ExtremeSwitching (EXOS)

Expand all | Collapse all

How to used Policy Based in Black Diamond?

  • 1.  How to used Policy Based in Black Diamond?

    Posted 04-13-2017 21:12
    Hi Guys,

    My Extreme Switch is connected to Firewall and I have to different Vlans but both have same flow to the same destination. Actualy I have only one next-hop for VLAN1 but I need to add second next hop and send from source 1 next hop 1 source 2 next hop2. and I Must use static route. I it possible to do it with PBR?



  • 2.  RE: How to used Policy Based in Black Diamond?

    Posted 04-13-2017 23:31
    Hi Enima,
    I think you can try with a policy with respective source ip addresses as match conditions.
    edit policy flowpolicy.pol entry flow1 { if { source-address ; } then { redirect ; } }
    entry flow2 { if { source-address ; } then { redirect ; } }

    config access-list flowpolicy vlan [i] ingress [/code]
    There are various match conditions (e.g. protocol or dscp) and redirect ways (e.g. port or port-list) you can apply in policy. Also you can apply this policy to VLAN or port.

    Some options can be limitted upon switch model.


  • 3.  RE: How to used Policy Based in Black Diamond?

    Posted 04-15-2017 10:15


  • 4.  RE: How to used Policy Based in Black Diamond?

    Posted 07-24-2021 10:04

    Hi Karthik sir,

     

    I need configure PBR in X46G2,

    One of the our customer having 2 Firewall and they need some of the VLAN’s get internet access traffic go through the 1st firewall interface IP.

    Some of the other VLAN’s get internet access  traffic go through the 2nd Firewall Interface IP.

    It is Possible via PBR? right.

    Can you share the sample configuration file.

    1st Firewall 300D

    LAN IP : 192.168.10.251/24

    VLAN 10 : 192.168.12.251/24

    VLAN 20 : 192.168.14.251/24

    These IP’s are get access internet via 300D firewall ISP.

    2nd Firewall 200F

    LAN IP : 192.168.10.254/24

    VLAN 10 : 192.168.11.251/24

    VLAN 20 : 192.168.13.251/24

    These IP’s are get access internet via 200F firewall ISP.

     

    Regards,

    venkatachalam