Route policies
This chapter provides information about configuring route policies.
Configuring route policies
The 7210 SAS supports two databases for routing information. The routing database is composed of the routing information learned by the routing protocols. The forwarding database is composed of the routes actually used to forward traffic through a router. In addition, link state databases are maintained by interior gateway protocols (IGPs), such as IS-IS and OSPF.
Routing protocols calculate the best route to each destination and place these routes in a forwarding table. The routes in the forwarding table are used to forward routing protocol traffic, sending advertisements to neighbors and peers.
A routing policy can be configured that will not place routes associated with a specific origin in the routing table. Those routes will not be used to forward data packets to the intended destinations and the routes are not advertised by the routing protocol to neighbors and peers.
Routing policies control the size and content of the routing tables, the routes that are advertised, and the best route to take to reach a destination. Careful planning is essential to implement route policies that can affect the flow of routing information or packets in and traversing through the router. Before configuring and applying a route policy, develop an overall plan and strategy to accomplish your intended routing actions.
There are no default route policies. Each policy must be created explicitly and applied to a routing protocol or to the forwarding table. Policy parameters are modifiable.
Policy statements
Route policies contain policy statements containing ordered entries containing match conditions and actions you specify. The entries should be sequenced from the most explicit to least explicit. Packet forwarding and routing can be implemented according to your defined policies. Policy-based routing allows you to dictate where traffic can be routed, through specific paths, or whether to forward or drop the traffic. Route policies can match a specific route policy entry and continue searching for other matches within either the same route policy or the next route policy.
The process can stop when the first complete match is found and executes the action defined in the entry, either to accept or reject packets that match the criteria or proceed to the next entry or the next policy. You can specify matching criteria based on source, destination, or particular properties of a route. Route policies can be constructed to support multiple stages to the evaluation and setting various route attributes. You can also provide more matching conditions by specifying criteria, such as:
prefix list - a named list of prefixes
To and From criteria - a route’s source and destination
Default action behavior
The default action specifies how packets are to be processed when a policy related to the route is not explicitly configured. The following default actions are applied in the event that:
A route policy does not specify a matching condition, all the routes being compared with the route policy are considered to be matches.
A packet does not match any policy entries, then the next policy is evaluated. If a match does not occur then the last entry in the last policy is evaluated.
If no default action is specified, the default behavior of the protocol controls whether the routes match or not.
If a default action is defined for one or more of the configured route policies, then the default action is handled as follows:
The default action can be set to all available action states including accept, reject, next-entry, and next-policy.
If the action states accept or reject, then the policy evaluation terminates and the appropriate result is returned.
If a default action is defined and no matches occurred with the entries in the policy, then the default action is used.
If a default action is defined and one or more matches occurred with the entries of the policy, then the default action is not used.
Denied IP prefixes
The following IP address prefixes are not allowed by the routing protocols and the Route Table Manager and are not be populated within the forwarding table:
0.0.0.0/8 or longer
127.0.0.0/8 or longer
224.0.0.0/4 or longer
240.0.0.0/4 or longer
Any other prefixes that need to be filtered can be filtered explicitly using route policies.
Controlling route flapping
Route damping is a controlled acceptance of unstable routes from BGP peers so that any ripple effect caused by route flapping across BGP AS border routers is minimized. The motive is to delay the use of unstable routes (flapping routes) to forward data and advertisements until the route stabilizes.
Nokia implementation of route damping is based on the following parameters:
Figure of Merit
A route is assigned a Figure of Merit (FoM), proportional to the frequency of flaps. FoM should be able to characterize a route’s behavior over a period of time.
route flap
A route flap is not limited to the withdrawn route. It also applies to any change in the AS path or the next hop of a reachable route. A change in AS path or next hop indicates that the intermediate AS or the route-advertising peer is not suppressing flapping routes at the source or during the propagation. Even if the route is accepted as a stable route, the data packets destined for the route could experience unstable routing because of the unstable AS path or next hop.
suppress threshold
The threshold is a configured value that, when exceeded, the route is suppressed and not advertised to other peers. The state is considered to be down from the perspective of the routing protocol.
reuse threshold
When FoM value falls below a configured reuse threshold and the route is still reachable, the route is advertised to other peers. The FoM value decays exponentially after a route is suppressed. This requires the BGP implementation to decay thousands of routes from a misbehaving peer.
Events that could trigger the route flapping algorithm are:
route flapping
If a route flap is detected within a configured maximum route flap history time, the route’s FoM is initialized and the route is marked as a potentially unstable route. Every time a route flaps, the FoM is increased and the route is suppressed if the FoM crosses the suppress threshold.
route reuse timer trigger
A suppressed route’s FoM decays exponentially. When it crosses the reuse threshold, the route is eligible for advertisement if it is still reachable.
If the route continues to flap, the FoM, with respect to time scale, looks like a sawtooth waveform with the exponential rise and decay of FoM. To control flapping, the following parameters can be configured:
half-life
The half life value is the time, expressed in minutes, required for a route to remain stable in order for one half of the FoM value to be reduced. For example, if the half life value is 6 (minutes) and the route remains stable for 6 minutes, then the new FoM value is 3. After another 6 minutes passes and the route remains stable, the new FoM value is 1.5.
max-suppress
The maximum suppression time, expressed in minutes, is the maximum amount of time that a route can remain suppressed.
suppress
If the FoM value exceeds the configured integer value, the route is suppressed for use or inclusion in advertisements.
reuse
If the suppress value falls below the configured reuse value, then the route can be reused.
Regular expressions
The ability to perform a filter match on confederations in the AS-PATH is supported. This feature allows customers to configure match criteria for specific confederation sets and sequences within the AS path so that they can be filtered out before cluttering the service provider’s routing information base (RIB).
7210 SAS uses regular expression strings to specify match criteria for:
an AS path string; for example, ‟100 200 300”
a community string; for example, ‟100:200” where 100 is the ASN, and 200 is the community-value
any AS path beginning with a confederation SET or SEQ containing 65001 and 65002 only: for example ‟< 65001 65002 >*”
any AS path containing a confederation SET or SEQ, regardless of the contents: for example, ‟.* <.*> .*”
A regular expression is expressed in terms of terms and operators. A term for an AS path regular expression is:
Regular expressions should always be enclosed in quotes.
An elementary term; for example, an ASN ‟200”.
A range term composed of two elementary terms separated by the ‛-’ character like ‟200-300”.
The '.' dot wild-card character which matches any elementary term.
A regular expression enclosed in parenthesis ‟( )”.
A regular expression enclosed in square brackets used to specify a set of choices of elementary or range terms; for example. [100-300 400] matches any ASN between 100 and 300 or the ASN 400.
