This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Config iproute by origen

Config iproute by origen

Daniel_Valera
New Contributor II

‎01-17-2017 05:50 PM

Hi, I have a switch X450e-48p with image ExtremeXOS version 12.0.3.16 and my question is if can i configure various routes by origen?

I need configure various routes to internet in different gateways but separate depend of equipment inside the LAN.

regards
20 REPLIES 20

Henrique
Extreme Employee
In response to Henrique

‎01-18-2017 11:50 AM

Hi Daniel,

You have to use different entries for different SrcIPs as follows:

edit policy PBR.pol

entry PBR_WAN2-Host1 {
if {
source-address 192.168.100.x/32; (host1)
}
then {
redirect 192.168.100.253; (Gateway to WAN2)
}
}
entry PBR_WAN2-Host2 {
if {
source-address 192.168.100.x/32; (host2)
}
then {
redirect 192.168.100.253; (Gateway to WAN2)
}
}

All the traffic that does not hit the ACL will be routed through default route.

The "refresh policy" command is used only when you have changed the policy file and need to update to the switch memory without needing to unconfig/config the ACL to the vlan or port.

Also, diffserv examination is not needed here, unless you are working with DSCP marking to perform QoS.
0 Kudos

Daniel_Valera
New Contributor II
In response to Henrique

‎01-18-2017 11:50 AM

Hi Henrique... so the policy maybe can i configure like this?

edit policy PBR.pol

entry TRAFIC_TO_WAN2 {
if {
source-address 192.168.100.x/32; (host1)
source-address 192.168.100.x/32; (host2)
}
then {
redirect 192.168.100.253; (Gateway to WAN2)
}
}

config access-list TRAFIC_TO_WAN2 vlan default ingress
enable diffserv examination port X (inside LAN port)
refresh policy PBR

configure iproute add default 192.168.100.254 (gateway to WAN1)

And the rest of the traffic can be configured a default route? Does the default route not affect the PBR policy?

thanks

Regards

0 Kudos

Daniel_Valera
New Contributor II
In response to Henrique

‎01-18-2017 11:50 AM

Thanks Henrique
0 Kudos

Matthew_Helm1
Extreme Employee

‎01-17-2017 09:12 PM

"You may want to create a static ARP entry for the redirect IP address, so that there will always be a cache entry."

0 Kudos

simon_bingham
New Contributor II

‎01-17-2017 06:07 PM

I think he asking about Source based routing yes you can do it just be aware its a really easy way to generate routing loops

here is an example policy

The redirect entry is the one you need.

* CoreRouter1.113 # show policy REDIRECT
Policies at Policy Server:
Policy: REDIRECT

entry Exception {
if match any {
destination-address 172.27.237.244/30 ;
}
then {
count EXCEPTION ;
permit ;
}
}
entry redirect {
if match all {
source-address 172.27.237.248/30 ;
}
then {
redirect 172.27.237.242 ;
count REDIRECT_HIT ;
}
}
entry catch_all {
if match all {
}
then {
permit ;
count CATCHALL ;
}
}

0 Kudos
GTM-P2G8KFN