!!!Most Important: To DEBUG the Policy Map:
#debug ip policy
To match the SOURCE IP use the standard ACL:
(config)#access-list 2 permit host 100.1.1.1
To match the FLOW use the EXTENDED ACL:
(config)#ip access-list extended FLOW1
(config-ext-nacl)#permit ip host 1.1.1.1 host 2.2.2.2 <-TO MATCH THE FLOW
(config-ext-nacl)#permit tcp any any eq 23 <- TO MATCH THE PROTOCOL(PORT)
ROUTE-MAP can be applied GLOBALLY on a router, to change the Routing Table:
(config)#ip local policy route-map ROUTE_MAP
!!!This will not work for traffic transiting this router. For that you need to apply it on the interface
Most Popular Posts
-
Before we start, lets once again make sure we fully understand what Bridge Domain is. The bridge domain can be compared to a giant distribut... -
Ever since Cisco bought Insieme and created Cisco ACI, and VMware bought Nicira and created NSX, I've been intensively deep-diving and b...
-
[In collaboration with the guest blogger, Marc Espinosa ] Let's start with the messaging protocols, MQTT and CoAP, and consider which ... -
By know you should know the following facts about ACI: Cisco Nexus 9k Switches make the ACI Fabric, which is the Control and the Data pla... -
Get ready to have your mind blown. One of the easiest procedures I've encountered. You just need to follow these 3 steps, to migrate the...
-
The VM-Series firewall for VMware NSX is jointly developed by Palo Alto Networks and VMware. NetX APIs are used to integrate the Palo Alto N...
-
First time we “unpack” ACI, we will find a certain number of potential Spine and potential Leaf switches, and hopefully 3 (or 5) APIC Contro...
-
Google has made their Cloud Platform (GCP) so that you can host your application any way your business requires. When we talk about the ... -
Narbik Topology for web-iou Disclaimer: I DON’T OWN NOR HAVE AN ACCESS TO THE TOPOLOGY, INITIAL CONFIGS, IOU/IOL BINARIES OR ANY OTHER ... -
Before I get into the Python for NX-OS, let me explain a few concepts that I've seen Network Engineers have been struggling with. Dev...
To make correspondence with SOURCE IP and to contest the FLOW apply the EXTENDED ACL, this is useful
ReplyDelete