Routing Concepts - Policy Based Routing Lab alternative (and more elegant?) solution


For your PBR LAB, you use a class-map and policy-map to identify telnet/ssh/http/https traffic then modify the dscp value (af11) on the interface for the route-map’s access-list to match against:

permit ip dscp af11

But for my solution, I simply identified the necessary protocols directly in the extended access-list, see below:

10 permit tcp eq telnet 22 www 443

Is my solution valid?


Hey Samirkhair,

This is just my opinion, so take it for the grain of salt it is worth. The goal of any lab is to complete it within the specified restrictions. When I took the lab, I did the same thing, using an access list. I did however rather like seeing the solution they provided, because on a CCIE test, I could easily see them putting in some weird restriction like not being able to specify a port in an access list, just to throw a wrench at you.

So, you accomplished the lab and followed all the requirements, therefore valid. I took their solution as a learning opportunity of a round about way I might not have thought of to get there.

Thanks for the feedback, I am only just beginning my studies so it is appreciated.

I have been paying attention to how to interpret questions, which can sometimes be ambiguous - not sure if that is intentional or not but the EIGRP Classic Metric Calculation lab was another (which I have also posted a question about). Mentions Host 9 and Host 10 being able to communicate. However, my solution affects other hosts and INEs solution didn’t seem to work at all for me.

Thanks again.

Hey Samirkhair,

I know how you feel, I’m about half way through the IPv6 section now and I’ve encountered several where the wording can be difficult to interpret, I do believe it’s intentional as it’s a similar style to their old CCIE practice lab workbooks, which I always heard were some of the best study material for the CCIE Lab. I posted a question on here back in November but never got a response, one of the tasks for MPLS has a task that cannot be completed with the provided restrictions, and even their solution violates the stated requirements. So, it’s not perfect, but I’m still not certain if that was intentional.