Non existent route-map applied to redistribution
If a non existent route-map is referred in a redistribute command . How does it effect ?
Example configuration
address-family ipv4 vrf VRF:MMS:MGD:XLC:190
redistribute connected route-map MGD_XLC
redistribute static route-map VPN_XLC
no synchronization
exit-address-family
The above mentioned route-maps don't exist in the configuration
Hi,
By its very nature, this is an incorrect configuration. Different IOS versions may react differently to incorrect configuration. Therefore, do not take the results you find out on your particular router as a general rule.
In principle, there are only two possibilities when you reference a non-existent route-map in your redistribution: Either all routes are redistributed indiscriminately, or no routes are redistributed at all. Now, in your case, checking the show ip bgp vpnv4 vrf VRF:MMS:MGD:XLC:190 and comparing it with show ip route vrf VRF:MMS:MGD:XLC:190 static and show ip route vrf VRF:MMS:MGD:XLC:190 connected should tell you right away whether any (that is, all) or no routes have been injected into BGP RIB from this VRF.
Best regards,
Peter
Similar Messages
-
Hi All,
I have just taken over supporting a network, and have come accross a route map, that I don't really understand. The route-map is copied below. Can anyone please tell me step by step how its processed, and what the outcome is?
route-map test permit 5
match ip address prefix-list path_one_prefer
route-map test permit 10
match as-path 3
route-map test permit 20
match ip address prefix-list route-filter
set as-path prepend 65100
ip prefix-list path_one_prefer seq 5 permit 10.10.0.0/16
ip as-path access-list 3 permit _65000_
ip prefix-list route-filter seq 10 deny 172.130.1.0/28
ip prefix-list route-filter seq 15 deny 172.131.1.248/29
ip prefix-list route-filter seq 20 deny 172.200.128.0/27
The route map is applied outbound towards an ebgp peer
Many Thanks
RussHello Russ,
Yes that is indeed the case.
route-map test permit 20
match ip address prefix-list route-filter
set as-path prepend 65100
!ip prefix-list route-filter seq 10 deny 172.130.1.0/28
ip prefix-list route-filter seq 15 deny 172.131.1.248/29
ip prefix-list route-filter seq 20 deny 172.200.128.0/27
In the route-map lines 20 - it is set to "match ip address prefix-list route-filter"
Since the deny is in place in the prefix list, take it as "Not these ones"
Everything else is permitted and AS-Path prepended.
After line 20 there is no other - ACL logic - explicit deny - so if there is no match, its a deny, so the prefix's in the prefix-list "route-filter" are not advertised.
This line 20 seems to be the "catch all" other routes except for these ones i.e. that prefix list, and prepend them.
Check the routes you are advertising them as I stated in my first post with "show ip bgp neigh x.x.x.x advertised-routes" which should correlate with the route-map applied to your BGP peer.
Hope this makes it clear. -
Can anyone tell me what a route map is and how they work, thanks
Carlhi
route maps are used for different purposes like policy based routing,controlling the routing updates also for number of administrative functionalities.
But the usage of route maps can be found mostly inline with PBR where the forwarding is being done based on different criterias.
Abstracts from CCO
"They are an ordered sequence of individual statements, each has a permit or deny result. Evaluation of ACL or route-maps consists of a list scan, in a predetermined order, and an evaluation of the criteria of each statement that matches. A list scan is aborted once the first statement match is found and an action associated with the statement match is performed".
"They are generic mechanismscriteria matches and match interpretation are dictated by the way they are applied. The same route-map applied to different tasks might be interpreted differently".
also check this link for more info.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008047915d.shtml#what
regds -
Can't apply policy route-map on C3750 stack vlan interface
Hi All.
