Redirection Policies - OmniSwitch os6900 Network Configuration Manual

Policy Applications
Note that the bandwidth can be specified in abbreviated units, in this case, 1k. The rule is not active on the
switch until the qos apply command is entered.

Redirection Policies

A redirection policy sends traffic that matches the policy to a specific port or link aggregate instead of the
originally intended destination. This type of policy can use any condition; the policy action determines
which port or link aggregate to which the traffic is sent.
The following policy action commands are used for port and link aggregate redirection:
policy action redirect port
policy action redirect linkagg
Note the following regarding the use and configuration of redirection policies:
•
Redirection policies apply to both bridged and routed traffic.
•
When redirecting routed traffic from VLAN A to VLAN B, the redirect port or link aggregate ID must
belong to VLAN B (tagged or default VLAN).
•
Routed packets (from VLAN A to VLAN B) are not modified after they are redirected; the source and
MAC address remain the same. In addition, if the redirect port or link aggregate ID is tagged, the redi-
rected packets have a tag from the ingress VLAN A.
•
If a route exists for the redirected flow, then redirected packets are the final post-routing packets.
•
If a route does not exist for the redirected flow, the flow is not redirected to the specified port or link
aggregate ID and is "blackholed". As soon as a route is available, the flow is then redirected as speci-
fied in the policy.
•
In most cases, a redirected flow does not trigger an update to the routing and ARP tables. When the
ARP table is cleared or timed out, port/link aggregate redirection cease until the ARP table is refreshed.
If necessary, create a static route for the flow or assign the redirect port or link aggregate ID to the
ingress VLAN (VLAN A) to send packets to the redirect port until a route is available.
•
When redirecting bridged traffic on VLAN A, the redirect port or link aggregate ID must belong to
VLAN A (tagged or default VLAN).
In the following example, flows destined for UDP port 80 is redirected to switch port 3/2:
-> policy condition L4PORTCOND destination udp port 80
-> policy action REDIRECTPORT redirect port 3/2
-> policy rule L4PORTRULE condition L4PORTCOND action REDIRECTPORT
In the following example, flows destined for IP address 40.2.70.200 are redirected to link aggregate 10:
-> policy condition L4LACOND destination IP 40.2.70.200
-> policy action REDIRECTLA redirect linkagg 10
-> policy rule L4LARULE condition L4LACOND action REDIRECTLA
Note that in both examples above, the rules are not active on the switch until the qos apply command is
entered on the command line.
page 25-76 OmniSwitch AOS Release 7 Network Configuration Guide
Configuring QoS
June 2013