Policy Based Routing on a Nexus
First of all, let's just admit, I am a collab guy, doing work on a Nexus is a foreign experience. While some things are intuitive not everything follows RFC's and the Nexus platform is a bit more restrictive.
First of all, to get PBR going, I had to change the hardware profile, since I have no intention of using QoS internally in my lab, I decided to steal from it:
This then requires a reboot.
After this is done and the pbr feature is enabled:
You can get into creating the route-maps. However, unlike IOS devices you can only use permits in your acl's and then use a deny statement on the route map itself:
First of all, to get PBR going, I had to change the hardware profile, since I have no intention of using QoS internally in my lab, I decided to steal from it:
hardware profile tcam region qos 0
hardware profile tcam region pbr 256
This then requires a reboot.
After this is done and the pbr feature is enabled:
feature pbr
You can get into creating the route-maps. However, unlike IOS devices you can only use permits in your acl's and then use a deny statement on the route map itself:
ip access-list PBR_DENY
statistics per-entry
10 permit ip any 192.168.1.0/24
ip access-list PBR_PERMIT
statistics per-entry
10 permit ip any any
route-map PBR_RULE pbr-statistics
route-map PBR_RULE deny 10
match ip address PBR_DENY
route-map PBR_RULE permit 20
match ip address PBR_PERMIT
set ip next-hop 192.168.10.1
Comments
Post a Comment