]>
Commit | Line | Data |
---|---|---|
0efdf0fe | 1 | .. _route-map: |
42fc5d26 | 2 | |
655cdc32 QY |
3 | ********** |
4 | Route Maps | |
5 | ********** | |
42fc5d26 | 6 | |
655cdc32 QY |
7 | Route maps provide a means to both filter and/or apply actions to route, hence |
8 | allowing policy to be applied to routes. | |
42fc5d26 | 9 | |
a690202f | 10 | For a route reflector to apply a ``route-map`` to reflected routes, be sure to |
11 | include ``bgp route-reflector allow-outbound-policy`` in ``router bgp`` mode. | |
12 | ||
655cdc32 | 13 | Route maps are an ordered list of route map entries. Each entry may specify up |
d1e7591e | 14 | to four distinct sets of clauses: |
42fc5d26 | 15 | |
013f9762 | 16 | .. glossary:: |
42fc5d26 | 17 | |
013f9762 QY |
18 | Matching Conditions |
19 | A route-map entry may, optionally, specify one or more conditions which | |
20 | must be matched if the entry is to be considered further, as governed by | |
d1e7591e | 21 | the Match Policy. If a route-map entry does not explicitly specify any |
013f9762 | 22 | matching conditions, then it always matches. |
42fc5d26 | 23 | |
013f9762 QY |
24 | Set Actions |
25 | A route-map entry may, optionally, specify one or more Set Actions to set | |
26 | or modify attributes of the route. | |
42fc5d26 | 27 | |
013f9762 QY |
28 | Matching Policy |
29 | This specifies the policy implied if the :term:`Matching Conditions` are | |
30 | met or not met, and which actions of the route-map are to be taken, if | |
31 | any. The two possibilities are: | |
42fc5d26 | 32 | |
013f9762 QY |
33 | - :dfn:`permit`: If the entry matches, then carry out the |
34 | :term:`Set Actions`. Then finish processing the route-map, permitting | |
35 | the route, unless an :term:`Exit Policy` action indicates otherwise. | |
42fc5d26 | 36 | |
013f9762 QY |
37 | - :dfn:`deny`: If the entry matches, then finish processing the route-map and |
38 | deny the route (return `deny`). | |
42fc5d26 | 39 | |
013f9762 QY |
40 | The `Matching Policy` is specified as part of the command which defines |
41 | the ordered entry in the route-map. See below. | |
42fc5d26 | 42 | |
013f9762 | 43 | Call Action |
c9cf9db6 QY |
44 | Call to another route-map, after any :term:`Set Actions` have been |
45 | carried out. If the route-map called returns `deny` then processing of | |
46 | the route-map finishes and the route is denied, regardless of the | |
47 | :term:`Matching Policy` or the :term:`Exit Policy`. If the called | |
48 | route-map returns `permit`, then :term:`Matching Policy` and :term:`Exit | |
49 | Policy` govern further behaviour, as normal. | |
42fc5d26 | 50 | |
013f9762 QY |
51 | Exit Policy |
52 | An entry may, optionally, specify an alternative :dfn:`Exit Policy` to | |
53 | take if the entry matched, rather than the normal policy of exiting the | |
54 | route-map and permitting the route. The two possibilities are: | |
42fc5d26 | 55 | |
013f9762 | 56 | - :dfn:`next`: Continue on with processing of the route-map entries. |
42fc5d26 | 57 | |
013f9762 QY |
58 | - :dfn:`goto N`: Jump ahead to the first route-map entry whose order in |
59 | the route-map is >= N. Jumping to a previous entry is not permitted. | |
42fc5d26 | 60 | |
655cdc32 QY |
