3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

271

272

273

274

275

276

277

278

279

280

SELECTIVE ROUTE CONFIGURATION

Selective Route

Overview

Selective route implements access control on network resources by controlling

packet forwarding. Compared with access control implemented using ACLs only,

using selective routes for access control requires easy configuration and saves

system resources.

Selective route works as follows. The router matches the packet received against

the ACL applied. If the packet meets the filtering rule, the router forwards the

packet; otherwise, the router drops the packet, so as to implement access control

on network resources.

Configuring Selective

Route

Selective Route

Configuration Example

Network requirements

In the network topology shown in Figure 66:

■ HostA (whose IP address is 59.67.69.8) and HostB (whose IP address is

59.67.70.52) are allowed access to all external network resources.

■ Other users are allow to access these external networks only: 58.17.0.0/16 and

193.194.158.0/24.

■ Switch accesses the external network through 59.67.64.14.

Table 194 Configure selective route

Operation Command Description

Enter system view system-view -

Configure the static ARP entry

of the next hop of the

selective route

arp static ip-address

mac-address [ vlan-id

interface-type

interface-number ]

Required

Configure the filtering rules of

the selective route

selective-route if-match

ip-group { acl-bas-number |

acl-adv-number | acl-name } [

rule rule-id ] [ system-index

system-index ] next-hop

ip-address

Required

Configure the selective route

ip route-static ip-address {

mask | mask-length } {

interface-type

interface-number |

gateway-address } [

preference value ] blackhole

selective

Required