]>
Commit | Line | Data |
---|---|---|
0efdf0fe | 1 | .. _route-map: |
42fc5d26 | 2 | |
655cdc32 QY |
3 | ********** |
4 | Route Maps | |
5 | ********** | |
42fc5d26 | 6 | |
655cdc32 QY |
7 | Route maps provide a means to both filter and/or apply actions to route, hence |
8 | allowing policy to be applied to routes. | |
42fc5d26 | 9 | |
655cdc32 | 10 | Route maps are an ordered list of route map entries. Each entry may specify up |
d1e7591e | 11 | to four distinct sets of clauses: |
42fc5d26 | 12 | |
013f9762 | 13 | .. glossary:: |
42fc5d26 | 14 | |
013f9762 QY |
15 | Matching Conditions |
16 | A route-map entry may, optionally, specify one or more conditions which | |
17 | must be matched if the entry is to be considered further, as governed by | |
d1e7591e | 18 | the Match Policy. If a route-map entry does not explicitly specify any |
013f9762 | 19 | matching conditions, then it always matches. |
42fc5d26 | 20 | |
013f9762 QY |
21 | Set Actions |
22 | A route-map entry may, optionally, specify one or more Set Actions to set | |
23 | or modify attributes of the route. | |
42fc5d26 | 24 | |
013f9762 QY |
25 | Matching Policy |
26 | This specifies the policy implied if the :term:`Matching Conditions` are | |
27 | met or not met, and which actions of the route-map are to be taken, if | |
28 | any. The two possibilities are: | |
42fc5d26 | 29 | |
013f9762 QY |
30 | - :dfn:`permit`: If the entry matches, then carry out the |
31 | :term:`Set Actions`. Then finish processing the route-map, permitting | |
32 | the route, unless an :term:`Exit Policy` action indicates otherwise. | |
42fc5d26 | 33 | |
013f9762 QY |
34 | - :dfn:`deny`: If the entry matches, then finish processing the route-map and |
35 | deny the route (return `deny`). | |
42fc5d26 | 36 | |
013f9762 QY |
37 | The `Matching Policy` is specified as part of the command which defines |
38 | the ordered entry in the route-map. See below. | |
42fc5d26 | 39 | |
013f9762 | 40 | Call Action |
c9cf9db6 QY |
41 | Call to another route-map, after any :term:`Set Actions` have been |
42 | carried out. If the route-map called returns `deny` then processing of | |
43 | the route-map finishes and the route is denied, regardless of the | |
44 | :term:`Matching Policy` or the :term:`Exit Policy`. If the called | |
45 | route-map returns `permit`, then :term:`Matching Policy` and :term:`Exit | |
46 | Policy` govern further behaviour, as normal. | |
42fc5d26 | 47 | |
013f9762 QY |
48 | Exit Policy |
49 | An entry may, optionally, specify an alternative :dfn:`Exit Policy` to | |
50 | take if the entry matched, rather than the normal policy of exiting the | |
51 | route-map and permitting the route. The two possibilities are: | |
42fc5d26 | 52 | |
013f9762 | 53 | - :dfn:`next`: Continue on with processing of the route-map entries. |
42fc5d26 | 54 | |
013f9762 QY |
55 | - :dfn:`goto N`: Jump ahead to the first route-map entry whose order in |
56 | the route-map is >= N. Jumping to a previous entry is not permitted. | |
42fc5d26 | 57 | |
655cdc32 QY |
58 | The default action of a route-map, if no entries match, is to deny. I.e. a |
59 | route-map essentially has as its last entry an empty *deny* entry, which | |
60 | matches all routes. To change this behaviour, one must specify an empty | |
61 | *permit* entry as the last entry in the route-map. | |
42fc5d26 QY |
62 | |
63 | To summarise the above: | |
64 | ||
655cdc32 QY |
65 | +--------+--------+----------+ |
66 | | | Match | No Match | | |
67 | +========+========+==========+ | |
68 | | Permit | action | cont | | |
69 | +--------+--------+----------+ | |
70 | | Deny | deny | cont | | |
