Policy-Based Routing (PBR)
NOTE
- match はパケット長かACL/Prefix List
R2(config-route-map)#match length ? <0-2147483647> Minimum packet length R2(config-route-map)#match ip address ? <1-199> IP access-list number <1300-2699> IP access-list number (expanded range) WORD IP access-list name prefix-list Match entries of prefix-lists
- set は色々
R2(config-route-map)#set ip next-hop ? A.B.C.D IP address of next hop dynamic application dynamically sets next hop encapsulate Encapsulation profile for VPN nexthop peer-address Use peer address (for BGP only) recursive Recursive next-hop self Use self address (for BGP only) verify-availability Verify if nexthop is reachable
- IP SLA を使ったverify-availability
– IP SLA で10.2.4.4の正常を認識できている時は10.2.4.4に
– 10.2.4.4がNGの時は10.2.6.6
– それもダメな時はルーティングテーブルに従う
track 1 ip sla 1 state ! interface FastEthernet0/0 ip policy route-map PBR ! ip sla 1 icmp-echo 10.2.4.4 source-interface FastEthernet0/2 ip sla schedule 1 life forever start-time now ! route-map PBR permit 10 match ip address 1 set ip next-hop verify-availability 10.2.4.4 1 track 1 set ip next-hop 10.2.6.6 ! access-list 1 permit 10.1.2.0 0.0.0.255
- CDP を使ったverify-availability のroute-map部分
route-map PBR permit 10 match ip address 1 set ip next-hop 10.2.4.4 10.2.6.6 set ip next-hop verify-availability
- 再帰ネクストホップ
直接接続されていないIPを指定できる(但し、宛先経路は持っていること)
set ip next-hop recursive
Local PBR
NOTE
- 自ルータ生成のパケットをPBRさせる
- IP Routing Protocol-Independent Commands
ip local policy route-map
R2(config)#ip local policy route-map ? WORD Route map name
コメント