300
Configuring a policy
Creating a node
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a node for a policy, and
enter policy node view.
policy-based-route policy-name
[ deny | permit ] node node-number
By default, no policy node is
created.
Configuring match criteria for a node
Ste
Command Remarks
1. Enter system
view.
system-view N/A
2. Enter policy
node view.
policy-based-route policy-name [ deny | permit ] node
node-number
N/A
3. Configure an
ACL match
criterion.
if-match acl acl-number{ acl-number | name acl-name }
By default, no ACL
match criterion is
configured.
4. Configure a
packet length
match criterion.
if-match packet-length min-len max-len
By default, no packet
length match criterion is
configured.
NOTE:
Implementation of the permit or deny action and the time ran
e of the specified ACL that an ACL match
criterion uses depends on the device model.
Configuring actions for a node
Ste
Command Remarks
1. Enter system
view.
system-view N/A
2. Enter policy
node view.
policy-based-route policy-name [ deny |
permit ] node node-number
N/A
3. Set an IP
precedence.
apply precedence { type | value }
By default, no IP precedence is
specified.
4. Set the DF bit
in the IP
header.
apply ip-df df-value
By default, the DF bit in the IP header is
not set.
To Next Page
Loading...
