Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806

341

342

343

344

345

346

347

348

349

350

Chapter 13. ACLs | 343

NETGEAR 8800 User Manual

Example—Network Diagram

Any premium customer should use high-speed backbone for IPv4 Unicast traffic. Traffic from

the Source IP = 211.10.15.0/24, 211.10.16.0/24 network blocks should be redirected into two

routers: 192.168.2.2 and 192.168.2.3. The 192.168.2.2 router is preferred to 192.168.2.3. If

router 192.168.2.2 is not reachable, 192.168.2.3 should be used. If both routers are not

reachable, the default route is used.

Use the following procedure:

1. Create a flow-redirect to keep nexthop IP address and health check information.

create flow-redirect premium_subscriber

config flow-redirect premium_subscriber add nexthop 192.168.2.2 priority 200

config flow-redirect premium_subscriber add nexthop 192.168.2.3 priority 100

2. Add an ACL entry with a flow-redirect name action to the existing ACL policy (For example:

premium_user.pol).

entry premium_15 {

if match {

source-address 211.10.15.0/24;

} then {

permit;

redirect-name premium_subscriber;

}

High Speed

Backbone

Low Speed

Backbone

Premium Subscriber

(IP Block: 211.10.15.0/24)

Normal Subscriber

(IP Block: 211.9.1.0/24)

Premium Subscriber

(IP Block: 211.10.16.0/24)

Normal Subscriber

(IP Block: 211.9.2.0/24)

192.168.1.0/30 192.168.1.4/30

192.168.1.8/30

192.168.2.0/29

L2 S/W

PBR L3 S/W

Low Speed

Backbone Router

High Speed

Backbone Router

High Speed

Backbone Router

192.168.1.5

192.168.1.6

192.168.1.2

192.168.1.1

192.168.1.10

192.168.1.9

192.168.2.1

192.168.2.2 192.168.2.3