redirect ip-nexthop

Function

The redirect ip-nexthop command assigns the IP address and configures the outbound interface, an NQA instance, and a VPN test instance of the next hop for redirection. After the traffic policy in which this redirection action is specified is applied to an interface, the traffic matching the traffic policy is redirected based on the action.

The undo redirect ip-nexthop command cancels the configuration.

By default, the IP address, outbound interface, an NQA instance, and a VPN test instance are not configured in the traffic behavior view for the next hop for redirection.

Format

redirect ip-nexthop ip-address vpn vpn-name [ nqa nqa-test-administer-name name-of-nqa-test-instance ] [ routing-filter { default-routing | blackhole-routing } * ] [ deny ] [ pri-type common ]

redirect ip-nexthop ip-address nqa nqa-test-administer-name name-of-nqa-test-instance [ routing-filter { default-routing | blackhole-routing } * ] [ deny ] [ pri-type common ] [ public-network ]

redirect ip-nexthop ip-address [ routing-filter { default-routing | blackhole-routing } * ] [ deny ] [ pri-type common ] [ public-network ]

redirect ip-nexthop ip-address interface { interface-name | interface-type interface-number } [ route-forward ] [ pri-type common ]

redirect ip-nexthop ip-address nqa nqa-test-administer-name name-of-nqa-test-instance [ routing-filter { default-routing | blackhole-routing } * ] [ deny ] [ pri-type common ]

redirect ip-nexthop ip-address [ routing-filter { default-routing | blackhole-routing } * ] [ deny ] [ pri-type common ]

redirect ip-nexthop ip-address [ nqa nqa-test-administer-name name-of-nqa-test-instance ] [ deny ] [ pri-type common ] [ vpn-network ]

undo redirect ip-nexthop

Parameters

Parameter Description Value
ip-address

Specifies the IP address of the next hop for redirection.

When ip-nexthop is specified, the value is an IPv4 address in dotted decimal notation, for example, 10.1.1.1.
vpn vpn-name

Specifies the name of a VPN instance.

The value is a string of 1 to 31 case-sensitive characters, spaces not supported. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string.
nqa nqa-test-administer-name

Specifies the name of an NQA test instance.

The name is a string of 1 to 32 case-insensitive characters, spaces not supported.

The string can contain spaces if it is enclosed with double quotation marks (").
name-of-nqa-test-instance

Specifies the name of a manager of an NQA test instance.

The name is a string of 1 to 32 case-insensitive characters, spaces not supported.

The string can contain spaces if it is enclosed with double quotation marks (").
routing-filter

When this parameter is configured, if the IP address of the next-hop matches a black-hole route, the packets are forwarded based on their destination IP address.

When this parameter is configured, if the IP address of the next-hop matches the default route, the packets are forwarded based on their destination IP address.

-
default-routing

Indicates a default route.

-
blackhole-routing

Indicates a black-hole route.

-
deny

If the next hop does not exist, the packet is discarded.

-
pri-type

Specifies the route priorities so that common routes take precedence. To be specific, when the destination IP address of a packet is reachable, the packet is forwarded preferentially based on the destination IP address. When the destination IP address of a packet is unreachable, the packet is forwarded based on policy-based routing.

-
public-network

When a redirection policy is configured on a private network interface to redirect traffic to the next hop (public network route) in an L3VPN scenario, traffic is not forwarded based on the public or private network route. To redirect traffic to the public network route, specify the public-network parameter.

-
interface interface-type interface-number

Specifies the type and number of an interface or an interface name.

-
route-forward

If a discard PBR policy is enabled in this command, and all the specified outbound interfaces were shut down, the parameter route-forward can be configured to return packets to the original forwarding process.

-
vpn-network

When a redirection policy is configured on a private network interface, traffic can be redirected to the private network where the private network interface resides in a non-VPN scenario. When a redirection policy is configured on a public network interface, traffic can be redirected to the public network in a non-VPN scenario.

-

Views

Traffic behavior view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
qos write

Usage Guidelines

Usage Scenario

Traffic can be forwarded to a specified next hop instead of being forwarded based on the route on a network. If this is required by users, redirection must be deployed on the network.

