Login
- Table of Contents
-
- 05-Layer 3—IP Routing Command Reference
- 00-Preface
- 01-Basic IP routing commands
- 02-Static routing commands
- 03-RIP commands
- 04-OSPF commands
- 05-IS-IS commands
- 06-BGP commands
- 07-Policy-based routing commands
- 08-IPv6 static routing commands
- 09-RIPng commands
- 10-OSPFv3 commands
- 11-IPv6 policy-based routing commands
- 12-Routing policy commands
- 13-DCN commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 12-Routing policy commands | 367.24 KB |
Common routing policy commands
route-policy-change delay-time
if-match ipv6 even-prefix-length
if-match ipv6 odd-prefix-length
Routing policy commands
Common routing policy commands
apply as-path
Use apply as-path to set the AS_PATH attribute for BGP routes.
Use undo apply as-path to restore the default.
Syntax
apply as-path { as-number&<1-32> [ delete | replace ] | clear }
undo apply as-path
Default
No AS_PATH attribute is set.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
as-number&<1-32>: Specifies an AS by its number in the range of 1 to 4294967295. &<1-32> indicates that you can specify a maximum of 32 AS numbers.
delete: Deletes the specified AS numbers from the original AS_PATH attribute.
replace: Replaces the original AS numbers with the specified AS numbers. If you do not specify this keyword, the command adds the specified AS numbers before the original AS_PATH attribute.
clear: Clears the original AS numbers.
Usage guidelines
Use this command to add or edit the AS_PATH attribute for BGP routes.
The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.
For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to add AS number 200 before the original AS_PATH attribute of BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply as-path 200
Related commands
display ip as-path
if-match as-path
ip as-path
apply comm-list delete
Use apply comm-list delete to delete the COMMUNITY attributes from BGP routes.
Use undo apply comm-list to restore the default.
Syntax
apply comm-list { comm-list-number | comm-list-name } delete
undo apply comm-list
Default
No COMMUNITY attributes are deleted from BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
comm-list-number: Specifies a basic community list by its number in the range of 1 to 99 or an advanced community list by its number in the range of 100 to 199.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.
Usage guidelines
Application scenarios
A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. After you configure this command, the COMMUNITY attributes in the specified community list will be deleted from BGP routes.
For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Restrictions and guidelines
You must specify an existing community list when executing this command. To configure a community list, use the ip community-list command.
Examples
# Configure node 10 in permit mode for routing policy policy1 to delete the COMMUNITY attributes specified in community list 1 from BGP routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] apply comm-list 1 delete
Related commands
ip community-list
apply community
Use apply community to set the COMMUNITY attribute for BGP routes.
Use undo apply community to remove the specified COMMUNITY attribute for BGP routes.
Syntax
apply community { none | additive | { community-number&<1-32> | aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] }
undo apply community [ none | additive | { community-number&<1-32> | aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] ]
Default
No COMMUNITY attribute is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
none: Removes the COMMUNITY attributes of BGP routes.
community-number&<1-32>: Specifies a community sequence number in the range of 1 to 4294967295. &<1-32> indicates that you can specify a maximum of 32 community sequence numbers.
aa:nn&<1-32>: Specifies a community number. Both aa and nn are in the range of 0 to 65535. &<1-32> indicates that you can specify a maximum of 32 community numbers.
internet: Sets the INTERNET community attribute for BGP routes. Routes with this attribute can be advertised to all BGP peers. By default, all routes have this attribute.
no-advertise: Sets the NO_ADVERTISE community attribute for BGP routes. Routes with this attribute cannot be advertised to any peers.
no-export: Sets the NO_EXPORT community attribute for BGP routes. Routes with this attribute cannot be advertised out of the AS or confederation, but can be advertised to other sub-ASs in the confederation.
no-export-subconfed: Sets the NO_EXPORT_SUBCONFED community attribute for BGP routes. Routes with this attribute cannot be advertised out of the local AS or to other sub-ASs in the confederation.
additive: Adds the specified COMMUNITY attribute to the original COMMUNITY attribute of BGP routes.
A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. Use this command to set the COMMUNITY attribute for BGP routes.
For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 16 in permit mode for routing policy setcommunity to set the NO_EXPORT community attribute for BGP routes.
<Sysname> system-view
[Sysname] route-policy setcommunity permit node 16
[Sysname-route-policy-setcommunity-16] apply community no-export
Related commands
if-match community
ip community-list
apply cost
Use apply cost to set a cost for routes.
Use undo apply cost to restore the default.
Syntax
apply cost [ + | - ] cost-value
undo apply cost
Default
No cost is set for routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
+: Increases a cost value.
-: Decreases a cost value.
cost-value: Specifies a cost in the range of 0 to 4294967295.
Usage guidelines
Use this command to set a cost for routes and control the route selection order. For example, when the next hop of a route is in unfavorable link bandwidth condition, you can use this command to increase the cost value for that route.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set a cost of 120 for OSPF external routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match route-type external-type1or2
[Sysname-route-policy-policy1-10] apply cost 120
apply cost-type
Use apply cost-type to set a cost type for routes.
Use undo apply cost-type to restore the default.
Syntax
apply cost-type { external | inherit-link-cost | internal | internal-inc-ibgp | med-plus-igp | type-1 | type-2 }
undo apply cost-type
Default
No cost type is set for routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
external: Sets the cost type to IS-IS external route.
inherit-link-cost: Uses the IGP link cost as the MED value of BGP routes.
internal: Sets the cost type to IS-IS internal route, or sets the MED value for a matching BGP route to the IGP metric of the route's next hop.
internal-inc-ibgp: For IS-IS, this keyword sets the cost type for a matching IS-IS route to IS-IS internal route. For BGP, this keyword sets the MED value for a matching BGP route to the IGP metric of the route's next hop.
med-plus-igp: Sets the sum of the original MED value and the IGP metric value of next hop as the MED value for a matching BGP route.
type-1: Sets the cost type to OSPF Type-1 external route.
type-2: Sets the cost type to OSPF Type-2 external route.
Usage guidelines
For IS-IS, the apply cost-type internal command sets the cost type for a matching IS-IS route to IS-IS internal route.
For BGP, the apply cost-type internal command sets the MED for a matching BGP route learned from an IBGP peer to the IGP metric of the route's next hop. The MED is modified when BGP advertises the route to an EBGP peer.
The apply cost-type inherit-link-cost command sets the MED for a matching BGP route learned from an IBGP peer to the IGP link cost of the route's next hop. The MED is modified when BGP advertises the route to an EBGP peer.
The following commands take effect on BGP routes (from any sources) that are to be advertised to EBGP or IBGP peers:
· apply cost-type internal-inc-ibgp
· apply cost-type med-plus-igp
Examples
# Configure node 10 in permit mode for routing policy policy1 to set the cost type for routes that have a tag of 8 to OSPF Type-1 external routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match tag 8
[Sysname-route-policy-policy1-10] apply cost-type type-1
apply extcommunity bandwidth
Use apply extcommunity bandwidth to set the link bandwidth extended community attribute for BGP routes.
Use undo apply extcommunity bandwidth to remove the specified link bandwidth extended community attribute for BGP routes.
Syntax
apply extcommunity bandwidth link-bandwidth-value [ additive ]
undo apply extcommunity [ bandwidth link-bandwidth-value ]
Default
No link bandwidth extended community attribute is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
link-bandwidth-value: Sets the link bandwidth extended community attribute, a string of 3 to 16 characters. The link-bandwidth-value argument is in the 16-bit AS number:32-bit self-defined number format, for example, 100:3. The AS number is in the range of 0 to 65535, and the self-defined number is in the range of 0 to 4294967295.
additive: Adds the specified attribute to the original extended community attribute. If you do not specify this keyword, the specified extended community attribute will replace the original extended community attribute.