A term for a community string regular expression is a string that is evaluated character by character and is composed of:
an elementary term which for a community string is any single digit like ‟4”
a range term composed of two elementary terms separated by the ‛-’ character like ‟2-3”
a colon ':' to delimit the ASN from the community value
the '.' dot wild-card character which matches any elementary term or ':'
a regular expression enclosed in parenthesis ‟( )”
a regular expression enclosed in square brackets used to specify a set of choices of elementary or range terms; for example, [1-37] matches any single digit between 1 and 3 or the digit 7
The regular expression operators are listed in the following table.
Operator |
Description |
---|---|
|
Matches the term on alternate sides of the pipe. |
|
Matches multiple occurrences of the term. |
|
Matches 0 or 1 occurrence of the term. |
|
Matches 1 or more occurrence of the term. |
|
Used to parenthesize so a regular expression is considered as one term. |
|
Used to demarcate a set of elementary or range terms. |
|
Used between the start and end of a range. |
|
Matches least |
|
Matches exactly |
|
Matches |
|
Matches the beginning of the string - only allowed for communities. |
|
Matches the end of the string - only allowed for communities. |
|
An escape character to indicate that the following character is a match criteria and not a grouping delimiter. |
Examples of AS path and community string regular expressions are listed in the following table.
AS path to match criteria |
Regular expression |
Example matches |
---|---|---|
Null AS path |
|
Null AS path |
AS path is 11 |
|
11 |
AS path is 11 22 33 |
|
11 22 33 |
Zero or more occurrences of ASN 11 |
|
Null AS path 11 11 11 11 11 11 11 … 11 |
Path of any length that begins with AS numbers 11, 22, 33 |
|
11 22 33 11 22 33 400 500 600 |
Path of any length that ends with AS numbers 44, 55, 66 |
|
44 55 66 100 44 55 66 100 200 44 55 66 100 200 300 44 55 66 100 200 300 … 44 55 66 |
One occurrence of the AS numbers 100 and 200, followed by one or more occurrences of the number 33 |
|
100 200 33 100 200 33 33 100 200 33 33 33 100 200 33 33 33 … 33 |
One or more occurrences of ASN 11, followed by one or more occurrences of ASN 22, followed by one or more occurrences of ASN 33 |
|
11 22 33 11 11 22 33 11 11 22 22 33 11 11 22 22 33 33 11 … 11 22 … 22 33 …33 |
Path whose second ASN must be 11 or 22 |
or
|
100 11 200 22 300 400 … |
Path of length one or two whose second ASN might be 11 or 22 |
|
100 200 11 300 22 |
Path whose first ASN is 100 and second ASN is either 11 or 22 |
|
100 11 100 22 200 300 |
Either AS path 11, 22, or 33 |
|
11 22 33 |
Range of AS numbers to match a single ASN |
|
10 or 11 or 12 or 13 or 14 |
|
Null AS path 10 or 11 or 12 10 10 or 10 11 or 10 12 11 10 or 11 11 or 11 12 12 10 or 12 11 or 12 12 … |
|
Zero or one occurrence of ASN 11 |
|
Null AS path 11 |
One through four occurrences of ASN 11 |
|
11 11 11 11 11 11 11 11 11 11 |
One through four occurrences of ASN 11 followed by one occurrence of ASN 22 |
|
11 22 11 11 22 11 11 11 22 11 11 11 11 22 |
Path of any length, except nonexistent, whose second ASN can be anything, including nonexistent |
|
100 100 200 11 22 33 44 55 |
ASN is 100. Community value is 200. |
|
100:200 |
ASN is 11 or 22. Community value is any number. |
|
11:100 22:100 11:200 … |
ASN is 11. Community value is any number that starts with 1. |
|
11:1 11:100 11:1100 … |
ASN is any number. Community value is any number that ends with 1, 2, or 3. |
|
11:1 100:2002 333:55553 … |
ASN is 11 or 22. Community value is any number that starts with 3 and ends with 4, 5 or 9. |
|
11:34 22:3335 11:3777779 … |
ASN is 11 or 22. Community value ends in 33 or 44. |
|
11:33 22:99944 22:555533 … |
null
keyword matches an empty AS
path.BGP and OSPF route policy support
BGP and OSPF requires route policy support. BGP route policy diagram and OSPF route policy diagram show where route policies are evaluated in the protocol. BGP route policy diagram shows BGP which applies a route policy as an internal part of the BGP route selection process. OSPF route policy diagram shows OSPF which applies routing policies at the edge of the protocol, to control only the routes that are announced to or accepted from the Route Table Manager (RTM).
BGP route policies
The Nokia implementation of BGP uses route policies extensively. The implied or default route policies can be overridden by customized route policies. The default BGP properties, with no route policies configured, behave as follows:
Accept all BGP routes into the RTM for consideration.
Announce all used BGP learned routes to other BGP peers
Announce none of the IGP, static or local routes to BGP peers.
The following figure shows the OSPF route policy.
Re-advertised route policies
Occasionally, BGP routes may be readvertised from BGP into OSPF, IS-IS. OSPF export policies control which routes are exported to OSPF) are not handled by the main OSPF task but are handled by a separate task or an RTM task that filters the routes before they are presented to the main OSPF task.
When to use route policies
The following are examples of circumstances of when to configure and apply unique route policies:
When you want to control the protocol to allow all routes to be imported into the routing table. This enables the routing table to learn about particular routes to enable packet forwarding and redistributing packets into other routing protocols.
When you want to control the exporting of a protocol’s learned active routes.
When you want a routing protocol to announce active routes learned from another routing protocol, which is sometimes called route redistribution.
Route policies can be used to filter IGMP membership reports from specific hosts and/or specific multicast groups.
When you want unique behaviors to control route characteristics. For example, change the route preference.
When you want unique behaviors to control route characteristics. For example, change the route preference, AS path, or community values to manipulate the control the route selection.
When you want to control BGP route flapping (damping).
Route policy configuration process overview
The following figure shows the process to provision basic route policy parameters.
Configuration notes
This section describes route policy configuration caveats.
General
When configuring policy statements, the policy statement name must be unique.
Configuring route policies with CLI
This section provides information to configure route policies using the command line interface.
Route policy configuration overview
Route policies allow you to configure routing according to specifically defined policies. You can create policies and entries to allow or deny paths based on various parameters such as destination address.
Policies can be as simple or complex as required. A simple policy can block routes for a specific location or IP address. More complex policies can be configured using numerous policy statement entries containing matching conditions to specify whether to accept or reject the route, control how a series of policies are evaluated, and manipulate the characteristics associated with a route.
When to create routing policies
Route policies are created in the config>router context. There are no default route policies. Each route policy must be explicitly created and applied. Applying route policies can introduce more efficiency as well as more complexity to 7210 SAS routers’ capabilities.
