Dell 6.2 Server User Manual


  Open as PDF
of 869
 
127 | NetworkConfigurationParameters DellPowerConnectW-SeriesArubaOS6.2 | User Guide
Traffic redirected by a firewall policy rule is
not
forwarded to a tunnel that is “down” (see "Tunnel Keepalives" on
page 127 for more information on how GRE tunnel status is determined). If you have more than one GRE tunnel
configured, you can create multiple firewall policy rules with each rule redirecting the same traffic to different
tunnels. If the tunnel in the first traffic redirect rule is down, then the tunnel in the subsequent traffic redirect rule is
used instead.
In the WebUI
1. Navigate to the Configuration > Security > Access Control > Policies page.
2. Click Add to create a new firewall policy, or click Edit to edit a specific policy.
3. Click Add to create a new policy rule.
4. Configure the Source, Destination, and Service for the rule.
5. For Action, select redirect to tunnel. Enter the tunnel ID.
6. Configure any additional options, and click Add.
7. Click Apply.
In the CLI
(host) (config) #ip access-list session <name>
<source> <destination> <service> redirect tunnel <id>
Tunnel Keepalives
The controller can determine the status of a GRE tunnel by sending periodic keepalive frames on the L2 or L3 GRE
tunnel. If you enable tunnel keepalives, the tunnel is considered to be “down” if there is repeated failure of the
keepalives. If you configured a firewall policy rule to redirect traffic to the tunnel, traffic is not forwarded to the
tunnel until it is “up”. When the tunnel comes up or goes down, an SNMP trap and logging message is generated.
The remote endpoint of the tunnel does not need to support the keepalive mechanism.
By default, the controller sends keepalive frames at 60-second intervals and retries keepalives up to three times before
the tunnel is considered to be down. You can reconfigure the intervals from the default. For the interval, specify a
value between 1-86400 seconds. For the retries, specify a value between 0-1024.
In the WebUI
1. Navigate to the Configuration > Network > IP > GRE Tunnels page.
2. Click Edit for the tunnel for which you are enabling tunnel keepalives.
3. Select (check) Enable Heartbeats to enable tunnel keepalives and display the Heartbeat Interval and Heartbeat
Retries fields.
4. Enter values for Heartbeat Interval and Heartbeat Retries.
5. Click Apply.
In the CLI
(host) (config) #interface tunnel id
tunnel keepalive [<interval> <retries>]
 previous next