- Notes, cautions, and warnings
- About this Guide
- Before You Start
- Configuration Fundamentals
- Getting Started
- Console Access
- Accessing the CLI Interface and Running Scripts Using SSH
- Boot Process
- Default Configuration
- Configuring a Host Name
- Configuring a Unique Host Name on the System
- Accessing the System Remotely
- Configuring the Enable Password
- Configuration File Management
- Managing the File System
- View the Command History
- Using HTTP for File Transfers
- Upgrading and Downgrading the Dell Networking OS
- Verify Software Images Before Installation
- Deploying FN I/O Module
- Management
- Configuring Privilege Levels
- Configuring Logging
- Display the Logging Buffer and the Logging Configuration
- Log Messages in the Internal Buffer
- Disabling System Logging
- Sending System Messages to a Syslog Server
- Changing System Logging Settings
- Display the Logging Buffer and the Logging Configuration
- Configuring a UNIX Logging Facility Level
- Synchronizing Log Messages
- Enabling Timestamp on Syslog Messages
- Enabling Secure Management Mode
- File Transfer Services
- Terminal Lines
- Setting Time Out of EXEC Privilege Mode
- Using Telnet to get to Another Network Device
- Lock CONFIGURATION Mode
- Limit Concurrent Login Sessions
- Track Login Activity
- Recovering from a Forgotten Password
- Recovering from a Forgotten Enable Password
- Recovering from a Failed Start
- 802.1X
- Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)
- Access Control
Lists (ACLs)
- IP Access Control Lists (ACLs)
- Implementing ACL on the Dell Networking OS
- ACLs and VLANs
- ACL Optimization
- Determine the Order in which ACLs are Used to Classify Traffic
- IP Fragment Handling
- IP Fragments ACL Examples
- Layer 4 ACL Rules Examples
- Configure a Standard IP ACL
- Configuring a Standard IP ACL Filter
- Configure an Extended IP ACL
- Configuring Filters with a Sequence Number
- Configuring Filters Without a Sequence Number
- Established Flag
- Configure Layer 2 and Layer 3 ACLs
- Assign an IP ACL to an Interface
- Applying an IP ACL
- Counting ACL Hits
- Configure Ingress ACLs
- Configure Egress ACLs
- Applying Egress Layer 3 ACLs (Control-Plane)
- IP Prefix Lists
- Configuration Task List for Prefix Lists
- Creating a Prefix List
- Creating a Prefix List Without a Sequence Number
- Viewing Prefix Lists
- Applying a Prefix List for Route Redistribution
- Applying a Filter to a Prefix List (OSPF)
- ACL Resequencing
- Resequencing an ACL or Prefix List
- Route Maps
- Important Points to Remember
- Configuration Task List for Route Maps
- Creating a Route Map
- Configure Route Map Filters
- Configuring Match Routes
- Configuring Set Conditions
- Configure a Route Map for Route Redistribution
- Configure a Route Map for Route Tagging
- Continue Clause
- Logging of ACL Processes
- Guidelines for Configuring ACL Logging
- Configuring ACL Logging
- Flow-Based Monitoring Support for ACLs
- Enabling Flow-Based Monitoring
- Bidirectional Forwarding Detection (BFD)
- Border Gateway
Protocol IPv4 (BGPv4)
- Autonomous Systems (AS)
- Sessions and Peers
- Route Reflectors
- BGP Attributes
- Multiprotocol BGP
- Implement BGP with the Dell Networking OS
- Configuration Information
- BGP Configuration
- Enabling BGP
- Configuring AS4 Number Representations
- Configuring Peer Groups
- Configuring BGP Fast Fail-Over
- Configuring Passive Peering
- Maintaining Existing AS Numbers During an AS Migration
- Allowing an AS Number to Appear in its Own AS Path
- Enabling Graceful Restart
- Enabling Neighbor Graceful Restart
- Filtering on an AS-Path Attribute
- Regular Expressions as Filters
- Redistributing Routes
- Enabling Additional Paths
- Configuring IP Community Lists
- Configuring an IP Extended Community List
- Filtering Routes with Community Lists
- Manipulating the COMMUNITY Attribute
- Changing MED Attributes
- Changing the LOCAL_PREFERENCE Attribute
- Changing the NEXT_HOP Attribute
- Changing the WEIGHT Attribute
- Enabling Multipath
- Filtering BGP Routes
- Configuring BGP Route Reflectors
- Aggregating Routes
- Configuring BGP Confederations
- Enabling Route Flap Dampening
- Changing BGP Timers
- Enabling BGP Neighbor Soft-Reconfiguration
- Route Map Continue
- Enabling MBGP Configurations
- Enabling BGP
- BGP Regular Expression Optimization
- Debugging BGP
- Sample Configurations
- Configuration Cloning
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- Data Center
Bridging (DCB)
- Ethernet Enhancements in Data Center Bridging
- Priority-Based Flow Control
- Enhanced Transmission Selection
- Data Center Bridging Exchange Protocol (DCBx)
- Creating a DCB Map
- Data Center Bridging: Default Configuration
- Data Center Bridging in a Traffic Flow
- Data Center Bridging: Auto-DCB-Enable Mode
- Configuring Priority-Based Flow Control
- Configuring Enhanced Transmission Selection
- Hierarchical Scheduling in ETS Output Policies
- DCBx Operation
- Verifying the DCB Configuration
- QoS dot1p Traffic Classification and Queue Assignment
- Troubleshooting PFC, ETS, and DCBx Operation
- Dynamic Host Configuration Protocol (DHCP)
- Equal Cost Multi-Path (ECMP)
- FC FPORT
- FCoE Transit
- Fibre Channel over Ethernet
- Ensure Robustness in a Converged Ethernet Network
- FIP Snooping on Ethernet Bridges
- FIP Snooping in a Switch Stack
- Using FIP Snooping
- Important Points to Remember
- Enabling the FCoE Transit Feature
- Enable FIP Snooping on VLANs
- Configure the FC-MAP Value
- Configure a Port for a Bridge-to-Bridge Link
- Configure a Port for a Bridge-to-FCF Link
- Impact on Other Software Features
- FIP Snooping Prerequisites
- FIP Snooping Restrictions
- Configuring FIP Snooping
- Displaying FIP Snooping Information
- FCoE Transit Configuration Example
- FIPS Cryptography
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration Protocol (GVRP)
- FIP Snooping
- Internet Group Management Protocol (IGMP)
- Interfaces
- Interface Types
- View Basic Interface Information
- Configuring the Default Interface
- Enabling a Physical Interface
- Physical Interfaces
- Management Interfaces
- VLAN Interfaces
- Loopback Interfaces
- Null Interfaces
- VLAN Membership
- Port Channel
Interfaces
- Port Channel Definition and Standards
- Port Channel Benefits
- Port Channel Implementation
- 100/1000/10000 Mbps Interfaces in Port Channels
- Configuration Tasks for Port Channel Interfaces
- Creating a Port Channel
- Adding a Physical Interface to a Port Channel
- Reassigning an Interface to a New Port Channel
- Configuring the Minimum Oper Up Links in a Port Channel
- Adding or Removing a Port Channel from a VLAN
- Assigning an IP Address to a Port Channel
- Deleting or Disabling a Port Channel
- Load Balancing through Port Channels
- Changing the Hash Algorithm
- Server Ports
- Bulk Configuration
- Defining Interface Range Macros
- Monitoring and Maintaining Interfaces
- Splitting QSFP Ports to SFP+ Ports
- Configuring wavelength for 10–Gigabit SFP+ optics
- Converting a QSFP or QSFP+ Port to an SFP or SFP+ Port
- Layer 2 Flow Control Using Ethernet Pause Frames
- Configure MTU Size on an Interface
- Port-Pipes
- Auto-Negotiation on Ethernet Interfaces
- View Advanced Interface Information
- Enhanced Control of Remote Fault Indication Processing
- Internet Protocol Security (IPSec)
- IPv4 Routing
- IP Addresses
- IPv4 Path MTU Discovery Overview
- Using the Configured Source IP Address in ICMP Messages
- Configuring the Duration to Establish a TCP Connection
- Enabling Directed Broadcast
- Resolution of Host Names
- ARP
- ARP Learning via Gratuitous ARP
- ARP Learning via ARP Request
- Configuring ARP Retries
- ICMP
- UDP Helper
- Configurations Using UDP Helper
- Troubleshooting UDP Helper
- IPv6 Routing
- iSCSI Optimization
- Intermediate
System to Intermediate System
- IS-IS Protocol Overview
- IS-IS Addressing
- Multi-Topology IS-IS
- Graceful Restart
- Implementation Information
- Configuration
Information
- Configuration
Tasks for IS-IS
- Enabling IS-IS
- Configuring Multi-Topology IS-IS (MT IS-IS)
- Configuring IS-IS Graceful Restart
- Changing LSP Attributes
- Configuring the IS-IS Metric Style
- Configuring the IS-IS Cost
- Configuring the Distance of a Route
- Changing the IS-Type
- Controlling Routing Updates
- Distribute Routes
- Configuring Authentication Passwords
- Setting the Overload Bit
- Debugging IS-IS
- Configuration
Tasks for IS-IS
- IS-IS Metric Styles
- Configure Metric Values
- Sample Configurations
- Isolated Networks for Aggregators
- Link Aggregation
- How the LACP is Implemented on an Aggregator
- Link Aggregation Control Protocol (LACP)
- Configuring Auto LAG
- Configuring the Minimum Number of Links to be Up for Uplink LAGs to be Active
- Optimizing Traffic Disruption Over LAG Interfaces On IOA Switches in VLT Mode
- Preserving LAG and Port Channel Settings in Nonvolatile Storage
- Enabling the LACP link fallback member
- Enabling the Verification of Member Links Utilization in a LAG Bundle
- Monitoring the Member Links of a LAG Bundle
- Verifying LACP Operation and LAG Configuration
- Multiple Uplink LAGs with 10G Member Ports
- Layer 2
- Link Layer Discovery
Protocol (LLDP)
- Protocol Data Units
- Configure LLDP
- CONFIGURATION versus INTERFACE Configurations
- Enabling LLDP
- Advertising TLVs
- Optional TLVs
- LLDP Operation
- Viewing the LLDP Configuration
- Viewing Information Advertised by Adjacent LLDP Agents
- Configuring LLDPDU Intervals
- Configuring a Time to Live
- Clearing LLDP Counters
- Debugging LLDP
- Relevant Management Objects
- Microsoft Network Load Balancing
- Multicast Source
Discovery Protocol (MSDP)
- Anycast RP
- Implementation Information
- Configure the Multicast Source Discovery Protocol
- Enabling MSDP
- Manage the Source-Active Cache
- Accept Source-Active Messages that Fail the RFP Check
- Specifying Source-Active Messages
- Limiting the Source-Active Messages from a Peer
- Preventing MSDP from Caching a Local Source
- Preventing MSDP from Caching a Remote Source
- Preventing MSDP from Advertising a Local Source
- Logging Changes in Peership States
- Terminating a Peership
- Clearing Peer Statistics
- Debugging MSDP
- MSDP with Anycast RP
- Configuring Anycast RP
- MSDP Sample Configurations
- Multiple Spanning
Tree Protocol (MSTP)
- Spanning Tree Variations
- Implementation Information
- Configure Multiple Spanning Tree Protocol
- Enable Multiple Spanning Tree Globally
- Creating Multiple Spanning Tree Instances
- Influencing MSTP Root Selection
- Interoperate with Non-Dell Networking OS Bridges
- Changing the Region Name or Revision
- Modifying Global Parameters
- Enable BPDU Filtering Globally
- Modifying the Interface Parameters
- Configuring an EdgePort
- Flush MAC Addresses after a Topology Change
- MSTP Sample Configurations
- Debugging and Verifying MSTP Configurations
- Multicast Features
- Open Shortest
