No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

S7700 and S9700 V200R013C00

This document describes the configurations of IP Unicast Routing, including IP Routing, Static Route, RIP, RIPng, OSPF, OSPFv3, IPv4 IS-IS, IPv6 IS-IS, BGP, Routing Policy, IP Routing Table Management, and PBR.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring PBR

Configuring PBR

Context

After a redirection action is configured, a switch redirects packets matching traffic classification rules to a specified next-hop address.

A traffic policy containing the redirection action can be used globally, on an interface, or in a VLAN in the inbound direction.

Pre-configuration Tasks

Before configuring PBR, complete the following tasks:
  • Configure IP addresses for interfaces and configure routing protocols to ensure connectivity.

  • Configure an ACL to classify traffic.

Procedure

  1. Configure a traffic classifier.

    For details about configuring a traffic classifier, see Configuring a Traffic Classifier in "MQC Configuration" in the S7700 and S9700 V200R013C00 Configuration Guide - QoS.

  2. Configure a traffic behavior.

    1. Run traffic behavior behavior-name

      A traffic behavior is created and the traffic behavior view is displayed; alternatively, the view of an existing traffic behavior is displayed.

    2. Run the following commands as required.

      • Run redirect [ vpn-instance vpn-instance-name ] ip-nexthop { ip-address [ track-nqa admin-name test-name ] } &<1-4> [ forced | low-precedence ] *

        The switch is configured to redirect packets matching traffic classification rules to the specified next-hop IP address.

        A maximum of four next-hop IP addresses can be configured in a traffic behavior. If multiple next-hop IP addresses are configured, the switch determines the active and standby links according to the sequence in which next-hop IP addresses were configured. The next-hop IP address that was configured first has the highest priority and the link for this next hop is used as the active link. Links for other next hops are used as standby links. If the active link goes Down, the link for the next hop with the highest priority functions as the new active link to transmit traffic. If the previous active link recovers from the fault, traffic is switched back to this previous active link.

        NOTE:

        Configuring redirection can implement PBR.

        If the low-precedence parameter is specified, the priority of redirection-based PBR is lowered below that of statically configured routes or routes generated by dynamic routing protocols (rather than being higher by default).

      • Run redirect [ vpn-instance vpn-instance-name ] ipv6-nexthop { ipv6-address | link-local link-local-address interface interface-type interface-number } &<1-4> [ forced ]

        The switch is configured to redirect IPv6 packets matching traffic classification rules to the configured next-hop address.

      • Run redirect [ vpn-instance vpn-instance-name ] ip-multihop { nexthop ip-address } &<2-4>

        Or run redirect [ vpn-instance vpn-instance-name ] ip-multihop acl-ip-pool-name

        The switch is configured to redirect packets matching traffic classification rules to one of the configured next hops.

        If multiple next hops are specified, the switch redirects packets through equal-cost routes for load balancing.

        If the outbound interface corresponding to a next-hop IP address goes Down or a route changes, the switch transmits traffic to the outbound interface corresponding to an available next hop.

        If the switch has no ARP entry matching the specified next-hop IP address, the redirect ip-multihop command can be used but redirection does not take effect (the switch continues to forward packets to the original destination) until the switch obtains the corresponding ARP entry.

        NOTE:
        In a traffic behavior, the remark destination-mac command cannot be used with the following commands simultaneously:
        • redirect ip-nexthop
        • redirect ip-multihop
      • Run redirect [ vpn-instance vpn-instance-name ] ipv6-multihop { ipv6-address | link-local link-local-address interface interface-type interface-number } &<2-4>

        Or run redirect [ vpn-instance vpn-instance-name ] ipv6-multihop acl6-ip-pool-name

        The switch is configured to redirect IPv6 packets matching traffic classification rules to one of the configured next hops.

        If multiple next hops are specified, the switch redirects packets through equal-cost routes for load balancing.

    3. (Optional) Run statistic enable

      The traffic statistics collection function is enabled.

    4. Run quit

      Exit from the traffic behavior view.

    5. Run quit

      Exit from the system view.

  3. Configure a traffic policy.

    For details about configuring a traffic policy, see Configuring a Traffic Policy in "MQC Configuration" in the S7700 and S9700 V200R013C00 Configuration Guide - QoS.

  4. Apply the traffic policy.

    • Apply a traffic policy to an interface.
      1. Run system-view

        The system view is displayed.

      2. Run interface interface-type interface-number

        The interface view is displayed.

      3. Run traffic-policy policy-name inbound

        A traffic policy is applied to the inbound direction of the interface.

    • Apply a traffic policy to a VLAN.
      1. Run system-view

        The system view is displayed.

      2. Run vlan vlan-id

        The VLAN view is displayed.

      3. Run traffic-policy policy-name inbound

        A traffic policy is applied to the VLAN.

        The system then applies the policy to the incoming packets that are sent from the VLAN and match traffic classification rules.

    • Apply a traffic policy globally or to a board.
      1. Run system-view

        The system view is displayed.

      2. Run traffic-policy policy-name global inbound [ slot slot-id ]

        A traffic policy is applied globally or to a specified board.

Verifying the Configuration

  • Run the display traffic classifier user-defined [ classifier-name ] command to check the traffic classifier configuration.
  • Run the display traffic behavior user-defined [ behavior-name ] command to check the traffic behavior configuration.
  • Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the configuration of a specified user-defined traffic policy.

  • Run the display traffic-applied [ interface [ interface-type interface-number ] | vlan [ vlan-id ] ] { inbound | outbound } [ verbose ] command to check information about ACL-based simplified and MQC-based traffic policies applied to the system, a VLAN, or an interface.

    NOTE:

    The display traffic-applied command cannot be used to check information about ACL-based simplified and MQC-based traffic policies applied to a sub-interface. However, traffic policies can be applied to a sub-interface.

  • Run the display traffic policy { interface [ interface-type interface-number [.subinterface-number ] ] | vlan [ vlan-id ] | ssid-profile [ ssid-profile-name ] | global } [ inbound | outbound ] command to check the traffic policy configuration.

  • Run the display traffic-policy applied-record [ policy-name ] command to check the application records of a specified traffic policy.

Translation
Download
Updated: 2019-04-08

Document ID: EDOC1100065744

Views: 65290

Downloads: 50

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next