3 pbr examples – Accton Technology ES4626 User Manual

277

A policy will not be valid until it is bonded to a specified port.

8.2.3 PBR examples

On port ethernet 1/1, apply policy-based routing on packages from 192.168.1.0/24

segment, and set the next-hop as 218.31.1.119, meanwhile the local network IP of this

network ranges within 192.168.0.0/16. To assure normal communication in local network,

messages from 192.168.1.0/24 to local IP 192.168.0.0/16 are not applied with policy

routing.

Configuration procedure is as follows:

Switch#config

Switch(config)#access-list ip extended a1

Switch(Config-IP-Ext-Nacl-a1)#permit ip 192.168.1.0 0.0.0.255 any-destination

Switch(Config-IP-Ext-Nacl-a1)#deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.255.255

Switch(Config-IP-Ext-Nacl-a1)#exit

Switch(config)#mls qos

Switch(config)#class-map c1

Switch(config-ClassMap)#match access-group a1

Switch(config-ClassMap)# exit

Switch(config)#policy-map p1

Switch(config-PolicyMap)#class c1

Switch(config-Policy-Class)#set ip nexthop 218.31.1.119

Switch(config--Policy-Class)#exit

Switch(config-PolicyMap)#exit

Switch(config)#interface ethernet

Switch(Config-Ethernet1/1)#service-policy input p1

Configuration results

First set an ACL a1 with two items. The first item matches source IP segments
192.168.1.0/24（allowed）. The second item matches source IP segments 192.168.1.0/24

and destination IP segments 192.168.0.0/16（rejected）. Turn on QoS function in global

mode and create a class-map: c1 in which matches ACL a1, and create a policy-map in

which quote c1. Set the next-hop IP as 218.31.1.119 and apply the policy-map at port

ethernet 1/1. After that, all messages on port ethernet 1/1 from segment 192.168.1.0/24

will be transmitted through 192.168.1.0/24 except those from 192.168.0.0/16 segment

which are still be transmitted through normal L3 routing,