I've come up with this problem and i could see some people have had the same issue. I've tried to overlook and check other replies but it didn't help me. So I'm hoping someone could spot the problem. Here are the details:
2 x WS-C3750G-24T-E in stack
Cisco IOS Software, C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(46)SE, RELEASE SOFTWARE (fc2)
switch#sh sdm prefe
The current template is "desktop IPv4 and IPv6 routing" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 1.5K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 2.75K
number of directly-connected IPv4 hosts: 1.5K
number of indirect IPv4 routes: 1.25K
number of IPv6 multicast groups: 1.125k
number of directly-connected IPv6 addresses: 1.5K
number of indirect IPv6 unicast routes: 1.25K
number of IPv4 policy based routing aces: 0.25K
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 0.5K
number of IPv6 policy based routing aces: 0.25K
number of IPv6 qos aces: 0.5K
number of IPv6 security aces: 0.5K
There are 2 ISPs, G1/0/1 and G2/0/1. After creating a route-map i can apply a policy route-map to Vlan5 and it accepts without any errors. But when you do sh run vlan5 the command is not there, it's not applied.
Any help will be appretiated.
Thanks.Hi Jon.
Thanks for your reply. I didn't put those configs as they're basic without use of VRF and WCCP. Also i've checked or tried to find the list of unsupported commands and didn't see them in that list. See config below with some extras:
track 11 rtr 1 reachability
track 22 rtr 2 reachability
ip routing
no ip dhcp use vrf connected
interface GigabitEthernet1/0/1
description ISP1
no switchport
ip address 9.9.9.2 255.255.255.252
no ip proxy-arp
no ip mroute-cache
speed 100
duplex full
ipv6 address 2B01:4B8:0:3::2/64
ipv6 ospf 1 area 0
no mdix auto
no cdp enable
interface GigabitEthernet2/0/1
description ISP2
no switchport
ip address 9.9.9.5 255.255.255.252
ip ospf cost 10000
speed 1000
duplex full
ipv6 address 2B01:4B8:0:7::2/64
ipv6 enable
ipv6 ospf cost 10000
ipv6 ospf 1 area 0
interface Vlan5
description Company Ext Subnet
ip address 9.9.8.1 255.255.255.128
no ip proxy-arp
no ip mroute-cache
ipv6 address 2B01:4B8:1:22::1/64
ipv6 ospf 1 area 15
access-list 111 permit tcp any any eq www
route-map pbr1 permit 10
match ip address 111
set interface GigabitEthernet2/0/1 GigabitEthernet1/0/1
route-map pbr1 permit 20
set interface GigabitEthernet1/0/1 GigabitEthernet2/0/1
route-map pbr2 permit 10
match ip address 111
set ip next-hop verify-availability 9.9.9.6 1 track 11
set ip next-hop 9.9.9.1
route-map pbr2 permit 20
set ip next-hop verify-availability 9.9.9.1 1 track 22
set ip next-hop 9.9.9.6
I've tried to apply both policies pbr1 and pbr2, it allowed to do that without errors but at the end it wasn't there.
Cheers, -
Route map does not applied on interface vlan
Hi all,
could you pls tell me why i can't apply a route-map on an interface vlan,
belown my config:
SWBBO(config-if)#ip policy route-map TEST
^
% Invalid input detected at '^' marker.
Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.0(2)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Fri 04-Jan-13 01:38 by prod_rel_team
ROM: Bootstrap program is C3750E boot loader
BOOTLDR: C3750E Boot Loader (C3750X-HBOOT-M) Version 12.2(53r)SE2, RELEASE SOFTWARE (fc1)
BBWMASALE01 uptime is 40 weeks, 1 day, 6 minutes
System returned to ROM by power-on
System restarted at 22:12:07 UTC Mon Feb 18 2013
System image file is "flash:/c3750e-universalk9-mz.150-2.SE1.bin"
Best regards,
JamesHi jon,
belown the result of sh sdm prefer,so need i a licence ip service to apply the route-maap on the interface vlan,or just entrer the config"sdm prefer routing" and reboot the switch?
