beautypg.com

Setting the output interface to the null interface, Selectively applying normal routing to packets – Brocade Multi-Service IronWare Routing Configuration Guide (Supporting R05.6.00) User Manual

Page 366

background image

338

Multi-Service IronWare Routing Configuration Guide

53-1003033-02

Configuration examples

Brocade(config)# interface tunnel 1

Brocade(config-tnif-1)# tunnel mode gre ip

Brocade(config-tnif-1)# tunnel source ethernet 1/2

Brocade(config-tnif-1)# tunnel destination 10.0.8.108

Brocade(config-tnif-1)# ip address 10.10.3.2/24

Brocade(config-tnif-1)# exit

Brocade(config)# interface tunnel 2

Brocade(config-tnif-2)# tunnel mode gre ip

Brocade(config-tnif-2)# tunnel source ethernet 2/2

Brocade(config-tnif-2)# tunnel destination 10.0.9.108

Brocade(config-tnif-2)# ip address 10.10.4.2/24

Brocade(config-tnif-2)# exit

Brocade(config)# access-list 99 permit 10.12.13.0 10.0.0.255

Brocade(config)# access-list 99 permit 10.15.16.0 10.0.0.255

Brocade(config)# route-map test1 permit 5

Brocade(config-routemap test1)# match ip address 99

Brocade(config-routemap test1)# set next-hop-ip-tunnel 1

Brocade(config-routemap test1)# set next-hop-ip-tunnel 2

Setting the output interface to the null interface

The following commands configure a PBR to send all traffic from 10.168.1.204 to the null
interface, thus dropping the traffic instead of forwarding it.

Brocade(config)# access-list 56 permit 10.168.1.204 0.0.0.0

The following commands configure an entry in a route map called “file-13”. The first entry (permit
56) matches on the IP address information in ACL 56 above. For IP traffic from the host
10.168.1.204/32, this route map entry sends the traffic to the null interface instead of forwarding
it, thus sparing the rest of the network the unwanted traffic.

Brocade(config)# route-map file-13 permit 56

Brocade(config-routemap file-13)# match ip address 56

Brocade(config-routemap file-13)# set interface null0

Brocade(config-routemap file-13)# exit

The following command enables PBR by globally applying the route map to all interfaces.

Brocade(config)# ip policy route-map file-13

Alternatively, you can enable the PBR on specific interfaces, as shown in the following example. The
commands in this example configure IP addresses in the source subnet identified in ACL 56, then
apply route map file-13 to the interface.

Brocade(config)# interface ethernet 3/11

Brocade(config-if-e10000-3/11)# ip address 192.168.1.204/32

Brocade(config-if-e10000-3/11)# ip policy route-map file-13

Selectively applying normal routing to packets

This example demonstrates how to configure PBR to route all TCP traffic from a host normally while
routing all other traffic from the same host through the PBR next hop. In this example, the IP
address of the host is 192.168.2.2.

To route TCP traffic from 192.168.2.2 normally, configure a deny ACL clause and define it as a
permit route-map entry as shown in the following.

See also other documents in the category Brocade Computer Accessories: