4.1.7 Notes on Policy-Based Routing
- <Structure of this section>
-
-
(1) Routing settings for policy-based routing forwarding destinations
-
(3) Packets that cannot be forwarded by policy-based routing
-
(5) Using Policy-Based Routing with sFlow Statistical Facility
-
(7) When ICMP redirect packets are subject to policy-based routing
-
(9) Policy-based routing group when switching the master switch
-
(1) Routing settings for policy-based routing forwarding destinations
If the ARP information for the next-hop address to be specified for policy-based routing has not been registered on the Switch, packets subject to policy-based routing will be discarded. To use the policy-based routing, perform either of the following:
-
Set a static ARP for the next-hop address to be specified for policy-based routing and set the MAC address static entry.
-
Link the routes registered in the policy-based routing list information with polling monitoring of the tracking functionality.
(2) Using Policy-Based Routing with DHCP snooping
See "Notes on Using Vol.2" "12.1.7 DHCP snooping" in the Configuration Guide.
(3) Packets that cannot be forwarded by policy-based routing
The packets listed below are detected and counted as statistics by using an access list in which policy-based routing list information has been set. However, the following packets are discarded because they cannot be forwarded by policy-based routing:
-
Frames discarded by Layer 2 authentication
-
Frames discarded by DHCP snooping
-
Packets discarded by flow control
(4) Packets not subject to policy-based routing
The following packets are not subject to policy-based routing because they cannot be detected by using an access list in which policy-based routing list information has been set:
-
Frames that are discarded because the data transfer status of the VLAN port is Blocking (data transfer is stopped)
-
Frames discarded when a receiving-side interface to which an access list with policy-based routing list information set is applied and the policy-based routing destination interface are blocked by the inter-port relay blocking functionality
-
Untagged frames received when native VLANs are not set as VLANs that use a trunk port for receiving frames
-
Tagged frames that are not set for VLANs that use a trunk port for receiving frames
-
Tagged frames received at an access port, protocol port, or MAC port
-
Frames discarded by the MAC address learning functionality
-
Packets discarded due to a check error when the validity of the IP packet header is checked
-
Packets discarded by hardware because their addresses cannot be resolved
-
Packets discarded by a null interface
(5) Using Policy-Based Routing with sFlow Statistical Facility
If packets are subject to both sFlow statistics and policy-based routing, the following information is collected in sFlow statistics as routing information for the forwarding destination based on the routing protocol (but not for the forwarding destination of policy-based routing):
-
Router type formats nexthop and dst_mask
-
Gateway type formats dst_peer_as and dst_as
(6) Using Policy-Based Routing with Flow Control
If a packet subject to policy-based routing is detected by a QoS flow list, both forwarding by policy-based routing and flow control configured in the QoS flow list are enabled.
(7) When ICMP redirect packets are subject to policy-based routing
If ICMP redirection packets that are to be redirected to the forwarding destination of policy-based routing are subject to policy-based routing, CPU might be heavily loaded.
(8) Policy-Based Routing and MTU
If the MTU of a receiving-side interface to which an access list with policy-based routing list information set is applied is greater than the MTU of the policy-based routing destination interface, policy-based routing might be disabled. To use policy-based routing, make sure that the MTU of the receiving-side interface is no larger than the MTU of the sending-side interface.
(9) Policy-based routing group when switching the master switch
If you switch routes immediately before switching the master switch, the route settings may not be applied to the switch. In this case, it is reflected when the time to stop monitoring of forwarding availability elapses after switching the master switch.