rulong888,策略路由同时指定优先级
核心交换机上有接两个出口路由,两个出口路由同时有两条VPN,平时要指定从电信路由器走vpn,但当电信线路断开后,自动切换到联通vpn,
因为路由器是内接口,电信,联通断线后,静态路由不能识别,还是指向两个路由器,因此想写个策略路由,并指定策略路由走电信线路,
这个策略要如何写
2
使用PBR+NQA联动,还可实现负载分担:
#
policy-based-route dail-line permit node 1
if-match acl 3
apply next-hop 1
#
policy-based-route dail-link permit node 2
if-match acl 3
apply next-hop 2
#
nqa entry admin test1
type icmp-echo
destination ip 1
frequency 1
next-hop ip 1
reaction 1 checked-element probe-fail threshold-type consecutive 3 action-type trigger-only
#
nqa entry admin test2
type icmp-echo
destination ip 2
frequency 1
next-hop ip 2
reaction 1 checked-element probe-fail threshold-type consecutive 3 action-type trigger-only
#
nqa schedule admin test1 start-time now lifetime forever
nqa schedule admin test2 start-time now lifetime forever
#
interface GigabitEthernet1/
port link-mode route
ip address 1
nat outbound 3
#
interface GigabitEthernet1/
port link-mode route
ip address 2
nat outbound 3
#
interface GigabitEthernet1/
port link-mode route
ip address 1.1.1.1 255.255.255.
nat hairpin enable
ip policy-based-route dail-line
#
ip route-static
ip route-static
#
acl advanced 3
rule
#
acl advanced 3
rule 1 permit ip source 192.168.1.
#
acl advanced 3
rule
#
track 1 nqa entry admin test1 reaction 1
track 2 nqa entry admin test2 reaction 1
#
ip route-static
ip route-static
因为核心接了两个路由器,一台接电信,一台接联通,如果路由器不坏的话,下一跳是一直在的,我想检测到路由器的对端网关,可以检测到吗
2,策略路由同时指定优先级