Usage guidelines
Use this command to configure the link bandwidth extended community attribute for BGP routes. The link bandwidth attribute is used for BGP route-based Unequal Cost Multiple Path (UCMP) load balancing. For information about the link bandwidth attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to add the link bandwidth extended community attribute 100:100 to BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply extcommunity bandwidth 100:100 additive
apply extcommunity rt
Use apply extcommunity rt to set the RT extended community attribute for BGP routes.
Use undo apply extcommunity rt to remove the RT extended community attribute for BGP routes.
Syntax
apply extcommunity { rt route-target }&<1-32> [ additive ]
undo apply extcommunity [ { rt route-target }&<1-32> ]
Default
No RT extended community attribute is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
{ rt route-target }&<1-32>: Sets the RT extended community attribute, a string of 3 to 21 characters. &<1-32> indicates that you can specify a maximum of 32 RT extended community attributes.
An RT attribute has the following forms:
· 16-bit AS number:32-bit self-defined number. For example, 101:3. The AS number is in the range of 0 to 65535, and the self-defined number is in the range of 0 to 4294967295.
· 32-bit IP address:16-bit self-defined number. For example, 192.168.122.15:1. The self-defined number is in the range of 0 to 65535.
· 32-bit AS number:16-bit self-defined number. For example, 70000:3. The AS number is in the range of 65536 to 4294967295, and the self-defined number is in the range of 0 to 65535.
additive: Adds the specified attribute to the original extended community attribute.
Usage guidelines
Use this command to configure the RT extended community attribute for BGP routes. Route target (also called VPN target) attributes are used to control the advertisement of VPN routing information. For more information about the route target attribute, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.
If you do not specify any parameters, the undo form of the command removes all extended community attributes for BGP routes.
Examples
# Configure node 10 in permit mode for routing policy policy1 to add the RT extended community attribute 100:2 to the original extended community attribute of BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply extcommunity rt 100:2 additive
apply extcommunity soo
Use apply extcommunity soo to set the SoO extended community attribute for BGP routes.
Use undo apply extcommunity soo to remove the SoO extended community attribute for BGP routes.
Syntax
apply extcommunity soo site-of-origin&<1-32> [ additive ]
undo apply extcommunity [ soo ]
Default
No SoO extended community attribute is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
site-of-origin&<1-32>: Sets the SoO extended community attribute, a string of 3 to 21 characters. &<1-32> indicates that you can specify a maximum of 32 SoO extended community attributes.
An SoO attribute has the following forms:
· 16-bit AS number:32-bit self-defined number. For example, 101:3. The AS number is in the range of 0 to 65535, and the self-defined number is in the range of 0 to 4294967295.
· 32-bit IP address:16-bit self-defined number. For example, 192.168.122.15:1. The self-defined number is in the range of 0 to 65535.
· 32-bit AS number:16-bit self-defined number. For example, 70000:3. The AS number is in the range of 65536 to 4294967295, and the self-defined number is in the range of 0 to 65535.
additive: Adds the specified attribute to the original extended community attribute.
Usage guidelines
Use this command to configure the SoO extended community attribute for BGP routes.
The SoO attribute specifies the site where the route originated. It prevents advertising a route back to the originating site. If the AS-path attribute is lost, the router can use the SoO attribute to avoid routing loops.
If you do not specify any parameters, the undo form of the command removes all extended community attributes for BGP routes.
Examples
# Configure node 10 in permit mode for routing policy policy1 to add the SoO extended community attribute 1:100 to the original extended community attribute of BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply extcommunity soo 1:100 additive
apply ip-precedence
Use apply ip-precedence to set an IP precedence for matching routes.
Use undo apply ip-precedence to restore the default.
Syntax
apply ip-precedence { value | clear }
undo apply ip-precedence
Default
No IP precedence is set.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
value: Specifies an IP precedence in the range of 0 to 7. Each precedence value corresponds to a precedence type, as shown in Table 1. When you specify the value argument, you can enter either a precedence value or a precedence type.
Table 1 IP precedence values and their corresponding types
|
Precedence value |
Precedence type |
|
0 |
routine |
|
1 |
priority |
|
2 |
immediate |
|
3 |
flash |
|
4 |
flash-override |
|
5 |
critical |
|
6 |
internet |
|
7 |
network |
clear: Clears the IP precedence of matching routes.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set an IP precedence of 3 for routes matching prefix list 100.
<Sysname> system-view
[Sysname] ip prefix-list 100 permit 192.168.10.1 24
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ip address prefix-list 100
[Sysname-route-policy-policy1-10] apply ip-precedence 3
apply isis
Use apply isis to redistribute routes into the specified IS-IS level.
Use undo apply isis to restore the default.
Syntax
apply isis { level-1 | level-1-2 | level-2 }
undo apply isis
Default
No IS-IS level is set.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
level-1: Redistributes routes into IS-IS Level-1.
level-1-2: Redistributes routes into both IS-IS Level-1 and Level-2.
level-2: Redistributes routes into IS-IS Level-2.
Usage guidelines
IS-IS adopts a two-level hierarchical architecture to support large-scale networks. A large-scale routing domain is divided into multiple areas. Typically, a Level-1 router is deployed within an area. A Level-2 router is deployed between areas. A Level-1-2 router is deployed between Level-1 and Level-2 routers.
For more information about the two-level hierarchy, see IS-IS configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to redistribute routes that have a tag of 8 to IS-IS level-2.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match tag 8
[Sysname-route-policy-policy1-10] apply isis level-2
apply l3-vni
Use apply l3-vni to set an L3 VNI for BGP EVPN routes.
Use undo apply l3-vni to restore the default.
Syntax
apply l3-vni vxlan-id
undo apply l3-vni
Default
No L3 VNI is set.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
vxlan-id: Specifies an L3 VNI in the range of 0 to 16777215.
Usage guidelines
L3 VNIs (Layer 3 VXLAN ID) apply to EVPN VXLAN networks. An L3 VXLAN ID identifies the traffic of a routing domain where devices have Layer 3 reachability. An L3 VXLAN ID is associated with one VPN instance. Distributed EVPN gateways use VPN instances to isolate traffic of different services on VXLAN tunnel interfaces.
For more information about L3 VNIs, see EVPN VXLAN configuration in EVPN Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set an L3 VNI of 6 for BGP EVPN routes with an L3 VNI of 8.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match l3-vni 8
[Sysname-route-policy-policy1-10] apply l3-vni 6
apply local-preference
Use apply local-preference to set a local preference for BGP routes.
Use undo apply local-preference to restore the default.
Syntax
apply local-preference preference
undo apply local-preference
Default
No local preference is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
preference: Specifies a local preference in the range of 0 to 4294967295.
The local preference is used to determine the optimal route for traffic leaving the local AS. After a BGP router obtains multiple routes with the same destination and different next hops from several IBGP peers, it preferentially selects the route with the highest local preference as the optimal route.
For more information about the local preference, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set a local preference of 130 for BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply local-preference 130
apply mpls-label
Use apply mpls-label to assign MPLS labels to routes.
Use undo apply mpls-label to restore the default.
Syntax
apply mpls-label
undo apply mpls-label
Default
No MPLS labels are assigned to routes.
Views
Routing policy node view
Predefined user roles
network-admin
Usage guidelines
If this command fails to assign an MPLS label to a route, the route will not be advertised.
Examples
# Configure node 10 in permit mode for routing policy policy1 to assign MPLS labels to routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] apply mpls-label
apply origin
Use apply origin to set the ORIGIN attribute for BGP routes.
Use undo apply origin to restore the default.
Syntax
apply origin { egp as-number | igp | incomplete }
undo apply origin
Default
No ORIGIN attribute is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
egp as-number: Sets the ORIGIN attribute to EGP. The as-number argument specifies an AS number in the range 1 to 4294967295 for EGP routes.
igp: Sets the ORIGIN attribute to IGP.
incomplete: Sets the ORIGIN attribute to UNKNOWN.
Usage guidelines
The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:
· IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.
· EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.
· INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.
For more information about the ORIGIN attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set the ORIGIN attribute to IGP for BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply origin igp
apply preference
Use apply preference to set a preference for a routing protocol.
