Administration of the Avaya G350 Media Gateway - Avaya Support
Administration of the Avaya G350 Media Gateway - Avaya Support Administration of the Avaya G350 Media Gateway - Avaya Support
Configuring policy-based routing●The third entry is NULL, which means the packet is dropped.G350-001(super)# ip next-hop-list 1G350-001(super-next hop list 1)#name "Voice_to_HQ"Done!G350-001(super-next hop list 1)#next-hop-ip 1 172.16.1.221Done!G350-001(super-next hop list 1)#next-hop-interface 2 Serial 2/1:1Done!G350-001(super-next hop list 1)#next-hop-interface 3 Null0Done!G350-001(super-next hop list 1)#For additional details about next hop lists, see Next Hop Lists on page 2804. Apply the PBR list to an interface.Use the exit command to return to general context. From general context, enter theinterface to which you want to apply the PBR list. In the interface context, use the ippbr-group command, followed by the number of the PBR list, to attach the list to theinterface. The list will be applied to packets entering the interface.The following example applies PBR list 802 to VLAN 2.G350-001(super)# interface Vlan 2G350-001(super-if:Vlan 2)# ip pbr-group 802Done!G350-001(super-if:Vlan 2)#5. Apply the PBR list to the Loopback interface.The following example applies PBR list 802 to the Loopback interface.G350-001(super)# interface Loopback 1G350-001(super-if:Loopback 1)# ip pbr-group 802Done!G350-001(super-if:Loopback 1)# exitG350-001(super)#6. Type the copy running-config startup-config command. This saves the newpolicy-based routing configuration in the startup configuration file.278 Administration of the Avaya G350 Media Gateway
PBR RulesPBR RulesEach PBR list can have up to 1,500 rules. The first rule that matches the packet specifies thenext hop list for the packet. If no rule matches the packet, the packet is routed according to thedefault rule.This section provides information on how to configure rules in a PBR list and contains thefollowing topics:●●●Overview of rule criteria — an overview of the criteria that can be used in configuring PBRrulesModifying rules — instructions on how to create and edit a PBR ruleRule criteria — instructions on how to configure a PBR rule’s criteriaOverview of rule criteriaYou can configure policy rules to match packets based on one or more of the following criteria:●●●●●●Source IP address, or a range of addressesDestination IP address or a range of addressesIP protocol, such as TCP, UDP, ICMP, IGMPSource TCP or UDP port or a range of portsDestination TCP or UDP port or a range of portsICMP type and code● DSCP fieldUse IP wildcards to specify a range of source or destination IP addresses. The zero bits in thewildcard correspond to bits in the IP address that remain fixed. The one bits in the wildcardcorrespond to bits in the IP address that can vary. Note that this is the opposite of how bits areused in a subnet mask.Note:Note:Note:When you use destination and source ports in a PBR rule, policy-based routingdoes not catch fragments.Note:It is recommended to leave a gap between rule numbers, in order to leave roomfor inserting additional rules at a later time. For example, ip-rule 10, ip-rule 20,ip-rule 30.Issue 3 January 2005 279
- Page 228 and 229: Configuring IPSec VPN2. Configure b
- Page 230 and 231: Configuring IPSec VPNip-rule 4sourc
- Page 232 and 233: Configuring IPSec VPNip-rule 10sour
- Page 234 and 235: Configuring IPSec VPN2. Configure B
- Page 236 and 237: Configuring IPSec VPNip-rule 20sour
- Page 238 and 239: Configuring IPSec VPNInterface vlan
- Page 240 and 241: Configuring IPSec VPN3. Allowed ICM
- Page 242 and 243: Configuring IPSec VPNip access-cont
- Page 244 and 245: Configuring IPSec VPNip-rule 70sour
- Page 246 and 247: Configuring IPSec VPNFigure 21: Ful
- Page 248 and 249: Configuring IPSec VPNConfiguration
- Page 250 and 251: Configuring IPSec VPNip-rule 30sour
- Page 252 and 253: Configuring IPSec VPN252 Administra
- Page 254 and 255: Configuring policyAccess control li
- Page 256 and 257: Configuring policyDefining policy l
