BestHub
Sign in
Operations 10 min read

Huawei Router Configuration for Automatic ISP Traffic Separation and Failover

This guide explains how to configure a Huawei router to automatically differentiate China Telecom and China Unicom traffic, route each to its respective ISP, and enable seamless failover to the Telecom line if the Unicom link fails, using NAT, ACLs, and policy routing.

Practical DevOps Architecture
Practical DevOps Architecture
Practical DevOps Architecture
Huawei Router Configuration for Automatic ISP Traffic Separation and Failover

Purpose: The router automatically distinguishes China Unicom traffic from China Telecom traffic, directs visits to Unicom sites via the Unicom line and Telecom sites via the Telecom line, and switches all traffic to the Telecom line if the Unicom line fails, ensuring uninterrupted network access.

[Huawei]interface Ethernet1/0
[Huawei-Ethernet1/0]ip address 221.208.250.54 255.255.255.248
[Huawei]interface ethernet2/0
[Huawei-Ethernet2/0]ip address 219.147.130.240 255.255.255.248
[Huawei]interface Ethernet3/0
[Huawei-Ethernet3/0]ip address 192.168.1.1 255.255.255.0
[Huawei]acl number 2000
[Huawei-acl-adv-3100]rule 0 permit source 192.168.0.0 0.0.0.255
[Huawei]interface Ethernet1/0
[Huawei-Ethernet1/0]nat outbound 2000
[Huawei]interface ethernet2/0
[Huawei-Ethernet2/0]nat outbound 2000

Define the destination address ranges for Unicom and apply policy routing to the LAN interface.

[Huawei]acl number3100
[Huawei-acl-adv-3100]rule 0 permit ip destination 60.0.0.0 0.7.255.255
... (rules 1 through 95 omitted for brevity, each wrapped in <code> tags) ...
[Huawei]route-policy auto permit node 1
[Huawei-route-policy]if-match acl 3100
[Huawei-route-policy]apply ip-address next-hop 221.208.250.53
[Huawei]interface Ethernet3/0
[Huawei-Ethernet3/0]ip policy route-policy auto

Configure the default route to use the Telecom gateway.

ip route-static 0.0.0.0 0.0.0.0 219.147.130.239 preference 60
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

NATfailoverACLHuawei
Practical DevOps Architecture
Written by

Practical DevOps Architecture

Hands‑on DevOps operations using Docker, K8s, Jenkins, and Ansible—empowering ops professionals to grow together through sharing, discussion, knowledge consolidation, and continuous improvement.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment