policy-based-routing

Note

requires a Turbo Router Network License.

Configure the policy-based routing.

vrouter running config# vrf <vrf> routing policy-based-routing

ipv4-rule

Configure an IPv4 rule.

vrouter running config# vrf <vrf> routing policy-based-routing
vrouter running policy-based-routing# ipv4-rule <0-99999> [not] \
...   match inbound-interface INBOUND-INTERFACE mark MARK source SOURCE destination DESTINATION \
...   action lookup LOOKUP

<0-99999>

Priority of the rule. High number means lower priority.

not

Invert the match.

not

match

Configure the packet selector.

match inbound-interface INBOUND-INTERFACE mark MARK source SOURCE destination DESTINATION

inbound-interface

Match this incoming interface.

inbound-interface INBOUND-INTERFACE

INBOUND-INTERFACE

An interface name.

mark

Match this mark filter.

mark MARK

MARK values

Description

<0x0-0xffffffff>

Firewall mark.

<0x0-0xffffffff/0x0-0xffffffff>

Firewall mark filter.

source

Match this source address or prefix.

source SOURCE

SOURCE values

Description

<A.B.C.D>

An IPv4 address.

<A.B.C.D/M>

An IPv4 prefix: address and CIDR mask.

destination

Match this destination address or prefix.

destination DESTINATION

DESTINATION values

Description

<A.B.C.D>

An IPv4 address.

<A.B.C.D/M>

An IPv4 prefix: address and CIDR mask.

outbound-interface (state only)

Match this outgoing interface.

vrouter> show state vrf <vrf> routing policy-based-routing ipv4-rule <0-99999> match outbound-interface

tos (state only)

Match this tos.

vrouter> show state vrf <vrf> routing policy-based-routing ipv4-rule <0-99999> match tos

other (state only)

Match a specific attribute.

value (state only)

The value to match.

vrouter> show state vrf <vrf> routing policy-based-routing ipv4-rule <0-99999> match other <string> value

action

Configure the action for packets matching the selector.

action lookup LOOKUP

lookup (mandatory)

Lookup in this table.

lookup LOOKUP

LOOKUP values

Description

<uint32>

Table type.

local

High priority control routes for local and broadcast addresses (table 255).

main

Normal routing table, containing all non-policy routes (table 254).

default

Reserved for some post-processing if no previous default rules selected the packet (table 253).

goto (state only)

Jump to the specified priority rule.

vrouter> show state vrf <vrf> routing policy-based-routing ipv4-rule <0-99999> action goto

other (state only)

Other actions.

vrouter> show state vrf <vrf> routing policy-based-routing ipv4-rule <0-99999> action other

ipv6-rule

Configure an IPv6 rule.

vrouter running config# vrf <vrf> routing policy-based-routing
vrouter running policy-based-routing# ipv6-rule <0-99999> [not] \
...   match inbound-interface INBOUND-INTERFACE mark MARK source SOURCE destination DESTINATION \
...   action lookup LOOKUP

<0-99999>

Priority of the rule. High number means lower priority.

not

Invert the match.

not

match

Configure the packet selector.

match inbound-interface INBOUND-INTERFACE mark MARK source SOURCE destination DESTINATION

inbound-interface

Match this incoming interface.

inbound-interface INBOUND-INTERFACE

INBOUND-INTERFACE

An interface name.

mark

Match this mark filter.

mark MARK

MARK values

Description

<0x0-0xffffffff>

Firewall mark.

<0x0-0xffffffff/0x0-0xffffffff>

Firewall mark filter.

source

Match this source address or prefix.

source SOURCE

SOURCE values

Description

<X:X::X:X>

An IPv6 address.

<X:X::X:X/M>

An IPv6 prefix: address and CIDR mask.

destination

Match this destination address or prefix.

destination DESTINATION

DESTINATION values

Description

<X:X::X:X>

An IPv6 address.

<X:X::X:X/M>

An IPv6 prefix: address and CIDR mask.

outbound-interface (state only)

Match this outgoing interface.

vrouter> show state vrf <vrf> routing policy-based-routing ipv6-rule <0-99999> match outbound-interface

tos (state only)

Match this tos.

vrouter> show state vrf <vrf> routing policy-based-routing ipv6-rule <0-99999> match tos

other (state only)

Match a specific attribute.

value (state only)

The value to match.

vrouter> show state vrf <vrf> routing policy-based-routing ipv6-rule <0-99999> match other <string> value

action

Configure the action for packets matching the selector.

action lookup LOOKUP

lookup (mandatory)

Lookup in this table.

lookup LOOKUP

LOOKUP values

Description

<uint32>

Table type.

local

High priority control routes for local and broadcast addresses (table 255).

main

Normal routing table, containing all non-policy routes (table 254).

default

Reserved for some post-processing if no previous default rules selected the packet (table 253).

goto (state only)

Goto to the specified priority rule.

vrouter> show state vrf <vrf> routing policy-based-routing ipv6-rule <0-99999> action goto

other (state only)

Other actions.

vrouter> show state vrf <vrf> routing policy-based-routing ipv6-rule <0-99999> action other