09-28-2011 07:46 AM
Thanks in advance for any and all input.
I am the IT manager for a school district. I am also the WAN Manager for our Municipal fiber optic WAN for the entire city. 3 of our school buildings have police substations with a computer in each building that is part of each schools network. We use ACLs to deny all traffic with the exception of these police PCs to the police station so that the officers can access servers housed in the police station. They get Internet access through the school department ISP.
They now need to access a state web servers to run criminal history information. These webservers are not accessible by just anyone. By accessible, I mean that anyone attempting to access them will get a 'page cannot be displayed' error if their public IP not on the state's allowed list.
So... What I hoped to be able to do is create a route policy based upon both Host IP AND destination network and route just the matched traffic to the state's router at the police department. I want all typical Internet traffic to go through our ISP.
The source part is easy, I can't find anything that allows destination matching. Is there a way to do this?
10-04-2011 09:16 AM
a good news for all of us..PBR has been implemented in K.15.06 as an extensiont to traffic policies using an expanded "match / class action" (not to be confused with route maps "match/set").
10-04-2011 10:03 AM
woooww very good this switch is looks great new software
Enhancement (PR_0000072668) - IPv6 over IPv4 tunneling is a way to establish point-to-point tunnels by
encapsulating IPv6 packets within IPv4 headers so that they can be carried over the IPv4 routing infrastructure. IPv6
over IPv4 tunneling provides a mechanism for utilizing the existing IPv4 routing infrastructure to carry IPv6 traffic
between IPv6 networks. For information on configuring tunnels, see the “IPv6 Tunneling Over IPv4 Using Manually
Configured Tunnels” chapter in the
IPv6 Configuration Guide.
OSPFv3 over 6in4 Tunnels
Enhancement (PR_0000072702) - Both VLANS and tunnels can be assigned to areas and may be collectively
referred to as an IP routing interface. For information on configuring tunnels, see the “IPv6 Tunneling Over IPv4 Using
Manually Configured Tunnels” chapter in the
IPv6 Configuration Guide.
Version K.15.06.0006 Enhancements
Policy Based Routing (PBR)
Enhancement (PR_0000072658) - PBR provides the ability to manipulate a packet’s path based on attributes of
the packet. Traffic with the same destination can be routed over different paths, so that different types of traffic, such
as VOIP or traffic with special security requirements, can be better managed. For more information, see the "Classifier-
Based Software Configuration" chapter in the
Advanced Traffic Management Guide for your switch.
Enhancement (PR_0000073705) - Border Gateway Protocol (BGP) support has been added. For more information,
see the “BGP (Border Gateway Protocol)” chapter in the
Multicast and Routing Guide for your switch.