7 Route maps provide a means to both filter and/or apply actions to route, hence
8 allowing policy to be applied to routes.
10 For a route reflector to apply a ``route-map`` to reflected routes, be sure to
11 include ``bgp route-reflector allow-outbound-policy`` in ``router bgp`` mode.
13 Route maps are an ordered list of route map entries. Each entry may specify up
14 to four distinct sets of clauses:
19 A route-map entry may, optionally, specify one or more conditions which
20 must be matched if the entry is to be considered further, as governed by
21 the Match Policy. If a route-map entry does not explicitly specify any
22 matching conditions, then it always matches.
25 A route-map entry may, optionally, specify one or more Set Actions to set
26 or modify attributes of the route.
29 This specifies the policy implied if the :term:`Matching Conditions` are
30 met or not met, and which actions of the route-map are to be taken, if
31 any. The two possibilities are:
33 - :dfn:`permit`: If the entry matches, then carry out the
34 :term:`Set Actions`. Then finish processing the route-map, permitting
35 the route, unless an :term:`Exit Policy` action indicates otherwise.
37 - :dfn:`deny`: If the entry matches, then finish processing the route-map and
38 deny the route (return `deny`).
40 The `Matching Policy` is specified as part of the command which defines
41 the ordered entry in the route-map. See below.
44 Call to another route-map, after any :term:`Set Actions` have been
45 carried out. If the route-map called returns `deny` then processing of
46 the route-map finishes and the route is denied, regardless of the
47 :term:`Matching Policy` or the :term:`Exit Policy`. If the called
48 route-map returns `permit`, then :term:`Matching Policy` and :term:`Exit
49 Policy` govern further behaviour, as normal.
52 An entry may, optionally, specify an alternative :dfn:`Exit Policy` to
53 take if the entry matched, rather than the normal policy of exiting the
54 route-map and permitting the route. The two possibilities are:
56 - :dfn:`next`: Continue on with processing of the route-map entries.
58 - :dfn:`goto N`: Jump ahead to the first route-map entry whose order in
59 the route-map is >= N. Jumping to a previous entry is not permitted.
61 The default action of a route-map, if no entries match, is to deny. I.e. a
62 route-map essentially has as its last entry an empty *deny* entry, which
63 matches all routes. To change this behaviour, one must specify an empty
64 *permit* entry as the last entry in the route-map.
66 To summarise the above:
68 +--------+--------+----------+
69 | | Match | No Match |
70 +========+========+==========+
71 | Permit | action | cont |
72 +--------+--------+----------+
73 | Deny | deny | cont |
74 +--------+--------+----------+
77 - Apply *set* statements
78 - If *call* is present, call given route-map. If that returns a ``deny``,
79 finish processing and return ``deny``.
80 - If *Exit Policy* is *next*, goto next route-map entry
81 - If *Exit Policy* is *goto*, goto first entry whose order in the
82 list is >= the given order.
83 - Finish processing the route-map and permit the route.
86 The route is denied by the route-map (return ``deny``).
89 goto next route-map entry
91 .. _route-map-show-command:
93 .. clicmd:: show route-map [WORD] [json]
95 Display data about each daemons knowledge of individual route-maps.
96 If WORD is supplied narrow choice to that particular route-map.
98 If the ``json`` option is specified, output is displayed in JSON format.
100 .. _route-map-clear-counter-command:
102 .. clicmd:: clear route-map counter [WORD]
104 Clear counters that are being stored about the route-map utilization
105 so that subsuquent show commands will indicate since the last clear.
106 If WORD is specified clear just that particular route-map's counters.
108 .. _route-map-command:
113 .. clicmd:: route-map ROUTE-MAP-NAME (permit|deny) ORDER
115 Configure the `order`'th entry in `route-map-name` with ``Match Policy`` of
116 either *permit* or *deny*.
