Cisco Systems ME3400G2CSA Enabling PBR

32-78

Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide

78-17058-01

Chapter32 Configuring IP Unicast Routing

Configuring Protocol-Independent Features

Enabling PBR

By default, PBR is disabled on the switch. To enable PBR, you must create a route map that speci fies

the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR

for that route map on an interface. All packets arriving on the specified interface matching the match

clauses are subject to PBR.

PBR can be fast-switched or implemented at speeds that do not slow down the switch. Fast-switched

PBR supports most match and set commands. PBR must be enabled befo re y ou en ab le fa st-swi tched

PBR. Fast-switched PBR is disabled by default.

Packets that are generated by the switch, or local packets, are not normally policy-routed. When you

globally enable local PBR on the switch, all packets that originate on the switch are subject to loca l PBR.

Local PBR is disabled by default.

Beginning in privileged EXEC mode, follow these steps to configure PBR:

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 route-map map-tag [permit | deny] [sequence

number]Define any route maps used to control where packets are

output, and enter route-map configuration mode.

map-tag—A meaningful name for the route map. The ip

policy route-map interface configuration command uses this

name to reference the route map. Multiple route map s m i ght

share the same map tag name.

(Optional) If permit is specified and the match criteria are

met for this route map, the route is policy-routed as cont rolled

by the set actions. If deny is specified, the route is not

policy-routed.

sequence number (Optional)— Number that shows the

position of a new route map in the list of route maps already

configured with the same name.

Step3 match ip address {access-list-number |

access-list-name} [...access-list-number |

...access-list-name]

Match the source and destination IP address that is permitted

by one or more standard or extended access lists.

If you do not specify a match command, the route map applies

to all packets.

Step4 set ip next-hop ip-address [...ip-address] Specify the action to take on the packets that match the

criteria. Set next hop to which to route the packet (the next hop

must be adjacent).

Step5 exit Return to global configuration mode.

Step6 interface interface-id Enter interface configuration mode, and specify the interface

to configure.

Step7 no shutdown Enable the interface if necessary. By default, UNIs are

disabled and NNIs are enabled.