Downloads |
 Feedback
|
Table Of Contents
Information About VRF-Autoclassify
Feature Design of VRF-Autoclassify
How to Configure VRF-Autoclassify
Configuring Secondary Addresses for Different VRFs
Verifying VRF-Autoclassify Configuration
Configuration Examples for VRF-Autoclassify
VRF-Autoclassify Basic Connectivity Configuration: Example
Multiple VRFs on the Same Interface Configuration: Example
VRF-Autoclassify
The Virtual Routing and Forwarding (VRF)-Autoclassify feature enables certain types of Policy Based Routing (PBR) to be created dynamically without configuring all the related route maps and access lists. The feature facilitates the mapping of packets to VRFs other than the one assigned to the ingress interface.
History for the VRF-Autoclassify Feature
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•
Information About VRF-Autoclassify
•
•
Information About VRF-Autoclassify
To configure the VRF-Autoclassify feature, you should understand the following concepts:
•
Feature Design of VRF-Autoclassify
When a router receives a packet, the packet is mapped to a global table by default. When the ip vrf forwarding command is used to assign a specific VRF on the ingress interface, the packet is mapped to that VRF. The packet is forwarded based on the routes in the VRF.
The VRF-Autoclassify feature enables the capability to map packets from connected hosts to VRFs that are different from the VRF defined on the ingress interface. This feature also enables the configuration of policies that are required for the mapping of packets to the VRFs depending on whether the source address of the packet belongs to those connected routes.
For example, in Figure 1 Fast Ethernet interface 0/0 is configured with two secondary addresses, 1.1.1.1/24 and 2.1.1.1/24. The first address, 1.1.1.1/24, is assigned to VRF red, while the other, 2.1.1.1/24, is assigned to VRF green. So in the VRF red table, a connected route 1.1.1.0/24 is installed, while in VRF green, 2.1.1.0/24 is installed. The routing information can be learned dynamically or statically defined.
There is a default route in VRF red that directs all traffic to Fast Ethernet interface 1/0, while in VRF green, another default route directs all traffic to Fast Ethernet interface 1/1. When packets arrive at Fast Ethernet interface 0/0, they are mapped to either VRF red or VRF green based on their source address. If the source address is 1.1.1.2, connected route 1.1.1.0/24 is used, and the packet is mapped to VRF red. Following the default route, it is forwarded out of Fast Ethernet interface 1/0.
Figure 1 Routing and Mapping of Packets with VRF-Autoclassify Enabled
For the return traffic, packets are mapped to the VRF configured on the downstream interface. For example, when a packet is received by a Fast Ethernet interface, destined for host 1.1.1.2, it is marked VRF red automatically based on the VRF configured on the downstream interface using the ip vrf forwarding red command. A lookup in VRF red would return a connected route for 1.1.1.0/24 out of Fast Ethernet interface 0/0 or return a 1.1.1.2/32 that is a directly connected neighbor. When the connected route 1.1.1.0/24 is installed in vrf red while pointing out of an interface that is native to the global table or some other table, the table is tracked. See Figure 2.
Figure 2 Return-Packet Mapping
on the Downstream Interface
This feature is targeted for directly connected hosts on broadcast media such as an Ethernet interface. In networks in which VRF autoclassify is enabled, the IP addresses of the connected hosts can be assigned by using DHCP.
How to Configure VRF-Autoclassify
This section contains the following tasks:
•
•
•
•
Enabling VRF-Autoclassify
Perform this task to enable VRF autoclassify. When a upstream interface is configured, ARP is required to apply a policy on the ARP packets received and map them to different VRFs based on the source addresses of the packets. ARP is also required to insert new entries into its table with the VRF identification for the VRF-Autoclassify feature. When the ARP lookup is performed as a packet is switched out of the upstream interface in the process switching path, the packet with the VRF table identification should be used, instead of the VRF configured on the upstream interface.
Restrictions
Any directly connected hosts must not run routing protocols and the router that is enabled with the VRF-Autoclassify feature must not run routing protocols.
If the ip policy route-map command and the ip vrf select source command are specified on an interface, the interface will reject the ip vrf auto source command. VRF-Autoclassify is blocked because PBR is set with VRF/VRF select.
Overlapped subnets are are not allowed in the same VRF on a broadcast media interface if it is already defined on another interface.
