The tnl-policy command associates a tunnel policy with the current VPN instance address family.
The undo tnl-policy command dissociates the current VPN instance address family from a tunnel policy.
By default, no tunnel policy is associated with the VPN instance address family. By default, a tunnel is selected for a VPN in the sequence of the LSP, CR-LSP, and Local_IfNet, and no load balancing is performed.
| Parameter | Description | Value |
|---|---|---|
| policy-name | Specifies the name of the tunnel policy to be associated with the VPN instance address family. | The value is a string of 1 to 39 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. |
VPN instance view, VPN instance IPv4 address family view, VPN instance IPv6 address family view
Usage Scenario
By default, a device only uses an LSP tunnel to forward data on the backbone network and cannot implement multi-path load balancing at the same time. To ensure transmission quality of services and specify a TE tunnel to transmit VPN services, or to improve transmission efficiency and implement load balancing, run the tunnel-policy command to configure a tunnel policy and run the tnl-policy command to reference the tunnel policy in the VPN address family view.
Prerequisites
Precautions
If the tunnel policy associated with a VPN instance enabled with the address family cannot match an existing tunnel on the network, the routes in the VPN instance enabled with the address family will have routes iterated to tunnels based on the default tunnel policy. If the iteration fails, services will be interrupted.
If the address family of a VPN instance changes or the associated tunnel policy is deleted, VPN services will be interrupted for a short time even if tunnels matching the tunnel policy are available on the network. Therefore, use the tnl-policy command with caution.
Follow-up Procedure
If the associated tunnel policy does not exist, run the tunnel-policy command to create the tunnel policy.
# Associate a tunnel policy named po1 with the VPN instance named vpn2.
<HUAWEI> system-view [HUAWEI] tunnel-policy po1 [HUAWEI-tunnel-policy-po1] tunnel select-seq lsp load-balance-number 2 [HUAWEI-tunnel-policy-po1] quit [HUAWEI] ip vpn-instance vpn2 [HUAWEI-vpn-instance-vpn2] ipv4-family [HUAWEI-vpn-instance-vpn2-af-ipv4] route-distinguisher 100:1 [HUAWEI-vpn-instance-vpn2-af-ipv4] tnl-policy po1