61 | The default action of a route-map, if no entries match, is to deny. I.e. a |
62 | route-map essentially has as its last entry an empty *deny* entry, which | |
63 | matches all routes. To change this behaviour, one must specify an empty | |
64 | *permit* entry as the last entry in the route-map. | |
42fc5d26 QY |
65 | |
66 | To summarise the above: | |
67 | ||
655cdc32 QY |
68 | +--------+--------+----------+ |
69 | | | Match | No Match | | |
70 | +========+========+==========+ | |
71 | | Permit | action | cont | | |
72 | +--------+--------+----------+ | |
73 | | Deny | deny | cont | | |
74 | +--------+--------+----------+ | |
75 | ||
76 | action | |
77 | - Apply *set* statements | |
78 | - If *call* is present, call given route-map. If that returns a ``deny``, | |
79 | finish processing and return ``deny``. | |
80 | - If *Exit Policy* is *next*, goto next route-map entry | |
81 | - If *Exit Policy* is *goto*, goto first entry whose order in the | |
82 | list is >= the given order. | |
83 | - Finish processing the route-map and permit the route. | |
84 | ||
85 | deny | |
86 | The route is denied by the route-map (return ``deny``). | |
87 | ||
88 | cont | |
89 | goto next route-map entry | |
42fc5d26 | 90 | |
1fa30509 DS |
91 | .. _route-map-show-command: |
92 | ||
856ed18a | 93 | .. clicmd:: show route-map [WORD] [json] |
1fa30509 DS |
94 | |
95 | Display data about each daemons knowledge of individual route-maps. | |
96 | If WORD is supplied narrow choice to that particular route-map. | |
97 | ||
856ed18a RW |
98 | If the ``json`` option is specified, output is displayed in JSON format. |
99 | ||
1fa30509 DS |
100 | .. _route-map-clear-counter-command: |
101 | ||
1fa30509 DS |
102 | .. clicmd:: clear route-map counter [WORD] |
103 | ||
104 | Clear counters that are being stored about the route-map utilization | |
105 | so that subsuquent show commands will indicate since the last clear. | |
106 | If WORD is specified clear just that particular route-map's counters. | |
107 | ||
0efdf0fe | 108 | .. _route-map-command: |
42fc5d26 QY |
109 | |
110 | Route Map Command | |
111 | ================= | |
112 | ||
655cdc32 | 113 | .. clicmd:: route-map ROUTE-MAP-NAME (permit|deny) ORDER |
42fc5d26 | 114 | |
655cdc32 QY |
115 | Configure the `order`'th entry in `route-map-name` with ``Match Policy`` of |
116 | either *permit* or *deny*. | |
42fc5d26 | 117 | |
0efdf0fe | 118 | .. _route-map-match-command: |
42fc5d26 QY |
119 | |
120 | Route Map Match Command | |
121 | ======================= | |
122 | ||
655cdc32 | 123 | .. clicmd:: match ip address ACCESS_LIST |
42fc5d26 | 124 | |
655cdc32 | 125 | Matches the specified `access_list` |
42fc5d26 | 126 | |
ec3bff6f | 127 | .. clicmd:: match ip address prefix-list PREFIX_LIST |
42fc5d26 | 128 | |
ec3bff6f | 129 | Matches the specified `PREFIX_LIST` |
42fc5d26 | 130 | |
655cdc32 | 131 | .. clicmd:: match ip address prefix-len 0-32 |
42fc5d26 | 132 | |
655cdc32 | 133 | Matches the specified `prefix-len`. This is a Zebra specific command. |
42fc5d26 | 134 | |
655cdc32 | 135 | .. clicmd:: match ipv6 address ACCESS_LIST |
42fc5d26 | 136 | |
655cdc32 | 137 | Matches the specified `access_list` |
42fc5d26 | 138 | |
ec3bff6f | 139 | .. clicmd:: match ipv6 address prefix-list PREFIX_LIST |