Path First (OSPFv2 and OSPFv3)
- Protocol Overview
- OSPF with the Dell Networking OS
- Configuration
Information
- Configuration
Task List for OSPFv2 (OSPF for IPv4)
- Enabling OSPFv2
- Assigning a Router ID
- Assigning an OSPFv2 Area
- Enable OSPFv2 on Interfaces
- Configuring Stub Areas
- Configuring LSA Throttling Timers
- Enabling Passive Interfaces
- Enabling Fast-Convergence
- Changing OSPFv2 Parameters on Interfaces
- Enabling OSPFv2 Authentication
- Enabling OSPFv2 Graceful Restart
- Creating Filter Routes
- Applying Prefix Lists
- Redistributing Routes
- Troubleshooting OSPFv2
- Configuration
Task List for OSPFv2 (OSPF for IPv4)
- Configuration
Task List for OSPFv3 (OSPF for IPv6)
- Enabling IPv6 Unicast Routing
- Assigning IPv6 Addresses on an Interface
- Assigning Area ID on an Interface
- Assigning OSPFv3 Process ID and Router ID Globally
- Configuring Stub Areas
- Configuring Passive-Interface
- Redistributing Routes
- Configuring a Default Route
- Enabling OSPFv3 Graceful Restart
- Displaying Graceful Restart
- OSPFv3 Authentication
Using IPsec
- OSPFv3 Authentication Using IPsec: Configuration Notes
- Configuring IPsec Authentication on an Interface
- Configuring IPsec Encryption on an Interface
- Configuring IPSec Authentication for an OSPFv3 Area
- Configuring IPsec Encryption for an OSPFv3 Area
- Displaying OSPFv3 IPsec Security Policies
- Troubleshooting OSPFv3
- Viewing Summary Information
- Policy-based Routing (PBR)
- PIM Sparse-Mode (PIM-SM)
- PIM Source-Specific Mode (PIM-SSM)
- Port Monitoring
- Private VLANs (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service
(QoS)
- Implementation Information
- Port-Based QoS Configurations
- Guidelines for Configuring ECN for Classifying and Color-Marking Packets
- Policy-Based
QoS Configurations
- DSCP Color Maps
- Classify Traffic
- Create a QoS
Policy
- Creating an Input QoS Policy
- Configuring Policy-Based Rate Policing
- Setting a DSCP Value for Egress Packets
- Setting a dot1p Value for Egress Packets
- Creating an Output QoS Policy
- Configuring Policy-Based Rate Shaping
- Allocating Bandwidth to Queue
- Configure a Scheduler to Queue
- Setting DSCP Values for Egress Packets Based on Flow
- Specifying WRED Drop Precedence
- Create Policy
Maps
- Creating Input Policy Maps
- Applying a Class-Map or Input QoS Policy to a Queue
- Applying an Input QoS Policy to an Input Policy Map
- Honoring DSCP Values on Ingress Packets
- Honoring dot1p Values on Ingress Packets
- Enabling Fall Back to Trust Diffserve or dot1p
- Mapping dot1p Values to Service Queues
- Guaranteeing Bandwidth to dot1p-Based Service Queues
- Applying an Input Policy Map to an Interface
- Creating Output Policy Maps
- Applying an Output QoS Policy to a Queue
- Specifying an Aggregate QoS Policy
- Applying an Output Policy Map to an Interface
- Enabling QoS Rate Adjustment
- Enabling Strict-Priority Queueing
- Weighted Random Early Detection
- Routing Information Protocol (RIP)
- Remote Monitoring (RMON)
- Rapid Spanning
Tree Protocol (RSTP)
- Protocol Overview
- Configuring Rapid Spanning Tree
- Configuring Interfaces for Layer 2 Mode
- Enabling Rapid Spanning Tree Protocol Globally
- Adding and Removing Interfaces
- Modifying Global Parameters
- Enable BPDU Filtering Globally
- Modifying Interface Parameters
- Configuring an EdgePort
- Influencing RSTP Root Selection
- SNMP Traps for Root Elections and Topology Changes
- Configuring Fast Hellos for Link State Detection
- Security
- Service Provider Bridging
- sFlow
- Simple Network
Management Protocol (SNMP)
- Implementation Information
- Configuring the Simple Network Management Protocol
- Reading Managed Object Values
- Displaying the Ports in a VLAN using SNMP
- Fetching Dynamic MAC Entries using SNMP
- Deriving Interface Indices
- Monitor Port-Channels
- Entity MIBS
- SNMP Traps for Link Status
- Standard VLAN MIB
- MIB Support to Display the Available Memory Size on Flash
- MIB Support to Display the Software Core Files Generated by the System
- Stacking
- Storm Control
- Broadcast Storm Control
- Spanning Tree
Protocol (STP)
- Protocol Overview
- Configure Spanning Tree
- Configuring Interfaces for Layer 2 Mode
- Enabling Spanning Tree Protocol Globally
- Adding an Interface to the Spanning Tree Group
- Removing an Interface from the Spanning Tree Group
- Modifying Global Parameters
- Modifying Interface STP Parameters
- Enabling Port Fast
- Global BPDU Filtering
- Selecting STP Root
- STP Root Guard
- SNMP Traps for Root Elections and Topology Changes
- Displaying STP Guard Configuration
- System Time and Date
- Tunneling
- Uplink Failure
Detection (UFD)
- Feature Description
- How Uplink Failure Detection Works
- UFD and NIC Teaming
- Important Points to Remember
- Uplink Failure Detection (SMUX mode)
- Configuring Uplink Failure Detection (PMUX mode)
- Clearing a UFD-Disabled Interface (in PMUX mode)
- Displaying Uplink Failure Detection
- Sample Configuration: Uplink Failure Detection
- PMUX Mode of
the IO Aggregator
- I/O Aggregator (IOA) Programmable MUX (PMUX) Mode
- Configuring and Changing to PMUX Mode
- Configuring the Commands without a Separate User Account
- Virtual Link Trunking (VLT)
- NPIV Proxy Gateway
- Upgrade Procedures
- Virtual LANs (VLANs)
- Virtual Link
Trunking (VLT)
- Overview
- VLT Terminology
- Configure Virtual Link Trunking
- RSTP Configuration
- Preventing Forwarding Loops in a VLT Domain
- Sample RSTP Configuration
- Configuring VLT
- Configuring a VLT Interconnect
- Configuring a VLT Backup Link
- Configuring a VLT Port Delay Period
- Reconfiguring the Default VLT Settings (Optional)
- Connecting a VLT Domain to an Attached Access Device (Switch or Server)
- Configuring a VLT VLAN Peer-Down (Optional)
- Configure Multi-domain VLT (mVLT) (Optional)
- Verifying a VLT Configuration
- Connecting a VLT Domain
- PVST+ Configuration
- mVLT Configuration Example
- PIM-Sparse Mode Configuration Example
- Additional VLT Sample Configurations
- Troubleshooting VLT
- Specifying VLT Nodes in a PVLAN
- Configuring a VLT VLAN or LAG in a PVLAN
- Proxy ARP Capability on VLT Peer Nodes
- Configuring VLAN-Stack over VLT
- Virtual Router
Redundancy Protocol (VRRP)
- VRRP Overview
- VRRP Benefits
- VRRP Implementation
- VRRP Configuration
- Configuration Task List
- Setting VRRP Initialization Delay
- Sample Configurations
- Debugging and Diagnostics
- Standards Compliance
- FC Flex IO Modules
- FC Flex IO Modules
- Understanding and Working of the FC Flex IO Modules
- Data Center
Bridging (DCB)
- Ethernet Enhancements in Data Center Bridging
- Enabling Data Center Bridging
- QoS dot1p Traffic Classification and Queue Assignment
- Configure Enhanced Transmission Selection
- Configure a DCBx Operation
- Verifying the DCB Configuration
- PFC and ETS Configuration Examples
- Using PFC and ETS to Manage Data Center Traffic
- Fibre Channel over Ethernet for FC Flex IO Modules
- NPIV Proxy Gateway for FC Flex IO Modules
Dell PowerEdge FN I/O Module Configuration Guide 9.10(0.0)
Configuration Task List for Policy-based Routing
To enable the PBR:
- Create a Redirect List
- Create a Rule for a Redirect-list
- Create a Track-id list. For complete tracking information, refer to Object Tracking chapter.