- Page 258 and 259: Configuring policyAttaching policy
- Page 260 and 261: Configuring policyDevice-wide polic
- Page 262 and 263: Configuring policyEditing and creat
- Page 264 and 265: Configuring policySource and destin
- Page 266 and 267: Configuring policyComposite operati
- Page 268 and 269: Configuring policy●●●CoS —
- Page 270 and 271: Configuring policyThe following com
- Page 272 and 273: Configuring policySimulating packet
- Page 274 and 275: Configuring policy-based routingPol
- Page 276 and 277: Configuring policy-based routingCon
- Page 280 and 281: Configuring policy-based routingMod
- Page 282 and 283: Configuring policy-based routingEdi
- Page 284 and 285: Configuring policy-based routingIn
- Page 286 and 287: Configuring policy-based routingThe
- Page 288 and 289: Setting synchronizationIf, for any
- Page 290 and 291: FIPSFigure 26: Image of the cryptog
- Page 292 and 293: FIPSSupported algorithmsThe cryptog
- Page 294 and 295: FIPSSecurity levelThe cryptographic
- Page 296 and 297: FIPSTable 14: Roles and required id
- Page 298 and 299: FIPSTable 15: Critical security par
- Page 300 and 301: FIPSCSP access rights within roles
- Page 302 and 303: FIPSTable 18 shows Role and Service
- Page 304 and 305: FIPSTable 18: Role and service acce
- Page 306 and 307: FIPSPassword guidelinesBelow are ge
- Page 308 and 309: FIPS2. Define the PMI (Primary Mana
- Page 310 and 311: FIPS10. Physically disconnect all n
- Page 312 and 313: FIPS18. To configure all interfaces
- Page 314 and 315: FIPS●Use the snmp-server user use
- Page 316 and 317: FIPS●●TFTPSNMPExample:G350-001(
- Page 318 and 319: FIPSG350-N(super)# ip crypto-list 9
- Page 320 and 321: FIPSError statesTable 19 describes
- Page 322 and 323: FIPSConsiderationsThe following rul
- Page 324 and 325: Traps and MIBsNameParameters(MIB va
- Page 326 and 327: Traps and MIBsNameParameters(MIB va
Configuring policy-based routing●The third entry is NULL, which means <strong>the</strong> packet is dropped.<strong>G350</strong>-001(super)# ip next-hop-list 1<strong>G350</strong>-001(super-next hop list 1)#name "Voice_to_HQ"Done!<strong>G350</strong>-001(super-next hop list 1)#next-hop-ip 1 172.16.1.221Done!<strong>G350</strong>-001(super-next hop list 1)#next-hop-interface 2 Serial 2/1:1Done!<strong>G350</strong>-001(super-next hop list 1)#next-hop-interface 3 Null0Done!<strong>G350</strong>-001(super-next hop list 1)#For additional details about next hop lists, see Next Hop Lists on page 2804. Apply <strong>the</strong> PBR list to an interface.Use <strong>the</strong> exit command to return to general context. From general context, enter <strong>the</strong>interface to which you want to apply <strong>the</strong> PBR list. In <strong>the</strong> interface context, use <strong>the</strong> ippbr-group command, followed by <strong>the</strong> number <strong>of</strong> <strong>the</strong> PBR list, to attach <strong>the</strong> list to <strong>the</strong>interface. The list will be applied to packets entering <strong>the</strong> interface.The following example applies PBR list 802 to VLAN 2.<strong>G350</strong>-001(super)# interface Vlan 2<strong>G350</strong>-001(super-if:Vlan 2)# ip pbr-group 802Done!<strong>G350</strong>-001(super-if:Vlan 2)#5. Apply <strong>the</strong> PBR list to <strong>the</strong> Loopback interface.The following example applies PBR list 802 to <strong>the</strong> Loopback interface.<strong>G350</strong>-001(super)# interface Loopback 1<strong>G350</strong>-001(super-if:Loopback 1)# ip pbr-group 802Done!<strong>G350</strong>-001(super-if:Loopback 1)# exit<strong>G350</strong>-001(super)#6. Type <strong>the</strong> copy running-config startup-config command. This saves <strong>the</strong> newpolicy-based routing configuration in <strong>the</strong> startup configuration file.278 <strong>Administration</strong> <strong>of</strong> <strong>the</strong> <strong>Avaya</strong> <strong>G350</strong> <strong>Media</strong> <strong>Gateway</strong>