全部栏目

首页 操作系统 后端开发 数据库 前端开发 移动端开发
您的当前位置:首页正文

H3C三层交换机 策略路由 配置

来源:个人技术集锦


H3c策略路由配置整理

这里只说明怎样配置,具体只参照H3C交换机配置文档

第一步:区分数据流

acl number 2001

rule 0 permit source 10.0.0.0 0.255.255.255

acl number 3001 name virus

rule 0 deny tcp destination-port eq 445

rule 5 deny udp destination-port eq 445

acl number 3100 name laoshi

rule 0 permit ip source 192.168.12.0 0.0.0.255

rule 1 permit ip source 192.168.13.0 0.0.0.255

rule 2 permit ip source 192.168.14.0 0.0.0.255

rule 3 permit ip source 192.168.15.0 0.0.0.255

rule 4 permit ip source 192.168.16.0 0.0.0.255

rule 5 permit ip source 192.168.17.0 0.0.0.255

rule 6 permit ip source 192.168.18.0 0.0.0.255

rule 7 permit ip source 192.168.19.0 0.0.0.255

rule 8 permit ip source 192.168.20.0 0.0.0.255

rule 9 permit ip source 10.0.0.0 0.0.255.255

rule 10 permit ip source 192.168.11.0 0.0.0.255

acl number 3101 name xuesheng

rule 0 permit ip source 192.168.21.0 0.0.0.255

rule 1 permit ip source 192.168.22.0 0.0.0.255

rule 2 permit ip source 192.168.23.0 0.0.0.255

rule 3 permit ip source 192.168.24.0 0.0.0.255

rule 4 permit ip source 192.168.25.0 0.0.0.255

rule 5 permit ip source 192.168.26.0 0.0.0.255

rule 6 permit ip source 192.168.27.0 0.0.0.255

rule 7 permit ip source 192.168.28.0 0.0.0.255

rule 8 permit ip source 192.168.29.0 0.0.0.255

rule 9 permit ip source 192.168.30.0 0.0.0.255

acl number 3103 name neiwang

rule 0 permit ip source 192.168.0.0 0.0.255.255 destination 192.168.0.0 0.0.255.255

rule 1 permit ip source 10.0.0.0 0.255.255.255 destination 192.168.0.0 0.0.255.255

rule 2 permit ip source 10.0.0.0 0.255.255.255 destination 10.0.0.0 0.255.255.255

acl number 3104 name shiyanshi

rule 0 permit ip source 10.0.0.0 0.255.255.255

#

第二步:定义数据流

traffic classifier laoshi operator and

if-match acl name laoshi

traffic classifier shiyanshi operator and

if-match acl name shiyanshi

traffic classifier xuesheng operator and

if-match acl name xuesheng

traffic classifier neiwang operator and

if-match acl name neiwang

第三步:定义数据流的动作

traffic behavior laoshi

redirect next-hop 192.168.0.254

traffic behavior shiyanshi

redirect next-hop 192.168.0.254

traffic behavior xuesheng

redirect next-hop 192.168.0.250

traffic behavior neiwang

filter permit

第四步:定义策略:

qos policy rp

classifier neiwang behavior neiwang

classifier laoshi behavior laoshi

classifier xuesheng behavior xuesheng

classifier shiyanshi behavior shiyanshi

第五步:应用完成的策略(应用到某个端或VLAN)

interface E1/0/1

qos apply policy rp inbound

interface vlan 1010

qos vlan policy rp vlan 1010 inbound

因篇幅问题不能全部显示,请点此查看更多更全内容

查看全文