Previous section   Next section

Recipe 5.8 Examining Policy-Based Routing

5.8.1 Problem

You want to see information about how policy-based routing has been applied on a router.

5.8.2 Solution

The show ip policy command shows what routing policies have been applied on a router. Here is the output for a router that has all three of the policies from Recipe 5.7:

Router>show ip policy
Interface      Route map
local          dlswtraffic
Ethernet0      Websurfers
Serial0        High-priority

You can see more detail on what each of these policies does by looking at the route maps:

Router>show route-map
route-map High-priority, permit, sequence 10
  Match clauses:
    ip address (access-lists): 101
  Set clauses:
    ip next-hop 10.15.27.1
  Policy routing matches: 0 packets, 0 bytes
route-map Websurfers, permit, sequence 10
  Match clauses:
    ip address (access-lists): 102
  Set clauses:
    ip next-hop 10.15.27.1
  Policy routing matches: 0 packets, 0 bytes
route-map Websurfers, permit, sequence 20
  Match clauses:
  Set clauses:
    ip default next-hop 10.15.26.1
  Policy routing matches: 4 packets, 531 bytes
route-map dlswtraffic, permit, sequence 10
  Match clauses:
    ip address (access-lists): 103
  Set clauses:
    ip next-hop 10.15.27.3
  Policy routing matches: 5 packets, 500 bytes

5.8.3 Discussion

The first command, show ip policy, tells you about all of the routing policies that have been applied on the router. The second command, show route-map, shows all of the route maps. It is important to note that the first command shows only the routing policies that have actually been applied on the router, whether for local traffic or packets coming from an interface. It also shows all applied routing policies, whether the interfaces involved are active or not. The second command shows all configured route maps, whether they had been applied to anything or not.

The show route-map command also gives useful information about how the route maps are being used. Notice that the second clause of the Websurfers route map has matched 4 packets for a total of 531 bytes since it was applied, and the dlswtraffic route map has similarly matched 5 packets for a total of 500 bytes. You can dig a little further by looking at the access lists that these route maps use to match packets:

router>show access-list 103
Extended IP access list 103
    permit tcp any any eq 2065 (3 matches)
    permit tcp any eq 2065 any (2 matches)

This shows not only the details of how the access list used in the route map works, but it also precisely tells which lines are being used.

5.8.4 See Also

Recipe 5.7


  Previous section   Next section
Top