After PBR is configured, the communication between intranets is unavailable

The solution is as follows:
If traffic between intranets matches PBR and the traffic behavior is applied to the traffic, the traffic between intranets is abnormal. The solution is to create a new traffic classifier and configure an empty traffic behavior. In this situation, packets can be forwarded properly because they do not match other traffic behaviors.
The matching order is the configuration order in the traffic policy. If the traffic between intranets needs to be matched first, adjust the order in the traffic policy.
Example: Add the traffic policy for the traffic between intranets. In this example, two internal network segments are 192.168.1.0 and 192.168.2.0 respectively and the original traffic classifier and traffic behavior are c and b respectively. You need to create a traffic classifier for traffic between intranets, reference an ACL in the traffic policy, and configure an empty traffic behavior. Delete the configured traffic policy, configure the traffic classifier for traffic between intranets, and then configure other classifiers.
system-view
[Huawei]acl 3001
[Huawei-acl-adv-3001]rule permit ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255
[Huawei-acl-adv-3001]rule permit ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255
[Huawei]traffic classifier neiwang
[Huawei-classifier-neiwang]if-matchacl 3001
[Huawei]traffic behavior neiwang
[Huawei-behavior-neiwang]q
[Huawei]traffic policy p
[Huawei-trafficpolicy-p] undo classifier neiwang
[Huawei-trafficpolicy-p]classifier neiwang behavior neiwang
[Huawei-trafficpolicy-p]classifier c behavior b

Scroll to top