Posted on July 22, 2020 7:51 pm
 |  Asked by Alberto Sanchez
 |  155 views
Tags:
RESOLVED
0
0
Print Friendly, PDF & Email

Hi everyone,

I would like to know what to happen when I put two IP address as next hop in a PBR, for example:

policy-map type pbr PBR_CGNAT

   1 class 119

      set nexthop 100.64.48.166 100.65.48.169

What IP address take for do the redirection? The first? The second? There are some order or priority for choose one IP address?

Thank you for your response.

Regards.

  

0
Posted by Aniket Bhowmick
Answered on July 23, 2020 8:37 am

Hi Alberto,

Can you share what model of Arista switch is it ? send us the output of  "show version"

As of now, we don't program the next hops based on Priority- such that if one next hop fails, the other would take over, but it is something that can be implemented (need to check with Engineering team about it)

As of now, if both the next hops are valid/reachable, due to ECMP hash traffic can choose either of the next hops. So different flows may choose different next hops (out of the two) based on the ECMP hash value. However, you need to ensure that both the next hops are in the same VRF. If VRF is not specified, then the vrf belonging to the incoming interface will be used.

Let us know if you would like to have some priority based selection of the next hops and we can file a RFE for it.

Regards,

Aniket

0
Posted by Alberto Sanchez
Answered on July 24, 2020 6:11 am

Hi Aniket,

The model of Arista is Arista DCS-7280SR-48C6-M-F.

Now I'm using the recursive parameter because in my example and if I use this parameter, I get that the Arista choose only the first IP (100.64.48.166) for redirect paquets, and so, when this IP fall down, the second IP (100.65.48.169) will be chosen for redirect the paquets.

 

policy-map type pbr PBR_CGNAT

   1 class 119

      set nexthop recursive 100.64.48.166 100.65.48.169

 

This is true, right?

Thank you for your help.

Regards.

0
Posted by AKSHAYA S
Answered on July 30, 2020 4:38 am

Hello Alberto ,

Thanks for your reply . We understand that you are looking to implement primary and backup path for PBR policy , however Arista is yet to support this configuration . That said , we support configurations where two or more next hops in the same VRF can be attached to a PBR policy to achieve redundancy .
The nexthops attached to PBR can be either directly connected or recursively resolved .We are yet to support primary/backup path for both recursive/directly connected next hops .
set nexthop recursive 100.64.48.166 100.65.48.169 -> can be used when the nexthop can be recursively resolved and is not directly connected .We can observe that configured action and active routing action would show configured nexthops and their recursively resolved destinations through which PBR traffic would egress

arista(config)#show policy-map type pbr PBR_CGNAT
Service policy PBR_CGNAT
Configured on: Ethernet1
Applied on: Ethernet1
10: Class-map: 119 (match-any)
Match: 10 IP Access List acl1
10 permit ip any 10.0.0.0/24

Configured actions: set nexthop recursive 100.64.48.166 100.65.48.169
Active routing action:
VRF default
Route to nexthop 2.0.0.2 3.0.0.2 default

arista(config)#show ip route 100.64.48.166
S 100.64.48.166/32 [1/0] via 2.0.0.2, Ethernet2
arista(config)#show ip route 100.65.48.169
S 100.65.48.169/32 [1/0] via 3.0.0.2, Ethernet3

In our example for any traffic matching class 119 , the PBR policy can redirect to either 100.64.48.166 or 100.65.48.169. Depending on the packet field values , they can be hashed any one of the next hops if both are reachable.

Let us know if this helps,

Thanks,

Akshaya

0
Posted by Alberto Sanchez
Answered on August 6, 2020 4:57 am

Thank you Akshaya.

Regards.

Post your Answer

You must be logged in to post an answer.