With PBR, it is routed from the loopback interface to the egress interface hence acl with process the traffic.
But, if you ping sourced from loopback, it still considered as router self generated traffic With regards Kings On Sun, Jun 24, 2012 at 1:02 PM, waleed ' <[email protected]> wrote: > why to use PBR , there is no difference if I sourced my traffic from > loopback : > > > R1-------R2 > > > > R1: f0/0 10.0.0.1 lo0 1.1.1.1 > R2: f0/0 10.0.0.2 lo0 2.2.2.2 > > > and there is outbound access-list on R2: f0/0 and if I use access-list > 120 deny ip any any as outbound on R2 f0/0 , I can ping from the R2 to R1 > using lo0 as source . so can you please clarify the work of PBR here ? > > regards > > ------------------------------ > Date: Sun, 24 Jun 2012 12:57:45 +0530 > Subject: Re: [OSL | CCIE_Security] outbound ACL > From: [email protected] > To: [email protected] > CC: [email protected] > > > Use local PBR and a loopback intf should do the trick. > > With regards > Kings > > On Sun, Jun 24, 2012 at 12:41 PM, waleed ' <[email protected]> wrote: > > is there way to make interface outbound access-list affect router > traffic ? > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
