USG3000 policy-based routing leads to PC failed to acquire address automatically

Publication Date:  2012-12-12 Views:  284 Downloads:  0
Issue Description
USG3000 configured the DHCP function which is based on interface, PC can acquire address normally, but when the user added policy-based routing in interface, it couldn’t acquire the address, the policy-based routing is as follows:
acl number 3001
rule 0 deny ip destination 222.86.88.211 0
rule 1 deny ip destination 10.106.0.0 0.0.0.255
rule 2 deny ip destination 211.139.5.29 0
rule 3 deny ip destination 202.98.192.67 0
rule 4 deny ip destination 10.106.10.1 0
rule 5 deny ip source 10.106.10.0 0.0.0.255 destination 10.106.10.0 0.0.0.255
rule 10 permit ip
#
route-policy TO_yd permit node 2
if-match acl 3001
apply ip-address next-hop 10.2.144.1
Alarm Information
None.
Handling Process
1. Check the packet filtering and configuration, there is no problem.
2. Check the DHCP service of the user’s PC, no problem.
3. Modify the policy-based routing, add rule “rule 6 deny ip destination 255.255.255.255 0” in acl 3001, test again, PC can acquire the address.
Root Cause
1. Caused by packet-filtering and configurations.
2. PC’s own problem.
3. Policy-based routing caused.
Suggestions
The broadcast address of the policy-based routing in USG3000 also matches the policy-based routing, so we need to refuse the broadcast address.

END