ip nexthop-list
ip
probe_wan_hc_ip
{dhcp vlan
ipsec-map
no
preemptive-failover
Description
Define a next hop list for policy-based routing.
下一个跃点的IP是IP添加ress of a adjacent router or device with layer-2 connectivity to themanaged device. If themanaged deviceuses policy-based routing to forwards packets to a next hop device and that device becomes unreachable, the packets matching the policy will not reach their destination. The next hop list provides redundancy for the next hop devices by forwarding the traffic to a backup next hop device in case of failures. If active next hop device on the list becomes unreachable, traffic matching a policy-based routing ACL is forwarded using the highest-priority active next hop on the list.
A maximum of 4 next hops can be added to a next hop list. Each next hop can be assigned a priority, which decides the order of selection of the next hop. If a higher priority next hop goes down, the next higher priority next hop which is active is chosen for forwarding. If all the next hops are configured with same priority, the order is determined based on the order in which they are configured. If all the next hops are down, traffic is passed regular destination based forwarding.
In a typical deployment scenario with multiple up-links, the default route only uses one of the uplink next-hops for forwarding packets. If a next hop becomes unreachable, the packets will not reach their destination. If your deployment uses policy-based routing based on a next hop list, any of the uplink next hops could be used for forwarding traffic. This requires a valid ARP entry (route-cache) in the system for all the policy-based routing next hops.
In a branch officemanaged devicedeployment, the site up-links can obtain their IP addresses and default gateway using DHCP. In such deployments, the next hop-list configuration can use the VLAN IDs of uplink VLANs. If the VLAN gets an IP address using DHCP, and the default gateway is determined by the VLAN interface, the gateway IP is used as the next hop IP address. Branch deployments may also require policy-based redirection of traffic to different VPN tunnels. The next hop list allows you to select an IPsec map to redirect traffic through IPsec tunnels.
Parameter |
Description |
Name of the next hop list. |
|
ip |
Next hop IP address. |
probe_wan_hc_ip |
Enables nexthop failover, if the uplink health check of the nexthop is unreachable |
dhcp vlan |
VLAN ID of the VLAN used by the next hop device. If the VLAN gets an IP address using DHCP, and the default gateway is determined by the VLAN interface, the gateway IP is used as the next hop IP address. |
IP address of the next hop device. |
|
ipsec-map |
Packets can be redirected over a VPN tunnel by specifying the IPsec map name. |
preemptive-failover |
Enable or disable preemptive failover. If preemption is enabled and a higher priority next hop becomes reachable again, packets are again forwarded to the higher priority next hop. |
Example
The following command configures a list of next hops:
(host) [mynode] (config) #ip nexthop-list list1
(host) ^[mynode] (config-submode)#ip 10.1.1.41 priority 1
(host) ^[mynode] (config-submode)#ip 172.21.18.170 priority 2
(host) ^[mynode] (config-submode)#ip 192.18.140.20 priority 3
Related Commands
Command |
Description |
Display next hop list settings for policy-based routing. |
Command History
Release |
Modification |
ArubaOS8.7.1.1 |
The |
ArubaOS8.0.0.0 |
Command introduced. |
Command Information
Platform |
License |
Command Mode |
All platforms |
Available in the base operating system. |
配置模式Mobility Conductor. |
