Examining Policy-Based Routing

Problem

You want to see information about how policy-based routing has been applied on a router.

Solution

The show ip policy command shows what routing policies have been applied on a router. Here is the output for a router that has all three of the policies from Recipe 5.7:

Router>show ip policy Interface Route map local dlswtraffic Ethernet0 Websurfers Serial0 High-priority

You can see more detail on what each of these policies do by looking at the route maps:

Router>show route-map route-map High-priority, permit, sequence 10 Match clauses: ip address (access-lists): 101 Set clauses: ip next-hop 10.15.27.1 Policy routing matches: 0 packets, 0 bytes route-map Websurfers, permit, sequence 10 Match clauses: ip address (access-lists): 102 Set clauses: ip next-hop 10.15.27.1 Policy routing matches: 0 packets, 0 bytes route-map Websurfers, permit, sequence 20 Match clauses: Set clauses: ip default next-hop 10.15.26.1 Policy routing matches: 4 packets, 531 bytes route-map dlswtraffic, permit, sequence 10 Match clauses: ip address (access-lists): 103 Set clauses: ip next-hop 10.15.27.3 Policy routing matches: 5 packets, 500 bytes

 

Discussion

The first command, show ip policy, tells you about all of the routing policies that have been applied on the router. The second command, show route-map, shows all of the route maps. It is important to note that the first command only shows the routing policies that have actually been applied on the router, whether for local traffic or packets coming from an interface. It shows all applied routing policies, whether the interfaces involved are active or not. The second command shows all configured route-maps, whether or not they've been applied to anything.

The show route-map command also gives useful information about how the route-maps are being used. Notice that the second clause of the Websurfers route-map has matched 4 packets for a total of 531 bytes since it was applied, and the dlswtraffic route-map has similarly matched 5 packets for a total of 500 bytes. You can dig a little further by looking at the access-lists that these route maps use to match packets:

router>show access-list 103 Extended IP access list 103 permit tcp any any eq 2065 (3 matches) permit tcp any eq 2065 any (2 matches)

This shows not only the details of how the access-list used in the route map works, but also precisely which lines are being used.

See Also

Recipe 5.7

Категории