This feature is applicable only to unicast packets. Multicast packets, including control packets (for example, PIM protocol packets) are not affected by this feature.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
DETAILED STEPS
Configuring Secondary Addresses for Different VRFs
Perform this task to enable the secondary addresses for different VRFs. When the VRF tables are removed globally, the secondary addresses and the policies are removed also.
When a VRF secondary address is defined on an interface, and the connected route is installed in the routing table and CEF table of that VRF, the broadcast entries and the interface address entry (corresponding receive entries) for that VRF secondary address should also be installed in the CEF table of that VRF, rather than the VRF defined for the interface.
If a packet is mapped by VRF autoclassify to a VRF different from that configured on the ingress interface, unicast RPF filters the packet based on the routes in the routing table of the VRF of the packet, rather than the VRF of the interface.
Note
Restrictions
Overlapped subnets are not allowed in the same VRF on a broadcast media interface if it is already defined on another interface.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Configuring VRF Forwarding
Perform this task to configure VRF forwarding on an interface. This configuration task is optional unless a different default VRF table is required other than the global table.
Prerequisites
Because the connected routes are added only to the specified VRF, packets destined for hosts on those subnets need to be mapped to that VRF in order to be forwarded properly.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Verifying VRF-Autoclassify Configuration
To verify the VRF-Autoclassify configuration, perform the following steps.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
DETAILED STEPS
Step 1
Use this command to verify that the secondary interface is configured for a secondary IP address and VRF, for example:
Router# show ip interface secondary ethernet3/1IP Address/Mask VRF1.1.1.1/24 redStep 2
Use this command to verify that the interface is enabled with VRF-Autoclassify, for example:
Router# show ip interface autoclassify ethernet3/1IP Address/Mask VRF1.1.1.0/24 redStep 3
Use this command to verify the route map, for example:
Router# show route-map dynamicroute-map None-06/01/04-21:14:21.407-1-IP VRF, permit, sequence 0, identifier 1675771000Match clauses:Set clauses:vrf redPolicy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1Step 4
Use this command to verify the route-map policy configuration, for example:
Router# show ip policyInterface Route mapEarly Policy:Interface Route mapEthernet3/1 None-06/01/04-21:14:21.407-1-IP VRF (Dynamic)Step 5
Use this command to verify that there is a secondary IP address configured and that VRF-Autoclassify is enabled, for example:
Router# show ip interface ethernet3/1Ethernet3/1 is up, line protocol is upInternet address is 20.1.1.1/24Broadcast address is 255.255.255.255Address determined by setup commandMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledSecondary address 1.1.1.1/24Outgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP Flow switching is disabledIP CEF switching is enabledIP CEF switching turbo vectorIP CEF turbo switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, CEFRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledProbe proxy name replies are disabledPolicy routing is disabledNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledInput features: IP VRF AutoclassifyStep 6
Use this command to verify that Cisco Express Forwarding (CEF) and VRF-Autoclassify is enabled, for example:
Router# show cef interface ethernet3/1 internalEthernet3/1 is up (f-number 6)Corresponding hwidb fast_if_number 6Corresponding hwidb firstsw->if_number 6Internet address is 20.1.1.1/24Secondary address 1.1.1.1/24ICMP redirects are always sentPer packet load-sharing is disabledIP unicast RPF check is disabledInput features: IP VRF AutoclassifyInbound access list is not setOutbound access list is not setIP policy routing is disabledBGP based policy accounting on input is disabledBGP based policy accounting on output is disabledHardware dab is Ethernet3/1Fast switching type 1, interface type 64IP CEF switching enabledIP CEF switching turbo vectorIP CEF turbo switching turbo vectorIP prefix lookup IPv4 mitre 8-8-8-8 optimizedInput fast flags 0x0, Output fast flags 0x0ifindex 4(4)Slot 3 Slot unit 1 VC -1Transmit limit accumulator 0x0 (0x0)IP MTU 1500Subblocks:Early Policy: IP early policy route map is None-06/01/04-21:14:21.407-1-IP VRFAttached prefix export tracking subblocktracking 1 table hosting exported attached prefixesvrf: "red"IPv4: Internet address is 20.1.1.1/24Secondary address 1.1.1.1/24Broadcast address 255.255.255.255Per packet load-sharing is disabledIP MTU 1500Step 7
Use this command to verify that ARP is enabled, for example:
Router# show ip arpProtocol Address Age (min) Hardware Addr Type InterfaceInternet 20.1.1.1 - 0050.a2de.7055 ARPA Ethernet3/1Internet 10.0.18.171 - 0050.a2de.7054 ARPA Ethernet3/0Step 8
Use this command to verify that the VRF named "red" is assigned to the correct IP address and interfaces, for example:
Router# show ip arp vrf redProtocol Address Age (min) Hardware Addr Type InterfaceInternet 1.1.1.1 - 0050.a2de.7055 ARPA Ethernet3/1Internet 2.1.1.1 - 0050.a2de.7056 ARPA Ethernet3/2Use the ping command from IP address 1.1.1.2 to IP address 1.1.1.1 and then the show ip arp vrf red command to verify the ARP entry of 1.1.1.2 in VRF red, for example:
Router# show ip arp vrf redProtocol Address Age (min) Hardware Addr Type InterfaceInternet 1.1.1.1 - 0050.a2de.7055 ARPA Ethernet3/1Internet 1.1.1.2 19 000a.f4b1.2b82 ARPA Ethernet3/1Internet 2.1.1.1 - 0050.a2de.7056 ARPA Ethernet3/2A ping from IP address 2.1.1.1 and IP address 2.1.1.2 are also good. This creates an ARP entry of 2.1.1.2 in VRF red as shown below using the show ip arp vrf red command.
