To match IP packets to perform IP policy routing, use the match ip address command in Route Map Configuration Mode. To move the match ip address entry, use the no form of this command.

Syntax

match ip address access-list extended-access-list-name

no match ip address access-list

Parameters

• access-list extended-access-list-name—Specifies an extended IP ACL.

Default Configuration

No the command is configured.

Command Mode

Route Map Configuration Mode

User Guidelines

The match ip address command allows you to policy route IP packets based on criteria that can be matched with an extended IP access list; for example, a protocol, protocol service, and source or destination IP address.

The ACL list specified by the extended-access-list-name argument cannot contain the following keywords:

• time-range

• disable-port

• log-input

Example

The example below gives how IPv4 Policy Base Routing is configured:

switchxxxxxx(config)# ip access-list extended acl1
switchxxxxxx(config-ip-al)# permit ip 176.212.0.0 00.255.255 any
switchxxxxxx(config-ip-al)# exit
switchxxxxxx(config)# route-map pbr
switchxxxxxx(config-route-map)# match ip address access-list acl1
switchxxxxxx(config-route-map)# set ip next-hop 173.23.13.20
switchxxxxxx(config-route-map)# exit

To match IPv6 packets to perform IPv6 policy routing, use the match ipv6 address command in Route Map Configuration Mode. To move the match ipv6 address entry, use the no form of this command.

Syntax

match ipv6 address access-list extended-access-list-name

no match ipv6 address access-list

Parameters

• access-list extended-access-list-name—Specifies an extended IPv6 access list.

Default Configuration

No the command is configured.

Command Mode

Route Map Configuration Mode

User Guidelines

The match ipv6 address command allows you to policy route IPv6 packets based on criteria that can be matched with an extended access list; for example, a protocol, protocol service, and source or destination IPv6 address.

The ACL list specified by the extended-access-list-name argument cannot contain the following keywords:

• time-range

• disable-port

• log-input

Example

The example below gives how IPv4 Policy Base Routing is configured:

switchxxxxxx(config)# ipv6 access-list acl1
switchxxxxxx(config-ip-al)# permit ipv6 3211:1297::  ::/32 any
switchxxxxxx(config-ip-al)# exit
switchxxxxxx(config)# route-map pbr
switchxxxxxx(config-route-map)# match ipv6 address access-list acl1
switchxxxxxx(config-route-map)# set ipv6 next-hop 3003:17ac::20
switchxxxxxx(config-route-map)# exit
switchxxxxxx(config-ip-al)# exit

To define the conditions for policy routing, use the route-map command in Global Configuration mode and the match and set commands in Route Map Configuration Mode. To delete an entry, use the no form of this command.

Syntax

route-map map-tag [sequence-number]

no route-map map-tag [sequence-number]

Parameters

• map-tag—A meaningful name for the route map. The redistribute router configuration command uses this name to reference this route map. Multiple route maps may share the same map tag name.

• sequence-number—Positive integer number that indicates the position a new route map will have in the list of route maps already configured with the same name. If the parameter is used with the no form of this command, the position of the route map should be deleted. If the parameter is omitted in the route-map command then a value of 10 is applied. If the parameter is omitted in the no format then all route maps sharing same map tag name are deleted.

Default Configuration

Conditions for policy routing is not configured.

Command Mode

Global Configuration mode

User Guidelines

Use the route-map command to enter route-map configuration mode. The purpose of the route map command is to define policy routing.

The match commands specify the conditions under which policy routing occurs and the set commands specify the routing actions to perform if the criteria enforced by the match commands are met:

• If a outed packet matches to an ACL with the permit action the packet is forwarded by the set command (policy based routing).

• If a outed packet matches to an ACL with the deny action the frame is forwarded by the Forwarding table (regular routing).

A route map can have several sections configured by separate route-map commands with the same map tag. When a routed packet is checked by a route map the first section which criteria is forced is applied. If there is no matched section the obvious shortest path using the Forwarding Table is applied.

To specify the IP address of the next hop policy routing, use the set ip next-hop command in Route Map Configuration Mode. To delete an entry, use the no form of this command.

Syntax

set ip next-hop next-hop

no set ip next-hop

Parameters

• next-hop—IPv4 address of the next hop router.

Default Configuration

This command is disabled by default.

Command Mode

Route Map Configuration Mode

User Guidelines

Use the set ip next-hop command to set the IP address of the next hop policy routing.

Example

In the following example sets IP address 192.168.30.1 as the next hop IP address:

switchxxxxxx(config)# route-map bpr
switchxxxxxx(config-route-map)# match ip address access-list acl
switchxxxxxx(config-route-map)# set ip next-hop 192.168.30.1
switchxxxxxx(config-route-map)# exit

To specify the IPv6 address of the next hop policy routing, use the set ipv6 next-hop command in Route Map Configuration Mode. To delete an entry, use the no form of this command.

Syntax

set ipv6 next-hop next-hop

no set ipv6 next-hop

Parameters

• next-hop—IPv6 address of the next hop router or outgoing interface ID for a point-to-point outgping interfaces.

Default Configuration

This command is disabled by default.

Command Mode

Route Map Configuration Mode

User Guidelines

Use the set ip next-hop command to set the IPv6 address of the next hop policy routing.

Examples

Example 1. In the following example sets IPv76 address 3003:17ac::20 as the next hop IPv6 address:

switchxxxxxx(config)# route-map pbr
switchxxxxxx(config-route-map)# match ipv6 address access-list acl1
switchxxxxxx(config-route-map)# set ipv6 next-hop 3003:17ac::20
switchxxxxxx(config-route-map)# exit
switchxxxxxx(config-ip-al)# exit

Example 2. In the following example sets interface tunnel1 as the next hop:

switchxxxxxx(config)# interface tunnel 1
switchxxxxxx(config-if)# tunnel source 132.1.1.1
switchxxxxxx(config-if)# tunnel destination 192.168.30.1
switchxxxxxx(config-if)# tunnel mode ipv6ip
switchxxxxxx(config-if)# exit
switchxxxxxx(config)# route-map bpr
switchxxxxxx(config-route-map)# match ipv6 address access-list acl
switchxxxxxx(config-route-map)# set ipv6 next-hop tunnel 1
switchxxxxxx(config-route-map)# exit

To display route maps, use the show route-map command in Privileged EXEC mode.

Syntax

show route-map [map-name]

Parameters

• map-name—Name of a specific route map.

Default Configuration

Command Mode

Privileged EXEC mode

User Guidelines

Use the show route-map map-name command, to display one given route map.

Use the show route-map command, to display all configured route maps.

Example

The following is sample output from the show route-map command:

switchxxxxxx# show route-map
route-map POLICY-ROUTING, permit, sequence 10
  Match clauses:
    ip address access-lists: acl1
  Set clauses:
    ip next-hop: 192.12.34.5
route-map POLICY-ROUTING, permit, sequence 20
  Match clauses:
    ip address access-lists: acl2
  Set clauses:
    ip next-hop: 192.122.23.15
route-map POLICY-ROUTING-IPv6, permit, sequence 10
  Match clauses:
    ipv6 address access-lists: acl3
  Set clauses:
    ipv6 next-hop: 3003:17ac::20
route-map POLICY-ROUTING-IPv6, permit, sequence 20
  Match clauses:
    ipv6 address access-lists: acl4
  Set clauses:
    interface next-hop: tunnel 1