The selected template optimizes the resources in
 the switch to support this level of features for
 8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  6K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    8K
    number of directly-connected IPv4 hosts:        6K
    number of indirect IPv4 routes:                 2K
  number of IPv4 policy based routing aces:         <notice>0</notice>
  number of IPv4/MAC qos aces:                      512
  number of IPv4/MAC security aces:                 1K

Changing SDM Bias

Core2(config)#<input>sdm prefer routing</input>
Changes to the running SDM preferences have been stored, but cannot take effect
until the next reload.
Use 'show sdm prefer' to see what SDM preference is currently active.
Core2(config)#<input>^Z</input>
Core2#
1d00h: %SYS-5-CONFIG_I: Configured from console by vty0 (10.0.0.30)
Core2#<input>reload</input>

After reboot

Core2#<input>sh sdm prefer</input>
 The current template is "desktop routing" template.
 The selected template optimizes the resources in
 the switch to support this level of features for
 8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  3K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    11K
    number of directly-connected IPv4 hosts:        3K
    number of indirect IPv4 routes:                 8K
  number of IPv4 policy based routing aces:         <notice>512</notice>
  number of IPv4/MAC qos aces:                      512
  number of IPv4/MAC security aces:                 1K

Example

Lots of limitations on 3560 platform. Default route to 192.168.1.0/24 to 10.0.0.30 gateway all other to 10.0.0.34 gateway 

ip access-list extended ISP-CON1
 remark Internally used nets denied. They should be routed by the FIB
 deny   ip 192.168.1.0 0.0.0.255 10.0.0.0 0.255.255.255
 deny   ip 192.168.1.0 0.0.0.255 192.168.0.0 0.127.255.255
 permit ip 192.168.1.0 0.0.0.255 any
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map HETH permit 5
 match ip address ISP-CON1
 set ip next-hop 10.0.0.30
!
route-map HETH permit 10
 match ip address prefix-list DEFAULT
 set ip next-hop 10.0.0.34

Example 2

interface Vlan28
 description TKUVLAN_308
 ip address 192.168.146.1 255.255.255.0
 ip helper-address 172.16.4.77
 ip helper-address 172.16.4.66
 ip pim sparse-mode
 ip policy route-map EX308
 ip igmp query-interval 125
!
ip access-list extended R308
 permit ip 192.168.146.0 0.0.0.255 any
!
route-map EX308 permit 10
 match ip address R308
 set ip next-hop 172.16.4.16

Links

References

  1. *3560 Configuring SDM Templates
  2. http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_see/configuration/guide/swuncli.html
  3. http://www.cisco.com/en/US/docs/ios/12_2/switch/configuration/guide/xcfcefc.html
Retrieved from "http://mars.merhot.dk/w/index.php?title=Route-map_Cisco_IOS&oldid=30110"