1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. POLICY MANAGEMENT - CONFIGURATION GUIDE...
  6. Configuration manual

Using Policy Rules To Provide Routing Solutions; Configuring Policies To Provide Network Security - Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X Configuration Manual

Junose software for broadband services routers policy management configuration guide
Hide thumbs
Table of Contents

Advertisement

Using Policy Rules to Provide Routing Solutions

The next-interface, next-hop, filter, and forward rules provide routing solutions for
traffic matching a classifier. A classifier can have only one action that provides a
routing solution.
If you configure two routing solution rules, such as filter and forward, in the same
classifier group, the router displays a warning message, and the rule configured last
replaces the previous rule.
For IP policy lists, policy rules are available to enable you to make a forwarding
decision that includes the next interface and next hop:
For example, you can route packets arriving at IP interface ATM 0/0.0 so that they
area handled as indicated:
To configure this routing policy, issue the following commands:

Configuring Policies to Provide Network Security

You can configure policy management to provide a level of network security by using
policy rules that selectively forward or filter packet flows:
Forward next interface Causes an interface to forward all packets that satisfy
the classification associated with that rule to the next interface specified
Forward next hop Causes an interface to forward all packets that satisfy the
classification associated with that rule to the next-hop address specified
Packets from source 1.1.1.1 are forwarded out of interface ATM 0/0.1.
Packets from source 2.2.2.2 are forwarded out of interface ATM 2/1.1.
All other packets are dropped.
host1(config)#ip classifier-list claclA ip host 1.1.1.1 any
host1(config)#ip classifier-list claclB ip host 2.2.2.2 any
host1(config)#ip policy-list IpPolicy100
host1(config-policy-list)#classifier-group claclA
host1(config-policy-list-classifier-group)#forward interface atm 0/0.1
host1(config-policy-list-classifier-group)#exit
host1(config-policy-list)#classifier-group claclB
host1(config-policy-list-classifier-group)#forward interface atm 2/1.1
host1(config-policy-list-classifier-group)#exit
host1(config-policy-list)#classifier-group *
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#exit
host1(config)#interface atm 0/0.0
host1(config-subif)#ip policy input IpPolicy100 statistics enabled
Forward Causes the packet flows that satisfy the classification associated with
the rule to be routed by the virtual router
Chapter 4: Creating Classifier Groups and Policy Rules
Using Policy Rules to Provide Routing Solutions
35

Advertisement

Table of Contents
loading

Related Manuals for Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X

Related Content for Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X

This manual is also suitable for:

E series

Table of Contents