Aug. 21, 2015, 10:26 p.m.

DELL Networking. Basics Routing Policy (Part 1)

Content

1. Configuration examples

Corporate networks, which are typically used for multiple departments in an organization is often divided into VLANs for increased performance. Administrators can combine multiple physical switches into a single virtual network to create a more efficient use of bandwidth for interagency traffic. Members of each department, who often work remotely feel the performance increase despite the great geographical distance. By using routing policies other levels may be included resolution of the administrators of the rules of the incoming and outgoing traffic. These rules and settings can alter the way the network package.

Configuring PBR includes construction of route-map with the installation instructions, which include the appropriate route-map interface. IP routing must be enabled on the interfaces to control PBR. PBR can only be allowed for incoming traffic through these interfaces.

Enable PBR on the VLAN interface is routed, in which there is a comparison of all incoming packets on the interface route-map, according to the criteria which determined the appropriate routing rule. The interface can be only one policy route-map, but each may have multiple policy route-map, each of which is successively compared with the package in accordance with its priority. If one entry criterion is the criterion of the incoming packet, then selects the appropriate record routing rule. If two or more records meet the criteria, then it runs the rule, which has the highest priority, that is, the smallest number assigned. If no entry does not match, then the packets are routed by default.

Each route-map setting that is used for PBR configured as either a permit (allowed) or as deny (forbidden). If compliance is not according to the rules permit or deny routing, then the directive to drop the packet.

Configuration examples

DELL Networking - Traffic Isolation Routed to a range of IP addresses (or subnet) in the ISP A, and a second range of IP addresses (or subnet) in the ISP B.

Create access lists.

Enable routing… 
console(config)#ip routing 
 
Create three Access-Lists… 
console(config)#ip access-list accounting 
console(config-ip-acl)#permit ip 10.1.5.0 0.0.0.255 any 
console(config-ip-acl)#exit 
console(config)#ip access-list hr 
console(config-ip-acl)#permit ip 10.1.6.0 0.0.0.255 any 
console(config-ip-acl)#exit 
console(config)#ip access-list inter-communications 
console(config-ip-acl)#permit ip 10.1.5.0 0.0.0.255 10.1.6.0 0.0.0.255 
console(config-ip-acl)#permit ip 10.1.6.0 0.0.0.255 10.1.5.0 0.0.0.255 
console(config-ip-acl)#exit

Creating a Route-Map. Static routing.

Create a Route-Map with three sequences (10, 20, 30)… 
console(config)#route-map equal-access deny 10 
console(config-route-map)#match ip address inter-communications 
console(config-route-map)#exit 
console(config)#route-map equal-access permit 20 
console(config-route-map)#match ip address accounting 
console(config-route-map)#set ip next-hop 192.168.6.6 
console(config-route-map)#exit 
console(config)#route-map equal-access permit 30 
console(config-route-map)#match ip address hr 
console(config-route-map)#set ip next-hop 172.16.7.7 
console(config-route-map)#exit

Setting the port configuration on the ISP-A. In this case, it produced VLAN-s interface with the assignment of IP-addresses, and set one of the ports in trunk mode.

console(config)#vlan 101 
console(config-vlan101)#exit 
console(config)#interface vlan 101 
console(config-if-vlan101)#ip address 172.16.7.6 255.255.255.0 
console(config-if-vlan101)#interface Te1/0/1 
console(config-if-Te1/0/1)#switchport trunk allowed vlan all 
console(config-if-Te1/0/1)#switchport mode trunk 
console(config-if-Te1/0/1)#exit

Setting the port configuration on the ISP-B. In this case, it produced VLAN-s interface with the assignment of IP-addresses, and set one of the ports in trunk mode.

console(config)#vlan 102 
console(config-vlan102)#exit 
console(config)#interface vlan 102 
console(config-if-vlan102)#ip address 192.168.6.5 255.255.255.0 
console(config-if-vlan102)#interface Te1/0/2 
console(config-if-Te1/0/2)#switchport trunk allowed vlan all 
console(config-if-Te1/0/2)#switchport mode trunk 
console(config-if-Te1/0/2)#exit

Configuring VLAN indicating the Route-Map.

console(config)#vlan 111 
console(config-vlan111)#exit
console(config)#interface vlan 111 
console(config-if-vlan111)#ip address 10.1.5.1 255.255.0.0 
console(config-if-vlan111)#ip policy route-map equal-access 
console(config-if-vlan111)# exit 
/* Configuring VLAN ports on the group access mode */
console(config)#interface range gigabitethernet all 
console(config-if)#switchport access vlan 111 
console(config-if)#switchport mode access

Checking your results

console#show ip access-lists 
console#show route-map 
console#show ip policy
console#show vlan

We recommend hosting TIMEWEB

Stable hosting, on which the social network EVILEG is located. For projects on Django we recommend VDS hosting.

Recommended articles on this topic

By article asked0question(s)

Subscribe to the discussion0

Section subscription37

Do you like it? Share on social networks!

1.5K

DELL Networking. Basics Routing Policy (Part 1)

Configuration examples

We recommend hosting TIMEWEB

Comments

Actions