No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudEngine 12800 and 12800E V200R005C10 Configuration Guide - IP Unicast Routing

This document describes the configurations of IP Unicast Routing, including IP Routing, Static Route, RIP, RIPng, OSPF, OSPFv3, IPv4 IS-IS, IPv6 IS-IS, BGP, Routing Policy, and PBR.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring ACL6-based Simplified PBR

Configuring ACL6-based Simplified PBR

Pre-configuration Tasks

Before configuring ACL6-based simplified PBR, complete the following tasks:

  • Configure link layer attributes of interfaces to ensure proper operation of interfaces.

  • Configure ACL6 rules.

Context

To control traffic that enters a network, configure an ACL6 rule to match packets based on packet information including the source IP address, fragment flag, destination IP address, source port number, and source MAC address, and then configure an ACL6-based simplified traffic policy to filter the packets that match the ACL6 rule. Compared with PBR, ACL6-based simplified PBR does not require a traffic classifier, traffic behavior, or traffic policy, resulting in easy configuration. However, ACL6-based simplified PBR matches packets only based on ACL6 rules, so it does not support so many types of matching rules as a traffic policy.

If ACL6-based simplified traffic policies are configured in the system view, VLAN view, and interface view, the precedence of these policies is: interface view > VLAN view > system view.

Procedure

  • Configure redirection globally.
    1. Run system-view

      The system view is displayed.

    2. Run traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } [ vpn-instance vpn-instance-name ] nexthop ipv6-address [ track nqa admin-name test-name [ reaction probe-failtimes fail-times ] ] [ fail-action discard ] global [ slot slot-id ] inbound

      Packets are redirected to a specified next-hop IP address.

      This action takes effect only in Layer 3 forwarding. By default, if the configured next hop is unreachable, packets are forwarded based on their destination address. If the fail-action discard parameter is configured, packets are discarded if the configured next hop is unreachable.

    3. Run commit

      The configuration is committed.

  • Configure redirection in a VLAN.
    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      The VLAN view is displayed.

    3. Run traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } [ vpn-instance vpn-instance-name ] nexthop ipv6-address [ track nqa admin-name test-name [ reaction probe-failtimes fail-times ] ] [ fail-action discard ] inbound

      Packets are redirected to a specified next-hop IP address.

      This action takes effect only in Layer 3 forwarding. By default, if the configured next hop is unreachable, packets are forwarded based on their destination address. If the fail-action discard parameter is configured, packets are discarded if the configured next hop is unreachable.

    4. Run commit

      The configuration is committed.

  • Configure redirection on an interface.
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The interface view is displayed.

    3. Run traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } [ vpn-instance vpn-instance-name ] nexthop ipv6-address [ track nqa admin-name test-name [ reaction probe-failtimes fail-times ] ] [ fail-action discard ] inbound

      Packets are redirected to a specified next-hop IP address.

      This action takes effect only in Layer 3 forwarding. By default, if the configured next hop is unreachable, packets are forwarded based on their destination address. If the fail-action discard parameter is configured, packets are discarded if the configured next hop is unreachable.

    4. Run commit

      The configuration is committed.

Verifying the Configuration

Run the display traffic-policy applied-record traffic-redirect [ [ global [ slot slot-id ] | interface interface-type interface-number | vlan vlan-id | qos group group-id ] [ inbound ] ] command to check the application records of a specified traffic policy.

Follow-up Procedure

For the CE12800, if a low-priority traffic policy takes effect before you apply a high-priority traffic policy, ACL rules may be slow to take effect. Consequently, service processing will be delayed. You can run the traffic-policy fast-mode command in the system view to enable fast delivery of ACLs. This ensures that ACL rules take effect rapidly and services can be processed in real time.

Translation
简体中文
Download
Updated: 2021-09-17

Document ID: EDOC1100075354

Views: 416155

Downloads: 114

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :