Forum Discussion

Nimbostratus

Jun 29, 2011

Wildcard forwarding for direct node traffic with PBR

Hi All, Apologies if this question has been asked before; I've waded my way through a lot of forum posts but haven't seen the problem I'm facing - feel free to prove otherwise. I a...

config

design

The_Bhattman

Nimbostratus

Jun 30, 2011

Hi Ltp,

Cisco did some changes with pBR within Nexus vs the IOS. Especially when ACL's do not allow DENY statements when using it under pBR.

Try the following as a test.

ip access-list TEST_deny

10 permit tcp 10.4.0.0/16 10.2.0.0/16

ip access-list TEST_allow

10 permit tcp 10.4.0.0/16 eq www any

route-map TEST deny 10

match ip address TEST_Deny

route-map TEST permit 20

match ip address TEST_alllow

set ip next-hop 10.4.0.10

I hope this helps

Bhattman

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Wildcard forwarding for direct node traffic with PBR

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Exchange cert upgrade on F%

Recommended Study Guide, Books or Labs for F5 ASM/AWAF Module

email alert when service restarts

Unable to download files greater than 4GB. Running version 15.1.5.1

F5 Distributed Cloud Services Simulator Connect

Related Content

How to Forward traffic via F5

SSH forward proxy

SMTP Traffic Forward to M365 on Port 587

iRule to Forward Traffic Based on URL Name

Forward traffic based on TCP Port - LTM Policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS