HPE Community
WAN Routing
1819681 Members
3540 Online
109605 Solutions
New Discussion юеВ

Need Help in configuring PBR Policy based routing

 
SOLVED
Go to solution
shinepothen
Frequent Advisor

тАО02-22-2017 10:48 PM

тАО02-22-2017 10:48 PM

Need Help in configuring PBR Policy based routing

Hi All

I am new to HP environment, i need to enable PBR on my H3C Comware.

I am migratiting these confiuration from a cisco device to a H3C Comware. i will paste the cisco configuration so that if any one can provide me the similary configuration for H3C Comware device.

interface GigabitEthernet0/0
ip policy route-map siteaccess

route-map siteaccess permit 10
 match ip address 115
 set ip next-hop 10.10.10.10
 
 access-list 115 permit ip host 10.10.11.252 host 10.10.30.38

we have set of users access from host 10.10.11.252 trying to access 10.10.30.38 if this condition matches the traffic has to be send to the device 10.1.01.0.10.

Please help me in getting the PBR configur for H3com device

 

 

 

 

 

0 Kudos
7 REPLIES 7
shinepothen
Frequent Advisor

тАО02-22-2017 11:17 PM

тАО02-22-2017 11:17 PM

Re: Need Help in configuring PBR Policy based routing

With the help of HP documents that i got i was able to create a PBR below are the commands.

Please let me know if there commands are correct. While creating the accesslist the device was asking for either tcp/udp how can i mention all ports required instead of specfying a single one.

interface ethernet 0/2
 ip policy route-policy siteaccess
 
 route-policy siteaccess permit 10
 if-match ip address 3001
 apply ip next-hop 10.10.10.10
 
 acl number 3001
 rule 0 permit tcp source 10.10.10.10 0 destination 10.10.30.38 0

All help and advise is appreciated

0 Kudos
HP-Browniee
Respected Contributor

тАО02-23-2017 01:53 AM

тАО02-23-2017 01:53 AM

Solution

Re: Need Help in configuring PBR Policy based routing

Hello

This is an example how i did it, I made this in lab. Here i have 2 vlans (vlan 10 and vlan 20).

Vlan 10 will use routerA and vlan 20 will use routerB, but i configured it so that vlan 10 and vlan 20 still can communicate with each other. :

 

acl advanced name RouterA
   rule 10 deny ip destination 192.168.20.0 0.0.0.255
   rule 11 permit ip source 192.168.10.0 0.0.0.255

acl advanced name RouterB
   rule 10 deny ip destination 192.168.10.0 0.0.0.255
   rule 11 permit ip source 192.168.20.0 0.0.0.255


policy-based-route ChooseRouter permit node 5
   if-match acl name RouterA
   apply next-hop 10.0.10.1

policy-based-route ChooseRouter permit node 10
   if-match acl name RouterB
   apply next-hop 10.0.20.1


interface Vlan-interface10
   ip address 192.168.10.1 255.255.255.0
   ip policy-based-route ChooseRouter

interface Vlan-interface20
   ip address 192.168.20.1 255.255.255.0
   ip policy-based-route ChooseRouter

 

If somthing is not clear let me know.

 

 

-------------------Helpfull? mark it as solved or give a kudo!!-------------------

 

 

shinepothen
Frequent Advisor

тАО02-23-2017 07:46 PM

тАО02-23-2017 07:46 PM

Re: Need Help in configuring PBR Policy based routing

Thank you for the reply.

I just need host to host not an entire range. since it is a host to host i am trying to create an extended access list.. i have done the config on my H3C router. But it looks like my PBR is not working as expected.

 acl number 3001
 rule 0 permit tcp source 10.10.10.10 0 destination 10.10.30.38 0 --> ""I have a doubt do i need to use 0.0.0.0 as wildcard mask or just 0""

Then i have created the PBR, not sure what is meant by "node" and i hope the condition that i given is correct.
 
 route-policy siteaccess permit node 10 --- not sure
 if-match acl 3001
 apply ip-address next-hop 10.10.10.10

Then i have attached the PBR to the interface E0/2

interface Ethernet0/2
 port link-mode route
 description testing__Lan
 ip address 10.10.10.100 255.255.255.0
 ip policy-based-route siteaccess

these are the configuration that i have tried, still it looks like my PBR is not working.

Please help me in getting the PBR working.

 

 

 

0 Kudos
shinepothen
Frequent Advisor

тАО02-23-2017 07:47 PM

тАО02-23-2017 07:47 PM

Re: Need Help in configuring PBR Policy based routing

Is there any commands in which i can find out if there is any hit/counts incrmenting on my ACL/

display acl number 3001 just shows me the acl rules that i have created.

not sure if i doing correct or worng.

0 Kudos
shinepothen
Frequent Advisor

тАО02-23-2017 10:48 PM

тАО02-23-2017 10:48 PM

Re: Need Help in configuring PBR Policy based routing

I believe i got confused between Routing Policy and Policy Routing.

0 Kudos
shinepothen
Frequent Advisor

тАО02-24-2017 12:59 AM - edited тАО02-24-2017 01:00 AM

тАО02-24-2017 12:59 AM - edited тАО02-24-2017 01:00 AM

Re: Need Help in configuring PBR Policy based routing

Now i got everything working,

acl number 3001
 rule 0 permit tcp source 10.10.10.10 0 destination 10.10.30.38 0
 
 
 policy-based-route cimcorp permit node 0
   if-match acl 3001
   apply ip-address next-hop 10.10.10.10

   Advanced ACL  3001, named -none-, 3 rules,
ACL's step is 5
 rule 15 permit ip source 10.10.10.252 0 destination 10.10.30.38 0 logging (23448 times matched)

Thank you HP-Browinee for providing  your configuration suggestion and advice. Thank you HP team for the community.

0 Kudos
HP-Browniee
Respected Contributor

тАО02-24-2017 01:54 AM - edited тАО02-24-2017 01:55 AM

тАО02-24-2017 01:54 AM - edited тАО02-24-2017 01:55 AM

Re: Need Help in configuring PBR Policy based routing

You're welcome :)

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.