3 applying an ip policy to an interface, 2 ip policy configuration examples, Applying an ip policy to an interface -5 – Riverstone Networks WICT1-12 User Manual
Page 477: Ip policy configuration examples -5
Riverstone Networks RS Switch Router User Guide Release 8.0 20-5
IP Policy-Based Forwarding Configuration
IP Policy Configuration Examples
Application verification, whether a simple TCP handshake or a user-defined action-response check, involves opening
and closing a connection to a next-hop gateway. Some applications require specific commands for proper closure of
the connection. For example, a connection to an SMTP server application should be closed with the “quit” command.
You can configure the RS to send a specific string to close a connection on a server.
The following is an example of how to configure a simple verification check where the RS will issue an HTTP
command to retrieve an HTML page and check for the string ‘OK’:
20.1.3
Applying an IP Policy to an Interface
After you define the IP policy, it must be applied to an inbound IP interface with the
ip-policy apply
command.
Once the IP policy is applied to the interface, packets start being forwarded according to the IP policy. (See the
Riverstone RS Switch Router Command Line Interface Reference Manual for complete syntax information for the
ip-policy apply
command.)
For example, the following command applies the IP policy ‘p2’ to the interface ‘int2’:
Applying an IP Policy to Locally Generated Packets
You can apply an IP policy to locally-generated packets (that is, packets generated by the RS). For example, the
following command applies the IP policy ‘p2’ to locally-generated packets:
20.2 IP POLICY CONFIGURATION EXAMPLES
This section presents some examples of IP policy configurations. The following uses of IP policies are demonstrated:
•
Routing traffic to different ISPs
•
Prioritizing service to customers
•
Authenticating users through a firewall
•
Firewall load balancing
rs(config)#
ip-policy p1 set pinger-options acv-command “GET /test.html” acv-reply “OK”
read-till index 25
rs(config)#
ip-policy p2 apply interface int2
rs(config)#
ip-policy p2 apply local