Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

661

662

663

664

665

666

667

668

669

670

• Destination port

• TCP Flags

After you apply a redirect-list to an interface, all trac passing through it is subjected to the rules dened in the redirect-list.

Trac is forwarded based on the following:

• Next-hop addresses are veried. If the specied next hop is reachable, trac is forwarded to the specied next-hop.

• If the specied next-hops are not reachable, the normal routing table is used to forward the trac.

• Dell Networking OS supports multiple next-hop entries in the redirect lists.

• Redirect-lists are applied at Ingress.

PBR with Redirect-to-Tunnel Option:

You can provide a tunnel ID for a redirect rule. In this case, the resolved next hop is the tunnel interface IP. The qualiers of the rule pertain

to the inner IP details. You must provide a tunnel ID for the next hop to be a tunnel interface. If you do not provide the tunnel destination IP

as the next hop, the next hop is treated as an IPv4 next hop and not a tunnel next hop.

PBR with Multiple Tracking Option:

PBR with the multiple tracking option enabled extends and introduces the capabilities of object tracking to verify the next hop IP address

before forwarding the trac to the next hop. The multiple tracking options feature is most suitable for routers which have multiple devices

as the next hop (primarily indirect next-hops and/or Tunnel Interfaces). These options allow you to backup Indirect next-hop with another.

Choose the specic Indirect next-hop and/or Tunnel interface which is available by sending ICMP pings to verify the reach ability and/or

check the Tunnel interface UP or DOWN status, and then route trac out to that next-hop and/or Tunnel Interface

Implementing PBR

• Non-contiguous bitmasks for PBR

• Hot-Lock PBR

Non-Contiguous Bitmasks for PBR

Non-contiguous bitmasks for PBR allows more granular and exible control over routing policies. You can include or exclude network

addresses that are in the middle of a subnet can be included or excluded. Enter specic bitmasks using the dotted decimal format.

Dell#show ip redirect-list

IP redirect-list rcl0:

Defined as:

seq 5 permit ip 200.200.200.200 200.200.200.200 199.199.199.199 199.199.199.199

seq 10 redirect 1.1.1.2 tcp 234.224.234.234 255.234.234.234

222.222.222.222/24

seq 40 ack, Next-hop reachable(via Te 8/1)

Applied interfaces:

Te 8/2

Hot-Lock PBR

Ingress and egress Hot lock PBR allows you to add or delete new rules into an existing policy (already written into content address memory

[CAM]) without disruption to trac ow. Existing entries in content addressable memory (CAM) are adjusted to accommodate the new

entries. Hot Lock PBR is enabled by default.

Conguration Task List for Policy-based Routing

This section explains how to congure PBR on the system.

• Create a Redirect List

• Create a Rule for a Redirect-list

• Create a Track-ID list

Policy-based Routing (PBR)

669