Use undo apply preference to restore the default.
Syntax
apply preference preference
undo apply preference
Default
No preference is set for a routing protocol.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
preference: Specifies a preference in the range of 1 to 255.
Usage guidelines
If you have set preferences for routing protocols by using the preference command, the apply preference command sets a new preference for the matching routing protocol. Unmatched routing protocols still use the preferences set by using the preference command.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set the preference for OSPF external routes to 90.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match route-type external-type1or2
[Sysname-route-policy-policy1-10] apply preference 90
apply preferred-value
Use apply preferred-value to set a preferred value for BGP routes.
Use undo apply preferred-value to restore the default.
Syntax
apply preferred-value preferred-value
undo apply preferred-value
Default
No preferred value is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
preferred-value: Specifies a preferred value in the range of 0 to 65535.
Usage guidelines
During route selection, BGP first drops routes with unreachable next hops, and then selects the route with the greatest preferred value. Use this command to set a preferred value for BGP routes to control BGP path selection.
For more information about the preferred value, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set a preferred value of 66 for BGP routes matching AS path list 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 1
[Sysname-route-policy-policy1-10] apply preferred-value 66
apply prefix-priority
Use apply prefix-priority to set a prefix priority for routes.
Use undo apply prefix-priority to restore the default.
Syntax
apply prefix-priority { critical | high | medium }
undo apply prefix-priority
Default
No prefix priority is set, which means the prefix priority is low.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
critical: Sets the critical prefix priority for routes.
high: Sets the high prefix priority for routes.
medium: Sets the medium prefix priority for routes.
Usage guidelines
A topology change causes routing convergence in protocols such as OSPF and IS-IS. To improve the convergence speed, you can set prefix priorities for routes. Prefix priority levels include critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set prefix priority critical for routes matching prefix list abc.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ip address prefix-list abc
[Sysname-route-policy-policy1-10] apply prefix-priority critical
apply tag
Use apply tag to set a tag for IGP routes.
Use undo apply tag to restore the default.
Syntax
apply tag tag-value
undo apply tag
Default
No routing tag is set for IGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
tag-value: Specifies the tag value in the range of 0 to 4294967295.
Usage guidelines
Use this command to set a tag for IGP routes. To view the tag value, execute the display ip routing table verbose command.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set a tag of 100 for IGP routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] apply tag 100
apply traffic-index
Use apply traffic-index to set a traffic index for BGP routes.
Use undo apply traffic-index to restore the default.
Syntax
apply traffic-index { value | clear }
undo apply traffic-index
Default
No traffic index is set for BGP routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
value: Specifies the traffic index in the range of 1 to 64.
clear: Clears the traffic index of BGP routes.
Usage guidelines
BGP policy accounting provides the following functionalities:
· Classifies IP traffic by BGP path attributes such as NEXT HOP, COMMUNITY, and AS_PATH.
· Assigns an index to each class of traffic.
· Collects statistics based on indexes.
For more information about BGP policy accounting, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set a traffic index of 6 for BGP routes matching extended community list 100.
<Sysname> system-view
[Sysname] ip extcommunity-list 100 permit rt 100:100
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match extcommunity 100
[Sysname-route-policy-policy1-10] apply traffic-index 6
continue
Use continue to specify the next node to be matched.
Use undo continue to restore the default.
Syntax
continue [ node-number ]
undo continue
Default
No next node is specified.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
node-number: Specifies the routing policy node number in the range of 1 to 65535. The specified next node must have a larger number than the current node.
Usage guidelines
A route that matches the current node (permit node) must match the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy. After you configure a continue clause, a route continues to match against the subsequent nodes if it does not match the specified next node. To prevent such a route from matching against other nodes, add a clauseless deny node following the specified next node.
Example
# Specify the next node 20 for node 10 of the routing policy policy1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] continue 20
display ip as-path
Use display ip as-path to display BGP AS path list information.
Syntax
display ip as-path [ as-path-number | as-path-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
as-path-number: Specifies an AS path list by its number in the range of 1 to 256.
as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The name cannot contain only digits.
Usage guidelines
If you do not specify any arguments, this command displays information about all BGP AS path lists.
Examples
# Display information about BGP AS path list 1.
<Sysname> display ip as-path 1
As-path-number: 1
Permitted 0
Denied 0
Mode: Permit Regular experssion:10:1
# Display information about all BGP AS path lists.
<Sysname> display ip as-path
As-path-number : 122
Permitted : 41
Denied : 32
Mode : Permit Regular expression: ^10
As-path-name : www
Permitted : 22
Denied : 8
Mode : Permit Regular expression: *200.*300
Table 2 Command output
|
Field |
Description |
|
As-path-number |
AS path list number. |
|
As-path-name |
AS path list name. |
|
Permitted |
Number of routes that match the AS path list. |
|
Denied |
Number of routes that do not match the AS path list. |
|
Mode |
Match mode: · Permit. · Deny. |
|
Regular expression |
AS path regular expression. |
display ip community-list
Use display ip community-list to display BGP community list information.
Syntax
display ip community-list [ basic-community-list-number | adv-community-list-number | name comm-list-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
name comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.
Usage guidelines
If no community list is specified, this command displays information about all BGP community lists.
Examples
# Display information about all BGP community lists.
<Sysname> display ip community-list
Community List Basic aaa
Permit
Community List Advanced bbb
Permit 3333
Table 3 Command output
|
Field |
Description |
|
Community List Basic |
Basic community list. |
|
Community List Advanced |
Advanced community list. |
|
permit |
Match mode: · Permit. · Deny. |
display ip extcommunity-list
Use display ip extcommunity-list to display BGP extended community list information.
Syntax
display ip extcommunity-list [ ext-comm-list-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ext-comm-list-number: Specifies an extended community list by its number in the range of 1 to 65535. If you do not specify this argument, the command displays information about all BGP extended community lists.
Examples
# Display information about BGP extended community list 1.
<Sysname> display ip extcommunity-list 1
Extended Community List Number 1
Permit rt: 9:6
Permit soo: 9:6
Table 4 Command output
|
Field |
Description |
|
Extended Community List Number |
Extended community list. |
|
permit |
Match mode: · Permit. · Deny. |
|
rt |
Route Target (RT) extended community attribute. |
|
soo |
Site of Origin (SoO) extended community attribute. |
display ip rd-list
Use display ip rd-list to display route distinguisher (RD) list information.
Syntax
display ip rd-list [ rd-list-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
rd-list-number: Displays information about an RD list. The rd-list-number argument represents the number of the RD list, in the range of 1 to 65535. If you do not specify an RD list, this command displays information about all RD lists.
Examples
# Display information about all RD lists.
<Sysname> display ip rd-list
Route Distinguisher List Number 1
index: 1 Permit 1.1.1.1:1 2.2.2.2:* 100:1 200:*
Route Distinguisher List Number 2
index: 2 Deny 1:1 2:2
Table 5 Command output
|
Field |
Description |
|
Route Distinguisher List Number |
RD list number. |
|
index |
Index of the RD list item. |
|
Permit |
Match mode: · Permit. · Deny. |
Related commands
ip rd-list
display route-policy
Use display route-policy to display routing policy information.
Syntax
display route-policy [ name route-policy-name ]
Views
Predefined user roles
network-admin
network-operator
Parameters
name route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all routing policies.
Examples
# Display information about routing policy policy1.
<Sysname> display route-policy name policy1
Route-policy: policy1
Permit : 1
if-match cost 10
if-match as-path www
continue: next node 11
apply preference 10
Table 6 Command output
|
Field |
Description |
|
Route-policy |
Routing policy name. |
|
permit |
Match mode: · Permit. · Deny. |
|
if-match |
Match criterion. |
|
continue |
Specify the next node to be matched. |
|
apply |
Action. |
if-match as-path
Use if-match as-path to match BGP routes whose AS_PATH attribute matches a specified AS path list.
Use undo if-match as-path to remove the specified AS path list match criterion.
