No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

S7700 and S9700 V200R011C10

This document describes IP Unicast Routing configurations supported by the switch, including the principle and configuration procedures of IP Routing Overview, Static Route, RIP, RIPng, OSPF, OSPFv3, IS-IS(IPv4), IS-IS(IPv6), BGP, Routing Policy ,and PBR, and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring PBR Based on IP Addresses

Example for Configuring PBR Based on IP Addresses

Networking Requirements

In Figure 12-1, the Switch on the aggregation layer is a Layer 3 forwarding device, and an LSW on the access layer serves as the user gateway. There is a reachable route between the Switch and LSW. The Switch is connected to two core routers through two links: high-speed link with the gateway 10.1.20.1/24 and low-speed link with the gateway 10.1.30.1/24.

The enterprise requires that the Switch forward packets from 192.168.100.0/24 and 192.168.101.0/24 to the core layer through the high-speed link and low-speed link, respectively.

Figure 12-1  Networking diagram for configuring PBR

Configuration Roadmap

Implement PBR based on redirection to provide differentiated services. The configuration roadmap is as follows:
  1. Create VLANs and configure interfaces to implement interconnection between the company and external network.
  2. Configure ACL rules to match packets with source IP addresses 192.168.100.0/24 and 192.168.101.0/24.
  3. Configure traffic classifiers to match ACL rules so that the switch can differentiate packets.
  4. Configure traffic behaviors to redirect the packets matching different rules to 10.1.20.1/24 or 10.1.30.1/24.
  5. Configure traffic policies in which traffic classifiers and traffic behaviors are bound and apply the traffic policies to the inbound direction of GE2/0/1 to implement PBR.

Procedure

  1. Create VLANs and configure interfaces.

    # Create VLANs 100 and 200 on the Switch.

    <HUAWEI> system-view
    [HUAWEI] sysname Switch
    [Switch] vlan batch 100 200

    Configure GE1/0/1, GE1/0/2, and GE2/0/1 on the Switch as trunk interfaces, and add them to VLANs 100 and 200.

    [Switch] interface gigabitethernet 1/0/1
    [Switch-GigabitEthernet1/0/1] port link-type trunk
    [Switch-GigabitEthernet1/0/1] port trunk allow-pass vlan 100 200
    [Switch-GigabitEthernet1/0/1] quit
    [Switch] interface gigabitethernet 1/0/2
    [Switch-GigabitEthernet1/0/2] port link-type trunk
    [Switch-GigabitEthernet1/0/2] port trunk allow-pass vlan 100 200
    [Switch-GigabitEthernet1/0/2] quit
    [Switch] interface gigabitethernet 2/0/1
    [Switch-GigabitEthernet2/0/1] port link-type trunk
    [Switch-GigabitEthernet2/0/1] port trunk allow-pass vlan 100 200
    [Switch-GigabitEthernet2/0/1] quit

    # Create VLANIF 100 and VLANIF 200, and configure IP addresses for them.

    [Switch] interface vlanif 100
    [Switch-Vlanif100] ip address 10.1.20.2 24
    [Switch-Vlanif100] quit
    [Switch] interface vlanif 200
    [Switch-Vlanif200] ip address 10.1.30.2 24
    [Switch-Vlanif200] quit

  2. Configure ACL rules.

    # On the Switch, create advanced ACLs 3001 and 3002 that respectively allow packets with source IP addresses 192.168.100.0/24 and 192.168.101.0/24 to pass through.

    [Switch] acl 3001
    [Switch-acl-adv-3001] rule permit ip source 192.168.100.0 0.0.0.255
    [Switch-acl-adv-3001] quit
    [Switch] acl 3002
    [Switch-acl-adv-3002] rule permit ip source 192.168.101.0 0.0.0.255
    [Switch-acl-adv-3002] quit

  3. Configure traffic classifiers.

    # On the Switch, create traffic classifiers c1 and c2. Bind c1 to ACL 3001 and c2 to ACL 3002.

    [Switch] traffic classifier c1 operator or
    [Switch-classifier-c1] if-match acl 3001
    [Switch-classifier-c1] quit
    [Switch] traffic classifier c2 operator or
    [Switch-classifier-c2] if-match acl 3002
    [Switch-classifier-c2] quit

  4. Configure traffic behaviors.

    # On the Switch, create traffic behaviors b1 and b2, which redirect traffic to 10.1.20.1/24 and 10.1.30.1/24, respectively.

