1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
|
################
Route Map Policy
################
Route map is a powerfull command, that gives network administrators a very
useful and flexible tool for traffic manipulation.
*************
Configuration
*************
Route Map
=========
.. cfgcmd:: set policy route-map <text>
This command creates a new route-map policy, identified by <text>.
.. cfgcmd:: set policy route-map <text> description <text>
Set description for the route-map policy.
.. cfgcmd:: set policy route-map <text> rule <1-65535> action <permit|deny>
Set action for the route-map policy.
.. cfgcmd:: set policy route-map <text> rule <1-65535> call <text>
Call another route-map policy on match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> continue <1-65535>
Jump to a different rule in this route-map on a match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> description <text>
Set description for the rule in the route-map policy.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match as-path <text>
BGP as-path list to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match community
community-list <text>
BGP community-list to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match community
exact-match
Set BGP community-list to exactly match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match extcommunity
<text>
BGP extended community to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match interface <text>
First hop interface of a route to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip address
access-list <1-2699>
IP address of route to match, based on access-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip address
prefix-list <text>
IP address of route to match, based on prefix-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip address
prefix-len <0-32>
IP address of route to match, based on specified prefix-length.
Note that this can be used for kernel routes only.
Do not apply to the routes of dynamic routing protocols (e.g. BGP,
RIP, OSFP), as this can lead to unexpected results..
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip nexthop
access-list <1-2699>
IP next-hop of route to match, based on access-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip nexthop
address <x.x.x.x>
IP next-hop of route to match, based on ip address.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip nexthop
prefix-len <0-32>
IP next-hop of route to match, based on prefix length.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip nexthop
prefix-list <text>
IP next-hop of route to match, based on prefix-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip nexthop
type <blackhole>
IP next-hop of route to match, based on type.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip route-source
access-list <1-2699>
IP route source of route to match, based on access-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ip route-source
prefix-list <text>
IP route source of route to match, based on prefix-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ipv6 address
access-list <text>
IPv6 address of route to match, based on IPv6 access-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ipv6 address
prefix-list <text>
IPv6 address of route to match, based on IPv6 prefix-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ipv6 address
prefix-len <0-128>
IPv6 address of route to match, based on specified prefix-length.
Note that this can be used for kernel routes only.
Do not apply to the routes of dynamic routing protocols (e.g. BGP,
RIP, OSFP), as this can lead to unexpected results..
.. cfgcmd:: set policy route-map <text> rule <1-65535> match ipv6 nexthop
<h:h:h:h:h:h:h:h>
Nexthop IPv6 address to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match large-community
large-community-list <text>
Match BGP large communities.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match local-preference
<0-4294967295>
Match local preference.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match metric <1-65535>
Match route metric.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match origin
<egp|igp|incomplete>
Boarder Gateway Protocol (BGP) origin code to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match peer <x.x.x.x>
Peer IP address to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match protocol <protocol>
Source protocol to match.
* ``babel`` - Babel routing protocol (Babel)
* ``bgp`` - Border Gateway Protocol (BGP)
* ``connected`` - Connected routes (directly attached subnet or host)
* ``isis`` - Intermediate System to Intermediate System (IS-IS)
* ``kernel`` - Kernel routes
* ``ospf`` - Open Shortest Path First (OSPFv2)
* ``ospfv3`` - Open Shortest Path First (IPv6) (OSPFv3)
* ``rip`` - Routing Information Protocol (RIP)
* ``ripng`` - Routing Information Protocol next-generation (IPv6) (RIPng)
* ``static`` - Statically configured routes
* ``table`` - Non-main Kernel Routing Table
* ``vnc`` - Virtual Network Control (VNC)
.. cfgcmd:: set policy route-map <text> rule <1-65535> match rpki
<invalid|notfound|valid>
Match RPKI validation result.
.. cfgcmd:: set policy route-map <text> rule <1-65535> match tag <1-65535>
Route tag to match.
.. cfgcmd:: set policy route-map <text> rule <1-65535> on-match goto <1-65535>
Exit policy on match: go to rule <1-65535>
.. cfgcmd:: set policy route-map <text> rule <1-65535> on-match next
Exit policy on match: go to next sequence number.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set aggregator <as|ip>
<1-4294967295|x.x.x.x>
BGP aggregator attribute: AS number or IP address of an aggregation.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set as-path exclude
<1-4294967295 | all>
Drop AS-NUMBER from the BGP AS path.
