HPE Community
Comware Based
1752525 Members
4861 Online
108788 Solutions
New Discussion

Re: Policy based routing with tracking/nqa

 
pattap
Regular Advisor

‎06-07-2018 07:38 AM

‎06-07-2018 07:38 AM

Policy based routing with tracking/nqa

Hi All

JPBR.PNG

Currently there's a policy based route on 3600 which tells the switch to send the traffic sourced from A rane to be send via Primary GRE. I'm trying add track option to "apply ip-address next-hop" statement within PBR. Now I guess if I set my track nqa to be checking next hop's IP [GRE DC1 END] address and this is not available PBR would not take any actions and traffic in question would be send based on routing table, correctly me if I'm wrong. How do I tell the switch to use backup GRE if the primary tunnel fails?

Current config:

policy-based-route test permit node 5
if-match acl 3333
apply ip-address next-hop [GRE DC1 END] 

0 Kudos
2 REPLIES 2
pattap
Regular Advisor

‎06-08-2018 12:34 AM - edited ‎06-11-2018 07:06 AM

‎06-08-2018 12:34 AM - edited ‎06-11-2018 07:06 AM

Re: Policy based routing with tracking/nqa

I came up with this, let me know your thoughts

policy-based-route GUEST_TRAFFIC permit node 5
   if-match acl 3333
   apply ip-address next-hop [DC-1 IP] track 1
#
policy-based-route GUEST_TRAFFIC permit node 10
   if-match acl 3333
   apply ip-address next-hop [DC-2 IP] track 2 # I think there's no need for track here 
#
nqa entry DC1-GRE ping
 type icmp-echo
  destination ip [DC-1 IP]
  reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
#
nqa entry DC2-GRE ping
 type icmp-echo
  destination ip [DC-2 IP]
  reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
#
track 1 nqa entry DC1-GRE ping reaction 1
track 2 nqa entry DC2-GRE ping reaction 1
#
interface Vlan-interface2
 description "GUEST_TRAFFIC"
 ip address 10.0.0.1 24
 dhcp select relay
 dhcp relay server-select 1
 ip policy-based-route GUEST_TRAFFIC
#
acl number 3333 name GUEST_TRAFFIC
 rule 0 permit ip source 10.0.0.0 0.0.0.255
0 Kudos
pattap
Regular Advisor

‎06-14-2018 05:57 AM

‎06-14-2018 05:57 AM

Re: Policy based routing with tracking/nqa

I might have overcomplicated things a little bit, I have used the config below and managed to test it briefly, I think this works fine. I will be able to run better test to make sure this behaves as expected I have also case opened with HP to be sure

policy-based-route GUEST_TRAFFIC permit node 5
   if-match acl 3333
   apply ip-address next-hop [DC-1 IP] track 1  [DC-2 IP] 
#
nqa entry DC1-GRE ping
 type icmp-echo
  destination ip [DC-1 IP]
  frequency 2000
  reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only
#
track 1 nqa entry DC1-GRE ping reaction 1
#
interface Vlan-interface2
 description "GUEST_TRAFFIC"
 ip policy-based-route GUEST_TRAFFIC
#
acl number 3333 name GUEST_TRAFFIC
 rule 0 permit ip source 10.0.0.0 0.0.0.255
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.