118 .. _route-map-match-command:
120 Route Map Match Command
121 =======================
123 .. clicmd:: match ip address ACCESS_LIST
125 Matches the specified `access_list`
127 .. clicmd:: match ip address prefix-list PREFIX_LIST
129 Matches the specified `PREFIX_LIST`
131 .. clicmd:: match ip address prefix-len 0-32
133 Matches the specified `prefix-len`. This is a Zebra specific command.
135 .. clicmd:: match ipv6 address ACCESS_LIST
137 Matches the specified `access_list`
139 .. clicmd:: match ipv6 address prefix-list PREFIX_LIST
141 Matches the specified `PREFIX_LIST`
143 .. clicmd:: match ipv6 address prefix-len 0-128
145 Matches the specified `prefix-len`. This is a Zebra specific command.
147 .. clicmd:: match ip next-hop ACCESS_LIST
149 Match the next-hop according to the given access-list.
151 .. clicmd:: match ip next-hop address IPV4_ADDR
153 This is a BGP specific match command. Matches the specified `ipv4_addr`.
155 .. clicmd:: match ip next-hop prefix-list PREFIX_LIST
157 Match the next-hop according to the given prefix-list.
159 .. clicmd:: match ipv6 next-hop ACCESS_LIST
161 Match the next-hop according to the given access-list.
163 .. clicmd:: match ipv6 next-hop address IPV6_ADDR
165 This is a BGP specific match command. Matches the specified `ipv6_addr`.
167 .. clicmd:: match ipv6 next-hop prefix-list PREFIX_LIST
169 Match the next-hop according to the given prefix-list.
171 .. clicmd:: match as-path AS_PATH
173 Matches the specified `as_path`.
175 .. clicmd:: match metric METRIC
177 Matches the specified `metric`.
179 .. clicmd:: match tag TAG
181 Matches the specified tag value associated with the route. This tag value
182 can be in the range of (1-4294967295).
184 .. clicmd:: match local-preference METRIC
186 Matches the specified `local-preference`.
188 .. clicmd:: match community COMMUNITY_LIST
190 Matches the specified `community_list`
192 .. clicmd:: match peer IPV4_ADDR
194 This is a BGP specific match command. Matches the peer ip address
195 if the neighbor was specified in this manner.
197 .. clicmd:: match peer IPV6_ADDR
199 This is a BGP specific match command. Matches the peer ipv6
200 address if the neighbor was specified in this manner.
202 .. clicmd:: match peer INTERFACE_NAME
204 This is a BGP specific match command. Matches the peer
205 interface name specified if the neighbor was specified
208 .. clicmd:: match peer PEER_GROUP_NAME
210 This is a BGP specific match command. Matches the peer
211 group name specified for the peer in question.
213 .. clicmd:: match source-protocol PROTOCOL_NAME
215 This is a ZEBRA specific match command. Matches the
216 originating protocol specified.
218 .. clicmd:: match source-instance NUMBER
220 This is a ZEBRA specific match command. The number is a range from (0-255).
221 Matches the originating protocols instance specified.
223 .. clicmd:: match evpn route-type ROUTE_TYPE_NAME
225 This is a BGP EVPN specific match command. It matches to EVPN route-type
226 from type-1 (EAD route-type) to type-5 (Prefix route-type).
227 User can provide in an integral form (1-5) or string form of route-type
228 (i.e ead, macip, multicast, es, prefix).
230 .. clicmd:: match evpn vni NUMBER
232 This is a BGP EVPN specific match command which matches to EVPN VNI id.
233 The number is a range from (1-6777215).
235 .. _route-map-set-command:
237 Route Map Set Command
238 =====================
240 .. program:: configure
242 .. clicmd:: set tag TAG
244 Set a tag on the matched route. This tag value can be from (1-4294967295).
245 Additionally if you have compiled with the :option:`--enable-realms`
246 configure option. Tag values from (1-255) are sent to the Linux kernel as a
247 realm value. Then route policy can be applied. See the tc man page. As
248 a note realms cannot currently be used with the installation of nexthops
249 as nexthop groups in the linux kernel.
251 .. clicmd:: set ip next-hop IPV4_ADDRESS
253 Set the BGP nexthop address to the specified IPV4_ADDRESS. For both
254 incoming and outgoing route-maps.
256 .. clicmd:: set ip next-hop peer-address
258 Set the BGP nexthop address to the address of the peer. For an incoming
259 route-map this means the ip address of our peer is used. For an outgoing
260 route-map this means the ip address of our self is used to establish the
261 peering with our neighbor.