42fc5d26 | 140 | |
ec3bff6f | 141 | Matches the specified `PREFIX_LIST` |
42fc5d26 | 142 | |
655cdc32 | 143 | .. clicmd:: match ipv6 address prefix-len 0-128 |
42fc5d26 | 144 | |
655cdc32 | 145 | Matches the specified `prefix-len`. This is a Zebra specific command. |
42fc5d26 | 146 | |
be7735b3 | 147 | .. clicmd:: match ip next-hop address IPV4_ADDR |
42fc5d26 | 148 | |
be7735b3 PG |
149 | This is a BGP specific match command. Matches the specified `ipv4_addr`. |
150 | ||
03030106 | 151 | .. clicmd:: match ipv6 next-hop address IPV6_ADDR |
be7735b3 PG |
152 | |
153 | This is a BGP specific match command. Matches the specified `ipv6_addr`. | |
42fc5d26 | 154 | |
c7854434 | 155 | .. clicmd:: match as-path AS_PATH |
42fc5d26 | 156 | |
655cdc32 | 157 | Matches the specified `as_path`. |
42fc5d26 | 158 | |
655cdc32 | 159 | .. clicmd:: match metric METRIC |
42fc5d26 | 160 | |
655cdc32 | 161 | Matches the specified `metric`. |
42fc5d26 | 162 | |
a5a48dbf QY |
163 | .. clicmd:: match tag TAG |
164 | ||
165 | Matches the specified tag value associated with the route. This tag value | |
166 | can be in the range of (1-4294967295). | |
167 | ||
655cdc32 | 168 | .. clicmd:: match local-preference METRIC |
42fc5d26 | 169 | |
655cdc32 | 170 | Matches the specified `local-preference`. |
42fc5d26 | 171 | |
655cdc32 | 172 | .. clicmd:: match community COMMUNITY_LIST |
42fc5d26 | 173 | |
655cdc32 | 174 | Matches the specified `community_list` |
42fc5d26 | 175 | |
655cdc32 | 176 | .. clicmd:: match peer IPV4_ADDR |
42fc5d26 | 177 | |
655cdc32 QY |
178 | This is a BGP specific match command. Matches the peer ip address |
179 | if the neighbor was specified in this manner. | |
42fc5d26 | 180 | |
655cdc32 | 181 | .. clicmd:: match peer IPV6_ADDR |
42fc5d26 | 182 | |
655cdc32 QY |
183 | This is a BGP specific match command. Matches the peer ipv6 |
184 | address if the neighbor was specified in this manner. | |
42fc5d26 | 185 | |
655cdc32 | 186 | .. clicmd:: match peer INTERFACE_NAME |
42fc5d26 | 187 | |
655cdc32 | 188 | This is a BGP specific match command. Matches the peer |
42fc5d26 QY |
189 | interface name specified if the neighbor was specified |
190 | in this manner. | |
191 | ||
af21c682 DS |
192 | .. clicmd:: match source-protocol PROTOCOL_NAME |
193 | ||
194 | This is a ZEBRA specific match command. Matches the | |
195 | originating protocol specified. | |
196 | ||
af21c682 DS |
197 | .. clicmd:: match source-instance NUMBER |
198 | ||
199 | This is a ZEBRA specific match command. The number is a range from (0-255). | |
200 | Matches the originating protocols instance specified. | |
201 | ||
0efdf0fe | 202 | .. _route-map-set-command: |
42fc5d26 QY |
203 | |
204 | Route Map Set Command | |
205 | ===================== | |
206 | ||
013f9762 QY |
207 | .. program:: configure |
208 | ||
a5a48dbf QY |
209 | .. clicmd:: set tag TAG |
210 | ||
a5a48dbf QY |
211 | Set a tag on the matched route. This tag value can be from (1-4294967295). |
212 | Additionally if you have compiled with the :option:`--enable-realms` | |
213 | configure option. Tag values from (1-255) are sent to the Linux kernel as a | |
214 | realm value. Then route policy can be applied. See the tc man page. | |
215 | ||