If ``all`` is specified, remove all AS numbers from the AS_PATH of the BGP
path's NLRI.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set as-path prepend
<1-4294967295>
Prepend the given string of AS numbers to the AS_PATH of the BGP path's NLRI.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set as-path
prepend-last-as <n>
Prepend the existing last AS number (the leftmost ASN) to the AS_PATH.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set atomic-aggregate
BGP atomic aggregate attribute.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set community
<add|replace> <community>
Add or replace BGP community attribute in format ``<0-65535:0-65535>``
or from well-known community list
.. cfgcmd:: set policy route-map <text> rule <1-65535> set community none
Delete all BGP communities
.. cfgcmd:: set policy route-map <text> rule <1-65535> set community delete
<text>
Delete BGP communities matching the community-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set large-community
<add|replace> <GA:LDP1:LDP2>
Add or replace BGP large-community attribute in format
``<0-4294967295:0-4294967295:0-4294967295>``
.. cfgcmd:: set policy route-map <text> rule <1-65535> set large-community none
Delete all BGP large-communities
.. cfgcmd:: set policy route-map <text> rule <1-65535> set large-community delete
<text>
Delete BGP communities matching the large-community-list.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set extcommunity bandwidth
<1-25600|cumulative|num-multipaths>
Set extcommunity bandwidth
.. cfgcmd:: set policy route-map <text> rule <1-65535> set extcommunity bandwidth-non-transitive
The link bandwidth extended community is encoded as non-transitive
.. cfgcmd:: set policy route-map <text> rule <1-65535> set extcommunity rt
<text>
Set route target value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set extcommunity soo
<text>
Set site of origin value in format ``<0-65535:0-4294967295>`` or ``<IP:0-65535>``.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set extcommunity none
Clear all BGP extcommunities.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set distance <0-255>
Locally significant administrative distance.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ip-next-hop
<x.x.x.x>
Nexthop IP address.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ip-next-hop
unchanged
Set the next-hop as unchanged. Pass through the route-map without
changing its value
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ip-next-hop
peer-address
Set the BGP nexthop address to the address of the peer. For an incoming
route-map this means the ip address of our peer is used. For an
outgoing route-map this means the ip address of our self is used to
establish the peering with our neighbor.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ipv6-next-hop
<global|local> <h:h:h:h:h:h:h:h>
Nexthop IPv6 address.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ipv6-next-hop
peer-address
Set the BGP nexthop address to the address of the peer. For an incoming
route-map this means the ip address of our peer is used. For an
outgoing route-map this means the ip address of our self is used to
establish the peering with our neighbor.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set ipv6-next-hop
prefer-global
For Incoming and Import Route-maps if we receive a v6 global and v6 LL
address for the route, then prefer to use the global address as the
nexthop.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set local-preference
<0-4294967295>
Set BGP local preference attribute.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set metric
<+/-metric|0-4294967295|rtt|+rtt|-rtt>
Set the route metric. When used with BGP, set the BGP attribute MED
to a specific value. Use ``+/-`` to add or subtract the specified value
to/from the existing/MED. Use ``rtt`` to set the MED to the round trip
time or ``+rtt/-rtt`` to add/subtract the round trip time to/from the MED.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set metric-type
<type-1|type-2>
Set OSPF external metric-type.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set origin
<igp|egp|incomplete>
Set BGP origin code.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set originator-id
<x.x.x.x>
Set BGP originator ID attribute.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set src
<x.x.x.x|h:h:h:h:h:h:h:h>
Set source IP/IPv6 address for route.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set table <1-200>
Set prefixes to table.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set tag <1-65535>
Set tag value for routing protocol.
.. cfgcmd:: set policy route-map <text> rule <1-65535> set weight
<0-4294967295>
Set BGP weight attribute
List of well-known communities
==============================
* ``local-as`` - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03
* ``no-advertise`` - Well-known communities value NO_ADVERTISE 0xFFFFFF02
* ``no-export`` - Well-known communities value NO_EXPORT 0xFFFFFF01
* ``internet`` - Well-known communities value 0
* ``graceful-shutdown`` - Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000
* ``accept-own`` - Well-known communities value ACCEPT_OWN 0xFFFF0001
* ``route-filter-translated-v4`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002
* ``route-filter-v4`` - Well-known communities value ROUTE_FILTER_v4 0xFFFF0003
* ``route-filter-translated-v6`` - Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004
* ``route-filter-v6`` - Well-known communities value ROUTE_FILTER_v6 0xFFFF0005
* ``llgr-stale`` - Well-known communities value LLGR_STALE 0xFFFF0006
* ``no-llgr`` - Well-known communities value NO_LLGR 0xFFFF0007
* ``accept-own-nexthop`` - Well-known communities value accept-own-nexthop 0xFFFF0008
* ``blackhole`` - Well-known communities value BLACKHOLE 0xFFFF029A
* ``no-peer`` - Well-known communities value NOPEER 0xFFFFFF04
|