Router# show ip arp vrf redProtocol Address Age (min) Hardware Addr Type InterfaceInternet 2.1.1.2 8 0050.50c1.f011 ARPA Ethernet3/2Internet 1.1.1.1 - 0050.a2de.7055 ARPA Ethernet3/1Internet 1.1.1.2 19 000a.f4b1.2b82 ARPA Ethernet3/1Internet 2.1.1.1 - 0050.a2de.7056 ARPA Ethernet3/2Configuration Examples for VRF-Autoclassify
The section provides the following configuration examples:
•
•
VRF-Autoclassify Basic Connectivity Configuration: Example
The following example shows how to configure basic connectivity that uses the VRF-Autoclassify feature.
interface Ethernet0/1ip address 1.1.1.2 255.255.255.0interface Ethernet3/1ip address 1.1.1.1 255.255.255.0 secondary vrf redip address 20.1.1.1 255.255.255.0ip vrf autoclassify sourceinterface Ethernet3/2ip vrf forwarding redip address 2.1.1.1 255.255.255.0ip directed-broadcastThe following example shows how to configure Fast Ethernet interface 0/0 for VRF red, and Fast Ethernet interface 0/1 for VRF green.
interface fastethernet0/0ip address 1.1.1.1 255.255.255.0 secondary vrf redinterface fastethernet0/1ip address 1.1.1.1 255.255.255.0 secondary vrf greenThe following example shows a configuration of Fast Ethernet interface 0/0 that will not perform, because the interface is configured for VRF red and green.
interface Fast-Ethernet0/0ip address 1.1.1.1 255.255.255.0 secondary vrf redip address 1.1.1.2 255.255.255.0 secondary vrf greenThe following example is another example of a configuration that will not perform, because both interfaces have IP addresses assigned to VRF red:
interface Fast-Ethernet0/0ip address 1.1.1.1 255.255.255.0 secondary vrf redinterface Fast-Ethernet0/1ip address 1.1.1.2 255.255.255.0 secondary vrf redMultiple VRFs on the Same Interface Configuration: Example
The following example shows how to configure three IP addresses (1.1.1.1/24, 1.1.2.1/24, and 1.1.1.3/16) for Ethernet interface 3/1 in VRF red in one subnet, 1.1.0.0/16.
interface Ethernet3/1ip address 1.1.1.1 255.255.255.0 secondary vrf redip address 1.1.2.1 255.255.255.0 secondary vrf redip address 1.1.1.3 255.255.0.0 secondary vrf redip address 1.1.0.0 255.255.0.0ip vrf autoclassify sourceduplex halfAdditional References
The following sections provide references related to VRF-Autoclassify.
Related Documents
ISA and VRF configuration tasks
"Configuring ISA VRF Transfer" chapter of the Cisco IOS ISA Configuration Guide, Cisco IOS Release 12.3
DHCP configuration tasks
"Configuring DHCP" chapter of the Cisco IOS IP Configuration Guide, Release 12.3
IP addressing and services configuration tasks
Cisco IOS IP Configuration Guide, Release 12.3
IP addressing and services commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples
Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3T
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
RFCs
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
—
Technical Assistance
Command Reference
This section documents new and modified commands only.
