Configuring NextHop List

You can configure Microbranch to forward packets to the NextHop devices using policy-based routing (PBR Policy-based Routing. PBR provides a flexible mechanism for forwarding data packets based on polices configured by a network administrator.). With the NextHop list, the administrators can ensure that when the NextHop device becomes unreachable, the packets matching the policy can still reach their destination.

To define a NextHop list, complete the following steps:

  1. In the Aruba Central app, set the filter to a Microbranch group that contains at least one AP.

    The dashboard context for a group is displayed.

  2. Under Manage, click Devices > Access Points.
  3. Click the Config icon.

    The Microbranch group configuration page is displayed.

  4. Click Tunnels & Routing > NextHop List.

    The NextHop Configuration page is displayed with Name and Preemptive Failover.

  5. Click + below the NextHop Configuration table to create a new NextHop destination and configure the following parameters:

    Table 1: Routing Rule Parameters

    Parameters

    Description

    Name

    Name of the new NextHop list. Ensure the name does not exceed 127 characters. You cannot edit the name of the NextHop list after creating a NextHop list.

     

    Preemptive-failover

    If Preemptive-failover is disabled and the highest-priority device on the NextHop list is disabled, the new primary NextHop device functions as the primary device even when the initial device comes back online. Preemptive-failover is enabled by default.

    NOTE: Enable the Preemptive failover for Zscaler tunnels.

    IP Address

    Configure the following parameters:

    IP Address—IP address of the NextHop device.

    Priority—Priority of the NextHop device. The default value is 128.

    If the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. gets an IP address using DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  and the default gateway is determined by the VLAN interface, the gateway IP is used as the NextHop IP address.

    DHCP

    Configure the following parameters:

    VLAN ID—VLAN id of the VLAN used by NextHop device.

    Priority—Priority of the NextHop device. The default value is 128.

    NOTE: Priorities of NextHops define which NextHop should get a higher priority to carry the session traffic. A higher number indicates a higher priority (1 – 255). If two NextHops have the same priority, they will be load-balanced.

    IPSec Map to VPNC

    Using this option, configure the NextHop list as IPSec Map to VPNC. Configure the following parameters:

    Cluster—Select a gateway cluster from the drop-down list.

    VPNC—Select a VPNC from the drop-down list.

    Uplink Tag—Select a Uplink from the drop-down list.

    Priority—Priority of the NextHop device. The default value is 128.

    For more information on configuring Cluster and VPNCs, refer Configuring Data Center VPNCs. For more information on configuring Uplink tag, refer Configuring the WAN Uplink.

    IPSec Map

    Using this option, configure the NextHop list to IPSec Map. Configure the following parameters:

    IPSec Map—Select the applicable IPSec map in the IPSec map name drop-down list. For more information on Zscaler IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. map, refer to Microbranch Integration with Zscaler through Cloud Connect Service.

    Priority—Priority of the NextHop device. The default value is 128.

  6. Click Save.

    A maximum of 24 NextHop list per group and 16 route per NextHop list can be added.

  7. (Optional) To enable or disable Preemptive -failover, do one of the following:
    • Select the NextHop list that you want to edit and then click the edit icon.
    • Select the NextHop list route row that you want to edit and then click the edit icon.
  8. (Optional) Click Save.