A route policy impacts the flow of routing information or packets within and through the router. A routing policy can be specified to prevent a particular customer’s routes to be placed in the route table which causes those routes to not forward traffic to various destinations and the routes are not advertised by the routing protocol to neighbors.
Route policies can be created to control the following:
a protocol to export all the active routes learned by that protocol
route characteristics to control which route is selected to act as the active route to reach a destination and advertise the route to neighbors
protocol to import all routes into the routing table; a routing table must learn about particular routes to be able to forward packets and redistribute to other routing protocols
to filter IGMP membership reports from specific hosts and/or specific multicast groups
damping
Before a route policy is applied, analyze the policy’s purpose and be aware of the results (and consequences) when packets match the specified criteria and the associated actions and default actions, if specified, are executed. Membership reports can be filtered based on a specific source address.
Default route policy actions
Each routing protocol has default behaviors for the import and export of routing information. The following table describes the default behavior for each routing protocol.
Protocol |
Import |
Export |
---|---|---|
OSPF |
Not applicable. All OSPF routes are accepted from OSPF neighbors and cannot be controlled via route policies. |
|
IS-IS |
Not applicable. All IS-IS routes are accepted from IS-IS neighbors and can not be controlled via route policies |
|
BGP |
By default, all routes from BGP. |
|
Policy evaluation
Routing policy statements can consist of as few as one or several entries. The entries specify the matching criteria. A route is compared to the first entry in the policy statement. If it matches, the specified entry action is taken, either accepted or rejected. If the action is to accept or reject the route, that action is taken and the evaluation of the route ends.
If the route does not match the first entry, the route is compared to the next entry (if more than one is configured) in the policy statement. If there is a match with the second entry, the specified action is taken. If the action is to accept or reject the route, that action is taken and the evaluation of the route ends, and so on.
Each route policy statement can have a default-action clause defined. If a default-action is defined for one or more of the configured route policies, then the default actions should be handled in the following ways:
The process stops when the first complete match is found and executes the action defined in the entry.
If the packet does not match any of the entries, the system executes the default action specified in the policy statement.
The following figure shows an example of the route policy process.
Route policies can also match a specific route policy entry and continue to search for other entries within either the same route policy or the next route policy by specifying the next-entry or next-policy option in the entry’s action command. Policies can be constructed to support multiple states to the evaluation and setting of various route attributes.
Damping
Damping initiates controls when routes flap. Route flapping can occur when an advertised route between nodes alternates (flaps) back and forth between two paths due to network problems which cause intermittent route failures. It is necessary to reduce the amount of routing state change updates propagated to limit processing requirements. Therefore, when a route flaps beyond a configured value (the suppress value), then that route is removed from the routing tables and routing protocols until the value falls below the reuse value.
A route can be suppressed according to the Figure of Merit (FoM) value. The FoM is a value that is added to a route each time it flaps. A new route begins with an FoM value of 0.
Damping is optional. If damping is configured, the following parameter values must be explicitly specified as there are no default values:
When a route's FoM value exceeds the suppress value, then the route is removed from the routing table. The route is considered to be stable when the FoM drops below the reuse value by means of the specified half life parameter. The route is returned to the routing tables. When routes have higher FoM and half life values, they are suppressed for longer periods of time. The following figure shows an example of a flapping route, the suppress threshold, the half life decay (time), and reuse threshold. The peaks represent route flaps, the slopes represent half life decay.
Basic configurations
This section provides information to configure route policies and configuration examples of common tasks. The minimal route policy parameters that need to be configured are:
policy statement with the following parameters specified:
at least one entry
entry action
Route policy configuration output
A:ALA-B>config>router>policy-options# info
----------------------------------------------
. . .
policy-statement "aggregate-customer-peer-only"
entry 1
from
community "all-customer-announce"
exit
action accept
exit
exit
default-action reject
exit
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
A:ALA-B>config>router>policy-options#info
----------------------------------------------
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group"
prefix 239.6.6.6/32 exact
exit
policy-statement "block-igmp"
description "Reject-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host"
exit
action next-entry
exit
exit
entry 2
from
group-address "group"
exit
action reject
exit
default-action accept
exit
exit
policy-statement "permit-igmp"
description "Accept-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host3"
group-address "group3"
exit
action accept
exit
exit
default-action reject
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Configuring route policy components
This section describes the CLI syntax used to configure route policy components.
Beginning the policy statement
Use the following syntax to begin a policy statement configuration. In order for a policy statement to be complete an entry must be specified (see Configuring an entry).
config>router>policy-options
begin
policy-statement name
description text
Error message
The following error message displays when the you try to modify a policy options command without entering begin first.
A:ALA-B>config>router>policy-options# policy-statement ‟allow all”
MINOR: CLI The policy-
options must be in edit mode by calling begin before any changes can be made.
Command usage
The following example displays policy statement configuration command usage. These commands are configured in the config>router context.
config>router# policy-options
policy-options# begin
There are no default policy statement options. All parameters must be explicitly configured.
Creating a route policy
To enter the mode to create or edit route policies, you must enter the begin keyword at the config>router>policy-options prompt. Other editing commands include:
The commit command saves changes made to route policies during a session.
The abort command discards changes that have been made to route policies during a session.
The following error message displays when the you try to modify a policy options command without entering begin first.
A:ALA-B>config>router>policy-options# policy-statement ‟allow all”
MINOR: CLI The policy-
options must be in edit mode by calling begin before any changes can
A:ALA-B>config>router>policy-options# info
#------------------------------------------
# Policy
#------------------------------------------
policy-options
begin
policy-statement "allow all"
description "General Policy"
...
exit
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Configuring a default action
Specifying a default action is optional. The default action controls those packets not matching any policy statement entries. If no default action is specified for the policy, then the action associated with the protocol to which the routing policy was applied is performed.
A policy statement must include at least one entry (see Configuring an entry).
To enter the mode to create or edit route policies, you must enter the begin keyword at the config>router>policy-options prompt. Other editing commands include:
The commit command saves changes made to route policies during a session.
The abort command discards changes that have been made to route policies during a session.
Configuring an entry
An entry action must be specified. The other parameters in the entry action context are optional. See Route policy command reference for the commands and syntax.
The following is a sample configuration output of entry parameters and includes the default action parameters which were displayed in Configuring a default action.
A:ALA-B>config>router>policy-options# info
----------------------------------------------
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group"
prefix 239.6.6.6/32 exact
exit
policy-statement "block-igmp"
description "Reject-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host"
exit
action next-entry
exit
exit
entry 2
from
group-address "group"
exit
action reject
exit
default-action accept
exit
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Configuring damping
-
For each damping profile, all parameters must be configured.
