First of all, let's just admit, I am a collab guy, doing work on a Nexus is a foreign experience. While some things are intuitive not everything follows RFC's and the Nexus platform is a bit more restrictive. First of all, to get PBR going, I had to change the hardware profile, since I have no intention of using QoS internally in my lab, I decided to steal from it: hardware profile tcam region qos 0 hardware profile tcam region pbr 256 This then requires a reboot. After this is done and the pbr feature is enabled: feature pbr You can get into creating the route-maps. However, unlike IOS devices you can only use permits in your acl's and then use a deny statement on the route map itself: ip access-list PBR_DENY statistics per-entry 10 permit ip any 192.168.1.0/24 ip access-list PBR_PERMIT statistics per-entry 10 permit ip any any route-map PBR_RULE pbr-statistics route-map PBR_RULE deny 10 match ip address PBR_DENY route-map PBR_RULE permit 2
Comments
Post a Comment