Cisco Systems 3560 Manual De Usuario
36-96
Catalyst 3560 Switch Software Configuration Guide
OL-8553-06
Chapter 36 Configuring IP Unicast Routing
Configuring Protocol-Independent Features
Packets that are generated by the switch, or local packets, are not normally policy-routed. When you
globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR.
Local PBR is disabled by default.
globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR.
Local PBR is disabled by default.
Note
To enable PBR, the switch must be running the IP services image.
Beginning in privileged EXEC mode, follow these steps to configure PBR:
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
route-map map-tag [permit] [sequence number]
Define any route maps used to control where packets are
output, and enter route-map configuration mode.
output, and enter route-map configuration mode.
•
map-tag—A meaningful name for the route map. The ip
policy route-map interface configuration command uses
this name to reference the route map. Multiple route maps
might share the same map tag name.
policy route-map interface configuration command uses
this name to reference the route map. Multiple route maps
might share the same map tag name.
•
(Optional) If permit is specified and the match criteria
are met for this route map, the route is policy-routed as
controlled by the set actions.
are met for this route map, the route is policy-routed as
controlled by the set actions.
Note
The route-map deny statement is not supported in
PBR route maps to be applied to an interface.
PBR route maps to be applied to an interface.
•
sequence number (Optional)— Number that shows the
position of a new route map in the list of route maps
already configured with the same name.
position of a new route map in the list of route maps
already configured with the same name.
Step 3
match ip address {access-list-number |
access-list-name} [...access-list-number |
...access-list-name]
access-list-name} [...access-list-number |
...access-list-name]
Match the source and destination IP address that is permitted
by one or more standard or extended access lists.
by one or more standard or extended access lists.
Note
Do not enter an ACL with a deny ACE or an ACL that
permits a packet destined for a local address.
permits a packet destined for a local address.
If you do not specify a match command, the route map applies
to all packets.
to all packets.
Step 4
set ip next-hop ip-address [...ip-address]
Specify the action to take on the packets that match the
criteria. Set next hop to which to route the packet (the next hop
must be adjacent).
criteria. Set next hop to which to route the packet (the next hop
must be adjacent).
Step 5
exit
Return to global configuration mode.
Step 6
interface interface-id
Enter interface configuration mode, and specify the interface
to configure.
to configure.
Step 7
ip policy route-map map-tag
Enable PBR on a Layer 3 interface, and identify the route map
to use. You can configure only one route map on an interface.
However, you can have multiple route map entries with
different sequence numbers. These entries are evaluated in
sequence number order until the first match. If there is no
match, packets are routed as usual.
to use. You can configure only one route map on an interface.
However, you can have multiple route map entries with
different sequence numbers. These entries are evaluated in
sequence number order until the first match. If there is no
match, packets are routed as usual.
Note
If the IP policy route map contains a deny statement,
the configuration fails.
the configuration fails.