-
The suppress value must be greater than the reuse value (see Damping example).
-
Damping can be enabled in the config>router>bgp context on the BGP global, group, and neighbor levels. If damping is enabled, but route policy does not specify a damping profile, the default damping profile will be used. This profile is always present and consists of the following parameters:
half-life:
15 minutes
max-suppress:
60 minutes
suppress:
3000
reuse:
750
Damping configuration output
*A:cses-A13>config>router>policy-options# info
----------------------------------------------
damping "damptest123"
half-life 15
max-suppress 60
reuse 750
suppress 1000
exit
----------------------------------------------
*A:cses-A13>config>router>policy-options#
Configuring a prefix list
Prefix list configuration output
A:ALA-B>config>router>policy-options# info
----------------------------------------------
prefix-list "western"
prefix 10.10.0.1/32 exact
prefix 10.10.0.2/32 exact
prefix 10.10.0.3/32 exact
prefix 10.10.0.4/32 exact
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
A:ALA-B>config>router>policy-options# info
----------------------------------------------
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group"
prefix 239.6.6.6/32 exact
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Route policy configuration management tasks
This section describes the route policy configuration management tasks.
Editing policy statements and parameters
Route policy statements can be edited to modify, add, or delete parameters. To enter the mode to edit route policies, you must enter the begin keyword at the config>router>policy-options prompt. Other editing commands include:
The commit command saves changes made to route policies during a session.
The abort command discards changes that have been made to route policies during a session.
Changed configuration output
A:ALA-B>config>router>policy-options>policy-statement# info
----------------------------------------------
description "Level 1"
entry 1
to
neighbor 10.10.10.104
exit
action accept
exit
exit
entry 2
from
protocol ospf
exit
to
protocol ospf
neighbor 10.10.0.91
exit
action accept
exit
exit
entry 4
description "new entry"
from
protocol isis
area 0.0.0.20
exit
action reject
exit
default-action accept
metric set 10
exit
----------------------------------------------
A:ALA-B>config>router>policy-options# info
----------------------------------------------
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group1"
prefix 239.6.6.8/32 exact
exit
policy-statement "block-igmp"
description "Reject-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host"
exit
action next-entry
exit
exit
entry 2
from
group-address "group1"
exit
action reject
exit
default-action accept
exit
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Deleting an entry
Use the following syntax to delete a policy statement entry.
config>router>policy-options
begin
commit
abort
policy-statement name
no entry entry-id
Command usage to delete a policy statement entry
config>router>policy-options# begin
policy-options# policy-statement "1"
policy-options>policy-statement# no entry 4
policy-options>policy-statement# commit
Deleting a policy statement
Use the following syntax to delete a policy statement.
config>router>policy-options
begin
commit
abort
no policy-statement name
Command usage to delete a policy statement
config>router>policy-options# begin
policy-options# no policy-statement 1
policy-options# commit
Use of route policies for IGMP filtering
The following is a sample route policy configuration output for IGMP filtering. This policy needs to be configured with a SAP for filtering to take effect.
----------------------------------------------
A:ALA-B>config>router>policy-options#info
----------------------------------------------
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group"
prefix 239.6.6.6/32 exact
exit
policy-statement "block-igmp"
description "Reject-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host"
exit
action next-entry
exit
exit
entry 2
from
group-address "group"
exit
action reject
exit
default-action accept
exit
exit
policy-statement "permit-igmp"
description "Accept-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host3"
group-address "group3"
exit
action accept
exit
exit
default-action reject
exit
----------------------------------------------
A:ALA-B>config>router>policy-options#
Route policy command reference
Command hierarchies
Route policy configuration commands
config
- [no] router [router-name]
- [no] triggered-policy
- [no] policy-options
- abort
- as-path name expression regular-expression
- no as-path name
- begin
- commit
- community name members comm-id [comm-id … (up to 15 max)]
- no community name [members comm-id]
- [no] damping name
- half-life minutes
- no half-life
- max-suppress minutes
- no max-suppress
- reuse integer
- no reuse
- suppress integer
- no suppress
- [no] policy-statement name
- default-action {accept | next-entry | reject}
- no default-action
- aigp-metric metric
- aigp-metric metric add
- aigp-metric igp
- no aigp-metric
- as-path {add | replace} name
- no as-path
- as-path-prepend as-number [repeat]
- no as-path-prepend
- community {{add name [remove name]} | {remove name [add name]} | {replace name}}
- no community
- damping {name | none}
- no damping
- local-preference local-preference
- no local-preference
- metric {add | subtract | set} metric
- no metric
- [no] next-hop-self
- origin {igp | egp | incomplete}
- no origin
- preference preference
- tag
- type
- description description-string
- no description
- [no] entry entry-id
- action {accept | next-entry | next-policy | reject}
- no action
- aigp-metric metric
- aigp-metric metric add
- aigp-metric igp
- no aigp-metric
- as-path {add | replace} name
- no as-path
- as-path-prepend as-number [repeat]
- no as-path-prepend
- community {{add name [remove name]} | {remove name [add name]} | {replace name}}
- no community
- damping {name | none}
- no damping
- local-preference local-preference
- no local-preference
- metric {add | subtract | set} metric
- no metric
- [no] next-hop-self
- origin {igp | egp | incomplete}
- no origin
- [no] preference preference
- [no] tag
- [no] type
- description description-string
- no description
- [no] from
- [no] area
- [no] as-path name
- [no] as-path-group name
- as-pathcommunity name
- no as-pathcommunity
- [no] external
- family [ipv4] [vpn-ipv4][l2-vpn] [ms-pw] [route-target]
- no family
- group-address prefix-list-name
- no group-address
- [no] host-ip prefix-list-name
- prefix-list name [name...(up to 5 max)]
- no prefix-list
- level {1 | 2}
- no level
- neighbor {ip-address | prefix-list name}
- no neighbor
- source-address ip-address
- no source-address
- [no] protocol protocol [all | {instance instance}]
- [no] tag tag
- no tag
- type type
- no type
- [no] to
- level {1 | 2}
- no level
- neighbor {ip-address | prefix-list name}
- no neighbor
- [no] prefix-list name [name...(up to 5 max)]
- protocol protocol [all | {instance instance}]
- no protocol
config
- [no] router
- [no] policy-options
- [no] prefix-list name
- prefix ip-prefix/prefix-length [exact | longer | through length | prefix-length-range length1-length2]
- no prefix [ipv-prefix/prefix-length] [exact | longer | through length | prefix-length-range length1-length2]
Show commands
show
- router
- policy [name | prefix-list name | admin]
Command descriptions
Route policy command reference
Generic commands
abort
Syntax
abort
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command discards changes made to a route policy.
begin
Syntax
begin
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enters the mode to create or edit route policies.
commit
Syntax
commit
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command saves changes made to a route policy.
description
Syntax
description string
no description
Context
config>router>policy-options>policy-statement
config>router>policy-options>policy-statement>entry
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a text description, which is stored in the configuration file, to help identify the content of the entity.
