Creates a route map entry and enters the route map configuration mode. In PBR, route maps control the flow of traffic within the network. They override route tables and direct traffic along a specific path.

Route-maps contain a set of filters that select traffic (match clauses) and associated actions (mark clauses) for routing. Every route-map entry has a precedence value. Lower the precedence, higher is the route-map‘s priority. All incoming packets are matched against these route-maps entries. The route-map entry with highest precedence (lowest numerical value) is applied first. In case of a match, action is taken based on the mark clause specified in the route-map. In case of no match, the route-map entry with the next highest precedence is applied. If the incoming packet does not match any of the route-map entries, it is subjected to typical destination-based routing. Each route-map entry can optionally enable/disable logging.

The following criteria can optionally be used as traffic selection segregation criteria:
  • IP Access List - A typical IP ACL can be used for routing traffic. The mark and log actions in ACL rules however are neglected. Route-map entries have separate logging. Only one ACL can be configured per route map entry.

    ACL rules configured under route map entries merge to create a single ACL. Route map precedence values determine the prioritization of the rules in this merged ACL. An IP DSCP value is also added to the ACL rules.

    • IP DSCP - Packet filtering can be performed by traffic class, as determined from the IP DSCP (Differentiated Services Code Point) field. One DSCP value can be configured per route map entry. If IP ACLs on a WLAN, ports or SVI mark packets, the new/marked DSCP value is used for matching.
  • Incoming WLAN - Packets can be filtered on the basis of the incoming WLAN. Depending on whether the receiving device has an onboard radio or not, the following two scenarios are possible:
    • Device with an onboard radio: If a device having an onboard radio and capable of PBR receives a packet on a local WLAN, this WLAN is used for selection.
    • Device without an onboard radio: If a device, without an onboard radio, capable of PBR receives a packet from an extended VLAN, it passes the WLAN information in the MiNT packet to the PBR router. The PBR router uses this information as match criteria.
  • Client role - The client role can be used as match criteria, similar to a WLAN. Each device has to agree on a unique identifier for role definition and pass the same MINT tunneled packets.
  • Incoming SVI - A source IP address qualifier in an ACL typically satisfies filter requirements. But if the source host (where the packet originates) is multiple hops away, the incoming SVI can be used as match criteria. In this context the SVI refers to the device interface performing PBR, and not to the source device.

Mark (or action) clauses determine the routing function when a packet satisfies match criteria. If no mark clauses are defined, the default is to fallback to destination-based routing for packets satisfying the match criteria. If no mark clause is configured and fallback to destination-based routing is disabled, then the packet is dropped. The mark clause defines one of following actions:

  • Next hop - The IP address of the next hop or the outgoing interface through which the packet should be routed. Up to two next hops can be specified. The outgoing interface should be a PPP, a tunnel interface or a SVI which has DHCP client configured. The first reachable hop should be used. But if all next hops are unreachable, typical destination-based route lookup is performed.
  • Default next hop - If a packet subjected to PBR does not have an explicit route to the destination, the configured default next hop is used. This can be either the IP address of the next hop or the outgoing interface. Only one default next hop can be defined. The difference between the next hop and the default next-hop is: in case of the former, PBR occurs first, then destination-based routing. In case of the latter, the order is reversed. In both cases:
    1. If a defined next hop is reachable, it is used. If fallback is configured refer to (b).
    2. Perform normal destination-based route lookup. If a next hop is found, it is used, if not refer to (c).
    3. If default next hop is configured and reachable, it is used, if not, packet is dropped.
  • Fallback - Enables fallback to destination-based routing if none of the configured next hops are reachable (or not configured). This is enabled by default.
  • Mark IP DSCP - Configures IP DSCP bits for QoS using an ACL. The mark action of the route maps takes precedence over the mark action of an ACL.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


route-map <1-100>


route-map <1-100>
route-map <1-100> Creates a route map entry, sets a precedence value for the route map, and enters the route map configuration mode
  • <1-100> – Specify a precedence value from 1 - 100.
Note: Lower the sequence number, higher is the precedence.


<DEVICE>(config-routing-policy-testpolicy)#route-map 1
nx9500-6C8809(config-routing-policy-testpolicy)#show context
routing-policy testpolicy
 route-map 1
nx9500-6C8809(config-routing-policy-testpolicy)#route-map 1
Route Map Mode commands:
  default-next-hop  Default next-hop configuration (aka
  fallback          Fallback to destination based routing if no next-hop is
                    configured or all are unreachable
  mark              Mark action for route map
  match             Match clause configuration for Route Map
  next-hop          Next-hop configuration
  no                Negate a command or set its defaults

  clrscr            Clears the display screen
  commit            Commit all changes made in this session
  do                Run commands from Exec mode
  end               End current mode and change to EXEC mode
  exit              End current mode and down to previous mode
  help              Description of the interactive help system
  revert            Revert changes
  service           Service Commands
  show              Show running system information
  write             Write running configuration to memory or terminal


Related Commands

The following table summarizes route-map configuration mode commands:
Click to expand in new window

Route-Map-Config Commands

Command Description
default-next-hop Sets the default next hop for packets satisfying match criteria
fallback Configures a fallback to the next destination
mark Marks action clause for packets satisfying match criteria
match Sets match clauses for the route map
next-hop Sets the next hop for packets satisfying match criteria
no (route-map-config-mode-command) Removes the route-map settings or reverts them to default values
no (routing-policy-config-mode-command) Removes a route map from the routing policy