Filter
Top Products
480 CHAPTER 31: CONFIGURING IP ROUTING POLICY
Routing Policy A routing policy matches attributes of the given routing information and sets
some attributes of the routing information when the conditions are matched. A
routing policy contains several "if-match" clauses and "apply" clauses. The
"if-match" clauses specify the matching conditions. The "apply" clauses specify
the configuration commands that are executed when the filtering conditions
specified by if-match clauses are satisfied.
Access List An access list can be divided into a standard access list and an extended access list.
The standard access list is usually used for filtering routing information. When you
define an access list, you need to specify the network segment range of an IP
address, to match the destination network segment address or next hop address
of the routing information and to filter the routing information not satisfying the
conditions. If an extended access list is used, only the source address matching
field is used to match the destination network segment of the routing
information, while the IP address range used to match packet destination address
specified in the extended access list should be ignored.
Prefix-list Prefix-list functions are similar to the functions of an access list, which may not be
easily understood when used for routing information filtering, because it is in the
format of packet filtering.
ip ip-prefix is more flexible and comprehensible.
When applied to routing information filtering, its matching object is the
destination address information of the routing information. It can also be directly
used to the router object (gateway), so that the local routing protocol can only
receive the routing information distributed by specific routers. The addresses of
these filters must be filtered by prefix-list. In this case, the matching object of
ip
ip-prefix
is the source address of the IP header of the route packet.
A prefix-list is identified with the list name and consists of several parts, with
sequence-number specifying the matching order of these parts. In each part, you
can specify a matching range in the form of the network prefix. Different parts of
different sequence-numbers are matched using Boolean “OR” operations. When
the routing information matches a specific part of prefix-list, it is considered
successfully filtered through the prefix-list.
Aspath-list Aspath-list is only used for the BGP protocol. There is an aspath field in the routing
information packet of the BGP protocol. When the BGP protocol operates with the
switching routing information, the path of the routing information crossing the AS
is recorded in this field. Aspath-list is identified with aspath-list-number. When
defining aspath-list, you can specify an aspath regular expression to match the
aspath field in the routing information. You can use aspath-list to match the
aspath field in the BGP routing information, and filter information that does not
satisfy the conditions. Each list number can be defined with multiple aspath-lists,
because one list number represents a group of aspath-lists. The matching process
for acl-numbers uses Boolean “OR” operations, so a match with any one of the list
is considered successful filtering of the routing information through the aspath list
identified with this list number.
The definition of access-path-list is implemented in the BGP configuration. See the
description of the
ip as-path acl command in “Define an AS Path-list entry”.
Community-list Community-list is only used for the BGP protocol. In the routing information
packet of the BGP protocol, there is a community attribute field, used to identify a