The no form of this command removes the string from the configuration.
Parameters
- string
Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
Route policy options
as-path
Syntax
as-path name expression regular-expression
no as-path name
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a route policy autonomous system (AS) path regular expression statement to use in route policy entries.
The no form of this command deletes the AS path regular expression statement.
Parameters
- name
Specifies the AS path regular expression name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
- regular-expression
Specifies the AS path regular expression. Allowed values are any string up to 256 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. A value of null specifies the AS path expressed as an empty regular expression string.
community
Syntax
community name members comm-id [comm-id...(up to 15 max)]
no community name [members comm-id]
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a route policy community list to use in route policy entries.
The no form of this command deletes the community list or the provided community ID.
Default
no community
Parameters
- name
Specifies the community list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
- comm-id
Specifies the community ID. Note that up to 15 community ID strings can be specified up to a total maximum of 72 characters.
policy-options
Syntax
[no] policy-options
Context
config>router
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure route policies. Route policies are applied to the routing protocol used for IGMP group membership report filtering.
The no form of this command deletes the route policy configuration.
triggered-policy
Syntax
[no] triggered-policy
Context
config>router
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command triggers route policy re-evaluation.
By default, when a change is made to a policy in the config router policy options context and committed, the change is effective immediately. There may be circumstances when the changes should or must be delayed; for example, if a policy change is implemented that would affect every BGP peer on a 7210 SAS router, the consequences could be dramatic. It is more effective to control changes on a peer by peer basis.
If the triggered-policy command is enabled, a specific peer is established, and you want the peer to remain up, in order for a change to a route policy to take effect, a clear command with the soft or soft-inbound option must be used. That is, when a triggered-policy is enabled, any routine policy change or policy assignment change within the protocol will not take effect until the protocol is reset or a clear command is issued to re-evaluate route policies; for example, clear router bgp neighbor x.x.x.x soft. This keeps the peer up and the change made to a route policy is applied only to that peer, or group of peers.
Route policy damping commands
damping
Syntax
[no] damping name
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates the context to configure a route damping profile to use in route policy entries.
The no form of this command deletes the named route damping profile.
Parameters
- name
Specifies the damping profile name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
half-life
Syntax
half-life minutes
no half-life
Context
config>router>policy-options>damping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the half-life parameter for the route damping profile.
The half life value is the time, expressed in minutes, required for a route to remain stable for the Figure of Merit (FoM) value to be reduced by one half; for example, if the half life value is 6 (minutes) and the route remains stable for 6 minutes, the new FoM value is 3 (minutes). After another 3 minutes pass and the route remains stable, the new FoM value is 1.5 (minutes).
When the FoM value falls below the reuse threshold, the route is again considered valid and can be reused or included in route advertisements. No half life value is specified. The half life value must be explicitly configured.
The no form of this command removes the half life parameter from the damping profile.
Parameters
- minutes
Specifies the half life, in minutes, expressed as a decimal integer.
max-suppress
Syntax
max-suppress minutes
no max-suppress
Context
config>router>policy-options>damping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum suppression parameter for the route damping profile.
This value indicates the maximum time, expressed in minutes, that a route can remain suppressed.
The no form of this command removes the maximum suppression parameter from the damping profile.
Parameters
- minutes
Specifies the maximum suppression time, in minutes, expressed as a decimal integer.
reuse
Syntax
reuse integer
no reuse
Context
config>router>policy-options>damping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the reuse parameter for the route damping profile.
When the FoM value falls below the reuse threshold, the route is again considered valid and can be reused or included in route advertisements.
The no form of this command removes the reuse parameter from the damping profile.
Parameters
- integer
Specifies the reuse value, expressed as a decimal integer.
suppress
Syntax
suppress integer
no suppress
Context
config>router>policy-options>damping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the suppression parameter for the route policy damping profile.
A route is suppressed when it has flapped frequently enough to increase the FoM value to exceed the suppress threshold limit. When the FoM value exceeds the suppress threshold limit, the route is removed from the route table or inclusion in advertisements.
The no form of this command removes the suppress parameter from the damping profile.
Parameters
- integer
Specifies the suppress value, expressed as a decimal integer.
Route policy prefix commands
prefix-list
Syntax
[no] prefix-list name
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure a prefix list to use in route policy entries.
The no form of this command deletes the named prefix list.
Parameters
- name
Specifies the prefix list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
prefix
Syntax
[no] prefix [ipv-prefix/prefix-length] [exact | longer | through length | prefix-length-range length1-length2]
no prefix [ipv-prefix/prefix-length] [exact | longer | through length | prefix-length-range length1-length2]
Context
config>router>policy-options>prefix-list
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a prefix entry in the route policy prefix list.
The no form of this command deletes the prefix entry from the prefix list.
Parameters
- ip-prefix
Specifies the IP prefix for prefix list entry in dotted-decimal notation.
- exact
Specifies the prefix list entry only matches the route with the specified ip-prefix and prefix mask (length) values.
- longer
Specifies that the prefix list entry matches any route that matches the specified ip-prefix and prefix mask length values greater than the specified mask.
- through length
Specifies that the prefix list entry matches any route that matches the specified ip-prefix and has a prefix length between the specified length values inclusive.
- prefix-length-range length1-length2
Specifies a route must match the most significant bits and have a prefix length with the specified range. The range is inclusive of start and end values. The length2 value is greater than the length1 value.
Route policy entry match commands
entry
Syntax
entry entry-id
no entry
Context
config>router>policy-options>policy-statement
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context edit route policy entries within the route policy statement.
Multiple entries can be created using unique entries. The 7210 SAS exits the filter when the first match is found and executes the action specified. For this reason, entries must be sequenced correctly from most to least explicit.
An entry does not require that matching criteria be defined (in which case, everything matches), but must have at least an action defined to be considered complete. Entries without an action are considered incomplete and will be rendered inactive.
The no form of this command removes the specified entry from the route policy statement.
Parameters
- entry-id
Specifies the entry ID expressed as a decimal integer. An entry-id uniquely identifies match criteria and the corresponding action. Nokia recommends that multiple entries be specific entry-ids in staggered increments. This allows users to insert a new entry in an existing policy without requiring renumbering of all the existing entries.
from
Syntax
[no] from
Context
config>router>policy-options>policy-statement>entry
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure policy match criteria based on a route source or the protocol from which the route is received.
