20 ip policy-based forwarding configuration, 1 configuring ip policies, Ip policy-based forwarding configuration -1 – Riverstone Networks WICT1-12 User Manual

Riverstone Networks RS Switch Router User Guide Release 8.0 20-1

20 IP POLICY-BASED FORWARDING

CONFIGURATION

You can configure the RS to route IP packets according to policies that you define. IP policy-based routing allows
network managers to engineer traffic to make the most efficient use of their network resources.

IP policies forward packets based on layer-3 or layer-4 header information. You can define IP policies to route
packets to a set of next-hop IP addresses based on any combination of the following IP header fields:

•

IP protocol

•

Source IP address

•

Destination IP address

•

Source Socket

•

Destination Socket

•

Type of service

For example, you can set up an IP policy to send packets originating from a certain network through a firewall,
while letting other packets bypass the firewall. Sites that have multiple Internet service providers can use IP
policies to assign user groups to particular ISPs. You can also create IP policies to select service providers based
on various traffic types.

20.1 CONFIGURING IP POLICIES

To implement an IP policy, you first create a profile for the packets to be forwarded using an IP policy. For
example, you can create a profile defined as “all telnet packets going from network 9.1.0.0/16 to network
15.1.0.0/16”. You then associate the profile with an IP policy. The IP policy specifies what to do with the packets
that match the profile. For example, you can create an IP policy that sends packets matching a given profile to
next-hop gateway 100.1.1.1.

Configuring an IP policy consists of the following tasks:

•

Defining a profile

•

Associating the profile with a policy

•

Applying the IP policy to an interface