Example for Configuring Policy-Based Routing
- Tracy Yang
Networking Requirements
Figure 1.    Policy-Based Routing Configuration Example
As shown in Figure 1, in the data center network, tenants PC1 and PC2 dually access to external network devices through the device Switch. The VLAN ID for PC1 is 100, and the IP address is 192.168.10.10. The VLAN ID for PC2 is 200, and the IP address is 192.168.20.20. The messages from both tenants are connected to external network devices through gateway Router 2 (10.20.0.1/24).
Now it is necessary to forward the packets from PC1 to external network devices through gateway Router 1 (10.10.0.1/24), and achieve routing redirection through policy-based routing to improve the tenant experience. The configuration parameters are shown in the table below.
Device | Port Name | VLAN Interface | IP Address |
Switch | Te-1/1/1 | VLAN100 | 10.10.0.2/24 |
Switch | Te-1/1/2 | VLAN200 | 10.20.0.2/24 |
Switch | Te-1/1/3 | VLAN300 | 192.168.10.2/24 |
Switch | Te-1/1/4 | VLAN400 | 192.168.20.2/24 |
Follow the configuration roadmap below to complete the deployment of policy-based routing:
Configure VLAN, VLAN interface and IP address on each switch to achieve network reachable. The configuration on the device Switch is provided in the following steps. Other devices have similar configurations and will therefore be ignored.
On Switch, configure match rule based on the source IPv4 address 192.168.10.10/24 (IP address of PC1) for PBR traffic classification.
On Switch, configure an action to redirect packets to a next-hop IP address 10.10.0.1/24 (IP address of Router 1) for policy-based routing.
On Switch, apply the PBR policy to the VLAN interface VLAN300 where the traffic from PC1 is coming in.
Procedure on Switch
Step 1Â Â Â Â Â Â Â Â Â Configure VLANs and VLAN interfaces.
admin@Switch# set vlans vlan-id 100
admin@Switch# set vlans vlan-id 200
admin@Switch# set vlans vlan-id 300
admin@Switch# set vlans vlan-id 400
admin@Switch# set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 100
admin@Switch# set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 200
admin@Switch# set interface gigabit-ethernet te-1/1/3 family ethernet-switching native-vlan-id 300
admin@Switch# set interface gigabit-ethernet te-1/1/4 family ethernet-switching native-vlan-id 400
admin@Switch# set vlans vlan-id 100 l3-interface vlan100
admin@Switch# set vlans vlan-id 200 l3-interface vlan200
admin@Switch# set vlans vlan-id 300 l3-interface vlan300
admin@Switch# set vlans vlan-id 400 l3-interface vlan400
admin@Switch# set l3-interface vlan-interface vlan100 address 10.10.0.2 prefix-length 24
admin@Switch# set l3-interface vlan-interface vlan200 address 10.20.0.2 prefix-length 24
admin@Switch# set l3-interface vlan-interface vlan300 address 192.168.10.2 prefix-length 24
admin@Switch# set l3-interface vlan-interface vlan400 address 192.168.20.2 prefix-length 24Step 2Â Â Â Â Â Â Â Â Â Enable IP routing for L3 forwarding.
admin@Switch# set ip routing enable trueStep 3Â Â Â Â Â Â Â Â Â Configure match rule based on the source IPv4 address 192.168.10.10/32 (IP address of PC1) for PBR traffic classification.
admin@Switch# set routing pbr map PBR_map1 sequence 100 match source-ipv4 192.168.10.10/32Step 4Â Â Â Â Â Â Â Â Â Configure an action to redirect packets to a next-hop IP address 10.10.0.1 (IP address of Router 1) for PBR.
Step 5Â Â Â Â Â Â Â Â Â Apply this policy PBR_map1 to the VLAN interface VLAN300 where the traffic from PC1 is coming in.
Step 6Â Â Â Â Â Â Â Â Â Commit the configurations.
Step 7Â Â Â Â Â Â Â Â Â View the configuration information of policy-based routing.
Â
Copyright © 2024 Pica8 Inc. All Rights Reserved.