With PBR you only need the traffic you want to match for policy based routing. If it's not matched it is ignored by PBR and routed normally.
What I would do is debug the policy-routing and see what it looks like when you add the extra permit (catch-all) vs. not having it. With the extra permit you may cause an unnecessarily noisy debug output. It may not be of concern to you though but it's something to check out. Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com Platinum Solutions Group (PSG) provides high-end consulting services with a primary emphasis on Cisco's Data Center Solutions, Service Provider Solutions, Unified Communications and Security-enabled infrastructures. Be sure to visit www.platinumsolutionsgroup.com. On May 9, 2010, at 12:42 PM, Tolulope Ogunsina wrote: > Hi Kings, > I totally agree with you. Its better to err on the side of caution :-) > > On 5/9/10, Kingsley Charles <[email protected]> wrote: >> Hi Tolulope >> >> On the safer side, I think it's better to always have it, right? It's of no >> harm. >> >> With regards >> Kings >> >> On Sun, May 9, 2010 at 2:57 PM, Tolulope Ogunsina >> <[email protected]>wrote: >> >>> Hi, >>> The answer is it depends. >>> if you are using route-maps for stuff like redistribution then YES you >>> do. Because unmatched traffic would be dropped. >>> But for something like Policy Routing, unmatched traffic isnt dropped >>> but it just fails over to the the regular routing table. >>> >>> HTH, >>> >>> On 5/9/10, Sumit Mahla <[email protected]> wrote: >>>> >>>> Hello Kings, >>>> >>>> >>>> >>>> >>>> >>>> Even i think that we do not need a dummy for route map... but yusuf has >>> used >>>> it in his labs... >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Date: Sun, 9 May 2010 10:20:24 +0530 >>>> From: [email protected] >>>> To: [email protected] >>>> Subject: [OSL | CCIE_Security] route-maps and vlan maps >>>> >>>> >>>> Hi all >>>> >>>> route-maps and vlan access-maps nearly are of same architecture. >>>> >>>> At the end of vlan- access map, we need a dummy vlan access-map with >>> action >>>> forward that ensures the un-matched traffic are not blocked >>>> >>>> Switch(config)#vlan access-map block_arp 10 Switch >>>> (config-access-map)#action drop >>>> Switch (config-access-map)#match mac address ARP_Packet >>>> Switch(config)#vlan access-map block_arp 20 >>>> Switch (config-access-map)#action forward >>>> >>>> >>>> Do we need dummy route-map entry to ensure that the unmatched are not >>>> dropped as following: >>>> >>>> But, I check in my router and it seems we don't need to that dummy >>>> entry. >>>> >>>> route-map test permit 10 >>>> match ip address 1 >>>> match route-type internal >>>> set interface Serial0 >>>> >>>> route-map test permit 20 >>>> >>>> >>>> >>>> >>>> With regards >>>> Kings >>>> >>>> >>>> >>>> With regards >>>> Kings >>>> _________________________________________________________________ >>>> Bollywood This Decade >>>> http://entertainment.in.msn.com/bollywoodthisdecade/ >>> >>> >>> -- >>> Best Regards, >>> >>> Tolulope. >>> >> > > > -- > Best Regards, > > Tolulope. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
