Configuring Local Policy-Based Routing

This chapter describes how to configure local policy-based routing (PBR) on the Cisco NX-OS device.
• Finding Feature Information, on page 1
• Information About Local Policy-Based Routing, on page 1
• Prerequisites for Local Policy-Based Routing, on page 2
• Guidelines and Limitations, on page 3
• Default Settings for Local Policy-Based Routing, on page 3
• Configuring Local Policy-Based Routing, on page 3
• Verifying the Local Policy-Based Routing Configuration, on page 6
• Configuration Example for Local Policy-Based Routing, on page 6
• Feature History for Local Policy-Based Routing, on page 6

Finding Feature Information

Your software release might not support all the features documented in this module. For the latest caveats
and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the release notes
for your software release. To find information about the features documented in this module, and to see a list
of the releases in which each feature is supported, see the "New and Changed Information"chapter or the
Feature History table in this chapter.

Information About Local Policy-Based Routing

Local policy-based routing allows you to configure a defined policy for IPv6 traffic flows, lessening reliance
on routes derived from routing protocols. All packets received on an interface with local policy-based routing
are configured in route maps. The route maps dictate the policy, determining where to forward packets.
Route maps are composed of match and set statements that you can mark as permit or deny. You can interpret
the statements as follows:
• If the packets match any route map statements, all the set statements are applied. One of these actions
involves choosing the next hop.
• If a statement is marked as deny, the packets that meet the match criteria are sent back through the normal
forwarding channels and destination-based routing is performed.

Configuring Local Policy-Based Routing

1
 Configuring Local Policy-Based Routing
Route Maps

If the statement is marked as permit and the packets do not match any route-map statements, the packets are
sent back through the normal forwarding channels and destination-based routing is performed.

Route Maps
You can use route maps for route redistribution or policy-based routing. Route map entries consist of a list
of match and set criteria. The match criteria specify match conditions for incoming routes or packets, and the
set criteria specify the action taken if the match criteria are met.
You can configure multiple entries in the same route map. These entries contain the same route map name
and are differentiated by a sequence number.
You create a route map with one or more route map entries arranged by the sequence number under a unique
route map name. The route map entry has the following parameters:
• Sequence number
• Permission—permit or deny
• Match criteria
• Set changes

By default, a route map processes routes or IP packets in a linear fashion, that is, starting from the lowest
sequence number. You can configure the route map to process in a different order using the continue statement,
which allows you to determine which route map entry to process next.

Match Criteria
You can use a variety of criteria to match a route or IP packet in a route map. When Cisco NX-OS processes
a route or packet through a route map, it compares the route or packet to each of the match statements
configured. If the route or packet matches the configured criteria, Cisco NX-OS processes it based on the
permit or deny configuration for that match entry in the route map and any set criteria configured.
The match categories and parameters are as follows:
• IP access lists—(For policy-based routing only). Match based on source or destination IP address, protocol,
or QoS parameters.

Set Changes
Once a route or packet matches an entry in a route map, the route or packet can be changed based on one or
more configured set statements.
The set changes are as follows:
• Policy-based routing only—Change the interface or the default next-hop address.

Prerequisites for Local Policy-Based Routing

Local policy-based routing has the following prerequisites:

Configuring Local Policy-Based Routing

2
 Configuring Local Policy-Based Routing
Guidelines and Limitations

• Install the correct license.

• You must enable local policy-based routing (see the “Enabling the Policy-Based Routing Feature”
section).
• Assign an IP address on the interface and bring the interface up before you apply a route map on the
interface for policy-based routing.
• If you configure VDCs, install the appropriate license and enter the desired VDC (see the Cisco Nexus
7000 Series NX-OS Virtual Device Context Configuration Guide for configuration information and the
Cisco NX-OS Licensing Guide for licensing information).

Guidelines and Limitations

Local policy-based routing has the following configuration guidelines and limitations:
• A local policy-based routing route map can have only one match or set statement per route-map statement.
• A match command cannot refer to more than one ACL in a route map used for local policy-based routing.
• An ACL used in a local policy-based routing route map cannot include a deny statement.
• The same route map can be shared among different interfaces for local policy-based routing as long as
the interfaces belong to the same virtual routing and forwarding (VRF) instance.
• Setting a tunnel interface or an IP address via a tunnel interface as a next hop in a local policy-based
routing policy is not supported.

Default Settings for Local Policy-Based Routing

Table 1: Default Local Policy-based Routing Setting

Parameter Default

Local policy-based routing Disabled

Configuring Local Policy-Based Routing

Configuring Route Maps
You can use route maps for route redistribution or route filtering. Route maps can contain multiple match
criteria and multiple set criteria.

