Table of Contents
Advertisement
Chapter 10: IP Policy-Based Forwarding Configuration Guide
For example, the following commands create an IP policy called p3, which consists of two
IP policy statements. The ip policy permit statement has a sequence number of 1, which
means it is evaluated before the ip policy deny statement, which has a sequence number
of 900.
ia(config)# ip-policy p3 permit acl prof1 next-hop-list 10.10.10.10
sequence 1
ia(config)# ip-policy p3 deny acl prof2 sequence 900
Setting Load Distribution for Next-Hop Gateways
You can specify up to four next-hop gateways in an ip-policy statement. If you specify
more than one next-hop gateway, you can control how the load is distributed among
them. You can cause each new flow to use the first available next-hop gateway in the
ip-policy permit statement, or you can cause flows to use all the next-hop gateways in the
ip-policy permit statement sequentially.
To set the load distribution for next-hop gateways, enter one of the following commands
in Configure mode:
Use the first available next-hop
gateway in the ip-policy permit
statement for all flows. This is the
default.
Sequentially pick the next gateway in
the list for each new flow.
Use the source IP, desination IP, or
both the source IP and the destination
IP addresses to determine the next-
hop gateway to use.
Setting the IP Policy Action
You can specify when to apply the IP policy route with respect to dynamic or statically
configured routes. The IA can cause packets to use the IP policy route first, then the
dynamic route if the next-hop gateway specified in the IP policy is unavailable; use the
dynamic route first, then the IP policy route; or drop the packets if the next-hop gateway
specified in the IP policy is unavailable.
174
<name>
ip-policy
set load-policy
first-available
<name>
ip-policy
set load-policy
round-robin
<name>
ip-policy
set load-policy
ip-hash sip|dip|both
Internet Appliance User Reference Manual
Advertisement
Table of Contents