Syntax
if-match as-path { as-path-number&<1-32> | as-path-name }
undo if-match as-path [ as-path-number&<1-32> | as-path-name ]
Default
No AS path list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
as-path-number&<1-32>: Specifies an AS path list by its number in the range of 1 to 256. &<1-32> indicates that you can specify a maximum of 32 AS path lists.
as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The name cannot contain only digits.
Usage guidelines
Use this command in conjunction with the ip as-path command to configure AS_PATH-based criteria for route filtering. If the AS path list specified by this command does not exist, first use the ip as-path command to create the AS path list.
For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure AS path list 2 to permit BGP routes containing AS number 200 or 300 to pass. Configure node 10 in permit mode for routing policy test to match AS path list 2.
<Sysname> system-view
[Sysname] ip as-path 2 permit _*200.*300
[Sysname] route-policy test permit node 10
[Sysname-route-policy-policy1-10] if-match as-path 2
Related commands
apply as-path
ip as-path
if-match community
Use if-match community to match BGP routes whose COMMUNITY attribute matches a specified community list.
Use undo if-match community to remove the specified community list match criterion.
Syntax
if-match community { { basic-community-list-number | name comm-list-name } [ whole-match ] | adv-community-list-number }&<1-32>
undo if-match community [ { basic-community-list-number | name comm-list-name } [ whole-match ] | adv-community-list-number ]&<1-32>
Default
No community list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.
whole-match: Exactly matches the specified community list. All of the communities and only those communities specified must be present.
&<1-32>: Indicates that you can specify a maximum of 32 community lists.
Usage guidelines
Use this command in conjunction with the ip community-list command to configure COMMUNITY-based criteria for route filtering. If the community list specified by this command does not exist, first use the ip community-list command to create the community list.
For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure community list 1 to permit BGP routes with community number 100 or 200. Then configure node 10 in permit mode for routing policy test to use community list 1 to match BGP routes.
[Sysname] ip community-list 1 permit 100 200
[Sysname] route-policy test permit node 10
[Sysname-route-policy-test-10] if-match community 1
Related commands
apply community
ip community-list
if-match cost
Use if-match cost to match routes that have the specified cost.
Use undo if-match cost to restore the default.
Syntax
if-match cost cost-value
undo if-match cost
Default
No cost match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
cost-value: Specifies a cost in the range of 0 to 4294967295.
Examples
# Configure node 10 in permit mode for routing policy policy1 to permit routes with a cost of 8.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match cost 8
if-match extcommunity
Use if-match extcommunity to match BGP routes whose extended community attribute matches a specified extended community list.
Use undo if-match extcommunity to remove the specified extended community list match criterion.
Syntax
if-match extcommunity ext-comm-list-number&<1-32>
undo if-match extcommunity [ ext-comm-list-number&<1-32> ]
Default
No extended community list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
ext-comm-list-number&<1-32>: Specifies an extended community list by its number in the range of 1 to 65535. &<1-32> indicates that you can specify a maximum of 32 extended community lists.
Usage guidelines
Use this command in conjunction with the ip extcommunity-list command to configure extended community-based criteria for route filtering. If the extended community list specified by this command does not exist, first use the ip extcommunity-list command to create the extended community list.
For more information about the extended community attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to match BGP routes whose extended community attribute matches extended community lists 100 and 150.
<Sysname> system-view
[Sysname] ip extcommunity-list 100 permit rt 100:100
[Sysname] ip extcommunity-list 150 permit rt 150:150
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match extcommunity 100 150
Related commands
apply extcommunity
ip extcommunity-list
if-match interface
Use if-match interface to match routes that have the specified output interfaces.
Use undo if-match interface to remove the specified output interface match criterion.
Syntax
if-match interface { interface-type interface-number }&<1-16>
undo if-match interface [ interface-type interface-number ]&<1-16>
Default
No output interface match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies an interface by its type and number.
&<1-16>: Indicates that you can specify a maximum of 16 interfaces.
Usage guidelines
BGP does not support criteria for matching the output interfaces of routes.
Examples
# Configure node 10 in permit mode for routing policy policy1 to permit routes with the output interface VLAN-interface 1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match interface vlan-interface 1
if-match l3-vni
Use if-match l3-vni to match BGP EVPN routes that have the specified L3 VNI.
Use undo if-match l3-vni to restore the default.
Syntax
if-match l3-vni vxlan-id
undo if-match l3-vni
Default
No L3 VNI match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
vxlan-id: Specifies an L3 VNI in the range of 0 to 16777215.
Usage guidelines
L3 VNIs (Layer 3 VXLAN ID) apply to EVPN VXLAN networks. An L3 VXLAN ID identifies the traffic of a routing domain where devices have Layer 3 reachability. An L3 VXLAN ID is associated with one VPN instance. Distributed EVPN gateways use VPN instances to isolate traffic of different services on VXLAN tunnel interfaces.
For more information about L3 VNIs, see EVPN VXLAN configuration in EVPN Configuration Guide.
Examples
# Create node 10 in permit mode for routing policy policy1 to match BGP EVPN routes that have an L3 VNI of 8.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match l3-vni 8
if-match local-preference
Use if-match local-preference to match BGP routes that have the specified local preference.
Use undo if-match local-preference to restore the default.
Syntax
if-match local-preference preference
undo if-match local-preference
Default
No local preference match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
preference: Specifies a local preference in the range of 0 to 4294967295.
Usage guidelines
The local preference is used to determine the optimal route for traffic leaving the local AS. After a BGP router obtains multiple routes with the same destination and different next hops from several IBGP peers, it preferentially selects the route with the highest local preference as the optimal route.
For more information about the local preference, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Create node 10 in permit mode for routing policy policy1 to match BGP routes that have a local preference of 2.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match local-preference 2
if-match mpls-label
Use if-match mpls-label to set the MPLS label match criterion.
Use undo if-match mpls-label to restore the default.
Syntax
if-match mpls-label
undo if-match mpls-label
Default
No MPLS label match criterion is set.
Views
Predefined user roles
network-admin
Examples
# Configure node 10 in permit mode for routing policy policy1 to match routes that have MPLS labels.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match mpls-label
if-match rd-list
Use if-match rd-list to match routes whose RD matches the specified RD list.
Use undo if-match rd-list to remove the specified RD list match criterion.
Syntax
if-match rd-list rd-list-number
undo if-match rd-list
Default
No RD list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
rd-list-number: Specifies an RD list by its number in the range of 1 to 65535.
Usage guidelines
Use this command in conjunction with the ip rd-list command to configure RD-based criteria for route filtering. If the RD list specified by this command does not exist, first use the ip rd-list command to create the RD list.
For more information about RDs, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy rp1 to match routes whose RD matches RD list 1..
<Sysname> system-view
[Sysname] ip rd-list 1 permit 1:1
[Sysname] route-policy rp1 permit node 10
[Sysname-route-policy-rp1-10] if-match rd-list 1
Related commands
ip rd-list
if-match route-type
Use if-match route-type to set a route-type match criterion.
Use undo if-match route-type to remove the specified route-type match criterion.
Syntax
if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 } *
undo if-match route-type [ external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 ] *
Default
No route-type match criterion is set.
Views
Predefined user roles
network-admin
Parameters
external-type1: Matches OSPF Type 1 external routes.
external-type1or2: Matches OSPF Type 1 and Type 2 external routes.
external-type2: Matches OSPF Type 2 external routes.
internal: Matches OSPF internal routes (including OSPF intra-area and inter-area routes).
is-is-level-1: Matches IS-IS Level-1 routes.
is-is-level-2: Matches IS-IS Level-2 routes.
nssa-external-type1: Matches OSPF NSSA Type 1 external routes.
nssa-external-type1or2: Matches OSPF NSSA Type 1 and 2 external routes.
nssa-external-type2: Matches OSPF NSSA Type 2 external routes.
Examples
# Configure node 10 in permit mode for routing policy policy1 to match OSPF internal routes.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match route-type internal
if-match rpki
Use if-match rpki to set the BGP RPKI validation state match criterion.