71 | +--------+--------+----------+ | |
72 | ||
73 | action | |
74 | - Apply *set* statements | |
75 | - If *call* is present, call given route-map. If that returns a ``deny``, | |
76 | finish processing and return ``deny``. | |
77 | - If *Exit Policy* is *next*, goto next route-map entry | |
78 | - If *Exit Policy* is *goto*, goto first entry whose order in the | |
79 | list is >= the given order. | |
80 | - Finish processing the route-map and permit the route. | |
81 | ||
82 | deny | |
83 | The route is denied by the route-map (return ``deny``). | |
84 | ||
85 | cont | |
86 | goto next route-map entry | |
42fc5d26 | 87 | |
0efdf0fe | 88 | .. _route-map-command: |
42fc5d26 QY |
89 | |
90 | Route Map Command | |
91 | ================= | |
92 | ||
655cdc32 QY |
93 | .. index:: route-map ROUTE-MAP-NAME (permit|deny) ORDER |
94 | .. clicmd:: route-map ROUTE-MAP-NAME (permit|deny) ORDER | |
42fc5d26 | 95 | |
655cdc32 QY |
96 | Configure the `order`'th entry in `route-map-name` with ``Match Policy`` of |
97 | either *permit* or *deny*. | |
42fc5d26 | 98 | |
0efdf0fe | 99 | .. _route-map-match-command: |
42fc5d26 QY |
100 | |
101 | Route Map Match Command | |
102 | ======================= | |
103 | ||
655cdc32 QY |
104 | .. index:: match ip address ACCESS_LIST |
105 | .. clicmd:: match ip address ACCESS_LIST | |
42fc5d26 | 106 | |
655cdc32 | 107 | Matches the specified `access_list` |
42fc5d26 | 108 | |
ec3bff6f TA |
109 | .. index:: match ip address prefix-list PREFIX_LIST |
110 | .. clicmd:: match ip address prefix-list PREFIX_LIST | |
42fc5d26 | 111 | |
ec3bff6f | 112 | Matches the specified `PREFIX_LIST` |
42fc5d26 | 113 | |
655cdc32 QY |
114 | .. index:: match ip address prefix-len 0-32 |
115 | .. clicmd:: match ip address prefix-len 0-32 | |
42fc5d26 | 116 | |
655cdc32 | 117 | Matches the specified `prefix-len`. This is a Zebra specific command. |
42fc5d26 | 118 | |
655cdc32 QY |
119 | .. index:: match ipv6 address ACCESS_LIST |
120 | .. clicmd:: match ipv6 address ACCESS_LIST | |
42fc5d26 | 121 | |
655cdc32 | 122 | Matches the specified `access_list` |
42fc5d26 | 123 | |
ec3bff6f TA |
124 | .. index:: match ipv6 address prefix-list PREFIX_LIST |
125 | .. clicmd:: match ipv6 address prefix-list PREFIX_LIST | |
42fc5d26 | 126 | |
ec3bff6f | 127 | Matches the specified `PREFIX_LIST` |
42fc5d26 | 128 | |
655cdc32 QY |
129 | .. index:: match ipv6 address prefix-len 0-128 |
130 | .. clicmd:: match ipv6 address prefix-len 0-128 | |
42fc5d26 | 131 | |
655cdc32 | 132 | Matches the specified `prefix-len`. This is a Zebra specific command. |
42fc5d26 | 133 | |
655cdc32 QY |
134 | .. index:: match ip next-hop IPV4_ADDR |
135 | .. clicmd:: match ip next-hop IPV4_ADDR | |
42fc5d26 | 136 | |
655cdc32 | 137 | Matches the specified `ipv4_addr`. |
42fc5d26 | 138 | |
655cdc32 QY |
139 | .. index:: match aspath AS_PATH |
140 | .. clicmd:: match aspath AS_PATH | |
42fc5d26 | 141 | |
655cdc32 | 142 | Matches the specified `as_path`. |
42fc5d26 | 143 | |
655cdc32 QY |
144 | .. index:: match metric METRIC |
145 | .. clicmd:: match metric METRIC | |
42fc5d26 | 146 | |
655cdc32 | 147 | Matches the specified `metric`. |
42fc5d26 | 148 | |
a5a48dbf QY |
149 | .. index:: match tag TAG |
150 | .. clicmd:: match tag TAG | |
151 | ||
152 | Matches the specified tag value associated with the route. This tag value | |
153 | can be in the range of (1-4294967295). | |
154 | ||
655cdc32 QY |
155 | .. index:: match local-preference METRIC |
156 | .. clicmd:: match local-preference METRIC | |
42fc5d26 | 157 | |
655cdc32 | 158 | Matches the specified `local-preference`. |
42fc5d26 | 159 | |
655cdc32 QY |
