暂不涉及
暂不涉及
现场pbr不生效,查看底层未下发
现场pbr 调用的acl如下:
acl ipv6 number 3000
rule 0 permit ipv6 source 2409:8C62:FF00::AB3:8650/128
rule 5 permit ipv6 source 2409:8C62:FF00::AB3:8651/128
rule 10 permit ipv6 source 2409:8C62:FF00::AB3:8652/128
rule 20 permit ipv6 source 2409:8C62:FF00::AB3:86FE/128
rule 25 permit ipv6 source 2409:8C62:FF00::6472:8100/120
rule 30 permit ipv6 source 2409:8C62:FF00::6472:B000/117
rule 35 permit ipv6 source 2409:8C62:FF00::6472:8700/120
rule 40 permit ipv6 source 2409:8C62:FF00::AE7:B700/120 destination object-group Overlay_v6
PBR不支持object-group:
Chassis01 slot02 2023/07/07 02:04:44:845670 [LINE:3097-TASK:pbrd-FUNC:DRV_QACL_PBR_Control]:PBR_Control Failed Ret=0x40010008
Chassis01 slot02 2023/07/07 02:05:15:724404 [LINE:2920-TASK:pbrd-FUNC:Drv_Qacl_Sal_Acl_Parse_Iter]:Sal_Parse_Iter Failed for Aclver=2,AclGroupIndex=3000 Innerflag=0
Chassis01 slot02 2023/07/07 02:05:15:724449 [LINE:2935-TASK:pbrd-FUNC:Drv_Qacl_Sal_Acl_Parse_Iter]:only pktfilter support object group
——只有包过滤支持对象组配置
因此现场只需要把object-group改成48位掩码的ipv6地址即可:
#
object-group ipv6 address Overlay_v6
0 network subnet 2409::/48
#
rule 40 permit ipv6 source 2409:8C62:FF00::AE7:B700/120 destination 2409:8::/48
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作