Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Image Added



Conductor Web GUIConfigure a Static Route

Troubleshoot > Routing tables >


Image Added

Branch config file


Code Block
titlebranch router config
collapsetrue
admin@node1.seabo1# show config running 

config

    authority
        name               CompanyX
        conductor-address  192.168.7.99

        remote-login

        exit

        router             seabo1
            name                  seabo1
            location              Sea
            location-coordinates  +47.6062-122.3321/

            system
                log-level  warning
            exit

            node                  node1
                name              node1
                asset-id          4ebf2ff4-697f-46c8-8992-748e4966046b

                device-interface  mpls1
                    name               mpls1
                    type               ethernet
                    pci-address        0000:00:04.0

                    network-interface  mpls1
                        name       mpls1
                        global-id  3

                        address    10.0.128.0
                            ip-address     10.0.128.0
                            prefix-length  31
                            gateway        10.0.128.1
                        exit
                    exit
                exit

                device-interface  lan1
                    name                  lan1
                    type                  ethernet
                    pci-address           0000:00:03.0
                    link-settings         auto

                    traffic-engineering
                        enabled  false
                    exit

                    load-balancing
                        utilization-high-water-mark  100
                        utilization-low-water-mark   80
                    exit

                    session-optimization
                        enable-detection  true
                    exit
                    enabled               true
                    forwarding            true
                    strip-vlan            false
                    promiscuous-mode      false

                    network-interface     srv1
                        name                    srv1
                        global-id               4
                        vlan                    0
                        type                    external
                        conductor               false
                        prioritization-mode     local
                        source-nat              false
                        qp-value                0
                        mtu                     1500
                        enforced-mss            disabled

                        address                 192.168.64.1
                            ip-address     192.168.64.1
                            prefix-length  24
                        exit
                        icmp                    allow
                        multicast-listeners     automatic
                        multicast-report-proxy  false
                        dhcp                    disabled
                        prefix-delegation       false
                    exit
                exit
            exit
        exit

        tenant             _internal_
            name         _internal_
            description  "Auto generated tenant for internal services"
            generated    true
        exit

        service            webserver
            name     webserver
            scope    public
            address  172.16.128.2/32
        exit

        service            _conductor_1
            name                     _conductor_1
            enabled                  true
            scope                    private
            tap-multiplexing         false

            transport                icmp
                protocol  icmp
            exit

            transport                tcp
                protocol    tcp

                port-range  443
                    start-port  443
                    end-port    443
                exit

                port-range  930
                    start-port  930
                    end-port    930
                exit

                port-range  4505
                    start-port  4505
                    end-port    4505
                exit

                port-range  4506
                    start-port  4506
                    end-port    4506
                exit
            exit
            address                  192.168.7.99/32
            access-policy-generated  true

            access-policy            _internal_
                source      _internal_
                permission  allow
            exit
            service-policy           _conductor_
            share-service-routes     false
            source-nat               network-interface
            application-type         generic
            fqdn-resolution-type     v4
            generated                true
        exit

        service-policy     _conductor_
            name                         _conductor_
            description                  "Auto generated service-policy for conductor services"
            lb-strategy                  proportional
            session-resiliency           none
            path-quality-filter          false
            best-effort                  true
            max-loss                     0.5
            max-latency                  250
            max-jitter                   100
            transport-state-enforcement  reset
            generated                    true
            ingress-source-nat           network-interface
        exit
    exit
exit

admin@node1.seabo1# 


Conductor Web GUIConfigure Static Route
create a RI

configuration > Authority > Router: seabo1 

ADD Routing Instances

Type:  rt:default-instance 


Create a static toute

configuration > Authority > Router: seabo1 > Routing:  rt:default-instance 

ADD Static Routes: 

Destination: 172.16.128.2/32

Administrative Distance: 1

Create a 

configuration > Authority > Router: seabo1 > Routing:  rt:default-instance > Static Route: 172.16.128.2/32

ADD Static Route Next Hop List:  10.0.128.1


Router configuration


Code Block
titlerouter config
collapsetrue
admin@node1.seabo1# show config running 

config

    authority
        name               CompanyX
        conductor-address  192.168.7.99
        . . . 
        router             seabo1
            name                  seabo1
            location              Sea
            location-coordinates  +47.6062-122.3321/
            . . . 

            routing               default-instance
                type          default-instance

                static-route  172.16.128.2/32 1
                    destination-prefix  172.16.128.2/32
                    distance            1
                    next-hop            10.0.128.1
                exit
            exit
        exit




View FIB


Image Added




Add Access Policy to Service

check the tenant: corp


configuration > Authority > Tenants

Image Added

Policy

configuration > Authority > Service: webserver

ADD Access Polices

Source: corp  ( tenant )

Permission: Allow


Image Added

Branch ClientVerify Connectivity
Shellping 172.16.128.2
Web Browserhttp://172.16.128.2



Image Added
Conductor Web GUI


Image Added





Configure Service Routes and Use SVR
need to move to 6.1


Image Added


Configure Service Route
create Service route

configuration > Authority > Router: seabo1 

ADD Service Routes:

Name:  webserver-route


configuration > Authority > Router: seabo1 > Service Route: webserver-route

Service Name: webserver

Service Route Type: Peer Service Route

Peer: bosdc1



Image Added



Remove Static Route

configuration > Authority > Router: seabo1 > Routing:  rt:default-instance

DELETE  Static Route: 172.16.128.2/32





View FIB

Image Added




Set Service to Private

configuration > Authority > Services: webserver

Scope: Private



Image Added

Branch ClientVerify Connectivity