SWBB0#sh sdm prefer
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 6K
number of IPv4 IGMP groups + multicast routes: 1K
number of IPv4 unicast routes: 8K
number of directly-connected IPv4 hosts: 6K
number of indirect IPv4 routes: 2K
number of IPv6 multicast groups: 64
number of directly-connected IPv6 addresses: 74
number of indirect IPv6 unicast routes: 32
number of IPv4 policy based routing aces: 0
number of IPv4/MAC qos aces: 0.5K
number of IPv4/MAC security aces: 0.875k
number of IPv6 policy based routing aces: 0
number of IPv6 qos aces: 0
number of IPv6 security aces: 60 -
Applying "route-map" in interfaces with encapsulation dot1q
Hello,
I would like to ask you if there were some trouble in applying route-maps in a interface and its subinterfaces, as it is shown:
interface GigabitEthernet0/2
ip address 11.0.9.26 255.255.255.252
ip policy route-map GestionRadios
interface GigabitEthernet0/2.11
encapsulation dot1Q 11
ip address 11.0.9.18 255.255.255.252
ip policy route-map RedOperativaA
interface GigabitEthernet0/2.12
encapsulation dot1Q 12
ip address 11.0.9.22 255.255.255.252
ip policy route-map RedOperativaB
I am not sure if it is correct totally. Besides I get this informacion doing "show ip policy" and it seems to be right.
Router#show ip policy
Interface Route map
Gi0/2 GestionRadios
Gi0/2.11 RedOperativaA
Gi0/2.12 RedOperativaB
I would be very grateful for your help.
Thanks in advance
Regards,
SandroSandro
We do not have much to work with in your post so giving you really good answers is difficult. You do not tell us what type of device this is (I assume probably a router, but perhaps it is a layer 3 switch?) or what version of code it is running. These things make a difference sometimes in what is supported or is not supported. But since you get output in show ip policy then I assume that the device does support configuration of this feature.
You show us the configuration of the interfaces but not the configuration of the route maps or the access lists which the route maps probably use. So we can not form an opinion of the validity of the route maps or the access lists.
And you do not tell us whether the Policy Based Routing is working or not (and in fact you do not tell us for sure that you are doing PBR - though that is generally what route maps on the interfaces are doing) so we are not clear whether there is a problem here or not.
But based on what you show us in this post I do not see any particular problems with the route maps and the way that you have applied them to interfaces (assuming that your goal is really to do PBR).
HTH
Rick -
Creating a Socket to non-existent host very slow
Why does it take a long time to try to create a Socket to a non-existent host on a Linux machine? On a Windows machine it takes approx. 20 sec., but when I try it on a Linux machine it takes approx. 180 sec.!
Here's the code I'm using (very simple):
import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
public class SocketCreator {
public static void
main(String[] args) {
long _begin = System.currentTimeMillis();
try {
new Socket("10.10.10.10", 2000);
} catch (UnknownHostException exception) {
exception.printStackTrace();
} catch (IOException exception) {
exception.printStackTrace();
long _end = System.currentTimeMillis();
System.out.println("It took: " + (_end - _begin) + " ms.");
Some additional info:
- Java2 SDK 1.1.x, 1.3.x and 1.4.x
- Windows XP
- Red Hat 7.2, 9This is really a Linux system-wide problem. If you wanted to fix this in Java, you might even have to resort to JNI to sent yourself a signal and interrupt your system call (the system call is connect()).
Unfortunately, the page give by "man tcp" on Linux is often not kept up-to-date with the many options available in /proc/sys/net/ipv4 .
Also, access to the local LAN will often give a quick "No route to host" message.
To test the long-timeout, you have to access a remote IP that does not exist. For instance, on Linux, if you start two xterms, and on the firxt you enter:
telnet 66.120.89.14
and on that second your enter
netstat -an
You will see something like this line:
tcp 0 1 192.168.5.18:32836 66.120.89.14:23 SYN_SENT
So now you know that the socket is sitting in SYN_SENT.