Use undo if-match rpki to restore the default.
Syntax
if-match rpki { invalid | not-found | valid }
undo if-match rpki
Default
No BGP RPKI validation state match criterion is set.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
invalid: Matches BGP routes whose BGP RPKI validation state is Invalid.
not-found: Matches BGP routes whose BGP RPKI validation state is Not found.
valid: Matches BGP routes whose BGP RPKI validation state is Valid.
Usage guidelines
The BGP Resource Public Key Infrastructure (RPKI) feature enables BGP to validate the origin AS of a route and determine whether to use and advertise the route based on the validation state.
For more information about BGP RPKI, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure node 10 in permit mode for routing policy policy1 to match BGP routes whose BGP RPKI validation state is Valid.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match rpki valid
if-match tag
Use if-match tag to match IGP routes that have the specified tag.
Use undo if-match tag to restore the default.
Syntax
if-match tag tag-value
undo if-match tag
Default
No tag match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
tag-value: Specifies a tag in the range of 0 to 4294967295.
Examples
# Configure node 10 in permit mode for routing policy policy1 to match IGP routes that have a tag of 8.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match tag 8
ip as-path
Use ip as-path to configure an AS path list.
Use undo ip as-path to remove an AS path list.
Syntax
ip as-path { as-path-number | as-path-name } { deny | permit } regular-expression
undo ip as-path { as-path-number | as-path-name } [ regular-expression | deny | permit ]
Default
No AS path lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
as-path-number: Specifies an AS path list number in the range of 1 to 256.
as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The name cannot contain only digits.
deny: Specifies the match mode for the AS path list as deny.
permit: Specifies the match mode for the AS path list as permit.
regular-expression: Specifies an AS path regular expression, a string of 1 to 63 characters.
Usage guidelines
The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.
You can use this command to specify a regular expression for AS_PATH-based BGP route filtering. An AS path regular expression, for example, ^200.*100$, matches the AS_PATH attribute that starts with AS 200 and ends with AS 100.
For more information about regular expressions, see routing policy configuration in Layer 3—IP Routing Configuration Guide. For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure AS path list 1 to permit routes whose AS_PATH attribute starts with 10.
<Sysname> system-view
[Sysname] ip as-path 1 permit ^10
Related commands
apply as-path
display ip as-path
if-match as-path
ip community-list
Use ip community-list to configure a community list.
Use undo ip community-list to remove a community list.
Syntax
ip community-list { basic-comm-list-num | basic basic-comm-list-name } { deny | permit } [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] *
undo ip community-list { basic-comm-list-num | basic basic-comm-list-name } [ deny | permit ] [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] *
ip community-list { adv-comm-list-num | advanced adv-comm-list-name } { deny | permit } regular-expression
undo ip community-list { adv-comm-list-num | advanced adv-comm-list-name } [ deny | permit ] [ regular-expression ]
Default
No community lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
basic-comm-list-num: Specifies a basic community list number in the range of 1 to 99.
basic basic-comm-list-name: Specifies a basic community list name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.
advanced adv-comm-list-name: Specifies an advanced community list name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.
adv-comm-list-num: Specifies an advanced community list number in the range of 100 to 199.
regular-expression: Specifies a regular expression for the advanced community list, a string of 1 to 63 characters. For more information about regular expressions, see routing policy configuration in Layer 3—IP Routing Configuration Guide.
deny: Specifies the match mode for the community list as deny.
permit: Specifies the match mode for the community list as permit.
community-number&<1-32>: Specifies a community sequence number in the range of 1 to 4294967295. &<1-32> indicates that you can specify a maximum of 32 community sequence numbers.
aa:nn&<1-32>: Specifies a community number. Both aa and nn are in the range of 0 to 65535. &<1-32> indicates that you can specify a maximum of 32 community numbers.
internet: Specifies the INTERNET community attribute. Routes with this attribute can be advertised to all BGP peers. By default, all routes have this attribute.
no-advertise: Specifies the NO_ADVERTISE community attribute. Routes with this attribute cannot be advertised to other BGP peers.
no-export: Specifies the NO_EXPORT community attribute. Routes with this attribute cannot be advertised out of the local AS or the local confederation but can be advertised to other ASs in the confederation.
no-export-subconfed: Specifies the NO_EXPORT_SUBCONFED community attribute. Routes with this attribute cannot be advertised out of the local AS, or to other sub-ASs in the local confederation.
A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. Use this command to configure community lists for flexible control over routing policies.
For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.
Examples
# Configure basic community list 1 to permit routes with the INTERNET community attribute.
<Sysname> system-view
[Sysname] ip community-list 1 permit internet
# Configure advanced community list 100 to permit routes with the COMMUNITY attribute starting with 10.
<Sysname> system-view
[Sysname] ip community-list 100 permit ^10
Related commands
apply comm-list delete
apply community
display ip community-list
if-match community
ip extcommunity-list
Use ip extcommunity-list to configure an extended community list.
Use undo ip extcommunity-list to remove an extended community list.
Syntax
ip extcommunity-list ext-comm-list-number [ index index-number ] { deny | permit } { bandwidth link-bandwidth-value | rt route-target | soo site-of-origin }&<1-32>
undo ip extcommunity-list ext-comm-list-number [ index index-number ] [ { deny | permit } [ bandwidth link-bandwidth-value | rt route-target | soo site-of-origin ]&<1-32> ]
Default
No extended community lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.
index index-number: Specifies an index number for an extended community list entry, in the range of 1 to 4294967295. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 1 and increases by 1 for each of the consecutive extended community list items.
deny: Specifies the match mode for the extended community list as deny.
permit: Specifies the match mode for the extended community list as permit.
bandwidth link-bandwidth-value: Specifies a link bandwidth attribute value. The value for this argument is a string of 3 to 16 characters in 16-bit AS number:32-bit user-defined number format, for example, 100:3. The value range is 0 to 65535 for an AS number and is 0 to 4294967295 for a user-defined number.
rt route-target: Specifies a space-separated list of up to 32 RT extended community attribute items. Each item is a string of 3 to 21 characters.
soo site-of-origin: Specifies a space-separated list of up to 32 SoO extended community attribute items. Each item is a string of 3 to 21 characters.
An RT or SoO attribute has the following forms:
· 16-bit AS number:32-bit self-defined number. For example, 101:3. The AS number is in the range of 0 to 65535, and the self-defined number is in the range of 0 to 4294967295.
· 32-bit IP address:16-bit self-defined number. For example, 192.168.122.15:1. The self-defined number is in the range of 0 to 65535.
· 32-bit AS number:16-bit self-defined number. For example, 70000:3. The AS number is in the range of 65536 to 4294967295, and the self-defined number is in the range of 0 to 65535.
Usage guidelines
Application scenarios
Extended community lists are used to filter routes.
Operating mechanism
You can configure multiple entries for an extended community list. The relationship between the entries is logical OR. A route matches the extended community list as long as it matches one entry in the list. A route matches an entry only if it matches all attributes in the entry.
To view detailed extended community list information, use the display ip extcommunity-list command.
Restrictions and guidelines
If you specify an existing extended community list by its number or name when executing this command, you can add a new entry or edit an existing entry:
· If you do not specify the index index-number option or specify an entry index that does not exist, this command adds a new entry to the list.
· If you specify an existing entry index, this command edits the specified entry. If you execute this command multiple times for an extended community list entry, the most recent configuration takes effect.
Examples
# Configure extended community list 3 to permit routes with the link bandwidth extended community attribute 100:100.
<Sysname> system-view
[Sysname] ip extcommunity-list 3 permit bandwidth 100:100
# Configure extended community list 1 to permit routes with RT 200:200.
<Sysname> system-view
[Sysname] ip extcommunity-list 1 permit rt 200:200
# Configure extended community list 2 to permit routes with SoO 100:100.
<Sysname> system-view
[Sysname] ip extcommunity-list 2 permit soo 100:100
apply extcommunity
display ip extcommunity-list
if-match extcommunity
ip rd-list
Use ip rd-list configure an RD list.
