Filter
Top Products
Installation and Getting Started Guide
ACLs to be further evaluated by the route map. If you specify deny, the routing switch denies the traffic from
further evaluation and instead drops the packets. Notice that these ACLs specify any for the destination address.
HP9300(config)# access-list 1 permit 209.157.23.0 0.0.0.255
HP9300(config)# access-list 2 permit 209.157.24.0 0.0.0.255
HP9300(config)# access-list 3 permit 209.157.25.0 0.0.0.255
The following commands configure three entries in a route map called “test-route”. The first entry (permit 1)
matches on the IP address information in ACL 1 above. For IP traffic from sub-net 209.157.23.0/24, this route
map entry sets the next-hop IP address to 192.168.2.1.
HP9300(config)# route-map test-route permit 1
HP9300(config-routemap test-route)# match ip address 1
HP9300(config-routemap test-route)# set ip next-hop 192.168.2.1
HP9300(config-routemap test-route)# exit
The following commands configure the second entry in the route map. This entry (permit 2) matches on the IP
address information in ACL 2 above. For IP traffic from sub-net 209.157.24.0/24, this route map entry sets the
next-hop IP address to 192.168.2.2.
HP9300(config)# route-map test-route permit 2
HP9300(config-routemap test-route)# match ip address 2
HP9300(config-routemap test-route)# set ip next-hop 192.168.2.2
HP9300(config-routemap test-route)# exit
The following commands configure the third entry in the test-route route map. This entry (permit 3) matches on
the IP address information in ACL 3 above. For IP traffic from sub-net 209.157.25.0/24, this route map entry sets
the next-hop IP address to 192.168.2.3.
HP9300(config)# route-map test-route permit 3
HP9300(config-routemap test-route)# match ip address 3
HP9300(config-routemap test-route)# set ip next-hop 192.168.2.3
HP9300(config-routemap test-route)# exit
The following command enables PBR by globally applying the test-route route map to all interfaces.
HP9300(config)# ip policy route-map test-route
Alternatively, you can enable PBR on specific interfaces, as shown in the following example. The commands in
this example configure IP addresses in the three source sub-nets identified in ACLS 1, 2, and 3, then apply route
map test-route the interface.
HP9300(config)# interface ve 1
HP9300(config-vif-1)# ip address 209.157.23.1/24
HP9300(config-vif-1)# ip address 209.157.24.1/24
HP9300(config-vif-1)# ip address 209.157.25.1/24
HP9300(config-vif-1)# ip policy route-map test-route
Setting the Next Hop When no Next Hop Is Explicitly Configured
The following commands configure a PBR to set the next-hop gateway for traffic, but only if the routing switch
does not already have a next-hop gateway specified for the traffic. In this example, a route map specifies the
next-hop gateway for packets from sub-net 192.168.1.x.
The following command configures a standard ACL for the sub-net.
HP9300(config)# access-list 4 permit 192.168.1.0 0.0.0.255 any
The following commands configure an entry in a route map called “test-route-if-no-gateway”. The first entry
(permit 4) matches on the IP address information in ACL 4 above. For IP traffic from sub-net 192.168.1.0/24, this
route map entry sets the next-hop IP address to 192.111.1.1, but only if the routing switch does not already have a
gateway configured for the sub-net.
HP9300(config)# route-map test-route-if-no-gateway permit 4
HP9300(config-routemap test-route-if-no-gateway)# match ip address 4
HP9300(config-routemap test-route-if-no-gateway)# set ip default next-hop
192.111.1.1
3 - 28