DIGITAL GIGAswitch/Router User Reference Manual
197
Monitoring IP Policies
The following is the configuration for Policy Router 1 in
Figure 22
.
The following is the configuration for Policy Router 2 in
Figure 22
.
Monitoring IP Policies
The
ip-policy show
command reports information about active IP policies, including
profile definitions, policy configuration settings, and next-hop gateways. The command
also displays statistics about packets that have matched an IP policy statement as well as
the number of packets that have been forwarded to each next-hop gateway.
vlan create firewall
vlan add ports et.1.(1-5) to firewall
interface create ip firewall address-netmask 1.1.1.5/16 vlan firewall
acl firewall permit ip any any any 0
ip-policy p1 permit acl firewall next-hop-list “1.1.1.1 1.1.1.2 1.1.1.3
1.1.1.4” action policy-only
ip-policy p1 set load-policy ip-hash both
ip-policy p1 apply interface mls1
vlan create firewall
vlan add ports et.1.(1-5) to firewall
interface create ip firewall address-netmask 2.2.2.5/16 vlan firewall
acl firewall permit ip any any any 0
ip-policy p2 permit acl firewall next-hop-list “2.2.2.1 2.2.2.2 2.2.2.3
2.2.2.4” action policy-only
ip-policy p2 set load-policy ip-hash both
ip-policy p2 apply interface mls2