Specifications
ip-policy permit
298 SSR Command Line Interface Reference Manual
ip-policy permit
Purpose
Specifies gateways and actions for IP policies
Format
ip-policy <name> permit acl <aclname>|everything-else [sequence <num>]
[next-hop-list <ip-addr-list>|null] [action policy-first|policy-last|policy-only]
Mode
Configure
Description
The ip-policy permit command allows you to specify the next-hop gateway where
packets matching a given profile should be forwarded. You can specify up to four next-
hop gateways for an IP policy. Packets matching a profile you defined with an acl
command are forwarded to the next-hop gateway.
You can specify when to apply the IP policy route with respect to dynamic or statically
configured routes. You can cause packets to use the IP policy route first, then the dynamic
route if the next-hop gateway is unavailable; use the dynamic route first, then the IP
policy route; or drop the packets if the next-hop gateway is unavailable.
Parameters
<name>
Is the name of an IP policy.
acl <aclname>
Is the name of the ACL profile of the packets to be forwarded using an IP policy.
Profiles are created with the acl command. The ACL may contain either permit or
deny keywords. The ip-policy permit command only looks at the following ACL rule
parameter values: protocol, source IP address, destination IP address, source port,
destination port, and TOS.
everything-else
Specifies that all packets not specified using policy-based routing (i.e., with the ip-
policy deny command) are forwarded to the next-hop gateway.