Chapter 38 Configuring IP Unicast Routing

Configuring Protocol-Independent Features

To use PBR, you must first enable the routing template by using the sdm prefer routing global configuration command. PBR is not supported with the VLAN or default template. For more information on the SDM templates, see Chapter 8, “Configuring SDM Templates.”

VRF and PBR are mutually exclusive on a switch interface. You cannot enable VRF when PBR is enabled on an interface. The reverse is also true, you cannot enable PBR when VRF is enabled on an interface.

Web Cache Communication Protocol (WCCP) and PBR are mutually exclusive on a switch interface. You cannot enable WCCP when PBR is enabled on an interface. The reverse is also true, you cannot enable PBR when WCCP is enabled on an interface.

The number of hardware entries used by PBR depends on the route map itself, the ACLs used, and the order of the ACLs and route-map entries.

Policy-based routing based on packet length, TOS, set interface, set default next hop, or set default interface are not supported. Policy maps with no valid set actions or with set action set to Don’t Fragment are not supported.

The switch supports QoS DSCP and IP precedence matching in PBR route maps, with these limitations:

You cannot apply QoS DSCP mutation maps and PBR route maps to the same interface.

You cannot configure DSCP transparency and PBR DSCP route maps on the same switch.

When you configure PBR with QoS DSCP, you can set QoS to be enabled (by entering the mls qos global configuration command) or disabled (by entering the no mls qos command). When QoS is enabled, to ensure that the DSCP value of the traffic is unchanged, you should configure DSCP trust state on the port where traffic enters the switch by entering the mls qos trust dscp interface configuration command. If the trust state is not DSCP, by default all nontrusted traffic would have the DSCP value marked as 0.

Enabling PBR

By default, PBR is disabled on the switch. To enable PBR, you must create a route map that specifies the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR for that route map on an interface. All packets arriving on the specified interface matching the match clauses are subject to PBR.

PBR can be fast-switched or implemented at speeds that do not slow down the switch. Fast-switched PBR supports most match and set commands. PBR must be enabled before you enable fast-switched PBR. Fast-switched PBR is disabled by default.

Packets that are generated by the switch, or local packets, are not normally policy-routed. When you globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR. Local PBR is disabled by default.

Note To enable PBR, the switch or stack master must be running the IP services feature set.

 

 

Catalyst 3750-E and 3560-E Switch Software Configuration Guide

 

 

 

 

 

 

OL-9775-02

 

 

38-85

 

 

 

 

 

Page 945
Image 945
Cisco Systems 3750E manual Enabling PBR, 38-85