- Apply a Redirect-list to an Interface using a Redirect-group
Create a Redirect List
Use the following command in CONFIGURATION mode:
-
Create a redirect list by entering the list name. Format: 16 characters
CONFIGURATION mode
ip redirect-list redirect-list-name
Delete the redirect list with the no ip redirect-list command.
The following example creates a redirect list by the name of “xyz.”
Dell(conf)#ip redirect-list ?
WORD Redirect-list name (max 16 chars)
Dell(conf)#ip redirect-list xyz
Create a Rule for a Redirect-list
Use the following command in CONFIGURATION REDIRECT-LIST mode to set the rules for the redirect list. You can enter the command multiple times and create a sequence of redirect rules. Use the seq nn redirect version of the command to organize your rules .
-
Configure a rule for the redirect list.
CONF-REDIRECT-LIST mode
seq {number} redirect { ip-address}{ ip-protocol-number | protocol-type [ bit]} { source mask | any | host ip-address}{ destination mask | any | host ip-address}
- number is the number in sequence to initiate this rule
- ip-address is the Forwarding router’s address
- FORMAT: A.B.C.D
- FORMAT: slot/port
- ip-protocol-number or protocol-type is the type of protocol to be redirected
- FORMAT: 0-255 for IP protocol number, or enter protocol type
- source ip-address or any or host ip-address is the Source’s IP address
- FORMAT: A.B.C.D/NN, or ANY or HOST IP address
- destination ip-address or any or host ip-address is the Destination’s IP address
- FORMAT: A.B.C.D/NN, or ANY or HOST IP address
Delete a rule with the no redirect command.
The redirect rule supports Non-contiguous bitmasks for PBR in the Destination router IP address
The below step shows a step-by-step example of how to create a rule for a redirect list by configuring:
- IP address of the next-hop router in the forwarding route
- IP protocol number
- Source address with mask information
- Destination address with mask information
Creating a Rule Example:
Dell(conf-redirect-list)#redirect ?
A.B.C.D Forwarding router's address
Dell(conf-redirect-list)#redirect 3.3.3.3 ?
<0-255> An IP protocol number
icmp Internet Control Message Protocol
ip Any Internet Protocol
tcp Transmission Control Protocol
udp User Datagram Protocol
Dell(conf-redirect-list)#redirect 3.3.3.3 ip ?
A.B.C.D Source address
any Any source host
host A single source host
Dell(conf-redirect-list)#redirect 3.3.3.3 ip 222.1.1.1 ?
Mask A.B.C.D or /nn Mask in dotted decimal or in slash format
Dell(conf-redirect-list)#redirect 3.3.3.3 ip 222.1.1.1 /32 ?
A.B.C.D Destination address
any Any destination host
host A single destination host
Dell(conf-redirect-list)#redirect 3.3.3.3 ip 222.1.1.1 /32 77.1.1.1 ?
Mask A.B.C.D or /nn Mask in dotted decimal or in slash format
Dell(conf-redirect-list)#redirect 3.3.3.3 ip 222.1.1.1 /32 77.1.1.1 /32 ?