If no condition is specified, all route sources are considered to match.
The no form of this command deletes the source match criteria for the route policy statement entry.
family
Syntax
family [ipv4] [vpn-ipv4]
no family
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies address families as matching conditions.
Parameters
- ipv4
Specifies IPv4 routing information.
- vpn-ipv4
Specifies IPv4 VPN routing information.
area
Syntax
area area-id
no area
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures an OSPF area as a route policy match criterion.
This match criterion is only used in export policies.
All OSPF routes (internal and external) are matched using this criterion if the best path for the route is through the specified area.
The no form of this command removes the OSPF area match criterion.
Parameters
- area-id
Specifies the OSPF area ID, expressed in dotted-decimal notation or as a 32-bit decimal integer.
aigp-metric
Syntax
aigp-metric metric
aigp-metric metric add
aigp-metric igp
no aigp-metric
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns a BGP AIGP metric to routes matching the entry. The effect of this command on a route matched and accepted by a route policy entry depends on how the policy is applied (BGP import policy versus BGP export policy), the type of route, and the specific form of this command.
In a BGP import policy, this command is used to:
associate an AIGP metric with an iBGP route received with an empty AS path and no AIGP attribute
associate an AIGP metric with an eBGP route received without an AIGP attribute that has an AS path containing only AS numbers belonging to the local AIGP administrative domain
modify the received AIGP metric value prior to BGP path selection
In a BGP export policy, this command is used to:
add the AIGP attribute and set the AIGP metric value in a BGP route originated by exporting a direct, static, or IGP route from the routing table
remove the AIGP attribute from a route advertisement to a specific peer
modify the AIGP metric value in a route advertisement to a specific peer
The no form of this command removes the AIGP attribute and any explicit AIGP metric value changes that were previously configured using this command.
Default
no aigp-metric
Parameters
- add
Keyword to add the AIGP attribute.
- igp
Keyword to set the AIGP metric value to the IGP metric value.
- metric
Specifies the AIGP metric value.
as-path
Syntax
as-path name
no as-path
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures an AS path regular expression statement as a match criterion for the route policy entry.
If no AS path criterion is specified, any AS path is considered to match.
AS path regular expression statements are configured at the global route policy level (config>router>policy-options>as-path).
The no form of this command removes the AS path regular expression statement as a match criterion.
Default
no as-path
Parameters
- name
Specifies the AS path regular expression name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Policy parameters must be enclosed by at-signs (@) and may be midstring; for example, "@variable@," "start@variable@end"," @variable@end", or "start@variable@".
as-path-group
Syntax
as-path-group name
no as-path-group name
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a route policy AS path regular expression statement to use in route policy entries.
The no form of this command deletes the AS path regular expression statement.
Parameters
- name
Specifies the AS path regular expression name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Policy parameters must be enclosed by at-signs (@) and may be midstring; for example, "@variable@," "start@variable@end"," @variable@end", or "start@variable@".
community
Syntax
community name
no community
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a community list as a match criterion for the route policy entry.
If no community list is specified, any community is considered a match.
The no form of this command removes the community list match criterion.
Default
no community
Parameters
- name
Specifies the community list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The name specified must already be defined.
external
Syntax
[no] external
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the external route matching criteria for the entry.
Default
no external
group-address
Syntax
group-address prefix-list-name
no group-address
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the multicast group address prefix list containing multicast group addresses that are embedded in the join or prune packet as a filter criterion. The prefix list must be configured before entering this command. Prefix lists are configured in the config>router>policy-options>prefix-list context.
The no form of this command removes the criterion from the configuration.
Default
no group-address
Parameters
- prefix-list-name
Specifies the prefix list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The prefix-list-name is defined in the config>router>policy-options>prefix-list context.
host-ip
Syntax
host-ip prefix-list-name
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies a prefix list host IP address as a match criterion for the route policy statement entry.
Default
no host-ip
Parameters
- prefix-list-name
Specifies the prefix list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The prefix-list-name is defined in the config>router>policy-options>prefix-list context.
interface
Syntax
interface interface-name
no interface
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the router interface, specified either by name or address, as a filter criterion.
The no form of this command removes the criterion from the configuration.
Default
no interface
Parameters
- ip-int-name
Specifies the name of the interface as a match criterion for this entry. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
level
Syntax
level {1 | 2}
no level
Context
config>router>policy-options>policy-statement>entry>from
config>router>policy-options>policy-statement>entry>to
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the IS-IS route level as a match criterion for the entry.
Default
no level
Parameters
- 1 | 2
Keyword to match the IS-IS route learned from level 1 or level 2.
neighbor
Syntax
neighbor {ip-address | prefix-list name}
no neighbor
Context
config>router>policy-options>policy-statement>entry>to
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the neighbor address as found in the source address of the actual join and prune message as a filter criterion. If no neighbor is specified, any neighbor is considered a match.
The no form of the of the command removes the neighbor IP match criterion from the configuration.
Default
no neighbor
Parameters
- ip-address
Specifies the neighbor IP address in dotted-decimal notation.
- prefix-list name
Specifies the prefix list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The name specified must already be defined.
origin
Syntax
origin {igp | egp | incomplete | any}
no origin
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a BGP origin attribute as a match criterion for a route policy statement entry.
If no origin attribute is specified, any BGP origin attribute is considered a match.
The no form of this command removes the BGP origin attribute match criterion.
Default
no origin
Parameters
- igp
Keyword to configure matching path information originating within the local AS.
- egp
Keyword to configure matching path information originating in another AS.
- incomplete
Keyword to configure matching path information learned by another method.
- any
Keyword to ignore this criteria.
policy-statement
Syntax
[no] policy-statement name
Context
config>router>policy-options
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure a route policy statement.
Route policy statements enable appropriate processing of IGMP group membership reports received from hosts. The processing action taken is determined by the action associated with the entries configured in the policy statement.
The policy-statement is a logical grouping of match and action criteria.
The no form of this command deletes the policy statement.
Default
no policy-statement
Parameters
- name
Specifies the route policy statement name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
prefix-list
Syntax
prefix-list name [name...(up to 5 max)]
no prefix-list
Context
config>router>policy-options>policy-statement>entry>from
config>router>policy-options>policy-statement>entry>to
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a prefix list as a match criterion for a route policy statement entry.
If no prefix list is specified, any network prefix is considered a match.
The prefix lists specify the network prefix (this includes the prefix and length) a specific policy entry applies.
A maximum of five prefix names can be specified.
The no form of this command removes the prefix list match criterion.
