Connectivity Guide
seq 30 deny tcp 10.99.0.0/16 10.0.0.0/8 eq 21
seq 40 deny icmp 10.99.0.0/16 10.0.0.0/8
• Create a route-map to block specic trac from PBR processing.
route-map TEST-RM deny 5
match ip address TEST-ACL-DENY
• Create a route-map to permit trac for PBR processing.
route-map TEST-RM permit 10
match ip address TEST-ACL
set ip next-hop 10.0.40.235
• Apply the policy to the previously created interface.
ip policy route-map TEST-RM
In this conguration, the route-map TEST-RM deny 5 conguration blocks trac that matches the TEST-ACL-DENY ACL from
further PBR processing. This trac is routed using the routing table. The route-map TEST-RM permit 10 conguration sends trac
that matches the
TEST-ACL ACL for PBR processing. Any packet that matches the TEST-ACL ACL is forwarded to 10.0.40.235.
View PBR conguration
Use the show configuration command to view the conguration of the interface.
OS10(conf-if-vl-40)# show configuration
!
interface vlan40
no shutdown
ip policy route-map test
Use the show route-map command to view the route-map conguration.
OS10(config)# do show route-map
route-map map1, permit, sequence 10
Match clauses:
ipv6 address (access-lists): acl1
Set clauses:
ipv6 vrf {vrf-name} next-hop 5555::5556
OS10(conf-if-vl-40)# do show route-map
route-map test, permit, sequence 10
Match clauses:
ip address (access-lists): acl1
Set clauses:
ip next-hop 1.1.1.1 track-id 200
OS10(conf-if-vl-40)# do show route-map test
route-map test, permit, sequence 10
Match clauses:
ip address (access-lists): acl1
Set clauses:
ip vrf red next-hop 1.1.1.1 track-id 200
!
PBR commands
Layer 3
599