Use undo ip rd-list to remove an RD list.
Syntax
ip rd-list rd-list-number [ index index-number ] { deny | permit } route-distinguisher&<1-10>
undo ip rd-list rd-list-number [ index index-number ] [ { deny | permit } route-distinguisher&<1-10> ]
Default
No RD lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
rd-list-number: Specifies an RD list by its number in the range of 1 to 65535.
index index-number: Specifies an index number for an RD list item, in the range of 1 to 4294967295. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive RD list items.
deny: Specifies the deny mode. If a route matches the item, the route is denied without being compared with the next item. If a route does not match the item, the route is compared with the next item.
permit: Specifies the permit mode. If a route matches the item, it passes the RD list. If a route does not match the item, the route is compared with the next item.
route-distinguisher&<1-10>: Specifies a list of up to 10 RD list items. Each item is a string of 3 to 21 characters.
An RD has the following forms:
· 16-bit AS number:32-bit self-defined number. For example, 101:3.
· 16-bit AS number:wildcard character. For example, 101:*.
· 32-bit IP address:16-bit self-defined number. For example, 192.168.122.15:1.
· 32-bit IP address:wildcard character. For example, 192.168.122.15:*.
· 32-bit AS number:16-bit self-defined number. For example, 65536:1. The minimum AS number is 65536.
· 32-bit AS number:wildcard character. For example, 65536:*. The minimum AS number is 65536.
Usage guidelines
An RD list matches the RDs of BGP routes. An RD list is identified by an RD list number and can contain multiple items that specify RD ranges. The relationship between the items is logical OR. A route matches the RD list if it matches one item in the list. A route does not match the RD list if it does not match any items in the list.
To filter routes by RD, use the ip rd-list command together with the if-match rd-list command. If you specify a nonexistent RD list for the if-match rd-list command, all routes pass the RD match criterion.
For more information about RDs, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.
Examples
# Configure RD list 1 to permit routes with RD 100: 1.
<Sysname> system-view
[Sysname] ip rd-list 1 permit 100:1
Related commands
display ip rd-list
if-match rd-list
reset ip as-path
Use reset ip as-path to clear BGP AS path list statistics.
Syntax
reset ip as-path [ as-path-number | as-path-name ]
Views
User view
Predefined user roles
network-admin
Parameters
as-path-number: Specifies an AS path list by its number in the range of 1 to 256.
as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The name cannot contain only digits.
Usage guidelines
If you do not specify any arguments, this command clears statistics about all BGP AS path lists.
Examples
# Clear statistics about BGP AS path list abc.
<Sysname> reset ip as-path abc
Related commands
display ip as-path
route-policy
Use route-policy to create a routing policy and a node and enter routing policy node view, or enter the view of an existing routing policy node.
Use undo route-policy to remove a routing policy or a node of it.
Syntax
route-policy route-policy-name { deny | permit } node node-number
undo route-policy route-policy-name [ deny | permit ] [ node node-number ]
Default
No routing policies exist.
Views
System view
Predefined user roles
network-admin
Parameters
route-policy-name: Specifies a routing policy name, a case-sensitive string of 1 to 63 characters.
deny: Specifies the deny match mode for the routing policy node. If a route matches all the if-match clauses of the node, it is denied without being compared with the next node. If a route does not match any if-match clauses of the node, the route is compared with the next node.
permit: Specifies the permit match mode for the routing policy node. If a route matches all the if-match clauses of the node, it is handled by the apply clauses of the node. If a route does not match any if-match clauses of the node, the route is compared with the next node.
node node-number: Specifies a node number in the range of 0 to 65535. A node with a smaller number is matched first.
Usage guidelines
Application scenarios
Use a routing policy to filter routing information.
Operating mechanism
A routing policy can contain several nodes and each node contains a set of if-match and apply clauses. The if-match clauses define the match criteria of the node and the apply clauses define the actions to be taken on packets matching the criteria. The relation between the if-match clauses of different types is logical AND and the relation between the if-match clauses of the same type is logical OR. if-match clauses of all types must be met. The relation between nodes is logical OR. A packet passing a node passes the routing policy. If a packet does not pass any nodes, the packet does not pass the routing policy.
Examples
# Create node 10 in permit mode for routing policy policy1 and enter routing policy node view.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10]
Related commands
display route-policy
route-policy-change delay-time
Use route-policy-change delay-time to set the routing policy change delay timer.
Use undo route-policy-change delay-time to restore the default.
Syntax
route-policy-change delay-time { time-value | unlimited }
undo route-policy-change delay-time
Default
Routing policy changes immediately take effect, but the routing protocol waits five seconds before processing routes from the new routing policy.
Views
System view
Predefined user roles
network-admin
Parameters
time-value: Specifies the routing policy change delay timer in the range of 60 to 3600 seconds. When this delay timer expires, the routing protocol waits five seconds before processing routes from the new routing policy.
unlimited: Sets an infinite delay timer.
Usage guidelines
Application scenarios
This command makes a routing policy take effect after a delayed time interval, which prevents incomplete routing policy configuration from being issued to cause incorrect route advertisement.
Operating mechanism
A routing policy changes when one of the following events occurs:
· A routing policy is created.
· A routing policy node, if-match clause, or apply clause is added, modified, or deleted for a routing policy.
· An IPv4 prefix list, IPv6 prefix list, AS path list, community list, or extended community list is added, modified, or deleted.
· The ACL used by an if-match clause changes.
After you configure this command, the system automatically starts the timer when a routing policy changes. The changes will not take effect on the routing policy until the change delay timer expires.
Restrictions and guidelines
To have enough time to complete routing policy configuration, you can specify the unlimited keyword for the command. Then, execute the undo form of the command after you complete the configuration.
If you modify the routing policy change delay timer before it expires, the timer will be reset.
Examples
# Set the routing policy change delay timer to 60 seconds.
<Sysname> system-view
[Sysname] route-policy-change delay-time 6
IPv4 routing policy commands
apply fast-reroute
Use apply fast-reroute to set a backup link for fast reroute (FRR).
Use undo apply fast-reroute to restore the default.
Syntax
apply fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ip-address ] | backup-nexthop ip-address }
undo apply fast-reroute
Default
No backup link for FRR is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
backup-interface interface-type interface-number: Specifies a backup output interface by its type and number. If the specified interface is a non-P2P interface, you must also specify a backup next hop. Non-P2P interfaces include NBMA and broadcast interfaces.
backup-nexthop ip-address: Specifies a backup next hop.
Usage guidelines
This command sets a backup link in the routing policy for FRR.
Using the routing policy, a routing protocol can designate a backup link for specific routes to implement FRR. If the primary link is used as an optimal route, the backup link is issued to the FIB together with the primary link. When the primary link fails, FRR immediately directs packets to the backup link to minimize interruption time.
Examples
# Configure node 10 of routing policy policy1 to set the backup output interface VLAN-interface 1 and backup next hop 193.1.1.8 for the route destined for 100.1.1.0/24.
<Sysname> system-view
[Sysname] ip prefix-list abc index 10 permit 100.1.1.0 24
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ip address prefix-list abc
[Sysname-route-policy-policy1-10] apply fast-reroute backup-interface vlan-interface 1 backup-nexthop 193.1.1.8
apply ip-address next-hop
Use apply ip-address next-hop to set a next hop for IPv4 routes.
Use undo apply ip-address next-hop to restore the default.
Syntax
apply ip-address next-hop ip-address [ public | vpn-instance vpn-instance-name ]
undo apply ip-address next-hop
Default
No next hop is set for IPv4 routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the next hop IP address.
public: Specifies the public network.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the next hop belongs to the public network.
Usage guidelines
If you use this command to set a next hop for redistributed routes, the configuration does not take effect.