New Commands
Modified Commands
ip address
To set a primary or secondary IP address for an interface, use the ip address command in interface configuration mode. To remove an IP address or disable IP processing, use the no form of this command.
ip address ip-address mask [secondary [vrf vrf-name]]
no ip address ip-address mask [secondary [vrf vrf-name]]
Syntax Description
Defaults
No IP address is defined for the interface.
Command Modes
Interface configuration
Command History
10.0
This command was introduced.
12.2(27)SBA
The vrf keyword and vrf-name argument were introduced.
Usage Guidelines
An interface can have one primary IP address and multiple secondary IP addresses. Packets generated by the Cisco IOS software always use the primary IP address. Therefore, all routers and access servers on a segment should share the same primary network number.
Hosts can determine subnet masks using the Internet Control Message Protocol (ICMP) mask request message. Routers respond to this request with an ICMP mask reply message.
You can disable IP processing on a particular interface by removing its IP address with the no ip address command. If the software detects another host using one of its IP addresses, it will print an error message on the console.
The optional secondary keyword allows you to specify an unlimited number of secondary addresses. Secondary addresses are treated like primary addresses, except the system never generates datagrams other than routing updates with secondary source addresses. IP broadcasts and Address Resolution Protocol (ARP) requests are handled properly, as are interface routes in the IP routing table.
Secondary IP addresses can be used in a variety of situations. The following are the most common applications:
•
•
•
Note
Note
To transparently bridge IP on an interface, you must perform the following two tasks:
•
•
To concurrently route and transparently bridge IP on an interface, see the bridge crb command.
Examples
In the following example, 131.108.1.27 is the primary address and 192.31.7.17 and 192.31.8.17 are secondary addresses for Ethernet interface 0:
interface ethernet 0ip address 131.108.1.27 255.255.255.0ip address 192.31.7.17 255.255.255.0 secondaryip address 192.31.8.17 255.255.255.0 secondaryIn the following example, Ethernet interface 0/1 is configured to automatically classify the source IP address in the VRF table red:
interface ethernet 0/1ip address 10.108.1.27 255.255.255.0ip address 11.31.7.17 255.255.255.0 secondary vrf redip vrf autoclassify sourceRelated Commands
ip vrf autoclassify
To enable Virtual Routing and Forwarding (VRF) autoclassify on a source interface, use the ip vrf autoclassify command in interface configuration mode. To remove VRF autoclassify, use the no form of this command.
ip vrf autoclassify source
no ip vrf autoclassify source
Syntax Description
Defaults
The VFR autoclassify functionality is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
The ip vrf autoclassify command enables the capability to map packets from connected hosts to VRFs that are different from the VRF defined on the ingress interface. It also enables the configuration of policies that are required for the mapping of packets to the VRFs depending on whether the source address of the packet belong to those connected routes.
The routing information can be learned dynamically or statically defined.
Examples
In the following example, the Fast Ethernet interface 0/0 is configured with two secondary addresses, 1.1.1.1/24 and 2.1.1.1/24. The first address, 1.1.1.1/24, is assigned to VRF red, while the other, 2.1.1.1/24, is assigned to VRF green. So in the VRF red table, a connected route 1.1.1.0/24 is installed, while in VRF green, 2.1.1.0/24 is installed:
interface fast ethernet0/0ip address 1.1.1.1 255.255.255.0 secondary vrf redip address 2.1.1.1 255.255.255.0 secondary vrf greenip vrf autoclassify sourceThere is a default route in VRF red that directs all traffic to Fast Ethernet interface 1/0, while in VRF green, another default route directs all traffic to Fast Ethernet interface 1/1. When packets arrive at Fast Ethernet interface 0/0, they are mapped to either VRF red or VRF green based on their source address. If the source address is 1.1.1.2, connected route 1.1.1.0/24 is used, and the packet is mapped to VRF red. Following the default route, it is forwarded out of Fast Ethernet interface 1/0.
The return packets are mapped to the VRF configured on the downstream interface. Refer to the ip vrf forwarding command for more information in the Cisco IOS Switching Services Command Reference, Release 12.3T.
Related Commands
match ip source
To specify a source IP address to match to required route maps that have been set up based on VRF connected routes for Policy Based Routing (PBR), use the match ip source command in route-map configuration mode. To remove the source IP address, use the no form of this command.
match ip source ip-address mask
no match ip source ip-address mask
Syntax Description
ip-address
Source IP address. The source address must match the VRF address of the ingress interface.
mask
Source subnet mask.
