Provides configuration options for fall back or restrict behavior when traffic travels through a service chain.
You can configure fall back or restrict behavior for traffic that travels through a service chain.
When fallback is configured in the set service-chain action, traffic falls back to routing if a service chain goes down or if the TLOCs that are specified in a policy are not available.
When restrict is configured in the set service-chain action, packets are dropped if a service chain goes down or if the TLOCs that are specified in a policy are not available. The restrict behavior is suitable for security services such as a firewall.
Fall back and restrict can be specified in a centralized data policy (remote or collocated) and an interface ACL.
If an egress ACL is used to direct traffic to a service chain, all packets continue to the destination even if the restrict behavior is configured because the forwarding decision is made before the state of the service chain is detected.