Manualshelf

White Papers

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N2000 Series
11121314151617181920
18 Using Policy Based Routing and Access Control Lists in a Virtualized Network
console(route-map)#exit
console(config)#route-map clients-to-XYZ permit 20
console(route-map)#match ip address allow-1-1-1-clients
console(route-map)#set ip next-hop 2.2.2.2
console(route-map)#exit
Note: Matches on deny route-maps automatically reverts packets to traditional routing and the policy
routing is ignored. For this reason there is no SET statement for the first MATCH statement above.
Assign Route-Map and IP address to VLAN…
console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface vlan 10
console(config-if-vlan10)#ip address 1.1.1.1 255.255.255.0
console(config-if-vlan10)#ip policy route-map clients-to-XYZ
console(config-if-vlan10)#exit
Remaining commands to configure traditional routing on the Dell N3048 as
shown in Figure 5 (if not previously configured)
console(config)#ip routing
console(config)#vlan 20
console(config-vlan20)#exit
console(config)#interface vlan 20
console(config-if-vlan20)#ip address 2.2.2.1 255.255.255.0
console(config-if-vlan20)#exit
console(config)#interface range gi1/0/1-10
console(config-if)#switchport access vlan 10
console(config)#interface range gi1/0/11-20
console(config-if)#switchport access vlan 20
The route-map clients-to-XYZ” is applied to all incoming packets on VLAN 10. Each packet is compared
to see if it is from one of the servers A, B, or C, and at the same time compared to see if it is on its way to
servers X, Y, or Z.
If it matches both then it means the packet is from either server A, B, or C, and will not be routed
using policy routing, but will still be routed as normal.
If it matches only the deny 10” statement it also means it is from server A, B, or C, and again will
not be routed using policy routing, but will still be routed as normal.
If it matches only the “permit 20” statement it means it is not from server A, B, or C, and it also
means it is on its way to servers X, Y, or Z. In this case, the packet will be policy routed over VLAN
20.
All other packets are forwarded as per normal L3 destination-based routing.