Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
861862863864865866867868869870
840
53BConfiguring IPv6 policy-based routing
IPv6 policy-based routing can be configured only at the CLI.
312B
Feature and hardware compatibility
Hardware IPv6
p
olic
y
-based routin
g
com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 Yes
Firewall module Yes
U200-A Yes
U200-S No
313B
Introduction to IPv6 policy-based routing
966BWhat is policy-based routing
Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route
packets based on the source address, packet length, and other criteria. A policy can specify the output
interface, next hop, default output interface, default next hop, and other parameters for packets that
match specific criteria such as ACLs or have specific lengths.
A device uses PBR to forward matching packets and uses the routing table to forward other packets. If
PBR is not configured, a device uses the routing table to forward packets.
PBR falls into local PBR and interface PBR.
Local PBR guides the forwarding of locally generated packets, such as the ICMP packets generated
by using the ping command.
Interface PBR guides the forwarding of packets received on an interface only.
967BPolicy
An IPv6 policy comprises match criteria and actions to be taken on the matching packets. A policy can
comprise one or multiple nodes. The following describes information about nodes:
Each node is identified by a node number. A smaller node number has a higher priority.
A node comprises if-match and apply clauses. An if-match clause specifies a match criterion, and
an apply clause specifies an action.
A node has a match mode of permit or deny.