Policy-based routing configuration, Introduction to policy-based routing, What is policy-based routing – H3C Technologies H3C SecBlade NetStream Cards User Manual

Page 93: Policy, Node, If-match clause

Advertising
background image

78

Policy-based routing configuration

This chapter includes these sections:

Introduction to policy-based routing

Configuring PBR

Displaying and maintaining PBR configuration

Introduction to policy-based routing

What is policy-based routing

Policy-based routing (PBR) is a routing mechanism based on user-defined policies. Different from the

traditional destination-based routing mechanism, PBR enables you to use a policy to route packets based

on the source address, packet length, and other criteria. You can specify the packet priority, outgoing

interface, next hop, default outgoing interface, default next hop, and other parameters to guide the
forwarding of packets that match specific ACLs or have specific lengths.
PBR involves local PBR and interface PBR.

Local PBR applies to locally generated packets only, such as the ICMP packets generated by using
the ping command.

Interface PBR applies to packets forwarded through the interface only.

In most cases, interface PBR is implemented to meet the forwarding and security requirements.
In general, PBR takes precedence over destination-based routing. PBR applies to the packets matching
the specified criteria, and other packets are forwarded through destination-based routing. However, if

PBR has a default outgoing interface (next hop) configured, destination-based routing takes precedence

over PBR.

Policy

A policy that comprises one or multiple nodes is used to route IP packets.

Node

A node is identified by a node number. The node with the smallest node number has the highest priority.
A policy node consists of if-match and apply clauses. An if-match clause specifies a match criterion on

a node, and an apply clause specifies an action to be taken on packets.
The action to be taken on matched packets depends on the match mode, which can be permit or deny.

if-match clause

The following types of if-match clauses are available: if-match packet-length and if-match acl.
You can specify only one if-match clause of each type in a policy node. There is an AND relationship

between if-match clauses on a node. A packet must satisfy all the if-match clauses of the node before the

action specified by the apply clause is taken.

Advertising
This manual is related to the following products:

H3C S10500 Series Switches, H3C S7500E Series Switches, H3C S6800 Series Switches, H3C S6300 Series Switches, H3C S5800 Series Switches, H3C S5820X Series Switches, H3C S5820V2 Series Switches, H3C S5830 Series Switches, H3C S5830V2 Series Switches, H3C S3600V2 Series Switches, H3C S3100V2 Series Switches

Popular Brands
Popular manuals