Packet type-based interface PBR configuration example
Network requirements
As shown in Figure 16, configure PBR on Switch A to forward all TCP packets received on VLAN-interface 11 to the next hop 1.1.2.2. Switch A forwards other packets according to the routing table.
Figure 16: Network diagram
Configuration procedure
Configure Switch A:
# Create VLAN 10 and VLAN 20.
<SwitchA> system-view [SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit
# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.
[SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ip address 1.1.2.1 24 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ip address 1.1.3.1 24 [SwitchA-Vlan-interface20] quit
# Configure ACL 3101 to match TCP packets.
[SwitchA] acl number 3101 [SwitchA-acl-adv-3101] rule permit tcp [SwitchA-acl-adv-3101] quit
# Configure Node 5 for policy aaa to forward TCP packets to next hop 1.1.2.2.
[SwitchA] policy-based-route aaa permit node 5 [SwitchA-pbr-aaa-5] if-match acl 3101 [SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2 [SwitchA-pbr-aaa-5] quit
# Configure interface PBR by applying policy aaa to VLAN-interface 11.
[SwitchA] interface vlan-interface 11 [SwitchA-Vlan-interface11] ip address 10.110.0.10 24 [SwitchA-Vlan-interface11] ip policy-based-route aaa [SwitchA-Vlan-interface11] quit
Configure Switch B:
# Create VLAN 10.
<SwitchB> system-view [SwitchB] vlan 10 [SwitchB-vlan10] quit
# Configure the IP address of VLAN-interface 10.
[SwitchB] interface vlan-interface 10 [SwitchB-Vlan-interface10] ip address 1.1.2.2 24 [SwitchB-Vlan-interface10] quit
# Configure a static route to subnet 10.110.0.0/24.
[SwitchB] ip route-static 10.110.0.0 24 1.1.2.1
Configure Switch C:
# Create VLAN 20.
<SwitchC> system-view [SwitchC] vlan 20 [SwitchC-vlan20] quit
# Configure the IP address of VLAN-interface 20.
[SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ip address 1.1.3.2 24 [SwitchC-Vlan-interface20] quit
# Configure a static route to subnet 10.110.0.0/24.
[SwitchC] ip route-static 10.110.0.0 24 1.1.3.1
Verifying the configuration
# Configure the IP address 10.110.0.20/24 for Host A, and specify its gateway address as 10.110.0.10.
# On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds.
# On Host A, Telnet to Switch C that is directly connected to Switch A. The operation fails.
# Ping Switch C from Host A. The operation succeeds.
Telnet uses TCP and ping uses ICMP. The results show the following:
All TCP packets arriving on VLAN-interface 11 of Switch A are forwarded to next hop 1.1.2.2.
Other packets are forwarded through VLAN-interface 20.
The interface PBR configuration is effective.