Example of Policy Routing configuration based on message address

Last Update:2017-02-27 Source: Internet

Author: User

Tags port number

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

"Experimental Topology"

The switch used in this paper is H3C Simulator, the download address is as follows: Http://forum.h3c.com/forum.php? mod=viewthread&tid=109740&highlight=h3c%e6%a8%a1%e6% 8b%9f%e5%99%a8 Interested friends can download on the forum

"Networking Requirements"

The ordinary message forwarding is based on the message of the destination address query forwarding to achieve. Policy Routing supports the flexibility to specify routes based on information such as ACL packet filtering, address length, and so on. The ACL packet filtering can classify messages according to the source IP, destination IP, protocol, port number, priority, TOS, time period, VPN and so on, and then control the message forwarding out according to different routes. This experiment is difficult to control the next jump of the message through the source IP.

Policy Routing classification

Interface Policy Routing

Interface Policy Routing only works on forwarded messages, and does not work on locally generated messages (such as local ping messages). Local Policy Routing only works on locally generated messages and does not work on forwarded messages.

Interface Policy Routing is configured under Interface view.

Local Policy Routing

The policy routing of locally generated messages is configured in the System view.

Note: Multicast Policy Routing only supports messages forwarded, and does not route messages generated by routers.

There are two segments on the R5 100.100.100.100,200.200.200.200, replaced by Loop0 and LOOP1, R4 to 10.1.1.1 in the R1 by default when the next hop there are two, but in order to demonstrate the use of PBR, Now according to the different source address to give different next jump.

"Configuration Information"

R1:

ACL number 2000

Rule 0 Permit Source 100.100.100.100 0

ACL number 2001

Rule 0 Permit Source 200.200.200.200 0

Interface serial0/6/0

Link-protocol PPP

IP address 192.168.12.1 255.255.255.0

Interface SERIAL0/6/1

Link-protocol PPP

IP address 192.168.13.1 255.255.255.0

Interface SERIAL0/6/2

Link-protocol PPP

Interface SERIAL0/6/3

Link-protocol PPP

IP address 172.16.15.1 255.255.255.0

IP Policy-based-route 123

OSPF 1

Default-route-advertise always

Area 0.0.0.0

Network 192.168.12.0 0.0.0.255

Network 192.168.13.0 0.0.0.255

Network 172.16.15.0 0.0.0.255

Policy-based-route 123 Permit Node 10

If-match ACL 2000

Apply Ip-address next-hop 192.168.12.2

Policy-based-route 123 Permit Node 20

If-match ACL 2001

Apply Ip-address next-hop 192.168.13.2

IP route-static 100.100.100.100 255.255.255.255 172.16.15.2

IP route-static 200.200.200.200 255.255.255.255 172.16.15.2

R2:

Interface serial0/6/0

Link-protocol PPP

IP address 192.168.12.2 255.255.255.0

Interface SERIAL0/6/1

Link-protocol PPP

IP address 192.168.24.1 255.255.255.0

OSPF 1

Area 0.0.0.0

Network 192.168.24.0 0.0.0.255

Network 192.168.12.0 0.0.0.255

R3:

Interface serial0/6/0

Link-protocol PPP

IP address 192.168.34.1 255.255.255.0

Interface SERIAL0/6/1

Link-protocol PPP

IP address 192.168.13.2 255.255.255.0

OSPF 1

Area 0.0.0.0

Network 192.168.13.0 0.0.0.255

Network 192.168.34.0 0.0.0.255

R4:

Interface serial0/6/0

Link-protocol PPP

IP address 192.168.34.2 255.255.255.0

Interface SERIAL0/6/1

Link-protocol PPP

IP address 192.168.24.2 255.255.255.0

Interface NULL0

Interface LoopBack0

IP address 10.1.1.1 255.255.255.255

OSPF 1

Area 0.0.0.0

Network 192.168.24.0 0.0.0.255

Network 192.168.34.0 0.0.0.255

Network 10.1.1.1 0.0.0.0

R5:

Interface SERIAL0/6/3

Link-protocol PPP

IP address 172.16.15.2 255.255.255.0

Interface NULL0

Interface LoopBack0

IP address 100.100.100.100 255.255.255.255

Interface LoopBack1

IP address 200.200.200.200 255.255.255.255

IP route-static 0.0.0.0 0.0.0.0 172.16.15.1

Authentication

As follows, go to 10.1.1.1 there are two next jump, the routing table shows 192.168.12.2 is the default next hop, now use PBR to intervene the next jump point

[R1]dis IP ro

Routing Tables:public

More Wonderful content: http://www.bianceng.cnhttp://www.bianceng.cn/Network/lyjs/

Destinations:16 routes:17

Destination/mask Proto Pre cost Nexthop Interface

10.1.1.1/32 OSPF 3124 192.168.12.2 s0/6/0

OSPF 3124 192.168.13.2 S0/6/1

1, first in the R1 to open the debugging switch

<r1>t D

% current terminal debugging are on

<r1>t m

% current terminal monitor are on

<r1>deb

<r1>debugging IP P

<r1>debugging IP Packet

<r1>debugging IP Policy-based-route

2, with R5 with the source address ping

<r5>ping-a 100.100.100.100 10.1.1.1

PING 10.1.1.1:56 Data bytes, press Ctrl_c to break

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More