Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentSmartSwitch 1800
291292293294295296297298299300
SSR Command Line Interface Reference Manual 299
ip-policy permit
sequence <num>
If an IP policy is composed of more than one ip-policy statement, specifies the order
in which the statement is evaluated. Possible values are 1-65536. The ip-policy
statement with the lowest sequence number is evaluated first.
next-hop-list <ip-addr-list>|null
Is the IP address of one or more next-hop gateways. Packets matching the profile
specified in <aclname> are forwarded to one of the gateways specified here. You can
specify up to four gateways for each profile. If you specify more than one gateway,
enclose the list of IP addresses in quotes. You can define how the packet load is
distributed among multiple gateways with the ip-policy set load-policy command.
To drop packets that match the profile, use the null keyword.
action policy-first|policy-last|policy-only
Specifies how IP policies are applied with respect to dynamic or statically configured
routes. The following options are available:
policy-first Causes packets matching the specified profile to use the IP policy route
first. If the next-hop gateway specified in the IP policy is not reachable,
the dynamic route is used instead.
policy-last Causes packets matching the specified profile to be routed using
dynamic routes first. If a dynamic route is not available, then all packets
matching the profile are routed using the IP policy gateway.
policy-only Causes packets matching the specified profile to use the IP policy route.
If the next-hop gateway specified in the IP policy is not reachable, then
the packets are dropped.
Restrictions
ACLs for non IP protocols cannot be used for IP policy routing.
Examples
To create a profile called “prof1” for telnet packets from 9.1.1.5 to 15.1.1.2:
Note:
See “acl permit|deny ip” on page 45 for more information on creating profiles for
IP policy routing.
To cause packets matching prof1 (that is, telnet packets from 9.1.1.5 to 15.1.1.2) to be
forwarded to 10.10.10.10:
ssr(config)# acl prof1 permit ip 9.1.1.5 15.1.1.2 any any telnet 0
ssr(config)# ip-policy p5 permit acl prof1 next-hop-list 10.10.10.10