No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


The policy-based routing remains in effect when double outlet has single link failure

Publication Date:  2012-09-12 Views:  359 Downloads:  0
Issue Description
USG5300 as the device of export, there are two exports to the operators isp1 and isp2 respectively. Two internal network segments through policy-based routing access to the external network from different exports .Using the default route to the routing of the two operators. When one link fails, want to be able to access the external network from another exit. However, an outbound interface isp1 failure, internal segment can not access to external network, policy-based routing is still in force, the configuration is as follows:
ip-link check enable
ip-link 1 destination mode icmp
ip-link 2 destination mode icmp
traffic classifier class2
if-match acl 3002
traffic classifier class1
if-match acl 3001
traffic behavior behavior1
  remark ip-nexthop output-interface GigabitEthernet0/0/1
traffic behavior behavior2
  remark ip-nexthop output-interface GigabitEthernet0/0/2
qos policy mypolicy
classifier class1 behavior behavior1
classifier class2 behavior behavior2
ip route-static
ip route-static
Alarm Information
Handling Process
1.Check the configuration.
2.The user configure the ip-link detection , check the ip-link state:
[USG5320] disp ip-link
20:00:15 2012/06/01
num state timer mode vpn-instance ip-address interface-name
1 up 3 icmp
Although ips1 interface have been down, but the state of the ip-link still up , policy-based routing is still in force.
3. Modify the configuration of ip-link:
ip-link 1 destination interface GigabitEthernet0/0/1 mode icmp
ip-link 2 destination interface GigabitEthernet0/0/2 mode icmp
Check the ip-link state again:
[USG5320] disp ip-link
20:00:15 2012/06/01
num state timer mode vpn-instance ip-address interface-name
1 down 3 icmp
ip-link state is normal, policy-based routing is not in effect, internal network can access to external network from another interface.
Root Cause
1.The configuration issue
2.The version issue
Policy-based routing and ip-link state associated , the ip-link state decide whether the policy–based routing in force.