Netgear M4300-24X24F (XSM4348S) - Stackable Managed Switch with 48x10G including 24x10GBASE-T and 24xSFP+ Layer 3 Guia Do Administrador
PBR
146
Managed Switches
Policy-Based Routing Concepts
Normally, switches make forwarding decisions based on routing tables, which get populated
by information given by dynamic routing protocols or static routing, to forward packets to
destination addresses. Policy-based routing (PBR) is a feature that enables network
administrators to define forwarding behavior based on packet contents. PBR is used to
override traditional destination-based routing behavior.
by information given by dynamic routing protocols or static routing, to forward packets to
destination addresses. Policy-based routing (PBR) is a feature that enables network
administrators to define forwarding behavior based on packet contents. PBR is used to
override traditional destination-based routing behavior.
Configuring PBR involves configuring a route map with the match and set commands and
then applying the corresponding route map to the inbound traffic on routing interfaces. One
interface can contain only one route-map tag, but administrators can create multiple
route-map entries with different sequence numbers. These entries are evaluated in
sequence-number order until the first match is found. If no match is found, packets are routed
as usual.
then applying the corresponding route map to the inbound traffic on routing interfaces. One
interface can contain only one route-map tag, but administrators can create multiple
route-map entries with different sequence numbers. These entries are evaluated in
sequence-number order until the first match is found. If no match is found, packets are routed
as usual.
Route-Map Statements
A route-map statement that is used for PBR is configured as permit or deny. If the statement
is marked as deny, traditional destination-based routing is performed on the packet that meet
the match criteria:
the match criteria:
•
If users specify any match/set statements in a route-map statement that are marked as
deny, they will not be effective because traditional destination-based routing is performed
on packets meeting the specified match criteria.
deny, they will not be effective because traditional destination-based routing is performed
on packets meeting the specified match criteria.
•
If the statement is marked as permit, and if the packet meets all the match criteria, then
the set commands in the route-map statement are applied.
the set commands in the route-map statement are applied.
If no match is found in the route map, the packet is not dropped. Packets are forwarded using
the routing decision that is made by performing destination-based routing.
the routing decision that is made by performing destination-based routing.
If network administrators do not want to revert to normal forwarding, but instead want to drop
a packet that does not match the specified criteria, a set statement needs to be configured to
route the packets to interface null 0 as the last entry in the route map.
a packet that does not match the specified criteria, a set statement needs to be configured to
route the packets to interface null 0 as the last entry in the route map.
Packets that are generated by the switch itself are not normally policy routed. But a provision
in other industry standard products applies a policy through a local PBR. All packets
originating on the switch are then subject to the local PBR. However, this feature is not
supported.
in other industry standard products applies a policy through a local PBR. All packets
originating on the switch are then subject to the local PBR. However, this feature is not
supported.
Starting with Software Version 10.2, the NETGEAR switch supports the route-map
infrastructure for BGP. Match parameters defined in this chapter for policy-based routing
operate in isolation with BGP. These options do not interfere with BGP protocol processing or
policy propagation in any way.
infrastructure for BGP. Match parameters defined in this chapter for policy-based routing
operate in isolation with BGP. These options do not interfere with BGP protocol processing or
policy propagation in any way.
For example, if a match clause is placed in a route-map statement based on the length of the
packet, BGP does not honor that clause. As stated earlier, these statements apply for L3
routed traffic (mainly data traffic) to override a routing decision.
packet, BGP does not honor that clause. As stated earlier, these statements apply for L3
routed traffic (mainly data traffic) to override a routing decision.