    [Switch] traffic behavior b1
    [Switch-behavior-b1] redirect ip-nexthop 10.1.20.1
    [Switch-behavior-b1] quit
    [Switch] traffic behavior b2
    [Switch-behavior-b2] redirect ip-nexthop 10.1.30.1
    [Switch-behavior-b2] quit

  5. Configure traffic policies and apply them to the interfaces.

    # On the Switch, create traffic policy p1 and bind the traffic classifiers to traffic behaviors in the traffic policy.

    [Switch] traffic policy p1
    [Switch-trafficpolicy-p1] classifier c1 behavior b1
    [Switch-trafficpolicy-p1] classifier c2 behavior b2
    [Switch-trafficpolicy-p1] quit

    # Apply p1 to the inbound direction of GE2/0/1.

    [Switch] interface gigabitethernet 2/0/1
    [Switch-GigabitEthernet2/0/1] traffic-policy p1 inbound
    [Switch-GigabitEthernet2/0/1] return

  6. Verify the configuration.

    # Check the ACL configurations.

    <Switch> display acl 3001
    Advanced ACL 3001, 1 rule
    Acl's step is 5
     rule 5 permit ip source 192.168.100.0 0.0.0.255
    <Switch> display acl 3002
    Advanced ACL 3002, 1 rule
    Acl's step is 5
     rule 5 permit ip source 192.168.101.0 0.0.0.255

    # Check the traffic classifier configurations.

    <Switch> display traffic classifier user-defined
      User Defined Classifier Information:
        Classifier: c2
         Precedence: 10
         Operator: OR
         Rule(s) :if-match acl 3002
            
        Classifier: c1
          Precedence: 5
          Operator: OR
          Rule(s) : if-match acl 3001
    
    Total classifier number is 2   
    

    # Check the traffic policy configurations.

    <Switch> display traffic policy user-defined p1
      User Defined Traffic Policy Information:
      Policy: p1
       Classifier: c1
        Operator: OR
         Behavior: b1
          Redirect: no forced
            Redirect ip-nexthop
            10.1.20.1
       Classifier: c2
        Operator: OR
         Behavior: b2
          Redirect: no forced
            Redirect ip-nexthop
            10.1.30.1

Configuration Files

  • Switch configuration file

    #
    sysname Switch
    #
    vlan batch 100 200 
    #
    acl number 3001
     rule 5 permit ip source 192.168.100.0 0.0.0.255
    acl number 3002
     rule 5 permit ip source 192.168.101.0 0.0.0.255
    #
    traffic classifier c1 operator or precedence 5
     if-match acl 3001
    traffic classifier c2 operator or precedence 10
     if-match acl 3002
    #
    traffic behavior b1
     permit
     redirect ip-nexthop 10.1.20.1
    traffic behavior b2
     permit
     redirect ip-nexthop 10.1.30.1
    #
    traffic policy p1 match-order config
     classifier c1 behavior b1
     classifier c2 behavior b2
    #
    interface Vlanif100
     ip address 10.1.20.2 255.255.255.0
    #
    interface Vlanif200
     ip address 10.1.30.2 255.255.255.0
    #
    interface GigabitEthernet1/0/1
     port link-type trunk
     port trunk allow-pass vlan 100 200
    #
    interface GigabitEthernet1/0/2
     port link-type trunk
     port trunk allow-pass vlan 100 200
    #
    interface GigabitEthernet2/0/1
     port link-type trunk
     port trunk allow-pass vlan 100 200
     traffic-policy p1 inbound
    #
    return
    
Translation
Download
Updated: 2019-04-01

Document ID: EDOC1000178324

Views: 223411

Downloads: 194

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next