xStack
®
DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch
Policy Route Settings
Policy Based routing is a method used by the Switch to
give specified devices a cleaner path to the Internet. Used
in conjunction with the Access Profile feature, the Switch
will identify traffic originating from a device using the
Access Profile feature and forward it on to a next hop
router that has a more direct connection to the Internet than
the normal routing scheme of your network.
Take the example adjacent picture. Let’s say that the PC
with IP address 10.1.1.1 belongs to the manager of a
company while the other PCs belong to employees. The
network administrator hopes to circumvent network traffic
by configuring the Policy Routing Switch to make a more
direct connection to the Internet using a next hop router
(10.2.2.2) that is directly attached to a Gateway router
(10.3.3.3), thus totally avoiding the normal network and its
related traffic. To accomplish this, the user must configure
the Access Profile feature of the Switch to have the PC,
with IP address 10.1.1.1 as the Source IP address and the
Internet address as the destination IP address (learned
through routing protocols), along with other pertinent
information. Next, the administrator must configure the
Policy Route window to be enabled for this Access Profile
and its associated rule, and the Next Hop Router’s IP
address (10.2.2.2) must be set. Finally, this Policy Route
entry must be enabled.
Figure 4- 23. Policy-based Routing example
Once completed, the Switch will identify the IP address
using the Access Profile function, recognize that is has a
Policy Based route, and then forward the information on to
the specified next hop router, that will, in turn, relay
packets to the gateway router. Thus, the new, cleaner path
to the Internet has been formed.
There are some restrictions and cautions when implementing this feature:
1.
The access profile must first be created, along with the accompanying rule. If the administrator attempts to enable this
feature without the access profile, an error message will be produced.
2.
If the access profile is configured as Deny, the packet will be dropped and not forwarded to the next hop destination.
3.
If the administrator deletes a rule or profile that is directly linked to a configured policy route, and error message will be
prompted to the administrator.
To configure the Policy Route feature, click
L3 Features
>
Policy Route Settings
, as shown below:
Figure 4- 24. Policy Routing Settings window
To remove an entry from the table, click its corresponding
under the Delete heading.
To add a new Policy Route, click the
Add
button, which will display the following window.
189