SUMMARY STEPS
1. switch# configure terminal
2. switch(config)# route-map map-name [permit | deny] [seq]

Configuring Local Policy-Based Routing

3
 Configuring Local Policy-Based Routing

3. (Optional) switch(config-route-map)# continue seq

4. (Optional) switch(config-route-map)#exit
5. (Optional) switch(config)# copy running-config startup-config

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# route-map map-name [permit | deny] Creates a route map or enters route-map configuration mode
[seq] for an existing route map. Use seq to order the entries in a
route map.

Step 3 (Optional) switch(config-route-map)# continue seq Determines what sequence statement to process next in the
route map. Used only for filtering and redistribution.

Step 4 (Optional) switch(config-route-map)#exit Exits route-map configuration mode.

Step 5 (Optional) switch(config)# copy running-config Saves this configuration change.

startup-config

You can configure the following optional match parameters for route maps in route-map configuration mode:

SUMMARY STEPS
1. switch(config-route-map)# match ipv6 address ip access list number

DETAILED STEPS

Command or Action Purpose

Step 1 switch(config-route-map)# match ipv6 address ip access Matches against one or more IP access lists.
list number

You can configure the following optional set precedence parameter for route maps in route-map configuration
mode:

SUMMARY STEPS
1. [no] set precedence {number | name}

DETAILED STEPS

Command or Action Purpose

Step 1 [no] set precedence {number | name} Sets the IPv6 precedence for policy-based routing. The
options are as follows:
• 0—routine
• 1—priority
• 2—immediate

Configuring Local Policy-Based Routing

4
 Configuring Local Policy-Based Routing
Enabling the Policy-Based Routing Feature

Command or Action Purpose

• 3—flash
• 4—flash-override
• 5—critical
• 6—internet
• 7—network

Use the no form of this command to disable the feature.

Enabling the Policy-Based Routing Feature

You must enable the policy-based routing feature before you can configure a route policy.

Before you begin

Ensure that you are in the correct VDC (or use the switchto vdc command).

SUMMARY STEPS
1. switch# configure terminal
2. switch(config)# [no] feature pbr
3. (Optional) switch(config)# show feature
4. (Optional) switch(config)# copy running-config startup-config

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# [no] feature pbr Enables the policy-based routing feature.
Use the no form of this command to disable the feature.

Step 3 (Optional) switch(config)# show feature Displays enabled and disabled features.

Step 4 (Optional) switch(config)# copy running-config Saves this configuration change.

startup-config

Configuring a Local Route Policy

You use route maps in local policy-based routing to assign routing policies.

SUMMARY STEPS
1. switch# configure terminal
2. switch(config)# feature pbr
3. switch(config)# [no] ipv6 local policy route-map map-name

Configuring Local Policy-Based Routing

5
 Configuring Local Policy-Based Routing
Verifying the Local Policy-Based Routing Configuration

4. (Optional) switch(config)# show ipv6 local policy

5. (Optional) switch(config)# copy running-config startup-config

DETAILED STEPS

Command or Action Purpose

Step 1 switch# configure terminal Enters configuration mode.

Step 2 switch(config)# feature pbr Enables the policy-based routing feature.

Step 3 switch(config)# [no] ipv6 local policy route-map Assigns a route map for local policy-based routing to the
map-name interface.
Use the no form of this command to disable the feature.

Step 4 (Optional) switch(config)# show ipv6 local policy Displays information about the policy.

Step 5 (Optional) switch(config)# copy running-config Saves this configuration change.

startup-config

Verifying the Local Policy-Based Routing Configuration

To display the local policy-based routing configuration, perform the following task:

Command Purpose

show ipv6 local policy Displays information about the local IPv6 policy.

show route-map name Displays information about a route map.

For detailed information about the fields in the output from these commands, see the Cisco Nexus 7000 Series
NX-OS Quality of Service Command Reference.

Configuration Example for Local Policy-Based Routing

This example shows how to configure a simple local route policy on an interface:

feature pbr
route-map Testmap, permit, sequence 10
ip address 10
ip next-hop
ip precedence: internet

Feature History for Local Policy-Based Routing

The table below summarizes the new and changed features for this document and shows the releases in which
each feature is supported. Your software release might not support all the features in this document. For the

Configuring Local Policy-Based Routing

6
Configuring Local Policy-Based Routing
Feature History for Local Policy-Based Routing

latest caveats and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the
release notes for your software release.

Table 2: Feature History for Local Policy-Based Routing

Feature Name Release Feature Information

Local Policy-Based Routing 6.2(2) This feature was introduced.

Configuring Local Policy-Based Routing

7
 Configuring Local Policy-Based Routing
Feature History for Local Policy-Based Routing

Configuring Local Policy-Based Routing

8