You can use the peer route-policy command to specify a routing policy to set the address of an indirectly connected interface as the next hop for routes from directly connected EBGP peers. In this situation, configuration of the peer ebgp-max-hop command is required. The command allows the establishment of an EBGP session to the indirectly connected peer. If you do not execute the peer ebgp-max-hop command, the next hop will be unreachable and services will be interrupted.
If you execute this command multiple times to set different next hops for IPv4 routes, the most recent configuration takes effect.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set next hop 193.1.1.8 for routes matching prefix list 100.
<Sysname> system-view
[Sysname] ip prefix-list 100 permit 192.168.10.1 24
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ip address prefix-list 100
[Sysname-route-policy-policy1-10] apply ip-address next-hop 193.1.1.8
display ip prefix-list
Use display ip prefix-list to display IPv4 prefix list statistics.
Syntax
display ip prefix-list [ name prefix-list-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all IPv4 prefix lists.
Examples
# Display the statistics for IPv4 prefix list abc.
<Sysname> display ip prefix-list name abc
Prefix-list: abc
Permitted 0
Denied 0
index: 10 Deny 6.6.6.0/24 ge 26 le 28
Table 7 Command output
|
Field |
Description |
|
Prefix-list |
Name of the IPv4 prefix list. |
|
Permitted |
Total number of routes that match the criterion and are permitted after the IPv4 prefix list was created. The value for this field is reset to zero after device reboot. |
|
Denied |
Total number of routes that match the criterion and are denied after the IPv4 prefix list was created. The value for this field is reset to zero after device reboot. |
|
index |
Index of an item. |
|
deny |
Match mode of the item: · Permit. · Deny. |
|
6.6.6.0/24 |
IP address and mask. |
|
ge |
Greater-equal, the lower mask length limit. |
|
le |
Less-equal, the upper mask length limit. |
Related commands
ip prefix-list
reset ip prefix-list
if-match ip
Use if-match ip to match IPv4 routes whose destination, next hop, or source address matches an ACL or IPv4 prefix list.
Use undo if-match ip to remove the specified ACL or IPv4 prefix list match criterion.
Syntax
if-match ip { address | next-hop | route-source } { acl ipv4-acl-number | prefix-list prefix-list-name }
undo if-match ip { address | next-hop | route-source } [ acl | prefix-list ]
Default
No ACL or IPv4 prefix list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
address: Matches the destination address of IPv4 routes.
next-hop: Matches the next hop of IPv4 routes.
route-source: Matches the source address of BGP routes. This keyword corresponds to the Neighbor field in the output from the display ip routing-table verbose command.
acl ipv4-acl-number: Specifies an ACL by its number. The value range for the ipv4-acl-number argument is 2000 to 3999 for the address keyword, and 2000 to 2999 for the next-hop keyword and route-source keyword.
prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters.
When you specify an IPv4 ACL, follow these guidelines:
· If the specified ACL does not exist or does not have any rules, all IPv4 routes can match the ACL.
· If a rule in the specified ACL is applied to a VPN instance, the rule does not take effect.
Examples
# Configure node 10 of routing policy policy1 to match IPv4 routes whose next hop matches IP prefix list p1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ip next-hop prefix-list p1
ip prefix-list
Use ip prefix-list to configure an IPv4 prefix list or an item for the list.
Use undo ip prefix-list to remove an IPv4 prefix list or an item of it.
Syntax
ip prefix-list prefix-list-name [ index index-number ] { deny | permit } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ]
undo ip prefix-list prefix-list-name [ index index-number ]
Default
No IPv4 prefix lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
prefix-list-name: Specifies an IPv4 prefix list name, a case-sensitive string of 1 to 63 characters.
index index-number: Specifies an index number for an IPv4 prefix list item, in the range of 1 to 65535. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive prefix list items.
deny: Specifies the deny mode. If a route matches the item, the route is denied without being compared with the next item. If a route does not match the item, the route is compared with the next item.
permit: Specifies the permit mode. If a route matches the item, it passes the IPv4 prefix list. If a route does not match the item, the route is compared with the next item.
ip-address mask-length: Specifies an IPv4 prefix and mask length. The value range for the mask-length argument is 0 to 32.
greater-equal min-mask-length, less-equal max-mask-length: Specifies a prefix length range. The greater-equal keyword means "greater than or equal to" and the less-equal keyword means "less than or equal to." The prefix length range relation is mask-length <= min-mask-length <= max-mask-length <= 32.
· If only the min-mask-length argument is specified, the prefix length range is [ min-mask-length, 32 ].
· If only the max-mask-length argument is specified, the prefix length range is [ mask-length, max-mask-length ].
· If both the min-mask-length and max-mask-length arguments are specified, the prefix length range is [ min-mask-length, max-mask-length ].
Usage guidelines
An IPv4 prefix list is used to filter IPv4 addresses. It can contain multiple items, each of which specifies a range of IPv4 prefixes. The relation between the items is logical OR. If an item is passed, the IPv4 prefix list is passed. If no item is passed, the IP prefix list cannot be passed.
If the ip-address mask-length argument is specified as 0.0.0.0 0, only the default route will be matched.
To match all routes, use 0.0.0.0 0 less-equal 32.
Examples
# Configure IP prefix list p1 to permit routes destined for network 10.0.0.0/8 and with mask length 17 or 18.
<Sysname> system-view
[Sysname] ip prefix-list p1 permit 10.0.0.0 8 greater-equal 17 less-equal 18
Related commands
display ip prefix-list
reset ip prefix-list
reset ip prefix-list
Use reset ip prefix-list to clear IPv4 prefix list statistics.
Syntax
reset ip prefix-list [ prefix-list-name ]
Views
User view
Predefined user roles
network-admin
Parameters
prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all IPv4 prefix lists.
Examples
# Clear the statistics for IPv4 prefix list abc.
<Sysname> reset ip prefix-list abc
Related commands
display ip prefix-list
ip prefix-list
IPv6 routing policy commands
apply ipv6 fast-reroute
Use apply ipv6 fast-reroute to set a backup link for fast reroute (FRR).
Use undo apply ipv6 fast-reroute to restore the default.
Syntax
apply ipv6 fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ipv6-address ] | backup-nexthop ipv6-address }
undo apply ipv6 fast-reroute
Default
No backup link for FRR is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
backup-interface interface-type interface-number: Specifies a backup output interface by its type and number. If the specified interface is a non-P2P interface, you must also specify a backup next hop. Non-P2P interfaces include NBMA and broadcast interfaces.
backup-nexthop ipv6-address: Specifies an IPv6 backup next hop.
Usage guidelines
This command sets a backup link in the routing policy for FRR.
Using the routing policy, a routing protocol can designate a backup link for specific routes to implement FRR. If the primary link is used as an optimal route, the backup link is issued to the FIB together with the primary link. When the primary link fails, FRR immediately directs packets to the backup link to minimize interruption time.
Examples
# Configure node 10 of routing policy policy1 to set the backup next hop 1::1/64 for the route destined for 100::1/64.
<Sysname> system-view
[Sysname] ipv6 prefix-list abc index 10 permit 100::1 64
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ipv6 address prefix-list abc
[Sysname-route-policy-policy1-10] apply ipv6 fast-reroute backup-nexthop 1::1
apply ipv6 next-hop
Use apply ipv6 next-hop to set a next hop for IPv6 routes.
Use undo apply ipv6 next-hop to restore the default.
Syntax
apply ipv6 next-hop ipv6-address
undo apply ipv6 next-hop
Default
No next hop is set for IPv6 routes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the next hop IPv6 address.
Usage guidelines
If you use this command to set a next hop for redistributed routes, the configuration does not take effect.
You can use the peer route-policy command to specify a routing policy to set the address of an indirectly connected interface as the next hop for routes from directly connected EBGP peers. In this situation, configuration of the peer ebgp-max-hop command is required. The command allows the establishment of an EBGP session to the indirectly connected peer. If you do not execute the peer ebgp-max-hop command, the next hop will be unreachable and services will be interrupted.