160 | .. index:: match community COMMUNITY_LIST |
161 | .. clicmd:: match community COMMUNITY_LIST | |
42fc5d26 | 162 | |
655cdc32 | 163 | Matches the specified `community_list` |
42fc5d26 | 164 | |
655cdc32 QY |
165 | .. index:: match peer IPV4_ADDR |
166 | .. clicmd:: match peer IPV4_ADDR | |
42fc5d26 | 167 | |
655cdc32 QY |
168 | This is a BGP specific match command. Matches the peer ip address |
169 | if the neighbor was specified in this manner. | |
42fc5d26 | 170 | |
655cdc32 QY |
171 | .. index:: match peer IPV6_ADDR |
172 | .. clicmd:: match peer IPV6_ADDR | |
42fc5d26 | 173 | |
655cdc32 QY |
174 | This is a BGP specific match command. Matches the peer ipv6 |
175 | address if the neighbor was specified in this manner. | |
42fc5d26 | 176 | |
655cdc32 QY |
177 | .. index:: match peer INTERFACE_NAME |
178 | .. clicmd:: match peer INTERFACE_NAME | |
42fc5d26 | 179 | |
655cdc32 | 180 | This is a BGP specific match command. Matches the peer |
42fc5d26 QY |
181 | interface name specified if the neighbor was specified |
182 | in this manner. | |
183 | ||
af21c682 DS |
184 | .. index:: match source-protocol PROTOCOL_NAME |
185 | .. clicmd:: match source-protocol PROTOCOL_NAME | |
186 | ||
187 | This is a ZEBRA specific match command. Matches the | |
188 | originating protocol specified. | |
189 | ||
190 | .. index:: match source-instance NUMBER | |
191 | .. clicmd:: match source-instance NUMBER | |
192 | ||
193 | This is a ZEBRA specific match command. The number is a range from (0-255). | |
194 | Matches the originating protocols instance specified. | |
195 | ||
0efdf0fe | 196 | .. _route-map-set-command: |
42fc5d26 QY |
197 | |
198 | Route Map Set Command | |
199 | ===================== | |
200 | ||
013f9762 QY |
201 | .. program:: configure |
202 | ||
a5a48dbf QY |
203 | .. index:: set tag TAG |
204 | .. clicmd:: set tag TAG | |
205 | ||
a5a48dbf QY |
206 | Set a tag on the matched route. This tag value can be from (1-4294967295). |
207 | Additionally if you have compiled with the :option:`--enable-realms` | |
208 | configure option. Tag values from (1-255) are sent to the Linux kernel as a | |
209 | realm value. Then route policy can be applied. See the tc man page. | |
210 | ||
655cdc32 QY |
211 | .. index:: set ip next-hop IPV4_ADDRESS |
212 | .. clicmd:: set ip next-hop IPV4_ADDRESS | |
42fc5d26 | 213 | |
e13fd66f DS |
214 | Set the BGP nexthop address to the specified IPV4_ADDRESS. For both |
215 | incoming and outgoing route-maps. | |
216 | ||
217 | .. index:: set ip next-hop peer-address | |
218 | .. clicmd:: set ip next-hop peer-address | |
219 | ||
220 | Set the BGP nexthop address to the address of the peer. For an incoming | |
221 | route-map this means the ip address of our peer is used. For an outgoing | |
222 | route-map this means the ip address of our self is used to establish the | |
223 | peering with our neighbor. | |
224 | ||
225 | .. index:: set ip next-hop unchanged | |
226 | .. clicmd:: set ip next-hop unchanged | |
227 | ||
228 | Set the route-map as unchanged. Pass the route-map through without | |
229 | changing it's value. | |
230 | ||
231 | .. index:: set ipv6 next-hop peer-address | |
232 | .. clicmd:: set ipv6 next-hop peer-address | |
233 | ||
234 | Set the BGP nexthop address to the address of the peer. For an incoming | |
235 | route-map this means the ipv6 address of our peer is used. For an outgoing | |
236 | route-map this means the ip address of our self is used to establish the | |
237 | peering with our neighbor. | |
238 | ||
239 | .. index:: set ipv6 next-hop prefer-global | |
240 | .. clicmd:: set ipv6 next-hop prefer-global | |