Now, if you look on a nice, full man page of tcp, like
http://www.die.net/doc/linux/man/man7/tcp.7.html
You will see
tcp_syn_retries
The maximum number of times initial SYNs for an active TCP connection attempt will be retransmitted. This value should not be higher than 255. The default value is 5, which corresponds to approximately 180 seconds.
Back on the second xterm, try:
% cat /proc/sys/net/ipv4/tcp_syn_retries
5
I bet you got five also. You could turn it down to two (decreases time to around 20 seconds).
You could try this as root:
# sysctl -w net.ipv4.tcp_syn_retries=2
or even add this command to your /etc/rc.d/rc.local file -
Shipment category not copied from deliveries because none exist
Dear Gurus,
Can u please let me know what this 2 errors means:
1) Shipment category not copied from deliveries because none exist
2) Shipping material not copied as means of transport not unique
The above two warning message are getting from Inbound IDOC. its strange, First time I have seen u201C SHIPMENT CATEGORYu201D
Appreciate your supportu2026thanks
Rgds,
ShafiqHi Eric, can you please tell me how you resolved the issue. I am having the same problem and i don't know whether the fact that I can't map back to the IDOC that created the SHIPMENT, if it related to this error message or not.
-
RHX5 showing non-existent style
We imported two Word docs, using the same style sheet both in
the doc and in RH. All the styles are fine in both docs, except for
one style. Doc A shows a good style "InstructionIndent", but in Doc
B, the RH style field shows that RH has seen the same style as
"INSTRUCTION". The css has been applied to all chapters. The style
looks fine in the original Word doc.
1) Does the all caps font of INSTRUCTIONS mean something
special in RH, such as a non-existent style?
2) Do I need to change all of these styles manually, or is
there an easier way?
Thank you,
Linda> When I transport the same Directory config from XID
> to XIT due to an additional change I have made, I get
> the error about the business system:
>
> Business system XE_DEV_3RD_IMS_001 is not assigned a
> business system in group XE_ESAP_TST_001
>
Can you let me know if XE_ESAP_TST_001 is the Quality Objects Group?
If yes, then can you check if you have created the transport target for the Business System XE_DEV_3RD_IMS_001 ?
If you do not want this Business System to be a part of the New transport, i.e, you do not need this Business System in your transport, then my gut feel here is that one of your Config Scenarios still contines to use this Business System or,
You are trying to import a Old version of your TPZ file.
Regards
Bhavesh -
Non existing local user managed to RDP to windows 2012 target machine
Hi,
It seems the exact same issue as I see it here: http://social.technet.microsoft.com/Forums/en-US/91f09a4b-350f-47f8-814b-53b29d1a6306/windows-2012-rdp-login-credentials-are-not-used-on-remoteapp-connect-dialog-box?forum=winserverTS
But I couldn't see any real/final answer.
Can I get official response from MS about this issue?
When we use the RDWeb, we use a non existing user to connect to some target 2012 machine and it actually works... it connects me to the target.
How cab I eliminate it?
Tx,
shlomHi,
Thank you for posting in Windows Server Forum.
For the user which you don’t want to provide the access of Remote Desktop to target machine, you can apply GPO setting for that user. Need to apply “Deny logon through Remote Desktop Service” GPO policy and add that user under that policy. You can
find the policy under below mention path.
Windows Settings/Security Settings/Local Policies/User Rights Assignments
Hope it helps!
Thanks.
Dharmesh Solanki -
Invalid or Non existant IP Address
We have a 20 room hotel and have three Linksys WRT160N routers. Most guests can connect to the internet but a few can not. They get a message: "limited or no connectivity" and "invalid or Non-existant IP address".
