Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
701702703704705706707708709710
706 Access Control Lists
For a permit route-map, if the decision reached in the above step is deny,
then PBR does not apply any action that is specified in set term(s) in the
route-map statement. In this situation, the counter for this match
statement is not incremented. The processing logic terminates, and the
packet goes through the standard destination-based routing logic.
For a deny route-map, if the decision reached in the above step is permit,
then PBR processing logic terminates and the packet goes through
standard destination-based routing logic. The counter is incremented for
each matching packet.
For a deny route-map, if the decision reached in the above step is deny, the
counter for this match statement is not incremented. The processing logic
terminates, and the packet goes through the standard destination-based
routing logic.
PBR counters increment when a packet matches the corresponding ACL.
They do not indicate the outcome of the processing logic; i.e., PBR counters
do not count packets that are policy-routed vs. not policy-routed. ACL packet
matching occurs in parallel across all ACLs. If a policy ACL matches a packet,
and an interface or VLAN ACL also matches the packet, the PBR counter
may be incremented even though the interface or VLAN ACL caused the
packet to be dropped.
If no match occurs, then the packet goes through the standard destination-
based routing logic.
Route-Map Actions
Policy-Based Routing overrides the normal routing decisions taken by the
router and attempts to route the packet using the criteria in the set clause:
List of next-hop IP addresses The set ip next-hop command checks for
the next-hop address in the routing table and, if the next-hop address is
present and active in the routing table, then the policy routes the ACL
matching packets to the next hop. If the next hop is not present in the
routing table, the command uses the normal routing table to route the
packet. Non-matching packets are routed using the normal routing table.
The IP address must specify an adjacent next-hop router in the path
toward the destination to which the packets should be routed. The first
available IP address associated with a currently active routing entry is used
to route the packets. This type of rule takes priority over all entries in the
routing table.