241 | ||
242 | For Incoming and Import Route-maps if we receive a v6 global and v6 LL | |
243 | address for the route, then prefer to use the global address as the nexthop. | |
244 | ||
245 | .. index:: set ipv6 next-hop global IPV6_ADDRESS | |
246 | .. clicmd:: set ipv6 next-hop global IPV6_ADDRESS | |
247 | ||
f22744c3 | 248 | Set the next-hop to the specified IPV6_ADDRESS for both incoming and |
e13fd66f | 249 | outgoing route-maps. |
42fc5d26 | 250 | |
655cdc32 QY |
251 | .. index:: set local-preference LOCAL_PREF |
252 | .. clicmd:: set local-preference LOCAL_PREF | |
42fc5d26 | 253 | |
655cdc32 | 254 | Set the BGP local preference to `local_pref`. |
42fc5d26 | 255 | |
655cdc32 QY |
256 | .. index:: set weight WEIGHT |
257 | .. clicmd:: set weight WEIGHT | |
42fc5d26 | 258 | |
655cdc32 | 259 | Set the route's weight. |
42fc5d26 | 260 | |
655cdc32 QY |
261 | .. index:: set metric METRIC |
262 | .. clicmd:: set metric METRIC | |
42fc5d26 | 263 | |
655cdc32 | 264 | Set the BGP attribute MED. |
42fc5d26 | 265 | |
655cdc32 QY |
266 | .. index:: set as-path prepend AS_PATH |
267 | .. clicmd:: set as-path prepend AS_PATH | |
42fc5d26 | 268 | |
655cdc32 | 269 | Set the BGP AS path to prepend. |
42fc5d26 | 270 | |
655cdc32 QY |
271 | .. index:: set community COMMUNITY |
272 | .. clicmd:: set community COMMUNITY | |
42fc5d26 | 273 | |
655cdc32 | 274 | Set the BGP community attribute. |
42fc5d26 | 275 | |
655cdc32 QY |
276 | .. index:: set ipv6 next-hop local IPV6_ADDRESS |
277 | .. clicmd:: set ipv6 next-hop local IPV6_ADDRESS | |
42fc5d26 | 278 | |
655cdc32 | 279 | Set the BGP-4+ link local IPv6 nexthop address. |
42fc5d26 | 280 | |
90da9a14 C |
281 | .. index:: set origin ORIGIN <egp|igp|incomplete> |
282 | .. clicmd:: set origin ORIGIN <egp|igp|incomplete> | |
283 | ||
284 | Set BGP route origin. | |
285 | ||
0efdf0fe | 286 | .. _route-map-call-command: |
42fc5d26 QY |
287 | |
288 | Route Map Call Command | |
289 | ====================== | |
290 | ||
655cdc32 QY |
291 | .. index:: call NAME |
292 | .. clicmd:: call NAME | |
42fc5d26 | 293 | |
655cdc32 QY |
294 | Call route-map `name`. If it returns deny, deny the route and |
295 | finish processing the route-map. | |
42fc5d26 | 296 | |
0efdf0fe | 297 | .. _route-map-exit-action-command: |
42fc5d26 QY |
298 | |
299 | Route Map Exit Action Command | |
300 | ============================= | |
301 | ||
655cdc32 QY |
302 | .. index:: on-match next |
303 | .. clicmd:: on-match next | |
42fc5d26 | 304 | |
655cdc32 QY |
305 | .. index:: continue |
306 | .. clicmd:: continue | |
42fc5d26 | 307 | |
655cdc32 | 308 | Proceed on to the next entry in the route-map. |
42fc5d26 | 309 | |
655cdc32 QY |
310 | .. index:: on-match goto N |
311 | .. clicmd:: on-match goto N | |
42fc5d26 | 312 | |
655cdc32 QY |
313 | .. index:: continue N |
314 | .. clicmd:: continue N | |
42fc5d26 | 315 | |
655cdc32 | 316 | Proceed processing the route-map at the first entry whose order is >= N |
42fc5d26 QY |
317 | |
318 | Route Map Examples | |
319 | ================== | |
320 | ||
321 | A simple example of a route-map: | |
322 | ||
9eb95b3b | 323 | .. code-block:: frr |
42fc5d26 | 324 | |
9eb95b3b QY |
325 | route-map test permit 10 |
326 | match ip address 10 | |
327 | set local-preference 200 | |
a8c90e15 | 328 | |
42fc5d26 QY |
329 | |
330 | This means that if a route matches ip access-list number 10 it's | |
331 | local-preference value is set to 200. | |
332 | ||
c1a54c05 | 333 | See :ref:`bgp-configuration-examples` for examples of more sophisticated |
d1e7591e | 334 | usage of route-maps, including of the ``call`` action. |
42fc5d26 | 335 |