Chapter 11 Route
Table 47 Command Summary: Policy Route (continued)
COMMAND
[no] policy controll-virtual-server-rules
activate
show bwm activation
show bwm-usage < [policy-route
policy_number]
| [interface
interface_name]
show policy-route [policy_number]
show policy-route begin <1..200> end
<1..200>
show policy-route controll-ipsec-dynamic-
rules
show policy-route override-direct-route
show policy-route controll-virtual-server-
rules
show policy-route rule_count
show policy-route underlayer-rules
11.2.1 Assured Forwarding (AF) PHB for DiffServ
Assured Forwarding (AF) behavior is defined in RFC 2597. The AF behavior group defines four AF
classes. Inside each class, packets are given a high, medium or low drop precedence. The drop
precedence determines the probability that routers in the network will drop packets when
congestion occurs. If congestion occurs between classes, the traffic in the higher class (smaller
numbered class) is generally given priority. Combining the classes and drop precedence produces
the following twelve DSCP encodings from AF11 through AF43. The decimal equivalent is listed in
brackets.
Table 48 Assured Forwarding (AF) Behavior Group
Low Drop Precedence
Medium Drop Precedence
High Drop Precedence
11.2.2 Policy Route Command Example
The following commands create two address objects (TW_SUBNET and GW_1) and insert a policy
that routes the packets (with the source IP address TW_SUBNET and any destination IP address)
102
DESCRIPTION
Gives policy routes priority over NAT virtual server rules (1-1 SNAT).
Use the no command to give NAT virtual server rules priority over
policy routes.
Displays whether or not the global setting for bandwidth management
on the UAG is enabled.
Displays the specified policy route or interface's bandwidth allotment,
current bandwidth usage, and bandwidth usage statistics.
Displays all or specified policy route settings.
Displays the specified range of policy route settings.
Displays whether the UAG checks policy routes first before IPSec
dynamic rules.
Displays whether or not the UAG forwards packets that match a policy
route according to the policy route instead of sending the packets to a
directly connected network.
Displays whether or not policy routes have priority over NAT virtual
server rules (1-1 SNAT).
Displays the number of policy routes that have been configured on the
UAG.
Displays all policy route rule details for advanced debugging.
CLASS 1
CLASS 2
AF11 (10)
AF21 (18)
AF12 (12)
AF22 (20)
AF13 (14)
AF23 (22)
CLASS 3
CLASS 4
AF31 (26)
AF41 (34)
AF32 (28)
AF42 (36)
AF33 (30)
AF43 (38)
UAG CLI Reference Guide