Configuring route policies

The 7210 SAS devices support route policies to allow users to enable IGMP group membership report filtering. IGMP group membership report filtering allows the user to configure rules which can be used to restrict the IGMP groups that subscribers/hosts can enroll to. This is achieved by using route policies that specify the set of hosts whose group membership reports are to be accepted (and further processed appropriately by the system) or rejected.

There are no default route policies. Each policy must be created explicitly. Policy parameters are modifiable.

Policy statements

Route policies contain policy statements containing ordered entries containing match conditions and actions you specify. The entries should be sequenced from the most explicit to least explicit. IGMP group membership report processing can be implemented according to your defined policies. Policy-based routing allows you to dictate whether to process or drop the traffic. Route policies can match a specific route policy entry and continue searching for other matches within the same route policy.

The process can stop when the first complete match is found and executes the action defined in the entry, either to accept or reject packets that match the criteria or proceed to the next entry. You can specify matching criteria based on source or destination.

You can also provide more matching conditions by specifying criteria such as:

  • prefix list

    A named list of prefixes.

  • From criteria

    A source IP address and destination (for example, a destination IP multicast group address).

Default action behavior

The default action specifies how packets are to be processed when a policy related to the route is not explicitly configured. The default actions are applied in the following cases.

  • If a route policy does not specify a matching condition, all the routes being compared with the route policy are considered to be matches.

  • If a packet does not match any policy entries, then the next policy is evaluated. If a match does not occur then the last entry in the last policy is evaluated.

  • If no default action is specified, the default behavior of the protocol controls whether the routes match or not.

If a default action is defined for one or more of the configured route policies, then the default action is handled as follows:

  • The default action can be set to all available action states including accept, reject, next-entry, and next-policy.

  • If the action states accept or reject, the policy evaluation terminates and the appropriate result is returned.

  • If a default action is defined and no matches occurred with the entries in the policy, the default action is used.

  • If a default action is defined and one or more matches occurred with the entries of the policy, the default action is not used.

Denied IP prefixes

The following IP address prefixes are not allowed by the routing protocols and the Route Table Manager and are not be populated within the forwarding table:

  • 0.0.0.0/8 or longer

  • 127.0.0.0/8 or longer

  • 224.0.0.0/4 or longer

  • 240.0.0.0/4 or longer

Any other prefixes that need to be filtered can be filtered explicitly using route policies.

When to use route policies

Configure and apply unique route policies when you want unique behaviors to control route characteristics; for example, change the route preference.