Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

991

992

993

994

995

996

997

998

999

1000

Policy-based routing per VRF

Configure PBR per VRF instance for both IPv4 and IPv6 traffic flows.

Policy-based routing (PBR) enables packets with certain match criteria, such as packets from specific source and destination

addresses, to be re-directed to a different next-hop.

You can also use PBR to re-direct packets arriving on a VRF instance to a next-hop that is reachable through a different VRF

instance. You can re-direct packets arriving on any VRF instance to the default VRF instance or any other non-default VRF

instance.

NOTE: PBR is supported on the default and non-default VRF instances; however, PBR is not supported on the

management VRF instance.

Configuring PBR per VRF

For traffic arriving on a VRF instance, you can re-direct this traffic to a next-hop on another VRF instance using route-maps. In

the route-map, set the next-hop IP address that is reachable through a different VRF instance. When traffic that matches

certain criteria arrives on a VRF instance, the route-map configuration enables packets to be re-directed to a next-hop that is

reachable over another VRF instance. To configure PBR per VRF:

1. Create the match ACL rule for IPv4 or IPv6 traffic.

{ip | ipv6} access-list access-list-name

2. Permit or deny IPv4 or IPv6 traffic from any source with a specific destination.

permit {ip | ipv6} any ip-address

deny {ip | ipv6} any ip–address

3. Configure a route-map to re-direct traffic arriving on a specific VRF instance.

route-map route-map-name

4. Enter the IPv4 or IPv6 address to match and specify the access-list name.

match {ip | ipv6} address access-list-name

5. In the route-map, set the IPv4 or IPv6 next-hop to be reached through a different VRF instance.

set {ip | ipv6} vrf vrf-name next-hop next-hop-ipv4address

This next-hop-address is reachable through a different VRF instance.

NOTE:

If the next-hop is reachable on the specified VRF instance, the packet is redirected; otherwise, the packet

follows the regular routing flow.

6. Apply the route-map to the interface.

interface interface-type

{ip | ipv6} policy route-map route-map-name

7. View the route-map information.

show route-map

OS10(conf-if-vl-40)# do show route-map

route-map test, permit, sequence 10

Match clauses:

ip address (access-lists): acl1

Set clauses:

ip vrf red next-hop 1.1.1.1 track-id 200

PBR and VLT

When you configure PBR in a VLT setup, configure the same PBR rules on both VLT peers.

In the following example, traffic originates from A and is destined to B. The traffic is redirected to C using a PBR rule through

the VLT port channel. When the VLT port channel interface goes down, the traffic still reaches C through VLTi.

994

Layer 3