Create Date: Sep 12 2012 8:53AM
Hi all,
I am facing a very simple redirection problem while using my Policy based redirect on the Switch.
I have a dynamic policy defined for redirection as below on my Switch. And I apply it as ANY on the switch.
###########################################################################################################################
(vr VR-SIG) CH-SW1.11 # show configuration acl
#
# Module acl configuration.
#
create access-list sctp_int_1_flow " source-address 10.91.0.48/28 ;" " redirect 10.91.0.234 ;" application "Cli"
configure access-list add sctp_int_1_flow last priority 0 zone SYSTEM any ingress
(vr VR-SIG) CH-SW1.15 # show access-list any detail
#Dynamic Entries ((*)- Rule is non-permanent )
# RuleNo Application Zone Sub-Zone
# 9 Cli SYSTEM 0
entry sctp_int_1_flow { if match all {
source-address 10.91.0.48/28 ;
} then {
redirect 10.91.0.234 ;
} }
#########################################################################################
But My redirection is not working.
(vr VR-SIG) CH-SW1.13 # ping 10.91.0.100 from 10.91.0.62 with record-route
Ping(ICMP) 10.91.0.100: 4 packets, 8 data bytes, interval 1 second(s).
16 bytes from 10.91.0.100: icmp_seq=1 ttl=255 time=7.668 ms
RR: 10.91.0.62
10.91.0.101
10.91.0.62
I would expect the ICMP packet coming with source-address 10.91.0.62 to hit the Policy and redirect the traffic to 10.91.0.234 instead as the route-record shows that the traffic is redirected to 10.91.0.101 - where I do not want my traffic to flow.
It looks to me that for some reason my policy is not active.
Any help will be appreciated.
Thank you,
./emuzkhn (from Muhammad_Khan)