Traffic steering using ACLs
7730 SXR systems support traffic steering using ACLs. The match conditions listed in ACL match conditions can be applied to ACLs used for traffic steering. To configure traffic steering, you configure match conditions and the following ACL actions:
-
accept + forward next-hop <address> – Following accept, redirects matching packets to the set of next-hops that result from performing a route lookup in the incoming network-instance using the configured IP address (instead of the IP packet destination address). If the lookup yields no result, or the set of next-hops is down, the packet is dropped and an ICMP destination unreachable message is sent.
-
accept + forward next-hop <address> network-instance <name> – Following accept, redirects matching packets to the set of next-hops that result from performing a route lookup in the configured network-instance using the configured IP address (instead of the IP packet destination address). If the lookup yields no result, or the set of next-hops is down, the packet is dropped and an ICMP destination unreachable message is sent.
-
accept + forward network-instance <name> – Following accept, redirects matching packets by performing a route lookup in the configured network-instance instead of the incoming network-instance. If the route lookup yields no result or the set of next hops is down, the packet is dropped and an ICMP destination unreachable message is sent.
In all cases the ICMP message is sent from the incoming network-instance.
The following example configures an IPv4 ACL filter entry that causes matching packets to use a specified IP address for the route lookup instead of the DA from the IP header of the packet. The packet is forwarded toward the next-hop that results from this lookup.
--{ + candidate shared default }--[ ]--
# info with-context acl acl-filter ts1 type ipv4
acl {
acl-filter ts1 type ipv4 {
entry 100 {
match {
ipv4 {
source-ip {
prefix 10.10.0.0/16
}
}
}
action {
accept {
forward {
next-hop {
address 10.20.20.20
}
}
}
}
}
}
}