Cisco MQC and/or HQF match order top down

Match on destination MAC after permitting BGP to receive the routes from BGP neighbor

108.bgp
(IMAGE from Hacking Cisco blog)

R4#sh run class-map
!
class-map match-all BGP_CM
match protocol bgp
class-map match-all R2_MAC_CM
match destination-address mac C201.1AA8.0000
class-map match-all R1_MAC_CM
match destination-address mac C200.1AA8.0000
!
end

R4#sh run policy-map
!
policy-map MAC_PM
class BGP_CM
class R1_MAC_CM
drop
class R2_MAC_CM
police cir 8000
conform-action transmit
!
end

R4#sh policy-map interface
FastEthernet0/0

Service-policy output: MAC_PM

Class-map: BGP_CM (match-all)
47 packets, 3771 bytes
5 minute offered rate 0 bps
Match: protocol bgp

Class-map: R1_MAC_CM (match-all)
5 packets, 590 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: destination-address mac C200.1AA8.0000
drop

Class-map: R2_MAC_CM (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: destination-address mac C201.1AA8.0000
police:
cir 8000 bps, bc 1500 bytes
conformed 0 packets, 0 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
conformed 0 bps, exceed 0 bps

Class-map: class-default (match-any)
50 packets, 5044 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any

R4#sh ip bgp summ
BGP router identifier 172.16.144.4, local AS number 40
BGP table version is 29, main routing table version 29
20 network entries using 2400 bytes of memory
27 path entries using 1404 bytes of memory
9/5 BGP path/bestpath attribute entries using 1116 bytes of memory
6 BGP AS-PATH entries using 144 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 3 (at peak 3) using 96 bytes of memory
BGP using 5160 total bytes of memory
BGP activity 85/65 prefixes, 112/85 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.14.1 4 10 1261 1251 29 0 0 00:06:20 6
10.1.24.2 4 20 1261 1249 29 0 0 00:06:20 7
R4#sh ip route 10.1.14.1
Routing entry for 10.1.14.0/24
Known via “connected”, distance 0, metric 0 (connected, via interface)
Redistributing via bgp 40
Advertised by bgp 40
Routing Descriptor Blocks:
* directly connected, via FastEthernet0/0.14
Route metric is 0, traffic share count is 1

R4#sh ip route 172.16.101.1
Routing entry for 172.16.101.0/24
Known via “bgp 40”, distance 20, metric 0
Tag 10, type external
Last update from 10.1.14.1 00:05:30 ago
Routing Descriptor Blocks:
* 10.1.14.1, from 10.1.14.1, 00:05:30 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 10

R4#ping 10.1.14.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.14.1, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
R4#ping 172.16.101.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.101.1, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s