655cdc32 | 216 | .. clicmd:: set ip next-hop IPV4_ADDRESS |
42fc5d26 | 217 | |
e13fd66f DS |
218 | Set the BGP nexthop address to the specified IPV4_ADDRESS. For both |
219 | incoming and outgoing route-maps. | |
220 | ||
e13fd66f DS |
221 | .. clicmd:: set ip next-hop peer-address |
222 | ||
223 | Set the BGP nexthop address to the address of the peer. For an incoming | |
224 | route-map this means the ip address of our peer is used. For an outgoing | |
225 | route-map this means the ip address of our self is used to establish the | |
226 | peering with our neighbor. | |
227 | ||
e13fd66f DS |
228 | .. clicmd:: set ip next-hop unchanged |
229 | ||
230 | Set the route-map as unchanged. Pass the route-map through without | |
231 | changing it's value. | |
232 | ||
e13fd66f DS |
233 | .. clicmd:: set ipv6 next-hop peer-address |
234 | ||
235 | Set the BGP nexthop address to the address of the peer. For an incoming | |
236 | route-map this means the ipv6 address of our peer is used. For an outgoing | |
237 | route-map this means the ip address of our self is used to establish the | |
238 | peering with our neighbor. | |
239 | ||
e13fd66f DS |
240 | .. clicmd:: set ipv6 next-hop prefer-global |
241 | ||
242 | For Incoming and Import Route-maps if we receive a v6 global and v6 LL | |
243 | address for the route, then prefer to use the global address as the nexthop. | |
244 | ||
e13fd66f DS |
245 | .. clicmd:: set ipv6 next-hop global IPV6_ADDRESS |
246 | ||
f22744c3 | 247 | Set the next-hop to the specified IPV6_ADDRESS for both incoming and |
e13fd66f | 248 | outgoing route-maps. |
42fc5d26 | 249 | |
655cdc32 | 250 | .. clicmd:: set local-preference LOCAL_PREF |
42fc5d26 | 251 | |
655cdc32 | 252 | Set the BGP local preference to `local_pref`. |
42fc5d26 | 253 | |
94f75688 DA |
254 | .. clicmd:: set local-preference +LOCAL_PREF |
255 | ||
256 | Add the BGP local preference to an existing `local_pref`. | |
257 | ||
94f75688 DA |
258 | .. clicmd:: set local-preference -LOCAL_PREF |
259 | ||
260 | Subtract the BGP local preference from an existing `local_pref`. | |
261 | ||
03750f1e | 262 | .. clicmd:: set distance DISTANCE |
4dac4cc9 DS |
263 | |
264 | Set the Administrative distance to DISTANCE to use for the route. | |
265 | This is only locally significant and will not be dispersed to peers. | |
266 | ||
655cdc32 | 267 | .. clicmd:: set weight WEIGHT |
42fc5d26 | 268 | |
655cdc32 | 269 | Set the route's weight. |
42fc5d26 | 270 | |
03750f1e | 271 | .. clicmd:: set metric <[+|-](1-4294967295)|rtt|+rtt|-rtt> |
42fc5d26 | 272 | |
fe430836 DS |
273 | Set the BGP attribute MED to a specific value. Use `+`/`-` to add or subtract |
274 | the specified value to/from the MED. Use `rtt` to set the MED to the round | |
275 | trip time or `+rtt`/`-rtt` to add/subtract the round trip time to/from the | |
276 | MED. | |
42fc5d26 | 277 | |
655cdc32 | 278 | .. clicmd:: set as-path prepend AS_PATH |
42fc5d26 | 279 | |
655cdc32 | 280 | Set the BGP AS path to prepend. |
42fc5d26 | 281 | |
bedcbe4b LS |
282 | .. clicmd:: set as-path exclude AS-NUMBER... |
283 | ||
284 | Drop AS-NUMBER from the BGP AS path. | |
285 | ||
655cdc32 | 286 | .. clicmd:: set community COMMUNITY |
42fc5d26 | 287 | |
655cdc32 | 288 | Set the BGP community attribute. |