Dell(conf-redirect-list)#redirect 3.3.3.3 ip 222.1.1.1 /32 77.1.1.1 /32
Dell(conf-redirect-list)#do show ip redirect-list
IP redirect-list xyz:
Defined as:
seq 5 redirect 3.3.3.3 ip host 222.1.1.1 host 77.1.1.1
Applied interfaces:
None
Multiple rules can be applied to a single redirect-list. The rules are applied in ascending order, starting with the rule that has the lowest sequence number in a redirect-list displays the correct method for applying multiple rules to one list.
Creating multiple rules for a redirect-list:
Dell(conf)#ip redirect-list test
Dell(conf-redirect-list)#seq 10 redirect 10.1.1.2 ip 20.1.1.0/24 any
Dell(conf-redirect-list)#seq 15 redirect 10.1.1.3 ip 20.1.1.0/25 any
Dell(conf-redirect-list)#seq 20 redirect 10.1.1.3 ip 20.1.1.128/24 any
Dell(conf-redirect-list)#show config
!
ip redirect-list test
seq 10 redirect 10.1.1.2 ip 20.1.1.0/24 any
seq 15 redirect 10.1.1.3 ip 20.1.1.0/25 any
seq 20 redirect 10.1.1.3 ip 20.1.1.0/24 any
Dell(conf-redirect-list)#
- NOTE: Starting in release 9.4(0.0), Dell Networking OS supports the use of multiple recursive routes with the same source-address and destination-address combination in a redirect policy on an router.
A recursive route is a route for which the immediate next-hop address is learned dynamically through a routing protocol and acquired through a route lookup in the routing table. The user can configure multiple recursive routes in a redirect list by entering multiple seq redirect statements with the same source and destination address and specify a different next-hop IP address. In this way, the recursive routes are used as different forwarding routes for dynamic failover. If the primary path goes down and the recursive route is removed from the routing table, the seq redirect statement is ignored and the next statement in the list with a different route is used.
PBR Exceptions (Permit)
Use the command permit to create an exception to a redirect list. Exceptions are used when a forwarding decision should be based on the routing table rather than a routing policy.
Dell Networking OS assigns the first available sequence number to a rule configured without a sequence number and inserts the rule into the PBR CAM region next to the existing entries. Since the order of rules is important, ensure that you configure any necessary sequence numbers.
The permit statement is never applied because the redirect list covers all source and destination IP addresses.
Ineffective PBR Exception due to Low Sequence Number
ip redirect-list rcl0
seq 5 redirect 2.2.2.2 ip any any
seq 10 permit ip host 3.3.3.3 any
To ensure that the permit statement or PBR exception is effective, use a lower sequence number, as shown below:
ip redirect-list rcl0
seq 10 permit ip host 3.3.3.3 any
seq 15 redirect 2.2.2.2 ip any any
Apply a Redirect-list to an Interface using a Redirect-group
IP redirect lists are supported on physical interfaces as well as VLAN and port-channel interfaces.
- NOTE: When you apply a redirect-list on a port-channel, when traffic is redirected to the next hop and the destination port-channel is shut down, the traffic is dropped. However, on the S-Series, the traffic redirected to the destination port-channel is sometimes switched.
Use the following command in INTERFACE mode to apply a redirect list to an interface. Multiple redirect-lists can be applied to a redirect-group. It is also possible to create two or more redirect-groups on one interface for backup purposes.
-
Apply a redirect list (policy-based routing) to an interface.
INTERFACE mode
ip redirect-group redirect-list-name
redirect-list-name is the name of a redirect list to apply to this interface. FORMAT: up to 16 characters
Delete the redirect list from this interface with the [no] ip redirect-group command.
In this example, the list “xyz” is applied to the tenGigabitEthernet 4/0 interface.
Applying a Redirect-list to an Interface Example:
Dell(conf-if-te-4/0)#ip redirect-group xyz
Dell(conf-if-te-4/0)#
Applying a Redirect-list to an Interface Example:
Dell(conf-if-te-1/0)#ip redirect-group test
Dell(conf-if-te-1/0)#ip redirect-group xyz
Dell(conf-if-te-1/0)#show config
!
interface TenGigabitEthernet 1/0
no ip address
ip redirect-group test
ip redirect-group xyz
shutdown
Dell(conf-if-te-1/0)#
In addition to supporting multiple redirect-lists in a redirect-group, multiple redirect-groups are supported on a single interface. Dell Networking OS has the capability to support multiple groups on an interface for backup purposes.
