Configuration Options
Using traffic diversion in service provider environment
FortiDDoS v3.2 Installation Guide
28-320-183686-20130401
27
•
Router configuration for diversion
vlan internal allocation policy ascending
!
interface GigabitEthernet1/0/1
no switchport
no ip address
!
interface GigabitEthernet1/0/2
switchport access vlan 3
switchport trunk encapsulation dot1q
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
switchport access vlan 2
!
interface GigabitEthernet1/0/11
ip address 10.100.0.250 255.255.255.0
no ip directed-broadcast
ip policy route-map FDD-X00A-PBR
!
interface GigabitEthernet1/0/12
!
interface Vlan2
ip address 10.1.0.251 255.255.255.0
!
interface Vlan3
ip address 192.168.100.51 255.255.255.0
!
!
ip classless
ip route 207.117.1.0 255.255.255.0 10.1.0.250
!
!
ip access-list extended zone-A
permit ip any 207.117.0.0 0.0.0.255
!
route-map FDD-X00A-PBR permit 100
match ip address zone-A
set ip next-hop 10.200.0.254
Summary of Contents for FortiDDoS
Page 1: ...FortiDDoS v3 2 Installation Guide ...
Page 37: ......