Riverstone Networks RS Switch Router User Guide Release 8.0 20-3
IP Policy-Based Forwarding Configuration Configuring IP Policies
Creating Multi-Statement IP Policies
An IP policy can contain more than one ip-policy statement. For example, an IP policy can contain one statement
that sends all packets matching a profile to one next-hop gateway, and another statement that sends packets matching
a different profile to a different next-hop gateway. If an IP policy has multiple ip-policy statements, you can assign
each statement a sequence number that controls the order in which they are evaluated. Statements are evaluated from
lowest sequence number to highest.
For example, the following commands create an IP policy called “p3”, which consists of two IP policy statements. The
ip policy permit statement has a sequence number of 1, which means it is evaluated before the ip policy deny
statement, which has a sequence number of 900.
Setting the IP Policy Action
You can use the action parameter with the ip-policy permit command to specify when to apply the IP policy
route with respect to dynamic or statically configured routes. The options of the action parameter can cause packets
to use the IP policy route first, then the dynamic route if the next-hop gateway specified in the IP policy is unavailable;
use the dynamic route first, then the IP policy route; or drop the packets if the next-hop gateway specified in the IP
policy is unavailable.
For example, the following command causes packets that match the profile to use dynamic routes first and use the IP
policy gateway only if a dynamic route is no t available:
Setting Load Distribution for Next-Hop Gateways
You can specify up to 16 next-hop gateways in an ip-policy statement. If you specify more than one next-hop
gateway, you can use the ip-policy set load-policy command to control how the load is distributed among
them.
By default, each new flow uses the first available next-hop gateway. You can use the ip-policy set load-policy
command to cause flows to use all the next-hop gateways in the ip-policy permit statement sequentially. For
example, the following command picks the next gateway in the list for each new flow for policy ‘p1’:
rs(config)# ip-policy p3 permit acl prof1 next-hop-list 10.10.10.10 sequence 1
rs(config)# ip-policy p3 deny acl prof2 sequence 900
rs(config)# ip-policy p2 permit acl prof1 action policy-last
rs(config)# ip-policy p1 set load-policy round-robin