网络拓扑结构(本次网络为有线、无线,由于无线办公流量较大,采用分流方式较好)
配置说明需要做负载负担,基于策略路由实现,使用默认路由可能产生出去丢包现象
system-view
acl number 2000
description for_NAT-use
rule 0 permit ip source any
quit
acl number 3000
description for_Cable_Office_use
rule 0 permit ip source 192.168.10.0 0.0.0.255
quit
acl number 3001
description for_Wireless_Office-use
rule 0 permit ip source 10.100.2.0 0.0.0.255
rule 1 permit ip source 10.100.3.0 0.0.0.255
quit
traffic classifier c1
if-match acl 3000
traffic classifier c2
if-match acl 3001
quit
traffic behavior b1
redirect ip-nexthop 223.11.12.1
traffic behavior b2
redirect ip-nexthop 123.126.109.1
quit
traffic policy p1
classifier c1 behavior b1
classifier c2 behavior b2
quit
interface Ethernet0/0/0 #内网接口
traffic-policy p1 inbound
quit
interface Ethernet0/0/1 #内网接口
traffic-policy p1 inbound
quit
interface G0/0/0 #外网接口
nat outbound 2000
quit
interface G0/0/1 #外网接口
nat outbound 2000
quit
ip route-static 0.0.0.0 0 223.11.12.1 (当策略路由失效,可以采用缺省路由出去)
ip route-static 0.0.0.0 0 123.126.109.1
本文链接:https://my.lmcjl.com/post/1440.html
4 评论