Route-map Cisco IOS
Policy-Based Routing or PBR with Cisco IOS. Route-maps are often used with Routing Protocols such as BGP and use [[Prefix-list Cisco IOS|Prefix-lists]
Contents
Enabling PBR on 3560 Switch platform
On the 3560 Switch platform you get the message %PLATFORM_PBR-4-SDM_MISMATCH: PBR requires sdm template routing when you apply a route-map to a Interface.
This is because the SDM (Switch Database Management) template. The SDM manages the layer 2 and layer 3 switching information that is maintained in the Ternary Content Addressable Memory (TCAM). The TCAM is used for forwarding lookups. See [1]. There are some unsupported commands on IOS 12.2-25[2]
CEF uses default Source/Destination load sharing, ensuring same path for the packetstreams.[3]
Looking at the default configuration the switch had the following SDM configuration.
Core2#<input>sh sdm prefer</input>
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 6K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 8K
number of directly-connected IPv4 hosts: 6K
number of indirect IPv4 routes: 2K
number of IPv4 policy based routing aces: <notice>0</notice>
number of IPv4/MAC qos aces: 512
number of IPv4/MAC security aces: 1K
Changing SDM Bias
Core2(config)#<input>sdm prefer routing</input>
Changes to the running SDM preferences have been stored, but cannot take effect
until the next reload.
Use 'show sdm prefer' to see what SDM preference is currently active.
Core2(config)#<input>^Z</input>
Core2#
1d00h: %SYS-5-CONFIG_I: Configured from console by vty0 (10.0.0.30)
Core2#<input>reload</input>
After reboot
Core2#<input>sh sdm prefer</input>
The current template is "desktop routing" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 3K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 11K
number of directly-connected IPv4 hosts: 3K
number of indirect IPv4 routes: 8K
number of IPv4 policy based routing aces: <notice>512</notice>
number of IPv4/MAC qos aces: 512
number of IPv4/MAC security aces: 1K
Example
Lots of limitations on 3560 platform. Default route to 192.168.1.0/24 to 10.0.0.30 gateway all other to 10.0.0.34 gateway
ip access-list extended ISP-CON1
remark Internally used nets denied. They should be routed by the FIB
deny ip 192.168.1.0 0.0.0.255 10.0.0.0 0.255.255.255
deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.127.255.255
permit ip 192.168.1.0 0.0.0.255 any
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map HETH permit 5
match ip address ISP-CON1
set ip next-hop 10.0.0.30
!
route-map HETH permit 10
match ip address prefix-list DEFAULT
set ip next-hop 10.0.0.34