问题描述:
nqa+track+策略路由不成功。电信断了之后不能快速切换到移动
lan口信息 vlan 9 IP 10.223.0.2
wan电信
49.87.119.18 网关
49.87.119.17
wan移动
221.181.138.128
网关
221.181.138.1
防火墙有2个wan口一个lan口。lan口设置策略路由让内网不同的网段分别走不同的wan口。
acl advanced 3202 description 移动外网 rule 5 permit ip source 10.223.203.0 0.0.0.255 rule 10 permit ip source 172.20.1.0 0.0.0.255 rule 15 permit ip source 10.223.201.243 0 rule 20 permit ip source 10.223.201.242 0 rule 25 permit ip source 10.223.64.0 0.0.0.255 rule 30 permit ip source 10.223.202.0 0.0.0.255 rule 35 permit ip source 10.223.209.0 0.0.0.255 rule 40 permit ip source 192.168.101.0 0.0.0.255
acl advanced 3201 description 电信外网 rule 0 permit ip source 10.223.208.0 0.0.0.255 rule 1 permit ip source 10.223.213.0 0.0.0.255 rule 5 permit ip source 10.223.209.0 0.0.0.255 rule 10 permit ip source 10.223.210.0 0.0.0.255 rule 15 permit ip source 10.223.211.0 0.0.0.255 rule 20 permit ip source 10.223.0.0 0.0.0.255 rule 25 permit ip source 10.223.212.0 0.0.0.255 rule 30 permit ip source 10.223.214.0 0.0.0.255 rule 35 permit ip source 10.223.201.101 0 rule 40 permit ip source 10.223.201.103 0 rule 55 permit ip source 10.223.64.0 0.0.0.255
wan口设置nqa+track
nqa entry reth1 1
type icmp-echo
destination ip 221.181.138.1
frequency 10000
next-hop ip 221.181.138.1
probe count 3
probe timeout 1000
reaction 1 checked-element probe-fail threshold-type consecutive 6 action-type trap-only
#
nqa entry reth2 1
type icmp-echo
destination ip 49.87.119.17
frequency 10000
next-hop ip 49.87.119.17
probe count 3
probe timeout 1000
reaction 1 checked-element probe-fail threshold-type consecutive 6 action-type trigger-only
#
nqa schedule reth1 1 start-time now lifetime forever nqa schedule reth2 1 start-time now lifetime forever
track 1 interface Route-Aggregation1 physical
#
track 2 interface Route-Aggregation2 physical #
组网及组网描述:
lan口信息 vlan 9 IP 10.223.0.2
wan电信
49.87.119.18 网关
49.87.119.17
wan移动
221.181.138.128
网关
221.181.138.1
防火墙有2个wan口一个lan口。lan口设置策略路由让内网不同的网段分别走不同的wan口。
- 2023-03-02提问
- 举报
-
(0)
destination ip 221.181.138.1 目标地址配置目标更远一些,比如114.114.114.114
track 1 interface Route-Aggregation1 physical 这里接口不一定是down的,如果直连这里是UP,下一跳出的问题也是检测不到的
还有配置的路由贴上来看一下
- 2023-03-02回答
- 评论(1)
- 举报
-
(0)
policy-based-route shangwang permit node 0 if-match acl 3100 # policy-based-route shangwang permit node 1 if-match acl 3203 apply next-hop 221.181.138.1 direct # policy-based-route shangwang permit node 5 if-match acl 3201 apply next-hop 49.87.119.17 direct # policy-based-route shangwang permit node 10 if-match acl 3202 apply next-hop 221.181.138.1 direct
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
policy-based-route shangwang permit node 0 if-match acl 3100 # policy-based-route shangwang permit node 1 if-match acl 3203 apply next-hop 221.181.138.1 direct # policy-based-route shangwang permit node 5 if-match acl 3201 apply next-hop 49.87.119.17 direct # policy-based-route shangwang permit node 10 if-match acl 3202 apply next-hop 221.181.138.1 direct