If an outbound interface is specified for redirection in a traffic behavior, a discard PBR policy is configured. If no outbound interface is specified for redirection in a traffic behavior, a forward PBR policy is configured.

When a discard PBR policy is configured, packets are forwarded to the specified next hop and outbound interface, with no FIB entries being searched for. The details of the procedure are as follows:

  • If the interface is Up, traffic is redirected to the outbound interface.
  • a.If the next hop is reachable, traffic is forwarded successfully.
  • b.If the next hop is unreachable, traffic is discarded.
  • If the interface is Down, traffic is discarded.

    The route-forward parameter can be configured in a scenario in which a discard PBR policy is configured to redirect packets to a single next hop. If a discard PBR policy and route-forward are configured and the next hop interface is Down, packets are forwarded based on the FIB entry information obtained through the destination IP address of the packets.

    When a forward PBR policy is configured, if only the IP address of the next hop is specified on an interface, the interface searches the next-hop IP address of packets against the public-network FIB table. If the IP address of the next hop and VPN are specified on an interface, the interface searches the next-hop IP address and VPN information of packets against the private-network FIB table.
  • If one matching entry is found in the FIB table, the interface redirects the packets based on the matching entry information.
  • If no matching entry is found in the FIB table, the interface searches the destination IP address of packets against the FIB table.
  • a.If one matching entry is found in the FIB table, the interface redirects the packets based on the matching entry information.
  • b.If no matching entry is found in the FIB table, the interface discards the packets.

    In a scenario in which a forward PBR policy is configured to redirect packets to a single next hop, by default, packets are forwarded based on the next hop of the default route if the IP address of the next hop matches the default route; packets are dropped if the IP address of the next hop matches a black-hole route.

    The routing-filter { default-routing | blackhole-routing } parameter can be configured in a scenario in which a forward PBR policy is configured to redirect packets to a single next hop. When this parameter is configured, if the IP address of the next hop matches the default route or a black-hole route, the packets are forwarded based on their destination IP address.

Precautions

The policy-based routing and IPv6 redirection cannot be both configured in one traffic behavior.

The policy-based routing and IPv4 redirection cannot be both configured in one traffic behavior.

Policy-based routing does not support redirection for Layer 2 forwarded traffic.

To switch between discard and forward PBR policies, delete the original policy and reconfigure the other one.

Associating redirection with NQA test ensures that the IP address of the next hop for redirection is reachable. The type of the NQA test instance must be ICMP. To implement real-time check on the reachability of the next hop for redirection, enable the NQA test instance to perform periodical check.

The IP address of the next hop to which traffic is redirected takes effect only when the NQA test instance is successfully complete.

The redirect nexthop address must match the network segment of the outbound interface.

Policy-based routing supports redirection only for incoming traffic. MF classification configured for outgoing traffic does not take effect.

Example

# In traffic behavior f1, specify VPN instance vpna and next-hop address 1.1.1.1 for redirection.
<HUAWEI> system-view
[~HUAWEI] ip vpn-instance vpna
[*HUAWEI-vpn-instance-vpna] quit
[*HUAWEI] traffic behavior f1
[*HUAWEI-behavior-f1] redirect ip-nexthop 1.1.1.1 vpn vpna
# In traffic behavior e1, specify the IP address of the next hop as 1.1.1.1 the name of a manager of an NQA test instance as AIS, the name of an NQA test instance as AIS_PM4800 for redirection.
<HUAWEI> system-view
[~HUAWEI] nqa test-instance AIS AIS_PM4800
[*HUAWEI-nqa-AIS-AIS_PM4800] quit
[*HUAWEI] traffic behavior e1
[*HUAWEI-behavior-e1] redirect ip-nexthop 1.1.1.1 nqa AIS AIS_PM4800
# In traffic behavior b1, specify the IP address of the next hop as 1.1.1.1 and the outbound interface as GE 0/1/0 for redirection.
<HUAWEI> system-view
[~HUAWEI] traffic behavior b1
[*HUAWEI-behavior-b1] redirect ip-nexthop 1.1.1.1 interface GigabitEthernet 0/1/0
Parent Topic: Class-based QoS Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >