Extreme Networks

Jeff_McLeod · ‎01-27-2016

configure
snmp sysName "LAYER2-3_SWITCH"

configure sys-recovery-level switch reset

configure vlan default delete ports all

configure vr VR-Default delete ports 1-5

configure vlan default delete ports 1-5

configure vlan "Default" qosprofile QP1

create vlan "GW_primary"

configure vlan GW_primary tag 10

create vlan "GW_secondary"

configure vlan GW_secondary tag 20

create vlan "Network"

configure vlan Network tag 30

configure vlan GW_primary add ports 1 untagged

configure vlan GW_secondary add ports 2 untagged

configure vlan Network add ports 3 untagged

configure vlan GW_primary ipaddress 192.168.8.36 255.255.255.0

enable ipforwarding vlan GW_primary

configure vlan GW_secondary ipaddress 192.168.11.254 255.255.255.0

enable ipforwarding vlan GW_secondary

configure vlan Network ipaddress 10.0.0.1 255.255.255.0

enable ipforwarding vlan Network

configure iproute add 192.168.12.0 255.255.252.0 192.168.11.253

configure ipforwarding originated-packets require-ipforwarding

create flow-redirect primary_GW

configure flow-redirect primary_GW add nexthop 192.168.8.12 priority 100

configure flow-redirect primary_GW nexthop 192.168.8.12 ping health-check interval 60 miss 3

configure access-list primary_GW vlan "Network" ingress

ACL Policy

entry Network1 {

if match all {

source-address 10.0.0.0/24;

destination-address 192.168.12.0/22;

} then {

permit;

redirect-name primary_GW;

}

LAYER2-3_SWITCH.116 # show iproute

Ori Destination Gateway Mtr Flags VLAN Duration

#d 10.0.0.0/24 10.0.0.1 1 U------um--f- Network 0d:1h:51m:5s

#d 192.168.8.0/24 192.168.8.36 1 U------um--f- GW_primary 0d:1h:52m:4s

#d 192.168.11.0/24 192.168.11.254 1 U------um--f- GW_secondary 0d:1h:51m:47s

#s 192.168.12.0/22 192.168.11.253 1 UG---S-um--f- GW_secondary 0d:0h:5m:45s

LAYER2-3_SWITCH.117 # show flow-redirect "primary_GW"

Name : primary_GW VR Name : VR-Default

Inactive Nexthops: Forward Health Check : PING

Nexthop Count : 1

Active IP Address : 192.168.8.12

Index State Priority IP Address Status Interval Miss

======================================================================

0 Enabled 100 192.168.8.12 UP 60 3

TAKING THE WRONG PATH

NET_PC> trace 192.168.12.1

trace to 192.168.12.1, 8 hops max, press Ctrl+C to stop

1 10.0.0.1 0.307 ms 0.358 ms 0.311 ms

2 *192.168.11.253 9.823 ms (ICMP type:3, code:3, Destination port unreachable)

NET_PC> ping 192.168.12.1

84 bytes from 192.168.12.1 icmp_seq=1 ttl=254 time=9.281 ms

84 bytes from 192.168.12.1 icmp_seq=2 ttl=254 time=6.840 ms

84 bytes from 192.168.12.1 icmp_seq=3 ttl=254 time=3.192 ms

84 bytes from 192.168.12.1 icmp_seq=4 ttl=254 time=2.802 ms

84 bytes from 192.168.12.1 icmp_seq=5 ttl=254 time=3.291 ms

If I remove the static route to the secondary gateway, it still doesn’t work.

As long as I put a default or static route in, I can get to either of the gateways and the desired network behind them, but only one of them.

Jeff_McLeod · ‎01-28-2016

Hey Jarek. Sorry it took me so long to get back to you, I had a Surface Pro mishap. So... I'm trying to validate all of my configurations on the virtual appliance, running 15.3.1.4 System type is Summit-PC. If I can ever get the flow-redirect successfully tested, I will be implementing it on an X460-48p running 15.3.3.5. Everything seems to work in the virtual lab image, except the nexthop redirect. I will look at the access-list info that Patrick guided me towards.

Thanks again,

Jeff

Patrick_Voss · ‎01-27-2016

Hi Jeff,

If you look at your other post I believe I answered your question. Please let me know if you have any questions.

Extreme Networks

Why does flow-redirect not work?

Why does flow-redirect not work?