Cisco Systems IOS XR Laptop User Manual


 
Implementing Routing Policy on Cisco IOS XR Software
Information About Implementing Routing Policy
RC-223
Cisco IOS XR Routing Configuration Guide
With a set of parentheses to express the precedence, the result is the following:
med eq 10 or ((not destination in (10.1.3.0/24)) and community matches-any
([12..34]:[56..78])
The following is another example of a complex expression:
(origin is igp or origin is incomplete or not med eq 42) and next-hop in (10.0.2.2)
The left conjunction is a compound condition enclosed in parentheses. The first simple condition of the
inner compound condition tests the value of the origin attribute; if it is Interior Gateway Protocol (IGP),
then the inner compound condition is true. Otherwise, the evaluation moves on to test the value of the
origin attribute again, and if it is incomplete, then the inner compound condition is true. Otherwise, the
evaluation moves to check the next component condition, which is a negation of a simple condition.
apply
As discussed in the sections on policy definitions and parameterization of policies, the apply command
executes another policy (either parameterized or unparameterized) from within another policy, which
allows for the reuse of common blocks of policy. When combined with the ability to parameterize
common blocks of policy, the apply command becomes a powerful tool for reducing repetitive
configuration.
Attach Points
Policies do not become useful until they are applied to routes, and for policies to be applied to routes
they need to be made known to routing protocols. In BGP, for example, there are several situations where
policies can be used, the most common of these is defining import and export policy. The policy attach
point is the point in which an association is formed between a specific protocol entity, in this case a BGP
neighbor, and a specific named policy. It is important to note that a verification step happens at this point.
Each time a policy is attached, the given policy and any policies it may apply are checked to ensure that
the policy can be validly used at that attach point. For example, if a user defines a policy that sets the
IS-IS level attribute and then attempts to attach this policy as an inbound BGP policy, the attempt would
be rejected because BGP routes do not carry IS-IS attributes. Likewise, when policies are modified that
are in use, the attempt to modify the policy is verified against all current uses of the policy to ensure that
the modification is compatible with the current uses.
Each protocol has a distinct definition of the set of attributes (commands) that compose a route. For
example, BGP routes may have a community attribute, which is undefined in OSPF. Routes in IS-IS have
a level attribute, which is unknown to BGP. Routes carried internally in the RIB may have a tag attribute.
When a policy is attached to a protocol, the protocol checks the policy to ensure the policy operates using
route attributes known to the protocol. If the protocol uses unknown attributes, then the protocol rejects
the attachment. For example, OSPF rejects attachment of a policy that tests the values of BGP
communities.
The situation is made more complex by the fact that each protocol has access to at least two distinct route
types. In addition to native protocol routes, for example BGP or IS-IS, some protocol policy attach points
operate on RIB routes, which is the common central representation. Using BGP as an example, the
protocol provides an attach point to apply policy to routes redistributed from the RIB to BGP. An attach
point dealing with two different kinds of routes permits a mix of operations: RIB attribute operations for
matching and BGP attribute operations for setting.