Defaults
No source IP addresses are matched.
Command Modes
Route-map configuration
Command History
Examples
In the following example, the source IP addresses are matched to the IP addresses configured for VRF table red and green:
route-map new-dynamic-route-map permit 10match ip source 10.1.10 255.255.255.0set vrf redroute-map another-dynamic-route-map permit 20match ip source 10.1.1.0 255.255.255.0set vrf greenRelated Commands
show ip arp
To display the Address Resolution Protocol (ARP) cache, where Serial Line Internet Protocol (SLIP) addresses appear as permanent ARP table entries, use the show ip arp command in user EXEC or privileged EXEC mode.
show ip arp [ip-address] [host-name] [mac-address] [interface type number] vrf vrf-name
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
9.0
This command was introduced.
12.2(27)SBA
The vrf keyword and vrf-name argument were added.
Usage Guidelines
ARP establishes correspondences between network addresses (an IP address, for example) and LAN hardware addresses (Ethernet addresses). A record of each correspondence is kept in a cache for a predetermined amount of time and then discarded.
Examples
The following is sample output from the show ip arp command:
Router# show ip arpProtocol Address Age(min) Hardware Addr Type InterfaceInternet 171.69.233.22 9 0000.0c59.f892 ARPA Ethernet0/0Internet 171.69.233.21 8 0000.0c07.ac00 ARPA Ethernet0/0Internet 171.69.233.19 - 0000.0c63.1300 ARPA Ethernet0/0Internet 171.69.233.30 9 0000.0c36.6965 ARPA Ethernet0/0Internet 172.19.168.11 - 0000.0c63.1300 ARPA Ethernet0/0Internet 172.19.168.25 49 0000.0c36.6965 ARPA Ethernet0/0Table 1 describes the significant fields shown in the display.
The following is sample output from the show ip arp vrf command with the table name red specified:
Router# show ip arp vrf redProtocol Address Age (min) Hardware Addr Type InterfaceInternet 1.1.1.1 - 0050.a2de.7055 ARPA Ethernet3/1Internet 1.1.1.2 19 000a.f4b1.2b82 ARPA Ethernet3/1Internet 2.1.1.1 - 0050.a2de.7056 ARPA Ethernet3/2Related Commands
show ip interface
To display the usability status of interfaces configured for IP, use the show ip interface command in privileged EXEC mode.
show ip interface [type number] [brief] secondary
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The Cisco IOS software automatically enters a directly connected route in the routing table if the interface is usable. A usable interface can send and receive packets. If an interface is not usable, the directly connected routing entry is removed from the routing table. Removing the entry allows the software to use dynamic routing protocols to determine backup routes to the network, if any.
If the interface can provide two-way communication, the line protocol is marked "up." If the interface hardware is usable, the interface is marked "up."
If you specify an optional interface type, you see information for that specific interface.
If you specify no optional arguments, you see information on all the interfaces.
When an asynchronous interface is encapsulated with PPP or Serial Line Internet Protocol (SLIP), IP fast switching is enabled. A show ip interface command on an asynchronous interface encapsulated with PPP or SLIP displays a message indicating that IP fast switching is enabled.
Examples
The following example identifies a downstream VRF. The highlighted line (for documentation purposes only) identifies the downstream VRF.
Router# show ip interface vi 3Virtual-Access3 is up, line protocol is upInterface is unnumbered. Using address of Loopback2 (2.0.0.8)Broadcast address is 255.255.255.255Peer address is 2.8.1.1MTU is 1492 bytesHelper address is not setDirected broadcast forwarding is disabledOutgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is enabledIP Feature Fast switching turbo vectorIP VPN CEF switching turbo vectorVPN Routing/Forwarding "U"Downstream VPN Routing/Forwarding "D"IP multicast fast switching is disabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, CEFRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is disabledNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledTable 2 describes the significant fields shown in the display.