Show Redirect List Configuration
To view the configuration redirect list configuration, use the following command in EXEC mode:
-
View the redirect list configuration and the associated interfaces.
EXEC mode
show ip redirect-list redirect-list-name
-
View the redirect list entries programmed in the CAM.
EXEC mode
show cam pbr
show cam-usage
List the redirect list configuration using the show ip redirect-list redirect-list-name command. The non-contiguous mask is displayed in dotted format (x.x.x.x). The contiguous mask is displayed in /x format. Some sample outputs are shown below:
Dell#show ip redirect-list explicit_tunnel
IP redirect-list explicit_tunnel:
Defined as:
seq 5 redirect tunnel 1 track 1 tcp 155.55.2.0/24 222.22.2.0/24, Track 1 [up], Next-hop reachable (via Te 1/32)
seq 10 redirect tunnel 1 track 1 tcp any any, Track 1 [up], Next-hop reachable (via Te 1/32)
seq 15 redirect tunnel 2 udp 155.55.0.0/16 host 144.144.144.144, Track 1 [up], Next-hop reachable (via Te 1/32)
seq 35 redirect 155.1.1.2 track 5 ip 7.7.7.0/24 8.8.8.0/24, Track 5 [up], Next-hop reachable (via Po 5)
seq 30 redirect 155.1.1.2 track 6 icmp host 8.8.8.8 any, Track 5 [up], Next-hop reachable (via Po 5)
seq 35 redirect 42.1.1.2 icmp host 8.8.8.8 any, Next-hop reachable (via Vl 20)
seq 40 redirect 43.1.1.2 tcp 155.55.2.0/24 222.22.2.0/24, Next-hop reachable (via Vl 30)
seq 45 redirect 31.1.1.2 track 200 ip 12.0.0.0 255.0.0.197 13.0.0.0 255.0.0.197, Track 200 [up], Next-hop reachable (via Te
1/32)
, Track 200 [up], Next-hop reachable (via Vl 20)
, Track 200 [up], Next-hop reachable (via Po 5)
, Track 200 [up], Next-hop reachable (via Po 7)
, Track 200 [up], Next-hop reachable (via Te 2/18)
, Track 200 [up], Next-hop reachable (via Te 2/19)
Use the show ip redirect-list (without the list name) to display all the redirect-lists configured on the device.
Dell#show ip redirect-list
IP redirect-list rcl0:
Defined as:
seq 5 permit ip 200.200.200.200
200.200.200.200 199.199.199.199
199.199.199.199
seq 10 redirect 1.1.1.2 tcp 234.224.234.234 255.234.234.234 222.222.222.222/24
seq 40 ack, Next-hop reachable (via Te 8/1), ARP resolved
Applied interfaces:
Te 8/0
- NOTE: If, the redirect-list is applied to an interface, the output of show ip redirect-list redirect-list-name command displays reachability and ARP status for the specified next-hop.
Showing CAM PBR Configuration Example :
Dell#show cam pbr stack-unit 1 port-set 0
TCP Flag: Bit 5 - URG, Bit 4 - ACK, Bit 3 - PSH, Bit 2 - RST, Bit 1 - SYN, Bit 0 - FIN
Cam Port VlanID Proto Tcp Src Dst SrcIp DstIp Next-hop Egress
Index Flag Port Port MAC Port
-----------------------------------------------------------------------------------------------------------------
06080 0 N/A IP 0x0 0 0 200.200.200.200
200.200.200.200 199.199.199.199
199.199.199.199 N/A NA
06081 0 N/A TCP 0x10 0 40 234.234.234.234 255.234.234.234 222.222.222.222/
24 00:00:00:00:00:09 8/1
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\