Filter
Top Products
20-2 Riverstone Networks RS Switch Router User Guide Release 8.0
Configuring IP Policies IP Policy-Based Forwarding Configuration
20.1.1 Defining an ACL Profile
An ACL profile specifies the criteria packets must meet to be eligible for IP policy routing. You define profiles with
the
acl
command. For IP policy routing, the RS uses the packet-related information from the
acl
command and
ignores the other fields.
For example, the following
acl
command creates a profile called “prof1” for telnet packets going from network
9.1.0.0 to network 15.1.0.0:
See the Riverstone RS Switch Router Command Line Interface Reference Manual for complete syntax information for
the
acl
command.
Note
ACLs for non-IP protocols cannot be used for IP policy routing.
20.1.2 Associating the Profile with an IP Policy
Once you have defined a profile with the
acl
command, you associate the profile with an IP policy by entering one or
more
ip-policy
statements. An
ip-policy
statement specifies the next-hop gateway (or gateways) where packets
matching a profile are forwarded. (See the Riverstone RS Switch Router Command Line Interface Reference Manual
for complete syntax information for the
ip-policy
command.)
For example, the following command creates an IP policy called “p1” and specifies that packets matching profile
“prof1” are forwarded to next-hop gateway 10.10.10.10:
You can also set up a policy to prevent packets from being forwarded by an IP policy. For example, the following
command creates an IP policy called “p2” that prevents packets matching prof1 from being forwarded using an IP
policy:
Packets matching the specified profile are forwarded using dynamic routes instead.
rs(config)#
acl prof1 permit ip 9.1.0.0/16 15.1.0.0/16 any any telnet 0
rs(config)#
ip-policy p1 permit acl prof1 next-hop-list 10.10.10.10
rs(config)#
ip-policy p2 deny acl prof1