An Accumulated Interior Gateway Protocol (AIGP) administrative domain is a collection of multiple ASs that run the same IGP under one administrative department. Within the domain, BGP accumulates the IGP metrics all along the forwarding path for a route. Then, it uses the accumulated value as the AIGP attribute for the route to implement metric-based route selection.

For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set the AIGP attribute to 10 for BGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply aigp 10

Related commands

peer aigp

apply as-path

Use apply as-path to set the AS_PATH attribute for BGP routes.

Use undo apply as-path to restore the default.

Syntax

apply as-path { as-number&<1-32> [ delete | replace ] | clear }

undo apply as-path

Default

No AS_PATH attribute is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

as-number&<1-32>: Specifies an AS by its number. The value range for the AS number in integer format is 1 to 4294967295, and the value range for the AS number in dotted decimal format is 0.1 to 65535.65535. &<1-32> indicates that you can specify a maximum of 32 AS numbers.

delete: Deletes the specified AS numbers from the original AS_PATH attribute.

replace: Replaces the original AS numbers with the specified AS numbers. If you do not specify this keyword, the command adds the specified AS numbers before the original AS_PATH attribute.

clear: Clears the original AS numbers.

Usage guidelines

Use this command to add or edit the AS_PATH attribute for BGP routes.

The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.

For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to add AS number 200 before the original AS_PATH attribute of BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply as-path 200

Related commands

display ip as-path

if-match as-path

ip as-path

apply comm-list delete

Use apply comm-list delete to delete the COMMUNITY attributes from BGP routes.

Use undo apply comm-list to restore the default.

Syntax

apply comm-list { comm-list-number | comm-list-name } delete

undo apply comm-list

Default

No COMMUNITY attributes are deleted from BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

comm-list-number: Specifies a basic community list by its number in the range of 1 to 99 or an advanced community list by its number in the range of 100 to 199.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.

Usage guidelines

Application scenarios

A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. After you configure this command, the COMMUNITY attributes in the specified community list will be deleted from BGP routes.

For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Restrictions and guidelines

You must specify an existing community list when executing this command. To configure a community list, use the ip community-list command.

Examples

# Configure node 10 in permit mode for routing policy policy1 to delete the COMMUNITY attributes specified in community list 1 from BGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply comm-list 1 delete

Related commands

ip community-list

apply community

Use apply community to set the COMMUNITY attribute for BGP routes.

Use undo apply community to remove the specified COMMUNITY attribute for BGP routes.

Syntax

apply community { none | additive | { community-number&<1-32> | aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] }

undo apply community [ none | additive | { community-number&<1-32> | aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] ]

Default

No COMMUNITY attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

none: Removes the COMMUNITY attributes of BGP routes.

community-number&<1-32>: Specifies a community sequence number in the range of 1 to 4294967295. &<1-32> indicates that you can specify a maximum of 32 community sequence numbers.

aa:nn&<1-32>: Specifies a community number. Both aa and nn are in the range of 0 to 65535. &<1-32> indicates that you can specify a maximum of 32 community numbers.

internet: Sets the INTERNET community attribute for BGP routes. Routes with this attribute can be advertised to all BGP peers. By default, all routes have this attribute.

no-advertise: Sets the NO_ADVERTISE community attribute for BGP routes. Routes with this attribute cannot be advertised to any peers.

no-export: Sets the NO_EXPORT community attribute for BGP routes. Routes with this attribute cannot be advertised out of the AS or confederation, but can be advertised to other sub-ASs in the confederation.

no-export-subconfed: Sets the NO_EXPORT_SUBCONFED community attribute for BGP routes. Routes with this attribute cannot be advertised out of the local AS or to other sub-ASs in the confederation.

additive: Adds the specified COMMUNITY attribute to the original COMMUNITY attribute of BGP routes.

Usage guidelines

A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. Use this command to set the COMMUNITY attribute for BGP routes.

For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 16 in permit mode for routing policy setcommunity to set the NO_EXPORT community attribute for BGP routes.

<Sysname> system-view

[Sysname] route-policy setcommunity permit node 16

[Sysname-route-policy-setcommunity-16] apply community no-export

Related commands

if-match community

ip community-list

apply cost

Use apply cost to set a cost for routes.

Use undo apply cost to restore the default.

Syntax

apply cost [ + | - ] cost-value

undo apply cost

Default

No cost is set for routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

+: Increases a cost value.

-: Decreases a cost value.

cost-value: Specifies a cost in the range of 0 to 4294967295.

Usage guidelines

Use this command to set a cost for routes and control the route selection order. For example, when the next hop of a route is in unfavorable link bandwidth condition, you can use this command to increase the cost value for that route.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a cost of 120 for OSPF external routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match route-type external-type1or2

[Sysname-route-policy-policy1-10] apply cost 120

apply cost-type

Use apply cost-type to set a cost type for routes.

Use undo apply cost-type to restore the default.

Syntax

apply cost-type { external | internal | type-1 | type-2 }

undo apply cost-type

Default

No cost type is set for routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

external: Sets the cost type to IS-IS external route.

internal: Sets the cost type to IS-IS internal route, or sets the MED value for a matching BGP route to the IGP metric of the route's next hop.

type-1: Sets the cost type to OSPF Type-1 external route.

type-2: Sets the cost type to OSPF Type-2 external route.

Usage guidelines

For IS-IS, the apply cost-type internal command sets the cost type for a matching IS-IS route to IS-IS internal route.

For BGP, the apply cost-type internal command sets the MED for a matching BGP route learned from an IBGP peer to the IGP metric of the route's next hop. The MED is modified when BGP advertises the route to an EBGP peer.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set the cost type for routes that have a tag of 8 to OSPF Type-1 external route.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match tag 8

[Sysname-route-policy-policy1-10] apply cost-type type-1

apply esi

Use apply esi to specify the Ethernet segment identifier (ESI) for BGP routes.

Use undo apply esi to remove the configuration.

Syntax

apply esi esi-id

undo apply esi

Default

No ESI is specified for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

esi-id: Specifies an ESI in the format of xxxx.xxxx.xxxx.xxxx.xxxx. Each x is a hexadecimal digit. The specified ESI must start with c8 and cannot contain only 0s or Fs.

Usage guidelines

In iSec scenarios, you can use this command to specify the ESI for IP prefix routes. The ESI is used for associating IP prefix routes with EVPN Ethernet auto-discovery routes that carry the iSec attribute.

For more information about iSec, see iSec c onfiguration in Security Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to add ESI c800.1111.2200.0000.0000 to BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply esi c800.1111.2200.0000.0000

apply extcommunity

Use apply extcommunity to set the extended community attribute for BGP routes.

Use undo apply extcommunity to remove the specified extended community attribute for BGP routes.

Syntax

apply extcommunity { bandwidth link-bandwidth-value | { rt route-target }&<1-32> } [ additive ]

undo apply extcommunity [ bandwidth link-bandwidth-value | { rt route-target }&<1-32> ]

Default

No extended community attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

bandwidth link-bandwidth-value: Sets the link bandwidth extended community attribute, a string of 3 to 16 characters. The link-bandwidth-value argument is in the 16-bit AS number:32-bit user-defined number format, for example, 100:3. The AS number is in the range of 0 to 65535, and the user-defined number is in the range of 0 to 4294967295.

{ rt route-target }&<1-32>: Sets the RT extended community attribute, a string of 3 to 24 characters. &<1-32> indicates that you can specify a maximum of 32 RT extended community attributes.

An RT attribute has the following forms:

· 16-bit AS number in integer format:32-bit user-defined number, for example, 101:3. The AS number is in the range of 0 to 65535, and the user-defined number is in the range of 0 to 4294967295.

· 1 6-bit AS number in dotted format:32-bit user-defined number. For example, 0.1:1. The AS number range is 0.1 to 0.65535.

· 32-bit IP address:16-bit user-defined number, for example, 192.168.122.15:1. The user-defined number is in the range of 0 to 65535.

· 32-bit AS number in integer format:16-bit user-defined number, for example, 70000:3. The AS number is in the range of 65536 to 4294967295, and the user-defined number is in the range of 0 to 65535.

· 32-bit IP address/IPv4 address mask length:16-bit user-defined number, for example, 192.168.122.15/24:1.

· 32-bit A S number in dotted format:16-bit user-defined number, for example, 10.1:1. The minimum AS number is 1.0.

additive: Adds the specified attribute to the original extended community attribute.

Usage guidelines

Use this command to configure the link bandwidth or RT extended community attribute for BGP routes.

· The link bandwidth attribute is used for BGP route-based Unequal Cost Multiple Path (UCMP) load balancing. For information about the link bandwidth attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

· Route target (also called VPN target) attributes are used to control the advertisement of VPN routing information. For more information about the route target attribute, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to add the RT extended community attribute 100:2 to BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply extcommunity rt 100:2 additive

# Configure node 10 in permit mode for routing policy policy1 to add the link bandwidth extended community attribute 100:2 to BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply extcommunity bandwidth 100:2 additive

apply extcommunity color

Use apply extcommunity color to set the color extended community attribute for BGP routes.

Use undo apply extcommunity color to remove the specified color extended community attribute for BGP routes.

Syntax

apply extcommunity color color [ additive ]

undo apply extcommunity color

Default

No color extended community attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

color color: Sets the color extended community attribute, a string of 4 to 13 characters. The value of the color argument is in the Color-Only (CO) bit:color-value format, for example, 10:3. The value of the CO bit must be a binary number in the range of 00 to 11, and the value range for color-value is 0 to 4294967295.

additive: Adds the specified color extended community attribute to the original color extended community attribute of BGP routes. If you do not specify this keyword, the specified color attribute replaces the original color attribute of BGP routes.

Usage guidelines

Application scenarios

Use this command to configure the color extended community attribute for BGP routes. Color attributes are used to distinguish multiple SR-MPLS TE policies or SRv6 TE policies with the same source and destination nodes.

Operating mechanism

When a packet matches a BGP route, the device uses the color value and the next hop address of the BGP route to search for a matching SR-MPLS TE or SRv6 TE policy to forward the packet. The largest one is used for searching if the route contains multiple color values. Whether the next hop address of the route can match the endpoint address of an SR-MPLS TE or SRv6 TE policy depends on the value of CO bit as follows:

· If the CO bit value is 00 or 11, they can match when they are the same.

· If the CO bit value is 01, the route searches for a matching SR-MPLS TE or SRv6 TE policy in the following sequence:

a. The route matches an SR-MPLS TE or SRv6 TE policy whose endpoint address is the same as its next hop address.

b. The route matches an SR-MPLS TE or SRv6 TE policy based on its next hop address type as follows:

- If the next hop address type is IPv4 , the route matches an SR-MPLS TE policy whose endpoint address is 0.0.0.0.

- If the next hop address type is IPv6, the route matches an SRv6 TE policy whose endpoint address is ::.

· If the CO bit value is 10, the route searches for a matching SR-MPLS TE or SRv6 TE policy in the following sequence:

c. The route matches an SR-MPLS TE or SRv6 TE policy whose endpoint address is the same as its next hop address.

d. The route matches an SR-MPLS TE or SRv6 TE policy based on its next hop address type as follows:

- If the next hop address type is IPv4, the route matches an SR-MPLS TE policy whose endpoint address is 0.0.0.0.

- If the next hop address type is IPv6, the route matches an SRv6 TE policy whose endpoint address is ::.

e. The route matches an SR-MPLS TE or SRv6 TE policy with the lowest endpoint address.

If an SR-MPLS TE or SRv6 TE policy is matched, the device uses the policy to forward packets that matches the route. If no policies are matched, the device uses the route for packet forwarding.

For more information about color attributes, SR-MPLS TE policies, or SRv6 TE policies, see SR-MPLS TE policy configuration or SRv6 TE policy configuration in Segment Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to add color extended community attribute 10:20 to BGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply extcommunity color 10:20 additive

apply extcommunity soo

Use apply extcommunity soo to set the Site of Origin (SoO) extended community attribute for BGP routes.

Use undo apply extcommunity soo to remove the configuration.

Syntax

apply extcommunity soo site-of-origin&<1-32> [ additive ]

undo apply extcommunity soo

Default

No SoO extended community attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

site-of-origin&<1-32>: Sets the SoO extended community attribute, a string of 3 to 24 characters. &<1-32> indicates that you can specify a maximum of 32 SoO extended community attributes.

An SoO attribute has the following forms:

· 16-bit AS number in integer format:32-bit user-defined number, for example, 101:3. The AS number is in the range of 0 to 65535, and the user-defined number is in the range of 0 to 4294967295.

· 16-bit AS number in dotted format:32-bit user-defined number. For example, 0.1:1. The AS number range is 0.1 to 0.65535.

· 32-bit IP address:16-bit user-defined number, for example, 192.168.122.15:1. The user-defined number is in the range of 0 to 65535.

· 32-bit IP address/IPv4 address mask length:16-bit user-defined number, for example, 192.168.122.15/24:1.

· 32-bit AS number in dotted format:16-bit user-defined number, for example, 10.1:1. The minimum AS number is 1.0.

additive: Adds the specified SoO attribute to the original SoO attribute of BGP routes. If you do not specify this keyword, the specified SoO attribute replaces the original SoO attribute of BGP routes.

Usage guidelines

Use this command to configure the SoO extended community attribute for BGP routes.

The SoO attribute specifies the site where the route originated. It prevents advertising a route back to the originating site. If the AS-path attribute is lost, the router can use the SoO attribute to avoid routing loops.

For information about the SoO attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to add the SoO extended community attribute 1:100 to BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply extcommunity soo 1:100 additive

apply flex-algo

Use apply flex-algo to set a flexible algorithm ID for routes.

Use undo apply flex-algo to restore the default.

Syntax

apply flex-algo flex-algo-id

undo apply flex-algo

Default

No flexible algorithm ID is configured for routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

flex-algo-id: Specifies a flexible algorithm ID in the range of 128 to 255.

Usage guidelines

Application scenarios

Flexible algorithms enable users to define separate topologies for path calculation. They are mainly used in SR networks.

Restrictions and guidelines

NOTE:

In the current software version, f lexible algorithm ID configuration is supported only for redistributed IPv6 IS-IS and BGP routes.

‌

When you apply flexible algorithms to an SRv6 network, each flexible algorithm calculates routes independently. To redistribute the routes calculated in a flexible algorithm topology (topology k2) to another (topology k1), perform the following task:

1. Configure a routing policy that contains an apply flex-algo clause. The flexible algorithm ID specified in that apply clause is the flexible algorithm ID of topology k1.

2. Enter the IS-IS IPv6 unicast view of the edge nodes in topologies k1 and k2, and then specify the routing policy above in the import-route command to filter redistributed routes.

In this example, you need to configure route redistribution for the IS-IS process that participates in the route calculation of topology k1.

The task above can redistribute only the IPv6 IS-IS routes calculated by topology k2 to topology k1. The IPv6 IS-IS routes not calculated by flexible algorithm will not be redistributed. The algorithm ID range for a flexible algorithm route is 128 to 255. The algorithm ID of a non-flexible algorithm route is fixed at 0.

· The routing policy sets the algorithm ID of an IPv6 IS-IS route to the flexible algorithm ID of topology k1 if the following conditions exist:

¡ The route passes the routing policy specified in the import-route command.

¡ The algorithm ID of the route is in the range of 128 to 255.

· If the algorithm ID of an IPv6 IS-IS route is 0, the routing policy does not set the algorithm ID of the route to the flexible algorithm ID of topology k1. As a result, the route cannot be redistributed to topology k1.

When the edge node redistributes the IPv6 BGP routes of topology k2 to topology k1, the routing policy specified in the import-route command filters those routes. The routing policy will add the flexible algorithm ID of topology k1 to the IPv6 BGP routes that pass the routing policy.

For information about flexible algorithms, see IS-IS configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Set the flexible algorithm ID to 128 for routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply flex-algo 128

Related commands

import-route (Layer 3—IP Routing Command Reference)

apply gateway-ip

Use apply gateway-ip to configure a gateway address for EVPN IP prefix advertisement routes.

Use undo apply gateway-ip to restore the default.

Syntax

apply gateway-ip { ip-address | origin-nexthop }

undo apply gateway-ip

Default

No gateway address is configured for EVPN IP prefix advertisement routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

ip-address: Specifies an IP address in dotted decimal notation.

origin-nexthop: Configures the next hop of the route as the gateway address.

Usage guidelines

Use this command in EVPN networks to set the Gateway IP Address field (IPv4) of EVPN IP prefix advertisement routes.

Examples

# Configure the next hop of the route as the gateway address

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply gateway-ip origin-nexthop

Related commands

apply ipv6 gateway-ip

apply ip-precedence

Use apply ip-precedence to set an IP precedence for matching routes.

Use undo apply ip-precedence to restore the default.

Syntax

apply ip-precedence { value | clear }

undo apply ip-precedence

Default

No IP precedence is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

value: Specifies an IP precedence in the range of 0 to 7. Each precedence value corresponds to a precedence type, as shown in Table 1. When you specify the value argument, you can enter either a precedence value or a precedence type.

Table 1 IP precedence values and their corresponding types

Precedence value	Precedence type
0	routine
1	priority
2	immediate
3	flash
4	flash-override
5	critical
6	internet
7	network

‌

clear: Clears the IP precedence of matching routes.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set an IP precedence of 3 for BGP routes matching extended community list 100.

<Sysname> system-view

[Sysname] ip extcommunity-list 100 permit rt 100:100

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match extcommunity 100

[Sysname-route-policy-policy1-10] apply ip-precedence 3

apply ipv6 gateway-ip

Use apply ipv6 gateway-ip to configure an IPv6 gateway address for EVPN IP prefix advertisement routes.

Use undo apply ipv6 gateway-ip to restore the default.

Syntax

apply ipv6 gateway-ip { ipv6-address | origin-nexthop }

undo apply ipv6 gateway-ip

Default

No IPv6 gateway address is configured for EVPN IP prefix advertisement routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address.

origin-nexthop: Configures the next hop of the route as the IPv6 gateway address.

Usage guidelines

Use this command in EVPN networks to set the Gateway IP Address field (IPv6) of EVPN IP prefix advertisement routes.

Examples

# Configure the next hop of the route as the IPv6 gateway address.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply ipv6 gateway-ip origin-nexthop

Related commands

apply gateway-ip

apply isis

Use apply isis to redistribute routes into the specified IS-IS level.

Use undo apply isis to restore the default.

Syntax

apply isis { level-1 | level-1-2 | level-2 }

undo apply isis

Default

No IS-IS level is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

level-1: Redistributes routes into IS-IS Level-1.

level-1-2: Redistributes routes into both IS-IS Level-1 and Level-2.

level-2: Redistributes routes into IS-IS Level-2.

Usage guidelines

IS-IS adopts a two-level hierarchical architecture to support large-scale networks. A large-scale routing domain is divided into multiple areas. Typically, a Level-1 router is deployed within an area. A Level-2 router is deployed between areas. A Level-1-2 router is deployed between Level-1 and Level-2 routers.

For more information about the two-level hierarchy, see IS-IS configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to redistribute routes that have a tag of 8 to IS-IS level-2.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match tag 8

[Sysname-route-policy-policy1-10] apply isis level-2

apply label-index

Use apply label-index to set a label index value.

Use undo apply label-index to restore the default.

Syntax

apply label-index index-value

undo apply label-index

Default

No label index value is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

index-value: Specifies a label index value in the range of 0 to 1048575.

Usage guidelines

Application scenarios

Use this command in an Segment Routing with MPLS (SR-MPLS) network to set the label index value for the prefix SID of routes. For routes redistributed to BGP, IS-IS, or OSPF , SR nodes calculate the prefix SID for them based on the label index value configured with this command.

For more information about SR-MPLS, see SR-MPLS configuration in Segment Routing Configuration Guide.

Restrictions and guidelines

The label index value specified by this command takes precedence over the label index value carried by the redistributed routes.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a label index value of 120 for BGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply label-index 120

apply label-value

Use apply label-value to set an SID value.

Use undo apply label-value to restore the default.

Syntax

apply label-value label-value

undo apply label-value

Default

No SID value is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

label-value: Specifies an SID value in the range of 16 to 1048575.

Usage guidelines

Use this command to set an SID value for routes in an SR-MPLS network as follows:

· Set the SID value that BGP Egress Peer Engineering (BGP-EPE) assigns to BGP peers or peer groups. For more information about BGP-EPE, see SR-MPLS configuration in Segment Routing Configuration Guide.

· S et the SID value for SR labeled routes that advertised from the same local loopback interface to multiple IS-IS or OSPF processes. To achieve this goal, you can redistribute direct routes to IS-IS or OSPF, and configure an apply label-value clause for the used routing policy to set the SID value for those redistributed routes.

The SID value specified by this command takes precedence over the SID value carried by the redistributed routes.

For more information about SR-MPLS, see SR-MPLS configuration in Segment Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set an SID value of 120 for BGP peers or peer groups.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply label-value 120

apply large-comm-list delete

Use apply large-comm-list delete to delete the large community attributes from BGP routes.

Use undo apply large-comm-list to remove the configuration.

Syntax

apply large-comm-list { large-comm-list-number | large-comm-list-name } delete

undo apply large-comm-list

Default

No large community attributes are deleted from BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

large-comm-list-number: Specifies a large community list by its number. A basic community list number is in the range of 1 to 99, and an advanced community list number is in the range of 100 to 199.

large-comm-list-name: Specifies a large community list by its name. A large community list name is a case-sensitive string of 1 to 63 characters and cannot contain only digits.

Usage guidelines

Application scenarios

The COMMUNITY attribute can denote only two-ocet AS numbers. To use the community attribute flexibly, BGP large community attribute is defined. The 12-ocet large community attribute value is in Administration:LocalData1:LocalData2 format.

The large community attribute contributes to flexible application of routing policies and control over route advertisement and reception because of the following advantages:

· It can denote two-ocet and four-ocet AS numbers entirely.

· It contains two four-ocet local data attribute identifiers.

The large community attribute can be used together with the COMMUNITY attribute for better route management.

For more information about the large community attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

You can use this command to delete the large community attributes that match the specified large community list from BGP routes.

Restrictions and guidelines

You must specify an existing large community list when executing this command. To configure a large community list, use the ip large-community-list command.

Examples

# Configure node 10 in permit mode for routing policy policy1 to delete the large community attributes specified in large community list 1 from BGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply large-comm-list 1 delete

Related commands

ip large-community-list

apply large-community

Use apply large-community to set the large community attribute for BGP routes.

Use undo apply large-community to remove the configuration.

Syntax

apply large-community { aa:bb:cc&<1-8> [ additive ] | additive | none }

undo apply large-community [ aa:bb:cc&<1-8> [ additive ] | additive | none ]

Default

No large community attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

aa:bb:cc&<1-8>: Specifies a large community number. aa, bb, and cc are all in the range of 0 to 4294967295. &<1-8> indicates that a maximum of 8 numbers can be specified.

additive: Adds the specified large community attribute to the original large community attribute of BGP routes. If you do not specify this keyword, the original large community attribute of BGP routes will be overwritten.

none: Removes the large community attribute from BGP routes.

Usage guidelines

The large community attribute contributes to flexible application of routing policies and control over route advertisement and reception because of the following advantages:

· It can denote two-ocet and four-ocet AS numbers entirely.

· It contains two four-ocet local data attribute identifiers.

The large community attribute can be used together with the COMMUNITY attribute for better route management.

For more information about the large community attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

You can use this command to set the large community attribute for BGP routes.

If you execute this command multiple times, you can set a maximum of 32 large community attribute for BGP routes.

Examples

# Configure node 16 in permit mode for routing policy setlargecommunity to set large community attribute 1:1:1 for BGP routes.

<Sysname> system-view

[Sysname] route-policy setlargecommunity permit node 10

[Sysname-route-policy-setlargecommunity-10] apply large-community 1:1:1

Related commands

if-match large-community

ip large-community-list

apply local-preference

Use apply local-preference to set a local preference for BGP routes.

Use undo apply local-preference to restore the default.

Syntax

apply local-preference preference

undo apply local-preference

Default

No local preference is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

preference: Specifies a local preference in the range of 0 to 4294967295.

Usage guidelines

The local preference is used to determine the optimal route for traffic leaving the local AS. After a BGP router obtains multiple routes with the same destination and different next hops from several IBGP peers, it preferentially selects the route with the highest local preference as the optimal route.

For more information about the local preference, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a local preference of 130 for BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply local-preference 130

apply mpls-label

Use apply mpls-label to assign MPLS labels to routes.

Use undo apply mpls-label to restore the default.

Syntax

apply mpls-label

undo apply mpls-label

Default

No MPLS labels are assigned to routes.

Views

Routing policy node view

Predefined user roles

network-admin

Usage guidelines

If this command fails to assign an MPLS label to a route, the route will not be advertised.

Examples

# Configure node 10 in permit mode for routing policy policy1 to assign MPLS labels to routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply mpls-label

apply origin

Use apply origin to set the ORIGIN attribute for BGP routes.

Use undo apply origin to restore the default.

Syntax

apply origin { egp as-number | igp | incomplete }

undo apply origin

Default

No ORIGIN attribute is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

egp as-number: Sets the ORIGIN attribute to EGP. The as-number argument specifies an AS number. The value range for the AS number in integer format is 1 to 4294967295 for EGP routes, and the value range for the AS number in dotted decimal format is 0.1 to 65535.65535 for EGP routes.

igp: Sets the ORIGIN attribute to IGP.

incomplete: Sets the ORIGIN attribute to UNKNOWN.

Usage guidelines

The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:

· IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.

· EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.

· INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.

For more information about the ORIGIN attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set the ORIGIN attribute to IGP for BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply origin igp

apply preference

Use apply preference to set a preference for a routing protocol.

Use undo apply preference to restore the default.

Syntax

apply preference preference

undo apply preference

Default

No preference is set for a routing protocol.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

preference: Specifies a preference in the range of 1 to 255.

Usage guidelines

If you have set preferences for routing protocols by using the preference command, the apply preference command sets a new preference for the matching routing protocol. Unmatched routing protocols still use the preferences set by using the preference command.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set the preference for OSPF external routes to 90.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match route-type external-type1or2

[Sysname-route-policy-policy1-10] apply preference 90

apply preferred-value

Use apply preferred-value to set a preferred value for BGP routes.

Use undo apply preferred-value to restore the default.

Syntax

apply preferred-value preferred-value

undo apply preferred-value

Default

No preferred value is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

preferred-value: Specifies a preferred value in the range of 0 to 65535.

Usage guidelines

During route selection, BGP first drops routes with unreachable next hops, and then selects the route with the greatest preferred value. Use this command to set a preferred value for BGP routes to control BGP path selection.

For more information about the preferred value, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a preferred value of 66 for BGP routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply preferred-value 66

apply prefix-priority

Use apply prefix-priority to set a prefix priority for routes.

Use undo apply prefix-priority to restore the default.

Syntax

apply prefix-priority { critical | high | medium }

undo apply prefix-priority

Default

No prefix priority is set, which means the prefix priority is low.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

critical: Sets the critical prefix priority for routes.

high: Sets the high prefix priority for routes.

medium: Sets the medium prefix priority for routes.

Usage guidelines

A topology change causes routing convergence in protocols such as OSPF and IS-IS. To improve the convergence speed, you can set prefix priorities for routes. Prefix priority levels include critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set prefix priority critical for routes matching prefix list abc.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match ip address prefix-list abc

[Sysname-route-policy-policy1-10] apply prefix-priority critical

apply qos-local-id

Use apply qos-local-id to set a local QoS ID for matching routes.

Use undo apply qos-local-id to restore the default.

Syntax

apply qos-local-id { local-id-value | clear }

undo apply qos-local-id

Default

No local QoS ID is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

local-id-value: Specifies a local QoS ID in the range of 1 to 4095.

clear: Clears the local QoS ID of matching routes.

Usage guidelines

Use this command on a QoS Policy Propagation Through the Border Gateway Protocol (QPPB) network. QPPB enables you to classify routes based on the BGP community lists, BGP AS paths, ACLs, and prefix lists, and apply different QoS policies.

In a dual-homed network scenario, you must configure the same local QoS ID for the dual-homed routes.

For more information about QPPB, see QoS configuration in ACL and QoS Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a local QoS ID of 100 for BGP routes matching extended community list 100.

<Sysname> system-view

[Sysname] ip extcommunity-list 100 permit rt 100:100

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match extcommunity 100

[Sysname-route-policy-policy1-10] apply qos-local-id 100

apply tag

Use apply tag to set a tag for IGP routes.

Use undo apply tag to restore the default.

Syntax

apply tag tag-value

undo apply tag

Default

No routing tag is set for IGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

tag-value: Specifies the tag value in the range of 0 to 4294967295.

Usage guidelines

Use this command to set a tag for IGP routes. To view the tag value, execute the display ip routing table verbose command.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a tag of 100 for IGP routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] apply tag 100

apply traffic-index

Use apply traffic-index to set a traffic index for BGP routes.

Use undo apply traffic-index to restore the default.

Syntax

apply traffic-index { value | clear }

undo apply traffic-index

Default

No traffic index is set for BGP routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

value: Specifies the traffic index in the range of 1 to 127.

clear: Clear the traffic index of BGP routes.

Usage guidelines

BGP policy accounting provides the following functionalities:

· Classifies IP traffic by BGP path attributes such as NEXT HOP, COMMUNITY, and AS_PATH.

· Assigns an index to each class of traffic.

· Collects statistics based on indexes.

For more information about BGP policy accounting, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set a traffic index of 6 for BGP routes matching extended community list 100.

<Sysname> system-view

[Sysname] ip extcommunity-list 100 permit rt 100:100

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match extcommunity 100

[Sysname-route-policy-policy1-10] apply traffic-index 6

continue

Use continue to specify the next node to be matched.

Use undo continue to restore the default.

Syntax

continue [ node-number ]

undo continue

Default

No next node is specified.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

node-number: Specifies the routing policy node number in the range of 1 to 65535. The specified next node must have a larger number than the current node.

Usage guidelines

A route that matches the current node (permit node) must match the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy. After you configure a continue clause, a route continues to match against the subsequent nodes if it does not match the specified next node. To prevent such a route from matching against other nodes, add a clauseless deny node following the specified next node.

Example

# Specify the next node 20 for node 10 of the routing policy policy1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] continue 20

display ip as-path

Use display ip as-path to display BGP AS path list information.

Syntax

display ip as-path [ as-path-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

as-path-number: Specifies an AS path list by its number in the range of 1 to 256. If you do not specify this argument, the command displays information about all BGP AS path lists.

Examples

# Display information about BGP AS path list 1.

<Sysname> display ip as-path 1

As-path-number: 1

Permitted 0

Denied 0

Mode: Permit Regular experssion:10:1

# Display information about all BGP AS path lists.

<Sysname> display ip as-path

As-path-number: 12

Permitted 0

Denied 0

Mode: Permit Regular expression:^10

As-path-name: as1

Permitted 0

Denied 0

Mode: Deny Regular expression:*200.*300

Table 2 Command output

Field	Description
As-path-number	AS path list number.
As-path-name	AS path list name.
Permitted	Number of times that the policy is applied and matched.
Denied	Number of times that the policy is applied but not matched.
Mode	Match mode: · Permit. · Deny.
Regular expression	Regular expression used to match routes.

‌

Related commands

reset ip as-path

display ip community-list

Use display ip community-list to display BGP community list information.

Syntax

display ip community-list [ basic-community-list-number | adv-community-list-number | name comm-list-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

name comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.

Usage guidelines

If no community list is specified, this command displays information about all BGP community lists.

Examples

# Display information about all BGP community lists.

<Sysname> display ip community-list

Community List Basic aaa

Permit

Community List Advanced bbb

Permit 3333

Table 3 Command output

Field	Description
Community List Basic	Basic community list.
Community List Advanced	Advanced community list.
permit	Match mode: · Permit. · Deny.

‌

display ip extcommunity-list

Use display ip extcommunity-list to display BGP extended community list information.

Syntax

display ip extcommunity-list [ ext-comm-list-number | ext-comm-list-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ext-comm-list-number: Specifies an extended community list by its number in the range of 1 to 65535.

ext-comm-list-name: Specifies an extended community list by its name, a case-sensitive string of 1 to 63 characters. The name cannot contain only digits.

Usage guidelines

If you do not specify any arguments, this command displays information about all BGP extended community lists.

Examples

# Display information about BGP extended community list 1.

<Sysname> display ip extcommunity-list 1

Extended Community List Number 1

Permit rt: 9:6

Permit soo: 9:6

Permit bandwidth: 9:6

Extended Community List Name extlist

Permit rt: 10:10

Permit soo: 1:100

Permit bandwidth: 9:6

Table 4 Command output

Field	Description
Extended Community List Number	Extended community list number.
Extended Community List Name	Extended community list name.
permit	Match mode: · Permit. · Deny.
rt	Route Target (RT) extended community attribute.
soo	Site of Origin (SoO) extended community attribute.
bandwidth	Link-bandwidth extended community attribute.

‌

display ip large-community-list

Use display ip large-community-list to display BGP large community list information.

Syntax

display ip large-community-list [ basic-large-comm-list-number | adv-large-comm-list-number | name large-comm-list-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

basic-large-community-list-number: Specifies a basic large community list by its number in the range of 1 to 99.

adv-large-community-list-number: Specifies an advanced large community list by its number in the range of 100 to 199.

name large-comm-list-name: Specifies a large community list by its name. A large community list name is a case-sensitive string of 1 to 63 characters and cannot contain only digits.

Usage guidelines

If no large community list is specified, this command displays information about all BGP large community lists.

Examples

# Display information about all BGP large community lists.

<Sysname> display ip large-community-list

Large-community List Basic aaa

Permit 1:1:1

Large-community List Advanced bbb

Permit 3333:3333:3333

Large-community List Number 20

Deny 4:4:4

Table 5 Command output

Field	Description
Large-community Basic	Basic large community list name.
Large-community List Advanced	Advanced large community list name.
Large-community List Number	Large community list number. M atch mode: · Permit. · Deny.
Permit	The match mode is permit.
Deny	The match mode is deny.

‌

Related commands

ip large-community-list

display ip rd-list

Use display ip rd-list to display route distinguisher (RD) list information.

Syntax

display ip rd-list [ rd-list-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

rd-list-number: Displays information about an RD list. The rd-list-number argument represents the number of the RD list, in the range of 1 to 65535. If you do not specify an RD list, this command displays information about all RD lists.

Examples

# Display information about all RD lists.

<Sysname> display ip rd-list

Route Distinguisher List Number 1

index: 1 Permit 1.1.1.1:1 2.2.2.2:* 100:1 200:*

Route Distinguisher List Number 2

index: 2 Deny 1:1 2:2

Table 6 Command output

Field	Description
Route Distinguisher List Number	RD list number.
index	Index of the RD list item.
Permit	Match mode: · Permit. · Deny.

‌

Related commands

ip rd-list

display route-policy

Use display route-policy to display routing policy information.

Syntax

display route-policy [ name route-policy-name [ node node-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all routing policies.

node node-number: Specifies a routing policy node by its index in the range of 0 to 65535. If you do not specify this option, the command displays information about all routing policy nodes.

Examples

# Display information about routing policy policy1.

<Sysname> display route-policy name policy1

Route-policy: policy1

Permit : 1

if-match cost 10

continue: next node 11

apply comm-list a delete

Table 7 Command output

Field	Description
Route-policy	Routing policy name.
Permit : xx	The match mode of node xx is Permit.
Deny : xx	The match mode of node xx is Deny.
if-match	Match criterion.
continue	Specify the next node to be matched.
apply	Action.

‌

if-match as-path

Use if-match as-path to match BGP routes whose AS_PATH attribute matches a specified AS path list.

Use undo if-match as-path to remove the specified AS path list match criterion.

Syntax

if-match as-path { as-path-number&<1-32> | as-path-name }

undo if-match as-path [ as-path-number&<1-32> | as-path-name ]

Default

No AS path list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

as-path-number&<1-32>: Specifies an AS path list by its number in the range of 1 to 256. &<1-32> indicates that you can specify a maximum of 32 AS path lists.

as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The AS path list name cannot contain only digits.

Usage guidelines

Use this command in conjunction with the ip as-path command to configure AS_PATH-based criteria for route filtering. If the AS path list specified by this command does not exist, first use the ip as-path command to create the AS path list.

For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure AS path list 2 to permit BGP routes containing AS number 200 or 300 to pass. Configure node 10 in permit mode for routing policy test to match AS path list 2.

<Sysname> system-view

[Sysname] ip as-path 2 permit _*200.*300

[Sysname] route-policy test permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 2

Related commands

apply as-path

ip as-path

if-match community

Use if-match community to match BGP routes whose COMMUNITY attribute matches a specified community list.

Use undo if-match community to remove the specified community list match criterion.

Syntax

if-match community { { basic-community-list-number [ whole-match ] | name comm-list-name [ whole-match | unorder-match ] } | adv-community-list-number [ unorder-match ] }&<1-32>

undo if-match community [ { basic-community-list-number [ whole-match ] | name comm-list-name [ whole-match | unorder-match ] } | adv-community-list-number [ unorder-match ] ]&<1-32>

Default

No community list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.

whole-match: Exactly matches the specified community list. In this match mode, a BGP route can match the specified community list only if it has and only has the communities contained in the specified community list. This keyword takes effect only on basic community lists. If you do not specify this keyword in the if-match community command, a BGP route is matched as long as it contains all of the communities in the specified community list. The undo if-match community command always deletes the configured community list match criterion for BGP routes regardless of whether this keyword is specified.

unorder-match: Specifies unordered matching. In this match mode, regular expressions in an advanced community attribute list does not need to match against a BGP route based on the order of the community attributes carried by the BGP route. For example, if the community attributes carried by a BGP route are 1:1 2:2 3:3 4:4, in ordered matching, advanced community lists with regular expressions 1$, 2$, and 3$ cannot match the BGP route. Only the community list with the regular expression 4$ can match the BGP route. Whereas in unordered matching, advanced community lists with regular expressions 1$, 2$, 3$, and 4$ all can match the BGP route. This keyword takes effect only on advanced community lists. If you do not specify this keyword in the if-match community command, ordered matching is used. The undo if-match community command always deletes the configured community list match criterion for BGP routes regardless of whether this keyword is specified.

&<1-32>: Indicates that you can specify a maximum of 32 community lists.

Usage guidelines

Use this command in conjunction with the ip community-list command to configure COMMUNITY-based criteria for route filtering. If the community list specified by this command does not exist, first use the ip community-list command to create the community list.

For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure community list 1 to permit BGP routes with community number 100 or 200. Then configure node 10 in permit mode for routing policy test to use community list 1 to match BGP routes.

<Sysname> system-view

[Sysname] ip community-list 1 permit 100 200

[Sysname] route-policy test permit node 10

[Sysname-route-policy-test-10] if-match community 1

Related commands

apply community

ip community-list

if-match cost

Use if-match cost to match routes that have the specified cost.

Use undo if-match cost to restore the default.

Syntax

if-match cost cost-value

undo if-match cost

Default

No cost match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

cost-value: Specifies a cost in the range of 0 to 4294967295.

Examples

# Configure node 10 in permit mode for routing policy policy1 to permit routes with a cost of 8.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match cost 8

if-match extcommunity

Use if-match extcommunity to match BGP routes whose extended community attribute matches a specified extended community list.

Use undo if-match extcommunity to remove the specified extended community list match criterion.

Syntax

if-match extcommunity ext-comm-list-number&<1-32>

undo if-match extcommunity [ ext-comm-list-number ]&<1-32>

if-match extcommunity ext-comm-list-name&<1-32>

undo if-match extcommunity [ ext-comm-list-name ]&<1-32>

Default

No extended community list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list by its number in the range of 1 to 65535.

ext-comm-list-name: Specifies an extended community list by its name, a case sensitive string of 1 to 63 characters. The name cannot contain only digits.

&<1-32>: Indicates that you can specify a maximum of 32 extended community lists.

Usage guidelines

Use this command in conjunction with the ip extcommunity-list command to configure extended community-based criteria for route filtering. If the extended community list specified by this command does not exist, first use the ip extcommunity-list command to create the extended community list.

For more information about the extended community attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to match BGP routes whose extended community attribute matches extended community lists 100 and 150.

<Sysname> system-view

[Sysname] ip extcommunity-list 100 permit rt 100:100

[Sysname] ip extcommunity-list 150 permit rt 150:150

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match extcommunity 100 150

Related commands

apply extcommunity

ip extcommunity-list

if-match interface

Use if-match interface to match routes that have the specified output interfaces.

Use undo if-match interface to remove the specified output interface match criterion.

Syntax

if-match interface { interface-type interface-number }&<1-16>

undo if-match interface [ interface-type interface-number ]&<1-16>

Default

No output interface match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

&<1-16>: Indicates that you can specify a maximum of 16 interfaces.

Usage guidelines

BGP does not support criteria for matching the output interfaces of routes.

Examples

# Configure node 10 in permit mode for routing policy policy1 to permit routes with the output interface Ten-GigabitEthernet 0/0/15. ‌

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match interface ten-gigabitethernet 0/0/15

if-match large-community

Use if-match large-community to match BGP routes by large community list.

Use undo if-match large-community to remove the large community list match criterion.

Syntax

if-match large-community { { basic-large-comm-list-number | name large-comm-list-name } [ whole-match ] | adv-large-comm-list-number }&<1-32>

undo if-match large-community [ { basic-large-comm-list-number | name large-comm-list-name } [ whole-match ] | adv-large-comm-list-number ]&<1-32>

Default

No large community list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

basic-large-community-list-number: Specifies a basic large community list by its number in the range of 1 to 99.

name large-comm-list-name: Specifies a large community list by its name. A large community list name is a case-sensitive string of 1 to 63 characters and cannot contain only digits.

whole-match: Exactly matches the specified large community list. If you specify this keyword, this command matches routes with the same large community list as that you have specified.

adv-large-community-list-number: Specifies an advanced large community list by its number in the range of 100 to 199.

&<1-32>: Indicates that you can specify a maximum of 32 large community lists.

Usage guidelines

When you use this command, the specified large community list must have been created. To create a large community list, use the ip large-community-list command.

You can use the ip large-community-list command together with this command to match BGP routes with specific large community attributes.

For more information about the large community attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure large community list 1 to permit BGP routes with large community number 1:0:1 or 2:0:1. Then configure node 10 for routing policy test to use large community list 1 to match BGP routes.

<Sysname> system-view

[Sysname] ip large-community-list 1 permit 1:0:1 2:0:1

[Sysname] route-policy test permit node 10

[Sysname-route-policy-test-10] if-match large-community 1

Related commands

apply large-community

apply large-comm-list delete

ip large-community-list

if-match local-preference

Use if-match local-preference to match BGP routes that have the specified local preference.

Use undo if-match local-preference to restore the default.

Syntax

if-match local-preference preference

undo if-match local-preference

Default

No local preference match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

preference: Specifies a local preference in the range of 0 to 4294967295.

Usage guidelines

For more information about the local preference, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Create node 10 in permit mode for routing policy policy1 to match BGP routes that have a local preference of 2.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match local-preference 2

if-match mpls-label

Use if-match mpls-label to set the MPLS label match criterion.

Use undo if-match mpls-label to restore the default.

Syntax

if-match mpls-label

undo if-match mpls-label

Default

No MPLS label match criterion is set.

Views

Routing policy node view

Predefined user roles

network-admin

Examples

# Configure node 10 in permit mode for routing policy policy1 to match routes that have MPLS labels.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match mpls-label

if-match protocol

Use if-match protocol to configure a routing protocol match criterion.

undo if-match protocol to remove a routing protocol match criterion.

Syntax

if-match protocol { bgp | direct | eigrp | isis | ospf | ospfv3 | rip | ripng | static | unr } *

Default

No routing protocol match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

bgp: Matches BGP routes.

direct: Matches direct routes.

eigrp: Matches EIGRP routes.

isis: Matches IS-IS routes.

ospf: Matches OSPF routes.

ospfv3: Matches OSPFv3 routes.

rip: Matches RIP routes.

ripng: Matches RIPng routes.

static: Matches static routes.

unr: Matches user network routes.

Usage guidelines

Application scenarios

Execute this command to filter routes by routing protocol. If you specify multiple routing protocols, a route matches the criterion as long as it belongs to one of the specified routing protocols.

Restrictions and guidelines

This command takes effect only in scenarios where BGP uses routing policies for route filtering.

After you create a match criterion by using this command, the match criterion does not take effect if the following conditions exist:

· You specify a routing policy that contains the match criterion in a command.

· You specify a routing protocol in the same command.

For example, if the route-policy-name argument in the import-route static route-policy route-policy-name command specifies a routing policy that contains a routing protocol match criterion, the match criterion does not take effect.

Examples

# Configure node 10 in permit mode for routing policy policy1 to match direct and static routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match protocol direct static

if-match rd-list

Use if-match rd-list to match routes whose RD matches the specified RD list.

Use undo if-match rd-list to remove the specified RD list match criterion.

Syntax

if-match rd-list rd-list-number

undo if-match rd-list

Default

No RD list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

rd-list-number: Specifies an RD list by its number in the range of 1 to 65535.

Usage guidelines

Use this command in conjunction with the ip rd-list command to configure RD-based criteria for route filtering. If the RD list specified by this command does not exist, first use the ip rd-list command to create the RD list.

For more information about RDs, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy rp1 to match routes whose RD matches RD list 1.

<Sysname> system-view

[Sysname] ip rd-list 1 permit 1:1

[Sysname] route-policy rp1 permit node 10

[Sysname-route-policy-rp1-10] if-match rd-list 1

Related commands

ip rd-list

if-match route-policy

Use if-match route-policy to specify a routing policy to match routes.

Use undo if-match route-policy to restore the default.

Syntax

if-match route-policy route-policy-name

undo if-match route-policy

Default

No routing policy is specified to match routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

Operating mechanism

When you use a routing policy as the if-match clause criterion for another routing policy, the if-match clause works as follows:

· When the match mode of a node is deny, a route is rejected if the route meets all the if-match clauses of the node. The route is not compared with the next node. If the route does not meet all the if-match clauses of the node, it is compared with the next node.

· When the match mode of a node is permit, a route is handled by the apply clauses of the node if the route meets all the if-match clauses of the node. If the route does not meet all the if-match clauses of the node, it is compared with the next node.

Restrictions and guidelines

Follow these restrictions and guidelines when you configure a routing policy if-match clause criterion:

· If the specified routing policy does not exist, all routes match the criterion.

· If a routing policy has been used as an if-match clause criterion, you cannot specify a routing policy match criterion for the routing policy. For example, if routing policy A uses routing policy B as a match criterion, you cannot specify any routing policy match criterion for routing policy B. In addition, you cannot specify routing policy A as a match criterion for any another routing policies.

· Reference loops are not allowed. For example, if routing policy A is used as a match criterion of routing policy B, you cannot configure routing policy B as a match criterion of routing policy A any more.

If you execute this command multiple times for a routing policy, the most recent configuration takes effect.

Examples

# Configure node 10 in permit mode for routing policy parent to match routes that match routing policy child.

<Sysname> system-view

[Sysname] route-policy parent permit node 10

[Sysname-route-policy-parent-10] if-match route-policy child

if-match route-type

Use if-match route-type to set a route-type match criterion.

Use undo if-match route-type to remove the specified route-type match criterion.