42fc5d26 | 289 | |
655cdc32 | 290 | .. clicmd:: set ipv6 next-hop local IPV6_ADDRESS |
42fc5d26 | 291 | |
655cdc32 | 292 | Set the BGP-4+ link local IPv6 nexthop address. |
42fc5d26 | 293 | |
90da9a14 C |
294 | .. clicmd:: set origin ORIGIN <egp|igp|incomplete> |
295 | ||
296 | Set BGP route origin. | |
297 | ||
951745bd PG |
298 | .. clicmd:: set table (1-4294967295) |
299 | ||
300 | Set the BGP table to a given table identifier | |
301 | ||
ef3e0d04 SM |
302 | .. clicmd:: set sr-te color (1-4294967295) |
303 | ||
304 | Set the color of a SR-TE Policy to be applied to a learned route. The SR-TE | |
305 | Policy is uniquely determined by the color and the BGP nexthop. | |
306 | ||
03750f1e | 307 | |
0efdf0fe | 308 | .. _route-map-call-command: |
42fc5d26 QY |
309 | |
310 | Route Map Call Command | |
311 | ====================== | |
312 | ||
655cdc32 | 313 | .. clicmd:: call NAME |
42fc5d26 | 314 | |
655cdc32 QY |
315 | Call route-map `name`. If it returns deny, deny the route and |
316 | finish processing the route-map. | |
42fc5d26 | 317 | |
03750f1e | 318 | |
0efdf0fe | 319 | .. _route-map-exit-action-command: |
42fc5d26 QY |
320 | |
321 | Route Map Exit Action Command | |
322 | ============================= | |
323 | ||
655cdc32 | 324 | .. clicmd:: on-match next |
42fc5d26 | 325 | |
655cdc32 | 326 | .. clicmd:: continue |
42fc5d26 | 327 | |
655cdc32 | 328 | Proceed on to the next entry in the route-map. |
42fc5d26 | 329 | |
655cdc32 | 330 | .. clicmd:: on-match goto N |
42fc5d26 | 331 | |
655cdc32 | 332 | .. clicmd:: continue N |
42fc5d26 | 333 | |
655cdc32 | 334 | Proceed processing the route-map at the first entry whose order is >= N |
42fc5d26 | 335 | |
03750f1e | 336 | |
009d25a0 NT |
337 | .. _route-map-optimization-command: |
338 | ||
339 | Route Map Optimization Command | |
340 | ============================== | |
341 | ||
38133c4a | 342 | .. clicmd:: route-map ROUTE-MAP-NAME optimization |
009d25a0 | 343 | |
38133c4a IR |
344 | Enable route-map processing optimization for `route-map-name`. |
345 | The optimization is enabled by default. | |
009d25a0 NT |
346 | Instead of sequentially passing through all the route-map indexes |
347 | until a match is found, the search for the best-match index will be | |
348 | based on a look-up in a prefix-tree. A per-route-map prefix-tree | |
349 | will be constructed for this purpose. The prefix-tree will compose | |
350 | of all the prefixes in all the prefix-lists that are included in the | |
351 | match rule of all the sequences of a route-map. | |
352 | ||
1fa30509 | 353 | |
42fc5d26 QY |
354 | Route Map Examples |
355 | ================== | |
356 | ||
357 | A simple example of a route-map: | |
358 | ||
9eb95b3b | 359 | .. code-block:: frr |
42fc5d26 | 360 | |
9eb95b3b QY |
361 | route-map test permit 10 |
362 | match ip address 10 | |
363 | set local-preference 200 | |
a8c90e15 | 364 | |
42fc5d26 QY |
365 | |
366 | This means that if a route matches ip access-list number 10 it's | |
367 | local-preference value is set to 200. | |
368 | ||
c1a54c05 | 369 | See :ref:`bgp-configuration-examples` for examples of more sophisticated |
d1e7591e | 370 | usage of route-maps, including of the ``call`` action. |
42fc5d26 | 371 |