Reset Search
 

 

Article

How to configure flow-redirect

« Go Back

Information

 
TitleHow to configure flow-redirect
Objective
Redirect all 192.0.2.0/24 traffic ingressing port 1 to a next hop of 192.51.100.1 instead of the normal traffic flow.

Things to remember:
  • The next-hop IP address needs to be the switches next Layer 3 hop.
  • The ingress ACL needs to be placed in the right location to capture the traffic you want to redirect.
Environment
  • EXOS
  • Summit
  • BlackDiamond
User-added image
Procedure
1.  The first thing you need to do is create a flow redirect.
  • Create the flow-redirect name:
    • create flow-redirect GTAC_redirect
  • Configure the next hop address (This command can be entered multiple times with different priorities.  Highest priority gets used). 
    • configure flow-redirect GTAC_redirect add nexthop 198.51.100.1 priority 100
  • If more than one next hop address is used, EXOS will automatically send ping health-checks to make sure the next hop is available. If the connectivity is loss then it will refer to the next highest priority next hop in the configuration. The default configuration can be changed below:
    • configure flow-redirect GTAC_redirect nexthop 198.51.100.1 ping health-check interval <seconds> miss <# of misses allowed>
  • Create the ACL/Policy: (How to create and apply an ACL in EXOS)
    • edit policy ACL_redirect
    • Paste the following into the editor.  Make sure your in insert mode "i" (Keep in mind that the following ACL is an example, this will have to be tweaked to fit your needs)
Entry redirect {
If match all {
source-address 192.0.2.0/24;
} then {
permit;
redirect-name GTAC_redirect;
}
}


Apply the ACL to the port(s) or VLAN you would like traffic to be scanned on: 
  • In this example we will add it to port 1 ingress.
    • configure access-list ACL_redirect ports 1 ingress
Additional notes
You can also apply the ACL on the entire VLAN
configure access-list <policy name without .pol> vlan <vlan>

Reference:
How to create and apply an ACL in EXOS

Related Hub Thread:
https://community.extremenetworks.com/extreme/topics/any-way-to-perform-probing-on-a-logical-address-to-drive-a-route-change
 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255