Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 1252
1244
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
25
match, action is taken based on the mark clause specified in the route-map. In case of no match,
the route-map entry with the next highest precedence is applied. If the incoming packet does not
match any of the route-map entries, it is subjected to typical destination-based routing. Each
route-map entry can optionally enable/disable logging.
The following criteria can optionally be used as traffic selection segregation criteria:
•
IP Access List - A typical IP ACL can be used for routing traffic. The mark and log actions in ACL
rules however are neglected. Route-map entries have separate logging. Only one ACL can be
configured per route map entry.
ACL rules configured under route map entries merge to create a single ACL. Route map
precedence values determine the prioritization of the rules in this merged ACL. An IP DSCP
value is also added to the ACL rules.
•
IP DSCP - Packet filtering can be performed by traffic class, as determined from the IP
Differentiated Services Code Point (DSCP) field. One DSCP value can be configured per route
map entry. If IP ACLs on a WLAN, ports or SVI mark packets, the new/marked DSCP value is
used for matching.
•
Incoming WLAN - Packets can be filtered on the basis of the incoming WLAN. Depending on
whether the receiving device has an onboard radio or not, the following two scenarios are
possible:
•
Device with an onboard radio: If a device having an onboard radio and capable of PBR
receives a packet on a local WLAN, this WLAN is used for selection.
•
Device without an onboard radio: If a device, without an onboard radio, capable of PBR
receives a packet from an extended VLAN, it passes the WLAN information in the MiNT
packet to the PBR router. The PBR router uses this information as match criteria.
•
Client role - The client role can be used as match criteria, similar to a WLAN. Each device has to
agree on a unique identifier for role definition and pass the same MINT tunneled packets.
•
Incoming SVI - A source IP address qualifier in an ACL typically satisfies filter requirements. But
if the source host (where the packet originates) is multiple hops away, the incoming SVI can be
used as match criteria. In this context the SVI refers to the device interface performing PBR,
and not to the source device.
Mark (or action) clauses determine the routing function when a packet satisfies match criteria. If
no mark clauses are defined, the default is to fallback to destination-based routing for packets
satisfying the match criteria. If no mark clause is configured and fallback to destination-based
routing is disabled, then the packet is dropped. The mark clause defines one of following actions:
•
Next hop - The IP address of the next hop or the outgoing interface through which the packet
should be routed. Up to two next hops can be specified. The outgoing interface should be a
PPP, a tunnel interface or a SVI which has DHCP client configured. The first reachable hop
should be used. But if all next hops are unreachable, typical destination-based route lookup is
performed.
•
Default next hop - If a packet subjected to PBR does not have an explicit route to the
destination, the configured default next hop is used. This can be either the IP address of the
next hop or the outgoing interface. Only one default next hop can be defined. The difference
between the next hop and the default next-hop is: in case of the former, PBR occurs first, then
destination-based routing. In case of the latter, the order is reversed. In both cases:
.a If a defined next hop is reachable, it is used. If fallback is configured refer to
(b).