The following is sample output from the show ip interface brief command:
Router# show ip interface briefInterface IP-Address OK? Method Status ProtocolEthernet0 151.108.0.5 YES NVRAM up upEthernet1 unassigned YES unset administratively down downLoopback0 152.108.20.5 YES NVRAM up upSerial0 162.108.10.5 YES NVRAM up upSerial1 162.108.4.5 YES NVRAM up upSerial2 152.108.10.5 YES manual up upSerial3 unassigned YES unset administratively down downThe method field has the following possible values:
•
•
•
•
•
•
•
•
•
•
The following is sample output from the show ip interface secondary command for Ethernet interface 3/1:
Router# show ip interface secondary ethernet3/1IP address/Mask VRF1.1.1.1/24 redRelated Commands
show route-map
To display static and dynamic route maps, use the show route-map command in privileged EXEC mode.
show route-map [map-name | dynamic [dynamic-map-name | application [application-name]] | all] [detailed]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
For Cisco IO Releases 12.3(14)T and later releases, you can display the ACL-specific information that pertains to the route map in the same display without having to execute a show route-map command to display each ACL that is associated with the route map.
Examples
show route-map Command with No Keywords Specified Example
The following is sample output from the show route-map command:
Router# show route-maproute-map sid, permit, sequence 10Match clauses:tag 1 2Set clauses:metric 5route-map sid, permit, sequence 20Match clauses:tag 3 4Set clauses:metric 6Policy routing matches: 0 packets; 0 bytesThe following example shows Multiprotocol Label Switching (MPLS)-related route map information:
Router# show route-maproute-map OUT, permit, sequence 10Match clauses:ip address (access-lists): 1Set clauses:mpls labelPolicy routing matches: 0 packets, 0 bytesroute-map IN, permit, sequence 10Match clauses:ip address (access-lists): 2mpls labelSet clauses:Policy routing matches: 0 packets, 0 bytesTable 3 describes the significant fields shown in the display.
show route-map Command with Dynamic Route Map Specified Example
The following is sample output from the show route-map command when entered with the dynamic keyword:
Router# show route-map dynamicroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 0, identifier 1137954548Match clauses:ip address (access-lists): PBR#1 PBR#2Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 1, identifier 1137956424Match clauses:ip address (access-lists): PBR#3 PBR#4Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:01:26.619-1-AppSpec, permit, sequence 2, identifier 1124436704Match clauses:ip address (access-lists): PBR#5 PBR#6length 10 100Set clauses:ip next-hop 172.16.1.1ip gateway 172.16.1.1Policy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1The following is sample output from the show route-map command when entered with the dynamic and application keywords:
Router# show route-map dynamic applicationApplication - AAANumber of active routemaps = 1When you specify an application name, only dynamic routes for that application are shown. The following is sample output from the show route-map command when entered with the dynamic and application keywords and the AAA application name:
Router# show route-map dynamic application AAAAAANumber of active rmaps = 2AAA-02/06/04-14:01:26.619-1-AppSpecAAA-02/06/04-14:34:09.735-2-AppSpecRouter# show route-map dynamic AAA-02/06/04-14:34:09.735-2-AppSpecroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 0, identifier 1128046100Match clauses:ip address (access-lists): PBR#7 PBR#8Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 1, identifier 1141277624Match clauses:ip address (access-lists): PBR#9 PBR#10Set clauses:Policy routing matches: 0 packets, 0 bytesroute-map AAA-02/06/04-14:34:09.735-2-AppSpec, permit, sequence 2, identifier 1141279420Match clauses:ip address (access-lists): PBR#11 PBR#12length 10 100Set clauses:ip next-hop 172.16.1.12ip gateway 172.16.1.12Policy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 2show route-map Command with Detailed ACL Information for Route Maps Specified Example
The following is sample output from the show route-map command with the dynamic and detailed keywords entered:
Router# show route-map dynamic detailedroute-map AAA-01/20/04-22:03:10.799-1-AppSpec, permit, sequence 1, identifier 29675368Match clauses:ip address (access-lists):Extended IP access list PBR#31 permit icmp 0.0.16.12 1.204.167.240 8.1.1.0 0.0.0.255 syn dscp af12 log-input fragmentsExtended IP access list PBR#41 permit icmp 0.0.16.12 1.204.167.240 8.1.1.0 0.0.0.255 syn dscp af12 log-input fragmentsSet clauses:ip next-hop 172.16.1.14ip gateway 172.16.1.14Policy routing matches: 0 packets, 0 bytesshow route-map Command with VRF Autoclassification Example
The following is sampe output from the show route-map command when a specified VRF is configured for VRF autoclassification:
Router# show route-map dynamicroute-map None-06/01/04-21:14:21.407-1-IP VRF, permit, sequence 0identifier 1675771000Match clauses:Set clauses: vrf redPolicy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1Related Commands
Copyright © 2005 Cisco Systems, Inc. All rights reserved.
