White Papers
17 Using Policy Based Routing and Access Control Lists in a Virtualized Network
N3048
VLAN 10
1.1.1.1
VLAN 20
2.2.2.1
Servers X, Y, Z
Servers A, B, C
1.1.1.50–52
2.2.2.2
1.1.1.x
AnyAny
3.3.3.3
1.1.1.x
3.3.3.3-5
IP addresses on network Figure 5.
The following commands are used to configure the Dell Networking N3048.
Create Access-list with source IP addresses of servers ABC…
console(config)#ip access-list servers-ABC
console(config-ip-acl)#permit ip host 1.1.1.50 any
console(config-ip-acl)#permit ip host 1.1.1.51 any
console(config-ip-acl)#permit ip host 1.1.1.52 any
console(config-ip-acl)#exit
Create Access-list with destination IP addresses of servers XYZ…
console(config)#ip access-list allow-1-1-1-clients
console(config-ip-acl)#permit ip any host 3.3.3.3
console(config-ip-acl)#permit ip any host 3.3.3.4
console(config-ip-acl)#permit ip any host 3.3.3.5
console(config-ip-acl)#exit
Create Route-Map using both Access-lists to exempt servers from policy
routing while re-routing clients over VLAN 20…
console(config)#route-map clients-to-XYZ deny 10
console(route-map)#match ip address servers-ABC