Does XOS have a feature like Cisco IP SLA+PBR(Policy base Route)

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
I need same fature Cisco IP SLA it is possible to monitor some Proxy by ping.
Normally, traffic use PRB1 forward some traffic to Proxy(Bluecoat).
But, Proxy(Bluecoat) down change route to static-route.
finaly, Proxy(Bluecoat) up change route come back to PBR1.
Photo of Yong

Yong

  • 342 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Alexandr P

Alexandr P, Embassador

  • 12,764 Points 10k badge 2x thumb
Photo of Yong

Yong

  • 342 Points 250 badge 2x thumb
Thank you
Photo of Alexandr P

Alexandr P, Embassador

  • 12,764 Points 10k badge 2x thumb
Also you can see PBR functional in Chapter ACL, in EXOS_User_Guide
Photo of Patrick Voss

Patrick Voss, Alum

  • 11,674 Points 10k badge 2x thumb
Hi Yong,

I updated the article linked above to include a link to another article that explains how to configure flow-redirect. I hope this helps!
Photo of Yong

Yong

  • 342 Points 250 badge 2x thumb
OK. But, I have any update solution. I will be share solution.
Photo of Yong

Yong

  • 342 Points 250 badge 2x thumb
Now, test solution use flow-redirect and health-check by ping. But, it duplicate packet to proxy and to default route.

* X460G2-24p-10G4.58 # show flow-redirect "NetA2Proxy"
Name             : NetA2Proxy            VR Name          : VR-Default
Inactive Nexthops: Forward               Health Check     : PING
Nexthop Count    : 2
Active IP Address : 192.168.10.10
Index    State      Priority  IP Address          Status Interval Miss
======================================================================
0        Disabled   200       192.168.10.10       UP   2        2
1        Disabled   100       192.168.10.11       UP   2        2

Policy ToProxy
entry A2proxy{
    if {
        source-address 10.1.10.0/25;
        protocol tcp;
        destination-port 80;
    } then
        redirect-name NetA2Proxy;
    }
}
entry B2proxy{
    if {
        source-address 10.1.10.128/25;
        protocol tcp;
        destination-port 80;
    } then
    {
        redirect-name NetB2Proxy;
    }
}
 

* X460G2-24p-10G4.59 # show iproute
Ori  Destination        Gateway         Mtr  Flags         VLAN       Duration
 s   Default Route      1.1.1.2         1    -G---S-um---- Internet   0d:0h:0m:34s
 d   1.1.1.0/24         1.1.1.1         1    -------um---- Internet   0d:1h:45m:24s
#d   10.1.10.0/24       10.1.10.1       1    U------um--f- NetA       0d:1h:45m:24s
 d   10.1.11.0/24       10.1.11.1       1    -------um---- NetB       0d:1h:45m:24s
 d   192.168.10.0/24    192.168.10.1    1    -------um---- Proxy      0d:1h:45m:24s


I use wireshark for snif packet HTTP request.
(Edited)