Any idea what I can do?The distance from the router to the computer varies but never more that about 20 feet (we actually have a total of 4 routers to cover the whole place - it is a small hotel)
So, you say that I should "Tell them to remove all the preferred network from the computer". Forgive my ignorance. I do not even own a lap top and know very little about wireless technology. So, if I told someone with a lap top to "remove all the preferred network from the computer", would they know what I was talking about? -
Are optional (non-existing) elements ALWAYS copied to target in TransformXS
Assume I use the TransformXSL activity to copy a structure from source XSD to target XSD.
Some of the elements are specified as optional.
Say for a particular situation some of these optional elements in the source XML do NOT exist.
It seems to me that TransformXSL mapping creates these elements in the target
structure and fill them with empty value.
This is a problem. I don't want them to be created if they do not exist in
the source XML.
How can I prevent the creation of non-existing elements in a TransformXSL operation
otherwise? Is there an option for this?
MichaelJames,
thank you for this first answer.
Is there a way to enter your "if" clause visually through JDeveloper GUI (=NOT in the XSL source code directly) ?
Is there a way to specify this "if" clause for ALL elements of a TransformXSL and not only for one particular one?
It would be rather uncomfortable to enter this for hundreds of optional elements individually.
Michael Haertfelder -
Hi,
what is the reason for not having any match, in the acl for the route-map?
Current configuration : 1731 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R2
boot-start-marker
boot-end-marker
no aaa new-model
memory-size iomem 5
ip cef
interface Loopback0
ip address 192.168.0.1 255.255.255.0
interface Loopback1
ip address 192.168.1.1 255.255.255.0
interface Loopback200
ip address 196.0.0.1 255.255.255.0
interface FastEthernet0/0
ip address 195.0.0.1 255.255.255.0
ip policy route-map r_teste
duplex auto
speed auto
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 10.0.0.2 255.255.255.252
serial restart-delay 0
interface Serial1/1
ip address 172.16.0.2 255.255.255.252
serial restart-delay 0
clock rate 128000
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
router bgp 100
no synchronization
bgp log-neighbor-changes
network 192.168.0.0
network 192.168.1.0
neighbor 10.0.0.1 remote-as 200
neighbor 172.16.0.1 remote-as 300
no auto-summary
ip http server
no ip http secure-server
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.16.0.1
access-list 40 permit any
route-map anuncia1 permit 20
match ip address 20
route-map anuncia0 permit 10
match ip address 10
route-map r_teste permit 10
match ip address 40
set ip default next-hop 10.0.0.1
control-plane
line con 0
line aux 0
line vty 0 4
login
end
R2#ping 192.168.55.1 source 195.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.55.1, timeout is 2 seconds:
Packet sent with a source address of 195.0.0.1
Success rate is 0 percent (0/5)
R2#sh access-lists
Standard IP access list 10
10 permit 192.168.0.0, wildcard bits 0.0.0.255
Standard IP access list 20
10 permit 192.168.1.0, wildcard bits 0.0.0.255
Standard IP access list 30
10 permit 195.0.0.0, wildcard bits 0.0.0.255
Standard IP access list 40
10 permit any
Extended IP access list 100
10 permit ip any 192.168.55.0 0.0.0.255
R2#
is possible without changing the bgp?
thanksDefault PBR:
All packets received on an interface (ingress) with PBR enabled are entertained, first they should match through ACL then forward to next hop. if a match is exist (through ACL) but not forward to next hop then do nothing this packet especially for ICMP packet.