263 .. clicmd:: set ip next-hop unchanged
265 Set the route-map as unchanged. Pass the route-map through without
268 .. clicmd:: set ipv6 next-hop peer-address
270 Set the BGP nexthop address to the address of the peer. For an incoming
271 route-map this means the ipv6 address of our peer is used. For an outgoing
272 route-map this means the ip address of our self is used to establish the
273 peering with our neighbor.
275 .. clicmd:: set ipv6 next-hop prefer-global
277 For Incoming and Import Route-maps if we receive a v6 global and v6 LL
278 address for the route, then prefer to use the global address as the nexthop.
280 .. clicmd:: set ipv6 next-hop global IPV6_ADDRESS
282 Set the next-hop to the specified IPV6_ADDRESS for both incoming and
285 .. clicmd:: set local-preference LOCAL_PREF
287 Set the BGP local preference to `local_pref`.
289 .. clicmd:: set local-preference +LOCAL_PREF
291 Add the BGP local preference to an existing `local_pref`.
293 .. clicmd:: set local-preference -LOCAL_PREF
295 Subtract the BGP local preference from an existing `local_pref`.
297 .. clicmd:: set distance DISTANCE
299 Set the Administrative distance to DISTANCE to use for the route.
300 This is only locally significant and will not be dispersed to peers.
302 .. clicmd:: set weight WEIGHT
304 Set the route's weight.
306 .. clicmd:: set metric <[+|-](1-4294967295)|rtt|+rtt|-rtt>
308 Set the BGP attribute MED to a specific value. Use `+`/`-` to add or subtract
309 the specified value to/from the MED. Use `rtt` to set the MED to the round
310 trip time or `+rtt`/`-rtt` to add/subtract the round trip time to/from the
313 .. clicmd:: set aigp-metric <igp-metric|(1-4294967295)>
315 Set the BGP attribute AIGP to a specific value. If ``igp-metric`` is specified,
316 then the value is taken from the IGP protocol, otherwise an arbitrary value.
318 .. clicmd:: set as-path prepend AS_PATH
320 Set the BGP AS path to prepend.
322 .. clicmd:: set as-path exclude AS-NUMBER...
324 Drop AS-NUMBER from the BGP AS path.
326 .. clicmd:: set community COMMUNITY
328 Set the BGP community attribute.
330 .. clicmd:: set ipv6 next-hop local IPV6_ADDRESS
332 Set the BGP-4+ link local IPv6 nexthop address.
334 .. clicmd:: set origin ORIGIN <egp|igp|incomplete>
336 Set BGP route origin.
338 .. clicmd:: set table (1-4294967295)
340 Set the BGP table to a given table identifier
342 .. clicmd:: set sr-te color (1-4294967295)
344 Set the color of a SR-TE Policy to be applied to a learned route. The SR-TE
345 Policy is uniquely determined by the color and the BGP nexthop.
347 .. clicmd:: set l3vpn next-hop encapsulation gre
349 Accept L3VPN traffic over GRE encapsulation.
351 .. _route-map-call-command:
353 Route Map Call Command
354 ======================
356 .. clicmd:: call NAME
358 Call route-map `name`. If it returns deny, deny the route and
359 finish processing the route-map.
362 .. _route-map-exit-action-command:
364 Route Map Exit Action Command
365 =============================
367 .. clicmd:: on-match next
371 Proceed on to the next entry in the route-map.
373 .. clicmd:: on-match goto N
375 .. clicmd:: continue N
377 Proceed processing the route-map at the first entry whose order is >= N
380 .. _route-map-optimization-command:
382 Route Map Optimization Command
383 ==============================
385 .. clicmd:: route-map ROUTE-MAP-NAME optimization
387 Enable route-map processing optimization for `route-map-name`.
388 The optimization is enabled by default.
389 Instead of sequentially passing through all the route-map indexes
390 until a match is found, the search for the best-match index will be
391 based on a look-up in a prefix-tree. A per-route-map prefix-tree
392 will be constructed for this purpose. The prefix-tree will compose
393 of all the prefixes in all the prefix-lists that are included in the
394 match rule of all the sequences of a route-map.
400 A simple example of a route-map:
404 route-map test permit 10
406 set local-preference 200
409 This means that if a route matches ip access-list number 10 it's
410 local-preference value is set to 200.
412 See :ref:`bgp-configuration-examples` for examples of more sophisticated
413 usage of route-maps, including of the ``call`` action.