Default
no prefix-list
Parameters
- name
Specifies the prefix list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
protocol
Syntax
protocol protocol [all | {instance instance}]
no protocol
Context
config>router>policy-options>policy-statement>entry>from
config>router>policy-options>policy-statement>entry>to
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a routing protocol as a match criterion for a route policy statement entry. This command is used for both import and export policies depending how it is used.
If no protocol criterion is specified, any protocol is considered a match.
The no form of this command removes the protocol match criterion.
Default
no protocol
Parameters
- protocol
Specifies the protocol name to match on.
- instance
Specifies the OSPF or IS-IS instance.
- all
OSPF- or IS-IS-only keyword.
source-address
Syntax
source-address ip-address
no source-address
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the source address that is embedded in the join or prune packet as a filter criterion.
The no form of this command removes the criterion from the configuration.
This command specifies a multicast data source address as a match criterion for this entry.
Parameters
- ip-address
Specifies the IP prefix for the IP match criterion in dotted-decimal notation.
ipv4-address - a.b.c.d
tag
Syntax
tag tag
no tag
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds an integer tag to the static route. These tags are then matched on to control route redistribution.
The no form of this command removes the tag field match criterion.
Default
no tag
Parameters
- tag
Specifies to match a specific external LSA tag field.
to
Syntax
[no] to
Context
config>router>policy-options>policy-statement>entry
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure export policy match criteria based on a route destination or the protocol into which the route is being advertised.
If no condition is specified, all route destinations are considered to match.
The to command context only applies to export policies. If it is used for an import policy, match criteria is ignored.
The no form of this command deletes export match criteria for the route policy statement entry.
type
Syntax
type type
no type
Context
config>router>policy-options>policy-statement>entry>from
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures an OSPF type metric as a match criterion in the route policy statement entry.
If no type is specified, any OSPF type is considered a match.
The no form of this command removes the OSPF type match criterion.
Parameters
- 1
Keyword to match OSPF routes with type 1 LSAs.
- 2
Keyword to match OSPF routes with type 2 LSAs.
Route policy action commands
action
Syntax
action {accept | next-entry | next-policy | reject}
no action
Context
config>router>policy-options>policy-statement>entry
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures actions to take for routes matching a route policy statement entry.
This command is required and must be entered for the entry to be active.
Any route policy entry without the action command will be considered incomplete and will be inactive.
The no form of this command deletes the action context from the entry.
Default
no action
Parameters
- accept
Specifies packets matching the entry match criteria will be accepted and processed appropriately.
- next-entry
Specifies that the actions specified would be taken and policy evaluation would continue with the next policy entry (if any others are specified).
- next-policy
Specifies that the actions specified would be made to the route attributes and policy evaluation would continue with the next route policy (if any others are specified).
- reject
Specifies packets matching the entry match criteria will be rejected.
as-path
Syntax
as-path {add | replace} name
no as-path
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns a BGP AS path list to routes matching the route policy statement entry.
If no AS path list is specified, the AS path attribute is not changed.
The no form of this command disables the AS path list editing action from the route policy entry.
Default
no as-path
Parameters
- add
Specifies that the AS path list is to be prepended to an existing AS list.
- replace
Specifies AS path list replaces any existing as path attribute.
- name
Specifies the AS path list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The name specified must already be defined.
as-path-prepend
Syntax
as-path-prepend as-num [repeat]
no as-path-prepend
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command prepends a BGP ASN once or multiple times to the AS path attribute of routes matching the route policy statement entry.
If an ASN is not configured, the AS path is not changed.
If the optional number is specified, the ASN is prepended as many times as indicated by the number.
The no form of this command disables the AS path prepend action from the route policy entry.
Default
no as-path-prepend
Parameters
- as-num
Specifies the ASN to prepend expressed as a decimal integer.
- repeat
Specifies the number of times to prepend the specified ASN expressed as a decimal integer.
community
Syntax
community {{add name [remove name]} | {remove name [add name]} | {replace name}}
no community
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds or removes a BGP community list to or from routes matching the route policy statement entry.
If no community list is specified, the community path attribute is not changed.
The community list changes the community path attribute according to the add and remove keywords.
The no form of this command disables the action to edit the community path attribute for the route policy entry.
Default
no community
Parameters
- add
Keyword to specify that the community list is added to any existing list of communities.
- remove
Keyword to specify that the community list is removed from the existing list of communities.
- replace
Keyword to specify that the community list replaces any existing community attribute.
- name
Specifies the community list name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
damping
Syntax
damping {name | none}
no damping
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a damping profile used for routes matching the route policy statement entry.
If no damping criteria is specified, the default damping profile is used.
The no form of this command removes the damping profile associated with the route policy entry.
Default
no damping
Parameters
- name
Specifies the damping profile name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The name specified must already be defined.
- none
Keyword to disable route damping for the route policy.
default-action
Syntax
default-action {accept | next-entry| reject}
no default-action
Context
config>router>policy-options>policy-statement
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure actions for routes packets that do not match any route policy statement entries when the accept parameter is specified.
The default action clause can be set to all available action states, including accept, reject, next-entry and next-policy. If the action states accept or reject, the policy evaluation terminates and the appropriate result is returned.
If a default action is defined and no matches occurred with the entries in the policy, the default action clause is used.
If a default action is defined and one or more matches occurred with the entries of the policy then the default action is not used.
The no form of this command deletes the default-action context for the policy statement.
Default
no default-action
Parameters
- accept
Keyword to specify that route packets matching the entry match criteria will be accepted and propagated and processed appropriately.
- next-entry
Keyword to specify that the actions specified will be made to the route attributes taken, and policy evaluation will continue with the next policy entry (if any others are specified).
- reject
Keyword to specify that routes or packets matching the entry match criteria will be rejected.
local-preference
Syntax
local-preference preference
no local-preference
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns a BGP local preference to routes matching a route policy statement entry.
If no local preference is specified, the BGP configured local preference is used.
The no form of this command disables assigning a local preference in the route policy entry.
Default
no local-preference
Parameters
- preference
Specifies the local preference expressed as a decimal integer.
metric
Syntax
metric {add | subtract | set} metric
no metric
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns a metric to routes matching the policy statement entry.
If no metric is specified, the configured metric is used. If neither is defined, no metric will be advertised.
The value assigned for the metric by the route policy is controlled by the required keywords.
The no form of this command disables assigning a metric in the route policy entry.
Default
no metric
Parameters
- add
Keyword to add the specified integer to any existing metric. If the result of the addition results in a number greater than 4294967295, the value 4294967295 is used.
- subtract
Keyword to subtract the specified integer from any existing metric. If the result of the subtraction results in a number less than 0, the value of 0 is used.
- set
Keyword to replace any existing metric with the specified integer.
