Solved

Help required to configure policy based routing

  • 12 October 2020
  • 3 replies
  • 180 views

cisco config --

 

track 14 ip sla 14 reachability
!
track 20 ip sla 20 reachability
!
track 30 ip sla 30 reachability

 

ip sla 14
 icmp-echo 172.16.98.5 source-ip 172.16.98.6
 frequency 20
ip sla schedule 14 life forever start-time now

ip sla 20
 icmp-echo 10.6.158.29 source-ip 10.6.158.30
 frequency 20
ip sla schedule 20 life forever start-time now

ip sla 30
 icmp-echo 10.20.30.101 source-ip 10.20.30.102
 frequency 30
ip sla schedule 30 life forever start-time now

 

route-map PGCIL permit 10
 match ip address 199
 set ip next-hop verify-availability 172.16.98.5 1 track 14
 set ip next-hop verify-availability 10.6.158.29 5 track 20
 set ip next-hop verify-availability 10.20.30.101 10 track 30
!
route-map TCL permit 10
 match ip address 188
 set ip next-hop verify-availability 10.6.158.29 1 track 20
!

 

ip route 172.16.200.222 255.255.255.255 172.16.98.5 track 14
ip route 172.16.202.52 255.255.255.255 172.16.98.5 track 14
ip route 172.16.202.47 255.255.255.255 172.16.98.5 track 14
ip route 0.0.0.0 0.0.0.0 172.16.98.5 40 track 14
ip route 172.16.108.71 255.255.255.255 10.6.158.29 track 20
ip route 172.16.208.68 255.255.255.255 10.6.158.29 track 20
ip route 172.16.207.53 255.255.255.255 10.6.158.29 track 20
ip route 172.16.108.72 255.255.255.255 10.6.158.29 track 20

icon

Best answer by Stefan K. 12 October 2020, 13:02

Hello,

Flow-Redirect is the keyword. https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-flow-redirect 

 

Best regards
Stefan

View original

3 replies

Userlevel 6
Badge

Hello,

Flow-Redirect is the keyword. https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-flow-redirect 

 

Best regards
Stefan

Can anyone help me to convert above cisco command to extreme commands? I followed link shared by Stefan but unable to execute working config.

Userlevel 6
Badge

Hi,


Instead of literal line-by-line translation, it might be easier to think on the goal and adapt these steps:

  1. Create a .pol file on your laptop and deliver to the switch (could be done through switch web UI with Apps > file browser). It will consist of entries for each set of criteria and next-hop group ie. flow redirect name (like route maps but different naming, isn’t it?).

Entry redirect {
If match all {
source-address 192.0.2.0/24;
} then {
permit;
redirect-name GTAC_redirect;
}
}

Just adjust address there and redirect-name to what you’ll create in the next step.

  1. Create a flow-redirect, a set of hops (like in a route map) under a single name:

create flow-redirect GTAC_redirect

configure flow-redirect GTAC_redirect add nexthop 172.16.98.5 priority 100

configure flow-redirect GTAC_redirect add nexthop 10.6.158.29 priority 90

configure flow-redirect GTAC_redirect add nexthop 10.20.30.101 priority  80

  1. You can configure a next-hop checks, like that ip sla reachability I believe…

configure flow-redirect GTAC_redirect nexthop 172.16.98.5 ping health-check interval 20 miss 2

...

  1. Apply the ACL (policy file) to an interface or VLAN or entire switch:

configure access-list /name/ ports 1 ingress

configure access-list /name/ vlan “test” ingress

configure access-list /name/ any

 

If it’s still a problem, please let us know what actually is not working for you, what kind of error message etc.

 

Hope that helps,

Tomasz

Reply