Users Guide
• Source port
• Destination port
• TCP Flags
After a redirect-list is applied to an interface, all traffic passing through it is subjected to the rules defined in the redirect-list.
The traffic is forwarded based on the following:
• Next-hop addresses are verified. If the specified next hop is reachable, the traffic is forwarded to the specified next-hop.
• If the specified next-hops are not reachable, the normal routing table is used to forward the traffic.
• Dell Networking OS supports multiple next-hop entries in the redirect lists.
• Redirect-lists are applied at Ingress.
PBR with Redirect-to-Tunnel Option:
The user can provide a tunnel id for a redirect rule. In this case, the resolved next hop would be the tunnel interface IP. The qualifiers of
the rule would be pertaining to the inner IP details. For next hop to be a tunnel interface user needs to provide tunnel id mandatory.
Instead if user provides the tunnel destination IP as next hop, that would be treated as IPv4 next hop and not tunnel next hop.
PBR with Multiple Tacking Option:
Policy based routing with multiple tracking option extends and introduces the capabilities of object tracking to verify the next hop IP
address before forwarding the traffic to the next hop. The verification method is made transparent to the user. The multiple tracking
options feature is most suitable for routers which have multiple devices as the next hop (primarily indirect next-hops and/or Tunnel
Interfaces in this case). It allows you to backup Indirect Next-hop with another, choose the specific Indirect Next-hop and/or Tunnel
Interface which is available by sending ICMP pings to verify reach ability and/or check the Tunnel Interface UP or DOWN status, and then
route traffic out to that next-hop and/or Tunnel Interface
Implementing Policy-based Routing with Dell
Networking OS
• Non-contiguous bitmasks for PBR
• Hot-Lock PBR
Non-Contiguous Bitmasks for PBR
Non-contiguous bitmasks for PBR allows more granular and flexible control over routing policies. Network addresses that are in the middle
of a subnet can be included or excluded. Specific bitmasks can be entered using the dotted decimal format.
Hot-Lock PBR
Ingress and egress Hot Lock PBR allows you to add or delete new rules into an existing policy (already written into content address
memory [CAM]) without disruption to traffic flow. Existing entries in CAM are adjusted to accommodate the new entries. Hot Lock PBR is
enabled by default.
Configuration Task List for Policy-based Routing
To enable the PBR:
• Create a Redirect List
• Create a Rule for a Redirect-list
• Create a Track-id list. For complete tracking information, refer to Object Tracking chapter.
• Apply a Redirect-list to an Interface using a Redirect-group
PBR Exceptions (Permit)
Use the command permit to create an exception to a redirect list. Exceptions are used when a forwarding decision should be based on
the routing table rather than a routing policy.
Dell Networking OS assigns the first available sequence number to a rule configured without a sequence number and inserts the rule into
the PBR CAM region next to the existing entries. Because the order of rules is important, ensure that you configure any necessary
sequence numbers.
The permit statement is never applied because the redirect list covers all source and destination IP addresses.
Policy-based Routing (PBR)
497