If you execute this command multiple times to set different next hops for IPv6 routes, the most recent configuration takes effect.
Examples
# Configure node 10 in permit mode for routing policy policy1 to set next hop 3ffe:506::1 for IPv6 routes matching prefix list 100.
<Sysname> system-view
[Sysname] ipv6 prefix-list 100 permit 2::2 64
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ipv6 address prefix-list 100
[Sysname-route-policy-policy1-10] apply ipv6 next-hop 3ffe:506::1
display ipv6 prefix-list
Use display ipv6 prefix-list to display IPv6 prefix list statistics.
Syntax
display ipv6 prefix-list [ name prefix-list-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all IPv6 prefix lists.
Examples
# Display the statistics for all IPv6 prefix lists.
<Sysname> display ipv6 prefix-list
Prefix-list6: 666
Permitted 0
Denied 0
index: 10 Permit 6::/64 ge 66 le 88
Table 8 Command output
|
Field |
Description |
|
Prefix-list6 |
Name of the IPv6 prefix list. |
|
Permitted |
Total number of routes that match the criterion and are permitted after the IPv6 prefix list was created. The value for this field is reset to zero after device reboot. |
|
Denied |
Total number of routes that match the criterion and are denied after the IPv6 prefix list was created. The value for this field is reset to zero after device reboot. |
|
index |
Index number of an item. |
|
permit |
Match mode of the item: · Permit. · Deny. |
|
6::/64 |
IPv6 address and prefix length for matching. |
|
ge |
Greater-equal, the lower prefix length limit. |
|
le |
Less-equal, the upper prefix length limit. |
Related commands
ipv6 prefix-list
reset ipv6 prefix-list
if-match ipv6
Use if-match ipv6 to match IPv6 routes whose destination, next hop, or source address matches an ACL or IPv6 prefix list.
Use undo if-match ipv6 to remove the specified ACL or IPv6 prefix list match criterion.
Syntax
if-match ipv6 { address | next-hop | route-source } { acl ipv6-acl-number | prefix-list prefix-list-name }
undo if-match ipv6 { address | next-hop | route-source } [ acl | prefix-list ]
Default
No ACL or IPv6 prefix list match criterion is configured.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
address: Matches the destination address of IPv6 routes.
next-hop: Matches the next hop of IPv6 routes.
route-source: Matches the source address of IPv6 routes.
acl ipv6-acl-number: Specifies an IPv6 ACL by its number. The value range for the ipv6-acl-number argument is 2000 to 3999 for the address keyword, and 2000 to 2999 for the next-hop keyword and the route-source keyword.
prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
When you specify an IPv6 ACL, follow these guidelines:
· If the specified ACL does not exist or does not have any rules, all IPv6 routes can match the ACL.
· If a rule in the specified ACL is applied to a VPN instance, the rule does not take effect.
Examples
# Configure node 10 of routing policy policy1 to permit routes whose next hop matches IPv6 prefix list p1.
<Sysname> system-view
[Sysname] route-policy policy1 permit node 10
[Sysname-route-policy-policy1-10] if-match ipv6 next-hop prefix-list p1
if-match ipv6 even-prefix-length
Use if-match ipv6 even-prefix-length to match IPv6 route prefixes of the specified length whose last bit is an even number.
Use undo if-match ipv6 even-prefix-length to restore the default.
Syntax
if-match ipv6 even-prefix-length prefix-length-number
undo if-match ipv6 even-prefix-length
Default
No match criterion is configured to match the length and last bit of IPv6 route prefixes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
prefix-length-number: Specifies a prefix length in the range of 1 to 128.
Examples
# Configure node 10 of routing policy rp1 to permit a route if its prefix length is 64 and the last bit of its prefix is an even number.
<Sysname> system-view
[Sysname] route-policy rp1 permit node 10
[Sysname-route-policy-rp1-10] if-match ipv6 even-prefix-length 64
if-match ipv6 odd-prefix-length
Use if-match ipv6 odd-prefix-length to match IPv6 route prefixes of the specified length whose last bit is an odd number.
Use undo if-match ipv6 odd-prefix-length to restore the default.
Syntax
if-match ipv6 odd-prefix-length prefix-length-number
undo if-match ipv6 odd-prefix-length
Default
No match criterion is configured to match the length and last bit of IPv6 route prefixes.
Views
Routing policy node view
Predefined user roles
network-admin
Parameters
prefix-length-number: Specifies a prefix length in the range of 1 to 128.
Examples
# Configure node 10 of routing policy rp1 to permit a route if its prefix length is 64 and the last bit of its prefix is an odd number.
<Sysname> system-view
[Sysname] route-policy rp1 permit node 10
[Sysname-route-policy-rp1-10] if-match ipv6 odd-prefix-length 64
ipv6 prefix-list
Use ipv6 prefix-list to configure an IPv6 prefix list or an item for it.
Use undo ipv6 prefix-list to remove an IPv6 prefix list or an item.
Syntax
ipv6 prefix-list prefix-list-name [ index index-number ] { deny | permit } ipv6-address { prefix-length [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] | inverse inverse-prefix-length }
undo ipv6 prefix-list prefix-list-name [ index index-number ]
Default
No IPv6 prefix lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
prefix-list-name: Specifies an IPv6 prefix list name, a case-sensitive string of 1 to 63 characters.
index index-number: Specifies an index number for an IPv6 prefix list item, in the range of 1 to 65535. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive IPv6 prefix list items.
deny: Specifies the deny mode. If a route matches the item, the route is denied without being compared with the next item. If a route does not match the item, the route is compared with the next item.
permit: Specifies the permit mode. If a route matches the item, it passes the IPv6 prefix list. If a route does not match the item, the route is compared with the next item.
ipv6-address: Specifies an IPv6 address.
prefix-length: Specifies the IPv6 prefix length. The value range for the prefix-length argument is 0 to 128.
greater-equal min-mask-length, less-equal max-mask-length: Specifies a prefix length range. The greater-equal keyword means "greater than or equal to" and the less-equal keyword means "less than or equal to."
The prefix length range relation is mask-length <= min-mask-length <= max-mask-length <= 128.
· If only the min-prefix-length argument is specified, the prefix length range is [ min-prefix-length, 128 ].
· If only the max-prefix-length argument is specified, the prefix length range is [ prefix-length, max-prefix-length ].
· If both the min-prefix-length and max-prefix-length arguments are specified, the prefix length range is [ min-prefix-length, max-prefix-length ].
inverse inverse-prefix-length: Matches IPv6 addresses from the least significant bit to the specified length. The value range for the inverse-prefix-length argument is 1 to 128.
Usage guidelines
An IPv6 prefix list is used to filter IPv6 addresses. An IPv6 prefix list can have multiple items, and each of them specifies a range of IPv6 prefixes. The relation between the items is logical OR. A route passing an item passes the IPv6 prefix list. A route passing no item does not pass the IPv6 prefix list.
If the ipv6-address prefix-length argument is specified as :: 0, only the default route matches.
To match all routes, configure :: 0 less-equal 128.
Examples
# Permit IPv6 addresses with a mask length between 32 bits and 64 bits.
<Sysname> system-view
[Sysname] ipv6 prefix-list abc permit :: 0 greater-equal 32 less-equal 64
# Deny IPv6 addresses with a prefix 3FFE:D00::/32 and a prefix length greater than or equal to 32 bits.
<Sysname> system-view
[Sysname] ipv6 prefix-list abc deny 3FFE:D00:: 32 less-equal 128
Related commands
display ipv6 prefix-list
reset ipv6 prefix-list
reset ipv6 prefix-list
Use reset ipv6 prefix-list to clear IPv6 prefix list statistics.
Syntax
reset ipv6 prefix-list [ prefix-list-name ]
Views
User view
Predefined user roles
network-admin
Parameters
prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all IPv6 prefix lists.
Examples
# Clear the statistics for IPv6 prefix list abc.
<Sysname> reset ipv6 prefix-list abc
Related commands
display ipv6 prefix-list
ipv6 prefix-list
