F3215-HP Load Balancing Module Network Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

321

322

323

324

325

326

327

328

329

330

312

Table 28 Priorities and meanings of apply clauses

Clause Meanin

Priorit

apply access-vpn

vpn-instance

Sets VPN instances.

If this clause is configured, other apply clauses, except

the apply ip-df zero clause, are not executed.

If a packet matches a forwarding entry of a specified

VPN instance, it is forwarded in the VPN instance. If it

does not match any entry in all VPN instances

specified, it is discarded.

apply ip-precedence Sets an IP precedence.

If the apply access-vpn vpn-instance clause is not

configured, this clause is always executed.

apply

output-interface and

apply ip-address

next-hop

Sets the output interface and

sets the next hop.

The apply output-interface clause takes precedence

over the apply ip-address next-hop clause. Only the

apply output-interface clause is executed when both

are configured.

apply default

output-interface and

apply ip-address

default next-hop

Sets the default output

interface and sets the default

next hop.

The apply default output-interface clause takes

precedence over the apply ip-address default next-hop

clause. Only the apply default output-interface clause

is executed when both are configured.

They take effect only when no output interface or next

hop is set or the output interface and next hop are

invalid, and the packet does not match any route in the

routing table.

Relationship between the match mode and clauses on a node

Does a packet match all the

if-match clauses on the

node?

Match mode

permit deny

Yes

PBR executes the apply clause on the

node.

The packet is forwarded according

to the routing table.

PBR matches the packet against the

next node.

PBR matches the packet against the

next node.

All packets can match a node where no if-match clauses are configured.

If a permit-mode node has no apply clause, packets matching all the if-match clauses of the node are

forwarded according to the routing table.

If a node has no if-match or apply clauses configured, all packets can match the node and are

forwarded according to the routing table.

PBR and track

You can use track to monitor the output interface, default output interface, next hop, and default next hop

for PBR so that PBR can discover link failures faster. PBR takes effect when the status of the associated

track entry is positive or invalid.

For more information about track-PBR collaboration, see High Availability Configuration Guide.