Example for Configuring Redirection on Dual Outbound Interfaces

This section provides an example for configuring redirection on dual outbound interfaces.

Networking Requirements

As shown in Figure 1, Device A connects to the intranet through interface 1 and connects to the public network through interface 2 and interface 3. By default, traffic from the intranet is transmitted to the public network through interface 3. To enable traffic from the server to be transmitted to the public network through interface 2 and other traffic to the public network through interface 3, configure a traffic policy on Device A.

Interfaces 1 through 3 are GE 0/1/0, GE 0/1/8, and GE 0/1/16, respectively.

Figure 1 Configuring redirection on dual outbound interfaces

Configuration Roadmap

The configuration roadmap is as follows:

Configure a default route.
Configure an ACL rule.
Configure traffic classifiers.
Configure traffic behaviors.
Configure a traffic policy.
Apply the traffic policy.

Data Preparation

To complete the configuration, you need the following data:

ACL number
Names of the traffic classifier, traffic behavior, and traffic policy, and number of the interface to which the traffic policy is applied

Procedure

Configure the default route so that intranet traffic is transmitted to the public network through interface 3 by default and interface 2 is used as the backup outbound interface.
```
<HUAWEI> system-view
[~HUAWEI] ip route-static 0.0.0.0 0.0.0.0 10.1.99.1
[*HUAWEI] ip route-static 0.0.0.0 0.0.0.0 10.1.99.5 preference 70
[*HUAWEI] commit
```

Configure an ACL rule.

# Configure rule 3001 to match the traffic from the server to other devices on the intranet.

[~HUAWEI] acl number 3001
[*HUAWEI-acl-advance-3001] rule 5 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.40.0 0.0.0.255
[*HUAWEI-acl-advance-3001] rule 10 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.41.0 0.0.0.255 
[*HUAWEI-acl-advance-3001] rule 15 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.42.0 0.0.0.255 
[*HUAWEI-acl-advance-3001] commit
[~HUAWEI-acl-advance-3001] quit

# Configure rule 3002 to match the traffic with the source address being the IP address of the server.

[~HUAWEI] acl number 3002
[*HUAWEI-acl-advance-3002] rule 5 permit ip source 10.1.40.0 0.0.0.255
[*HUAWEI-acl-advance-3002] commit
[~HUAWEI-acl-advance-3002] quit

Configure traffic classifiers.

# Configure a traffic classifier named c1.

[~HUAWEI] traffic classifier c1
[*HUAWEI-classifier-c1] if-match acl 3001
[*HUAWEI-classifier-c1] commit
[~HUAWEI-classifier-c1] quit

# Configure a traffic classifier named c2.

[~HUAWEI] traffic classifier c2
[*HUAWEI-classifier-c2] if-match acl 3002
[*HUAWEI-classifier-c2] commit
[~HUAWEI-classifier-c2] quit

Configure traffic behaviors.

# Configure a traffic behavior named b1.

[~HUAWEI]traffic behavior b1
[*HUAWEI-behavior-b1] permit
[*HUAWEI-behavior-b1] commit
[~HUAWEI-behavior-b1] quit

# Configure a traffic behavior b2.

[~HUAWEI] traffic behavior b2
[*HUAWEI-behavior-b2] redirect ip-nexthop 10.1.99.5
[*HUAWEI-behavior-b2] commit
[~HUAWEI-behavior-b2] quit

Configure a traffic policy.

[~HUAWEI] traffic policy p1
[*HUAWEI-trafficpolicy-p1] classifier c1 behavior b1
[*HUAWEI-trafficpolicy-p1] classifier c2 behavior b2
[*HUAWEI-trafficpolicy-p1] commit
[~HUAWEI-trafficpolicy-p1] quit

Apply the traffic policy.

[~HUAWEI] interface gigabitethernet 0/1/0
[~HUAWEI-GigabitEthernet0/1/0] traffic-policy p1 inbound
[*HUAWEI-GigabitEthernet0/1/0] commit
[~HUAWEI-GigabitEthernet0/1/0] quit

Verify the configuration.

After completing the configurations, run the display traffic policy command on Device A to view the configurations of the traffic policy, traffic classifier, and traffic behavior.

[~HUAWEI] display traffic policy user-defined p1
  User Defined Traffic Policy Information:                                      
    Policy: p1                                                                  
      Total: 5120  Used: 3  Free: 5117                                          
      Description:                                                              
      Step: 1                                                                   
      Share-mode                                                                
      Classifier: c1 Precedence: 1                                              
        Behavior: b1                                                            
        -none-                                                                  
                                                                                
      Classifier: c2 Precedence: 2                                              
        Behavior: b2                                                            
        Redirecting:                                                            
          redirect ip-nexthop 10.1.99.5                                         
                                                                                
      Classifier: default-class Precedence: 65535                               
        Behavior: be                                                            
        -none-

Configuration Files

#
sysname HUAWEI
#
ip route-static 0.0.0.0 0.0.0.0 10.1.99.1     
ip route-static 0.0.0.0 0.0.0.0 10.1.99.5 preference 70  
#
acl number 3001
 rule 5 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.40.0 0.0.0.255    
 rule 10 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.41.0 0.0.0.255    
 rule 15 permit ip source 10.1.40.0 0.0.0.255 destination 10.1.42.0 0.0.0.255
acl number 3002
 rule 5 permit ip source 10.1.40.0 0.0.0.255                   
#
traffic classifier c1 operator or
 if-match acl 3001
traffic classifier c2 operator or
 if-match acl 3002
#
traffic behavior b1                  
traffic behavior b2
 redirect ip-nexthop 10.1.99.5   
#
traffic policy p1
 classifier c1 behavior b1 precedence 1      
 classifier c2 behavior b2 precedence 1           
#
interface gigabitethernet0/1/0
 undo shutdown
 traffic-policy p1 inbound
#
return