I think you need Local PBR:
Packets that are generated by the router are not normally policy-routed. To enable local PBR for such packets, indicate which route map the router should use by using the following command in global configuration mode:
ip local policy route-map TEST
Regards,
kazim -
I have a 6509 that I've setup with route-maps in order to route VLANs in different ways. For example, if we wanted some vlans to get out to the internet we would route them to a certain address. Then there is another vlan that we route to another internet gateway. It was all working pretty good until we swapped out another switch gateway in the network and every since things have been wonky. It seems as though the switch is routing packets that would normally stay on that switch out of the switch then back in, even though my access-list are set to deny the traffic. Here are the access-list and route-maps:
access-list 10 permit 192.168.24.101
access-list 10 permit 192.168.24.102
access-list 100 permit tcp any 172.16.0.0 0.0.255.255 established
access-list 100 permit tcp 192.168.4.0 0.0.3.255 host 172.16.1.10 eq www
access-list 100 permit tcp 192.168.4.0 0.0.3.255 host 172.16.1.11 eq www
access-list 104 permit ip host 172.16.4.11 host 65.54.150.19
access-list 104 permit tcp host 172.16.4.20 any eq www
ip access-list extended BITCENTRAL_INTERNET
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip host 172.16.1.170 any
permit ip host 172.16.1.150 any
ip access-list extended EDIT_BAYS
deny ip any 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 any
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip host 192.168.25.2 any
permit ip host 192.168.26.80 any
permit ip host 192.168.25.104 any
permit ip host 192.168.25.3 any
permit ip host 192.168.26.69 any
permit ip host 192.168.26.71 any
permit ip host 192.168.27.33 any
ip access-list extended ENPS
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip host 192.168.24.101 any
permit ip host 192.168.24.102 any
permit ip host 192.168.24.103 any
ip access-list extended ENTRIQ
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 172.16.0.0 0.0.255.255 192.168.24.0 0.0.3.255
deny ip 192.168.24.0 0.0.3.255 172.16.0.0 0.0.255.255
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip 172.16.8.0 0.0.0.255 any
ip access-list extended MISC
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 172.16.0.0 0.0.255.255 192.168.24.0 0.0.3.255
deny ip 192.168.24.0 0.0.3.255 172.16.0.0 0.0.255.255
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip 172.16.11.0 0.0.0.255 any
ip access-list extended Omneon
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
permit ip host 172.16.2.11 any
permit ip host 172.16.2.2 any
ip access-list extended ROSS-VLAN
deny ip 172.16.0.0 0.0.255.255 172.16.0.0 0.0.255.255
deny ip 172.16.0.0 0.0.255.255 192.168.4.0 0.0.3.255
deny ip 192.168.4.0 0.0.3.255 172.16.0.0 0.0.255.255
permit ip host 172.16.4.20 any
permit ip host 172.16.4.32 any
permit ip host 172.16.4.31 any
permit ip host 172.16.4.29 any
permit ip host 172.16.4.30 any
permit ip host 172.16.4.28 any
vlan internal allocation policy ascending
vlan access-log ratelimit 2000
interface Vlan1
no ip address
shutdown
interface Vlan10
ip address 172.16.1.1 255.255.255.0
ip policy route-map BITCENTRAL
interface Vlan20
ip address 172.16.2.1 255.255.255.0
ip policy route-map OMNEON
interface Vlan30
ip address 172.16.3.1 255.255.255.0
interface Vlan40
ip address 172.16.4.1 255.255.255.0
ip policy route-map ROSS-VLAN
interface Vlan50
ip address 172.16.5.1 255.255.255.0
interface Vlan60
ip address 172.16.6.1 255.255.255.0
interface Vlan70
ip address 172.16.7.1 255.255.255.0
interface Vlan80
ip address 172.16.8.1 255.255.255.0
ip policy route-map ENTRIQ
interface Vlan100
ip address 192.168.27.1 255.255.252.0
ip helper-address 192.168.7.255
ip policy route-map OMNIBUS-VLAN
interface Vlan110
ip address 172.16.11.1 255.255.255.0
ip helper-address 192.168.27.200
ip policy route-map MISC
interface Vlan120
ip address 172.16.10.1 255.255.255.240
ip policy route-map EDIT_BAYS
interface Vlan140
ip address 192.168.4.15 255.255.255.0
ip directed-broadcast 10
interface Vlan500
ip address 192.168.1.19 255.255.255.224
ip classless
ip route 172.22.0.0 255.255.255.248 192.168.4.1
ip route 192.168.0.0 255.255.255.224 192.168.4.254
ip route 192.168.5.0 255.255.255.0 192.168.4.1
route-map BITCENTRAL permit 60
match ip address BITCENTRAL_INTERNET
set ip next-hop 192.168.4.1
route-map EDIT_BAYS permit 50
match ip address EDIT_BAYS
set ip next-hop 192.168.4.1
route-map ENTRIQ permit 80
match ip address ENTRIQ
set ip next-hop 172.16.8.254
route-map MISC permit 40
match ip address MISC
set ip next-hop 192.168.4.1
route-map MSN permit 10
match ip address 104
set ip next-hop 192.168.4.1
route-map OMNEON permit 20
match ip address Omneon
set ip next-hop 192.168.4.1
route-map OMNIBUS-VLAN permit 30
match ip address EDIT_BAYS
set ip next-hop 192.168.4.1
route-map OMNIBUS-VLAN permit 40
match ip address ENPS
set ip next-hop 192.168.4.1
route-map ROSS-VLAN permit 70
match ip address ROSS-VLAN
set ip next-hop 192.168.4.1
route-map SEC-VLAN permit 30
match ip address SEC-VLAN
set ip next-hop 192.168.4.1
Here is how we tested the system and found the error. We cut the connection to 192.168.4.1 router, and when we try to ping a host on the 100 VLAN with the ip address of 192.168.24.101 from the MISC vlan with a ip address of 172.168.11.9 the ping just fails. When we enable the connection to the 192.168.4.1 router the pings go through again. What in my route-map is causing this, I thought I setup the deny rules pretty good?Hi Mike,
Between you and me, this is a lengthy config you have there.
Next don't forget that a route-map doesn't apply to traffic originated or destined to the self-device, unless you use ip local policy in which might work, but there I have seen some nasty bugs.
So if you can shorten your config to one example, then do the tests :
- sourced from device A (it can be the SVI of another switch)
- through your 6509
- destined to device B (it also can be the SVI of another switch, or even simpler some loopback inteface). -
ok my iphone 3g touch screen is not responding, i can recieve calls and it can charge and connect to itunes, but i cannot go any further than using the home button or the power button, it is only the slide feature and touch feature that has become non existent. Also, i have a f'ew cracks in my screen for a while now and it was running smoothly up until saturday when i sat on it applying large amounts of pressure to the phone screen. Is there a way i can fix this myself without having to recover my phone to factory settings or wasting 50 bucks to get it fixed??
Hi Dire Dawa,
If the screen on your iPhone isn't responding, you may find the following article helpful:
iOS: Not responding or does not turn on
http://support.apple.com/kb/ts3281
Regards,
- Brenden
Maybe you are looking for
-
I am having problems with safari. The screen is darkened and I can't use touch screen or tabe. But I can use the address bar and go to anouther website. Other then that I can see website but can't touch nothing, how do I fix
-
Link of production order to sales order
Hello, Would like to ask how could we check a production order confirmation and movements when we just have a sales order? and the problem is those sales order we have is arcieve already in 2006 and we assume the production order also was archieve al
-
BADI/User Exit for WBS element creation (CRM to R/3)
In CRM 4.0 once a Campaign or Trade Promotion is created, a WBS is also automatically in R/3 (tcode CJ20N) I have a requirement to fill out the 'user fields' at the WBS element level when the campaign/TPM status is set to Release. I also need to fill
-
New mail indicator won't go away
My mail icon continuously says I have 1 new mail even though I don't -- once I access my inbox it says I have no new messages, but the icon won't go away. Also, I have BCC turned off, but my gmail is still BCCing me all of my sent messages. How can I
-
Acrobat Pro 9 won't size PDFs correctly.
I upgraded to a Windows 7 computer and Acrobat 7.0 wouldn't work with it anymore, so I bought 9.0 pro. However, It absolutely will not change the page size and converts everything to 8.5 x 11 no matter how I change the settings. How can I correct thi