Configuring ip policies, Defining an acl profile, Associating the profile with an ip policy – Cabletron Systems SmartSwitch User Manual

Page 210

Advertising
background image

Chapter 13: IP Policy-Based Forwarding Configuration Guide

210

SmartSwitch Router User Reference Manual

different ISPs. You can also create IP policies to select service providers based on various
traffic types.

Other uses for IP policy routing include transparent web caching, where all HTTP
requests are directed to a local cache server, saving WAN access bandwidth and costs. An
ISP can use policy-based routing on an access router to supply high-priority customers
with premium levels of service.

Configuring IP Policies

To implement an IP policy, you first create a profile for the packets to be forwarded using
an IP policy. For example, you can create a profile defined as “all telnet packets going from
network 9.1.0.0/16 to network 15.1.0.0/16”. You then associate the profile with an IP
policy. The IP policy specifies what to do with the packets that match the profile. For
example, you can create an IP policy that sends packets matching a given profile to next-
hop gateway 100.1.1.1.

Configuring an IP policy consists of the following tasks:

Defining a profile

Associating the profile with a policy

Applying the IP policy to an interface

Defining an ACL Profile

An ACL profile specifies the criteria packets must meet to be eligible for IP policy routing.
You define profiles with the acl command. For IP policy routing, the SSR uses the packet-
related information from the acl command and ignores the other fields.

For example, the following acl command creates a profile called “prof1” for telnet packets
going from network 9.1.1.5 to network 15.1.1.2:

See the SmartSwitch Router Command Line Interface Reference Manual for complete syntax
information for the acl command.

Note:

ACLs for non-IP protocols cannot be used for IP policy routing.

Associating the Profile with an IP Policy

Once you have defined a profile with the acl command, you associate the profile with an
IP policy by entering one or more ip-policy statements. An ip-policy statement specifies
the next-hop gateway (or gateways) where packets matching a profile are forwarded. To

ssr(config)# acl prof1 permit ip 9.1.0.0/16 15.1.0.0/16 any any telnet 0

Advertising
Popular Brands
Popular manuals