Networking Requirements
Figure 1. Policy-Based Routing Configuration Example
As shown in Figure 1, in the data center network, tenants PC1 and PC2 dually access to external network devices through the device Switch. The VLAN ID for PC1 is 100, and the IP address is 192.168.10.10. The VLAN ID for PC2 is 200, and the IP address is 192.168.20.20. The messages from both tenants are connected to external network devices through gateway Router 2 (10.20.0.1/24).
Now it is necessary to forward the packets from PC1 to external network devices through gateway Router 1 (10.10.0.1/24), and achieve routing redirection through policy-based routing to improve the tenant experience. The configuration parameters are shown in the table below.
Device | Port Name | VLAN Interface | IP Address |
Switch | Te-1/1/1 | VLAN100 | 10.10.0.2/24 |
Switch | Te-1/1/2 | VLAN200 | 10.20.0.2/24 |
Switch | Te-1/1/3 | VLAN300 | 192.168.10.2/24 |
Switch | Te-1/1/4 | VLAN400 | 192.168.20.2/24 |
Follow the configuration roadmap below to complete the deployment of policy-based routing:
Configure VLAN, VLAN interface and IP address on each switch to achieve network reachable. The configuration on the device Switch is provided in the following steps. Other devices have similar configurations and will therefore be ignored.
On Switch, configure match rule based on the source IPv4 address 192.168.10.10/24 (IP address of PC1) for PBR traffic classification.
On Switch, configure an action to redirect packets to a next-hop IP address 10.10.0.1/24 (IP address of Router 1) for policy-based routing.
On Switch, apply the PBR policy to the VLAN interface VLAN300 where the traffic from PC1 is coming in.
Procedure on Switch
Step 1 Configure VLANs and VLAN interfaces.
admin@Switch# set vlans vlan-id 100 admin@Switch# set vlans vlan-id 200 admin@Switch# set vlans vlan-id 300 admin@Switch# set vlans vlan-id 400 admin@Switch# set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 100 admin@Switch# set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 200 admin@Switch# set interface gigabit-ethernet te-1/1/3 family ethernet-switching native-vlan-id 300 admin@Switch# set interface gigabit-ethernet te-1/1/4 family ethernet-switching native-vlan-id 400 admin@Switch# set vlans vlan-id 100 l3-interface vlan100 admin@Switch# set vlans vlan-id 200 l3-interface vlan200 admin@Switch# set vlans vlan-id 300 l3-interface vlan300 admin@Switch# set vlans vlan-id 400 l3-interface vlan400 admin@Switch# set l3-interface vlan-interface vlan100 address 10.10.0.2 prefix-length 24 admin@Switch# set l3-interface vlan-interface vlan200 address 10.20.0.2 prefix-length 24 admin@Switch# set l3-interface vlan-interface vlan300 address 192.168.10.2 prefix-length 24 admin@Switch# set l3-interface vlan-interface vlan400 address 192.168.20.2 prefix-length 24
Step 2 Enable IP routing for L3 forwarding.
admin@Switch# set ip routing enable true
Step 3 Configure match rule based on the source IPv4 address 192.168.10.10/32 (IP address of PC1) for PBR traffic classification.
admin@Switch# set routing pbr map PBR_map1 sequence 100 match source-ipv4 192.168.10.10/32
Step 4 Configure an action to redirect packets to a next-hop IP address 10.10.0.1 (IP address of Router 1) for PBR.
admin@Switch# set routing pbr map PBR_map1 sequence 100 action nexthop 10.10.0.1
Step 5 Apply this policy PBR_map1 to the VLAN interface VLAN300 where the traffic from PC1 is coming in.
admin@Switch# set routing pbr map PBR_map1 vlan-interface vlan300
Step 6 Commit the configurations.
admin@Switch# commit
Step 7 View the configuration information of policy-based routing.
admin@Switch# run show pbr map PBR_map1 Sequence: 100 match-condition: source-ipv4 192.168.10.10/32 action: nexthop 10.10.0.1 nexthop-vrf: dscp:0 statistics: vlan300: 1864 pkts