- metric
Specifies the metric modifier expressed as a decimal integer.
next-hop-self
Syntax
[no] next-hop-self
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command advertises a next hop IP address belonging to this router even if a third-party next hop is available to routes matching the policy statement entry.
The no form of this command disables advertising the next-hop-self option for the route policy entry.
Default
no next-hop-self
origin
Syntax
origin {igp | egp | incomplete}
no origin
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command sets the BGP origin assigned to routes exported into BGP.
If the routes are exported into protocols other than BGP, this option is ignored.
The no form of this command disables setting the BGP origin for the route policy entry.
Default
no origin
Parameters
- igp
Keyword to set the path information as originating within the local AS.
- egp
Keyword to set the path information as originating in another AS.
- incomplete
Keyword to set the path information as learned by some other means.
preference
Syntax
preference preference
no preference
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns a route preference to routes matching the route policy statement entry.
If no preference is specified, the default route table manager (RTM) preference for the protocol is used.
The no form of this command disables setting an RTM preference in the route policy entry.
Default
no preference
Parameters
- preference
Specifies the route preference, expressed as a decimal integer.
tag
Syntax
tag tag
no tag
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns an OSPF tag to routes matching the entry. The tag value is used to apply a tag to a route for either an OSPF or RIP route. A hexadecimal value of 4 octets can be entered.
For OSPF, all four octets can be used.
For RIP, only the two most significant octets are used if more than two octets are configured.
The no form of this command removes the tag.
Default
no tag
Parameters
- tag
Specifies an OSPF or IS-IS tag assigned to routes matching the entry.
type
Syntax
type {type}
no type
Context
config>router>policy-options>policy-statement>default-action
config>router>policy-options>policy-statement>entry>action
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command assigns an OSPF type metric to routes matching the route policy statement entry and being exported into OSPF.
The no form of this command disables assigning an OSPF type in the route policy entry.
Default
no type
Parameters
- type
Specifies the OSPF type metric.
Show commands
policy
Syntax
policy [name | prefix-list [name] | admin]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays configured policy statement information.
Parameters
- policy name
Displays information similar to the info command for a specific policy statement. If a name is provided, the matching policy statement displays.
If no statement name is specified, a list of all policies statements and descriptions display.
- prefix-list name
Displays the prefix lists configured in the route policy for the specified policy name.
- admin
Keyword to display the entire policy option configuration, including any uncommitted configuration changes. This command is similar to the info command.
Output
The following outputs are examples of router policy information, and Output fields: router policy describes the output fields.
The show router policy command displays all configured route policies.
A:ALA-1# show router policy
===============================================================================
Route Policies
===============================================================================
Policy Description
-------------------------------------------------------------------------------
OSPF to OSPF Policy Statement for 'OSPF to OSPF'
Direct And Aggregate Policy Statement ABC
-------------------------------------------------------------------------------
Policies : 2
===============================================================================
A:ALA-1#
Sample output - show router policy admin
The show router policy admin command is similar to the info command which displays information about the route policies and parameters.
*A:7210-SAS>show>router# policy admin
prefix-list "abc"
prefix 10.1.1.0/24 longer
prefix 10.1.1.1/32 exact
prefix 10.1.0.0/16 prefix-length-range 16-24
exit
community "SOO" members "origin:12345:1"
community "sample" members "target:12345:10"
as-path "null" "null"
as-path "test" "1234"
as-path "prevent loop" "null"
damping "re"
reuse 100
exit
damping "max"
max-suppress 20
exit
damping "sup"
suppress 20000
exit
damping "half"
half-life 10
exit
damping "test"
exit
policy-statement "abcd"
description "Test for policy statements"
entry 1
from
area 0.0.0.0
exit
to
protocol bgp
exit
action accept
exit
exit
entry 2
from
community "sample"
exit
to
neighbor 10.2.2.2
exit
action accept
exit
exit
entry 3
from
external
exit
to
level 2
exit
action accept
exit
exit
entry 4
from
family vpn-ipv4
exit
to
protocol bgp-vpn
exit
action accept
exit
exit
entry 5
from
protocol bgp
exit
action accept
next-hop 10.1.1.1
exit
exit
entry 6
from
protocol bgp
exit
action accept
as-path add "null"
exit
exit
entry 7
from
protocol bgp
exit
action accept
as-path replace "sample"
exit
exit
default-action accept
exit
exit
policy-statement "test"
entry 2
from
exit
to
exit
action accept
exit
exit
default-action accept
exit
exit
*A:7210-SAS>show>router#
*A:7210-2# show router policy admin
prefix-list "host"
prefix 10.0.0.0/8 longer
exit
prefix-list "group"
prefix 239.6.6.6/32 exact
exit
policy-statement "block-igmp"
description "Reject-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host"
exit
action next-entry
exit
exit
entry 2
from
group-address "group"
exit
action reject
exit
default-action accept
exit
exit
policy-statement "permit-igmp"
description "Accept-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host1"
group-address "group1"
exit
action accept
exit
exit
default-action reject
exit
The show router policy name command displays information about a specific route policy.
*A:7210-2# show router policy permit-igmp
description "Accept-Reports-From-Specific-Group-And-Host"
entry 1
from
host-ip "host1"
group-address "group1"
exit
action accept
exit
exit
default-action reject
*A:7210-2#
The show router policy prefix-list command, lists the prefix-lists configured in the route policy.
*A:7210-2# show router policy prefix-list
==================================
Prefix Lists
==================================
Prefix List Name
----------------------------------
host
group
----------------------------------
Num Prefix Lists: 2
==================================
*A:7210-2#
Sample output - show router policy ‟From direct To
RIP”
The show router policy name command displays information about a specific route policy.
d*A:dut-c>config>router>policy-options>policy-statement# info detail
----------------------------------------------
description "Policy From direct To rip"
entry 2
description "Entry 2 - From Prot. rip To rip"
from
no neighbor
no prefix-list
no as-path
no as-path-group
no community
no type
no area
no level
no external
no host-ip
no group-address
no interface
no tag
no family
exit
to
no neighbor
no level
no prefix-list
exit
Label |
Description |
---|---|
Policy |
Displays a list of route policy names |
Description |
Displays the description of each route policy |
Policies |
The total number of policies configured |
Damping |
Displays the damping profile name |
half-life |
Displays the half-life parameter for the route damping profile |
max-suppress |
Displays the maximum suppression parameter configured for the route damping profile |
Prefix List |
Displays the prefix list name and IP address/mask and whether the prefix list entry only matches (exact) the route with the specified ip-prefix and prefix mask (length) values or values greater (longer) than the specified mask |
AS Path Name |
Displays a list of AS path names |
AS Paths |
Displays the total number of AS paths configured |
Community Name |
Displays a list of community names |
Communities |
Displays the total number of communities configured |