redirect the traffic received on internet-port inbound from Internet to Huawei L3

Latest reply: Feb 14, 2019 12:08:18 564 9 6 1


[Problem Description]

redirect the traffic received on internet-port inbound from MPLS to Huawei L3

[Problem Analysis]

answer for customer

[Root Cause] 

answer for PBR policy

[Solution Description]

1define traffic classifier the name is A1

[Switch] traffic classifier A1
[
Switch-classifier-c1]
if-match any (any is match all packets you can define ACL to match the packets that you want )

 

[SwitchA-classifier-c1] quit

2Configure a traffic behavior to redirect matching traffic to the firewall (next hop address 172.29.145.185).

[Switch] traffic behavior A1
[Switch-behavior-b1]
redirect ip-nexthop 172.29.145.185
[Switch-behavior-b1]
quit

3Configure a traffic policy

[Switch] traffic policy p1
[
Switch-trafficpolicy-p1]
classifier A1 behavior A1
[
Switch-trafficpolicy-p1]
quit

4Apply the traffic policy to INTER-inbound

 on Switch in the inbound direction.

[Switch]interface inter-inbound

[Switch-[Internet inbound] traffic-policy p1 inbound
[Switch-GigabitEthernet0/0/1]
quit
[Switch]
quit

  • x
  • convention:

No.9527
Created Dec 18, 2018 07:27:35 Helpful(0) Helpful(0)

PBR is usual method to redirect the traffic, and we always configure traffic-policy with redirect behaviour to do this.
Run the display ip policy-based-route command to check enabled PBR policies.
Run the display policy-based-route [ policy-name ] command to check the created policy content.
  • x
  • convention:

Torrent
Created Dec 22, 2018 01:26:31 Helpful(0) Helpful(0)

ok this is a good example for policy route.

thanks for sharing us such a good exampl.

can I ask a question about route policy?redirect the traffic received on internet-port inbound from Internet to Huawei L3-2826551-1
  • x
  • convention:

xiaomumu
Created Dec 24, 2018 01:40:21 Helpful(0) Helpful(0)

Learn more, great
  • x
  • convention:

yjhd
Created Dec 26, 2018 08:59:20 Helpful(0) Helpful(0)

any is match all packets, you can define ACL to match the packets that you want
  • x
  • convention:

GongXiaochuan
Created Dec 28, 2018 02:56:29 Helpful(0) Helpful(0)

"Incoming" refers to packets which originate elsewhere and arrive at the machine, while "outgoing" refers to packets which originate at the machine and arrive elsewhere
  • x
  • convention:

Good Good Study Day Day Up
Finn92
Created Dec 29, 2018 02:37:44 Helpful(0) Helpful(0)

it's a good example for sharing policy route , after reading , i think it's so simple now , if customer has the same kind requirement , i will help him implenment by myself .
  • x
  • convention:

SupperRobin
Created Dec 29, 2018 07:33:33 Helpful(0) Helpful(0)

PBR is implemented through redirection in Modular QoS Command-Line Interface (MQC). Configure a traffic classifier to classify data packets, and then configure a traffic behavior to redirect packets matching traffic classification rules. Configure a traffic policy, bind the traffic behavior and traffic classifier to it, and apply the traffic policy to an interface. As shown in the right figure, PBR is configured to redirect packets from VLAN 100 to RouterA. Before PBR is configured, all packets pass through RouterB.
  • x
  • convention:

wildwolf
Created Feb 14, 2019 12:04:18 Helpful(0) Helpful(0)

Hello!
For example: Router A directly conected to Router B and Router C, Router C is directly conected Router B. Between Router C and B no traffic. Between Router A B C run bgp vpnv4 routes four vpn-instance. How can I redirect part of vpn routes over Router C to path Router B?
If link between Router A and Router B will broke Traffic automatically wiil pass to Router B ?
  • x
  • convention:

wildwolf
Created Feb 14, 2019 12:08:18 Helpful(0) Helpful(0)

There are any documentation for Policy vpnv4 routes ? Thank You!
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login