ipv6 nexthop-list
ipsec6-map
ipv6 {
no
preemptive-failover
Description
This command defines a next-hop list for IPv6 address in policy-based routing.
A next-hop IP is the IPv6 address of an adjacent router or device with layer-2 connectivity to themanaged device. If themanaged deviceuses policy-based routing to forwards packets to a next-hop device and that device becomes unreachable, the packets matching the policy will not reach their destination. The next-hop list provides redundancy for the next-hop devices by forwarding the traffic to a backup next-hop device in case of failures. If active next-hop device on the list becomes unreachable, traffic matching a policy-based routing ACL is forwarded using the highest-priority active next-hop on the list. You can verify the reachability by usingshow ip health-checkcommand. All the next-hop IPv6 addresses are added to the health-check if the next-hop is used by a route ACL. The datapath uses only the next-hop devices that are reachable.
A maximum of 16 next-hops can be added to a next-hop list. Each next-hop can be assigned a priority, which decides the order of selection of the next-hop. If a higher priority next-hop goes down, the next higher priority next-hop which is active is chosen for forwarding. If all the next-hops are configured with same priority, a round-robin order is used. If all the next-hops are down, traffic is dropped and regular destination based forwarding happens when IPv6 forward rule is configured explicitly in ACL for PBR.
In a typical deployment scenario with multiple up-links, the default route only uses one of the uplink next-hops for forwarding packets. If a next-hop becomes unreachable, the packets will not reach their destination. If your deployment uses policy-based routing based on a next-hop list, any of the uplink next-hops could be used for forwarding traffic. This requires a valid ARP entry (route-cache) in the system for all the policy-based routing next-hops.
Branch deployments may also require policy-based redirection of traffic to different site-to-site tunnels. The next-hop list allows you to select an IPsec map to redirect traffic through IPsec tunnels.
A maximum of 32 next-hop lists (IPv4 and IPv6) is allowed.
Parameter |
Description |
Name of the next-hop list. You cannot use the same name for both IPv4 and IPv6 next-hop lists. |
|
ipsec6-map |
Packets can be redirected over a site-to-site tunnel by specifying the IPsec map name. Only site-to-site VPN is currently supported for IPv6. Hence, the IPsec map is limited to the site-to-site map. |
[priority |
(Optional) Use this parameter to assign priority to next-hop. 1-255 128 |
ipv6 |
IPv6 address of the next-hop device. |
[priority |
(Optional) Use this parameter to assign priority to next-hop. 1-255 128 |
no |
Negates any configured parameter. |
preemptive-failover |
Enable or disable preemptive failover. If preemption is enabled and a higher priority next-hop becomes reachable again, packets are again forwarded to the higher priority next-hop. This option is enabled by default. |
Example
The following command configures a list of next-hops:
(host) [mynode] (config) #ipv6 nexthop-list new
(主机)^ [mynode] (config-submode) # ipv6 2005:: 1革命制度党ority 1
(host) ^[mynode] (config-submode)#ipv6 2002::2 priority 2
(host) ^[mynode] (config-submode)#ipv6 2008::4 priority 3
Related Commands
Command |
Description |
Display IPv6 next-hop list settings for policy-based routing. |
|
Display the health-check status of the uplink interfaces of a branch officemanaged device. |
Command History
Release |
Modification |
ArubaOS8.6.0.0 |
Command introduced. |
Command Information
Platform |
License |
Command Mode |
All platforms |
Available in the base operating system. |
Config mode onMobility Conductor. |
