R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

101

102

103

104

105

106

107

108

109

110

Blackhole-type inline forwarding configuration example

1. Network requirements

Packets coming from GigabitEthernet 0/1 must be discarded. In this case, you can configure

blackhole-type inline forwarding on Ethernet 0/1.

2. Configuration procedure

# Create a blackhole-type inline forwarding policy.

• Select Network > Forwarding in the navigation tree. On the page, click Add.

• Type policy ID 1.

• Select Blackhole as the policy type.

• Select GigabitEthernet0/1 from the Port 1 drop-down list.

• Click Apply.

Configuration guidelines

When configuring inline forwarding, note the following:

1. Inline forwarding is applicable to Layer 2 Ethernet interfaces and subinterfaces.

2. If you assign a subinterface to an inline forwarding entry, note the following:

• To make the entry take effect, the interface must be assigned to the VLAN of which the ID is used as

the subinterface number. For example, if the subinterface GigabitEthernet 0/1.2 is assigned to an

inline forwarding entry, the interface GigabitEthernet 0/1 must be assigned to VLAN 2 so that the

inline forwarding can be implemented.

• If an interface and its subinterface are assigned to different inline forwarding entries, the

forwarding entry with the main interface takes precedence. For example, the interfaces

GigabitEthernet 0/1 and GigabitEthernet 0/2 are assigned to one inline forwarding entry, and the

subinterfaces GigabitEthernet 0/1.2 and GigabitEthernet 0/2.3 are assigned to another

forwarding entry; then the data received from GigabitEthernet 0/1 is forwarded through the

interface GigabitEthernet 0/2, and vise versa.

Configuring inline Layer 2 forwarding in the CLI

A complete inline Layer 2 forwarding configuration contains an ID, which uniquely identifies an inline

forwarding entry, and two interfaces. A packet coming from one interface goes out of the other. Inline

Layer 2 forwarding is supported on Layer 2 ports only.

Configuring inline Layer 2 forwarding

Follow these steps to configure inline Layer 2 forwarding:

To do… Use the command…

Remarks

Enter system view system-view —

Configure an inline forwarding

entry

inline-interfaces id [ blackhole |

reflect ]

Required

Enter Ethernet interface view

interface interface-type

interface-number

—