Cisco Systems 3560-X, 3750-X PBR Configuration Guidelines

42-98

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-21521-01

Chapter 42 Configuring IP Unicast Routing

Configuring Protocol-Independent Features

If match clauses are satisfied, you can use a set clause to specify the IP addresses identifying the next

hop router in the path.

For details about PBR commands and keywords, see the Cisco IOS IP Command Reference, Volume 2 of

3: Routing Protocols, Release 12.2. For a list of PBR commands that are visible but not supported by the

switch, see Appendix C, “Unsupported Commands in Cisco IOS Release 12.2(53)SE2.”

PBR configuration is applied to the whole stack, and all switches use the stack master configuration.

Note This software release does not support Policy-Based Routing (PBR) when processing IPv4 and IPv6

traffic.

PBR Configuration Guidelines

• To use PBR, you must have the IP services feature set enabled on the switch or stack master.

• Multicast traffic is not policy-routed. PBR applies to only to unicast traffic.

• You can enable PBR on a routed port or an SVI.

• The switch does not support route-map deny statements for PBR.

• You can apply a policy route map to an EtherChannel port channel in Layer 3 mode, but you cannot

apply a policy route map to a physical interface that is a member of the EtherChannel. If you try to

do so, the command is rejected. When a policy route map is applied to a physical interface, that

interface cannot become a member of an EtherChannel.

• You can define a maximum of 246 IP policy route maps on the switch or switch stack.

• You can define a maximum of 512 access control entries (ACEs) for PBR on the switch or switch

stack.

• When configuring match criteria in a route map, follow these guidelines:

–

Do not match ACLs that permit packets destined for a local address. PBR would forward these

packets, which could cause ping or Telnet failure or route protocol flappping.

–

Do not match ACLs with deny ACEs. Packets that match a deny ACE are sent to the CPU, which

could cause high CPU utilization.

• To use PBR, you must first enable the routing template by using the sdm prefer routing global

configuration command. PBR is not supported with the VLAN or default template. For more

information on the SDM templates, see Chapter 8, “Configuring SDM Templates.”

• VRF and PBR are mutually exclusive on a switch interface. You cannot enable VRF when PBR is

enabled on an interface. The reverse is also true, you cannot enable PBR when VRF is enabled on

an interface.

• Web Cache Communication Protocol (WCCP) and PBR are mutually exclusive on a switch

interface. You cannot enable WCCP when PBR is enabled on an interface. The reverse is also true,

you cannot enable PBR when WCCP is enabled on an interface.

• The number of hardware entries used by PBR depends on the route map itself, the ACLs used, and

the order of the ACLs and route-map entries.

• Policy-based routing based on packet length, TOS, set interface, set default next hop, or set default

interface are not supported. Policy maps with no valid set actions or with set action set to Don’t

Fragmen t are not supported.