PBR 9300 Switch Configuration example, refer to:
ip address A firewall is a firewall 1.1.1.1,9300 A switch is connected to the ip address 1.1.1.2
ip address firewall switch B is connected to the firewall 2.2.2.1,9300 ip address B to 2.2.2.2
Suspend a switch 9300 three segments:
segment W1: 192.168.10.0/24
segment W2: 192.168.20.0/24
segment W3: 192.168.30.0/24, connected in G1 / 0/1 9300 port switch.
To achieve the current network segment W1 and W2 forwarded from the firewall A, B segment W3 from the firewall forward, thinking configured to:
configure a firewall A default route to the address on the 9300 switch 1.1.1.1, namely all segments of the packets are by default a forwarded from the firewall;
configuration for address segments PBR W3 point B on the firewall 9300 switch 2.2.2.1, W3 segment so that packets forwarded from the firewall B.
[Quidway]ip route-static 0.0.0.0 0.0.0.0 1.1.1.1
[Quidway]acl number 2000
[Quidway-acl-basic-2000]rule permit source 192.168.30.0 0.0.0.255
[Quidway-acl-basic-2000]quit
[Quidway]traffic classifier W3
[Quidway-classifier-W3]if-match acl 2000
[Quidway-classifier-W3]quit
[Quidway]traffic behavior W3
[Quidway-behavior-W3]redirect ip-nexthop 2.2.2.1
[Quidway-behavior-W3]quit
[Quidway]traffic policy W3
[Quidway-trafficpolicy-W3]classifier W3 behavior W3
[Quidway-trafficpolicy-W3]quit
[Quidway]interface GigabitEthernet 1/0/1
[Quidway -GigabitEthernet1/0/1]traffic-policy W3 inbound