Syntax

if-match route-type { bgp-evpn-ad | bgp-evpn-imet | bgp-evpn-ip-prefix | bgp-evpn-mac-ip | ebgp | eigrp-external | eigrp-internal | external-type1 | external-type1or2 | external-type2 | ibgp | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 } *

Default

No route-type match criterion is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

bgp-evpn-ad: Matches BGP EVPN Ethernet auto-discovery routes.

bgp-evpn-imet: Matches BGP EVPN inclusive multicast Ethernet tag routes.

bgp-evpn-ip-prefix: Matches BGP EVPN IP prefix routes.

bgp-evpn-mac-ip: Matches BGP EVPN MAC/IP advertisement routes.

ebgp: Matches EBGP routes.

eigrp-external: Matches EIGRP external routes.

eigrp-internal: Matches EIGRP internal routes.

external-type1: Matches OSPF Type 1 external routes.

external-type1or2: Matches OSPF Type 1 and Type 2 external routes.

external-type2: Matches OSPF Type 2 external routes.

ibgp: Matches IBGP routes.

internal: Matches OSPF internal routes (including OSPF intra-area and inter-area routes).

is-is-level-1: Matches IS-IS Level-1 routes.

is-is-level-2: Matches IS-IS Level-2 routes.

nssa-external-type1: Matches OSPF NSSA Type 1 external routes.

nssa-external-type1or2: Matches OSPF NSSA Type 1 and 2 external routes.

nssa-external-type2: Matches OSPF NSSA Type 2 external routes.

Examples

# Configure node 10 in permit mode for routing policy policy1 to match OSPF internal routes.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match route-type internal

if-match rpki

Use if-match rpki to set the BGP RPKI validation state match criterion.

Use undo if-match rpki to restore the default.

Syntax

if-match rpki { invalid | not-found | valid }

undo if-match rpki

Default

No BGP RPKI validation state match criterion is set.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

invalid: Matches BGP routes whose BGP RPKI validation state is Invalid.

not-found: Matches BGP routes whose BGP RPKI validation state is Not found.

valid: Matches BGP routes whose BGP RPKI validation state is Valid.

Usage guidelines

The BGP Resource Public Key Infrastructure (RPKI) feature enables BGP to validate the origin AS of a route and determine whether to use and advertise the route based on the validation state.

For more information about BGP RPKI, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure node 10 in permit mode for routing policy policy1 to match BGP routes whose BGP RPKI validation state is Valid.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match rpki valid

if-match tag

Use if-match tag to match IGP routes that have the specified tag.

Use undo if-match tag to restore the default.

Syntax

if-match tag tag-value

undo if-match tag

Default

No tag match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

tag-value: Specifies a tag in the range of 0 to 4294967295.

Examples

# Configure node 10 in permit mode for routing policy policy1 to match IGP routes that have a tag of 8.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match tag 8

ip as-path

Use ip as-path to configure an AS path list.

Use undo ip as-path to remove an AS path list.

Syntax

ip as-path { as-path-number | as-path-name } { deny | permit } regular-expression

undo ip as-path { as-path-number | as-path-name } [ regular-expression | deny | permit ]

Default

No AS path lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

as-path-number: Specifies an AS path list number in the range of 1 to 256.

as-path-name: Specifies an AS path list name, a case-sensitive string of 1 to 51 characters. The AS path list name cannot contain only digits.

deny: Specifies the match mode for the AS path list as deny.

permit: Specifies the match mode for the AS path list as permit.

regular-expression: Specifies an AS path regular expression, a string of 1 to 256 characters.

Usage guidelines

You can use this command to specify a regular expression for AS_PATH-based BGP route filtering. An AS path regular expression, for example, ^200.*100$, matches the AS_PATH attribute that starts with AS 200 and ends with AS 100.

For more information about regular expressions, see routing policy configuration in Layer 3—IP Routing Configuration Guide. For more information about the AS_PATH attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure AS path list 1 to permit routes whose AS_PATH attribute starts with 10.

<Sysname> system-view

[Sysname] ip as-path 1 permit ^10

Related commands

apply as-path

display ip as-path

if-match as-path

ip community-list

Use ip community-list to configure a community list.

Use undo ip community-list to remove a community list.

Syntax

ip community-list { basic-comm-list-num | basic basic-comm-list-name } { deny | permit } [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] *

undo ip community-list { basic-comm-list-num | basic basic-comm-list-name } [ deny | permit ] [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] *

ip community-list { adv-comm-list-num | advanced adv-comm-list-name } { deny | permit } regular-expression

undo ip community-list { adv-comm-list-num | advanced adv-comm-list-name } [ deny | permit ] [ regular-expression ]

Default

No community lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

basic-comm-list-num: Specifies a basic community list number in the range of 1 to 99.

basic basic-comm-list-name: Specifies a basic community list name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.

advanced adv-comm-list-name: Specifies an advanced community list name, a case-sensitive string of 1 to 63 characters that cannot contain only numbers.

adv-comm-list-num: Specifies an advanced community list number in the range of 100 to 199.

regular-expression: Specifies a regular expression for the advanced community list, a string of 1 to 63 characters. For more information about regular expressions, see Layer 3—IP Routing Configuration Guide.

deny: Specifies the match mode for the community list as deny.

permit: Specifies the match mode for the community list as permit.

community-number&<1-32>: Specifies a community sequence number in the range of 1 to 4294967295. &<1-32> indicates that you can specify a maximum of 32 community sequence numbers.

aa:nn&<1-32>: Specifies a community number. Both aa and nn are in the range of 0 to 65535. &<1-32> indicates that you can specify a maximum of 32 community numbers.

internet: Specifies the INTERNET community attribute. Routes with this attribute can be advertised to all BGP peers. By default, all routes have this attribute.

no-advertise: Specifies the NO_ADVERTISE community attribute. Routes with this attribute cannot be advertised to other BGP peers.

no-export: Specifies the NO_EXPORT community attribute. Routes with this attribute cannot be advertised out of the local AS or the local confederation but can be advertised to other ASs in the confederation.

no-export-subconfed: Specifies the NO_EXPORT_SUBCONFED community attribute. Routes with this attribute cannot be advertised out of the local AS, or to other sub-ASs in the local confederation.

Usage guidelines

A BGP community is a group of routes with the same characteristics. The COMMUNITY attribute identifies the community to which a BGP route belongs. Use this command to configure community lists for flexible control over routing policies.

For more information about the COMMUNITY attribute, see BGP configuration in Layer 3—IP Routing Configuration Guide.

Examples

# Configure basic community list 1 to permit routes with the INTERNET community attribute.

<Sysname> system-view

[Sysname] ip community-list 1 permit internet

# Configure advanced community list 100 to permit routes with the COMMUNITY attribute starting with 10.

<Sysname> system-view

[Sysname] ip community-list 100 permit ^10

Related commands

apply comm-list delete

apply community

display ip community-list

if-match community

ip extcommunity-list

Use ip extcommunity-list to configure an extended community list.

Use undo ip extcommunity-list to remove an extended community list.

Syntax

ip extcommunity-list { ext-comm-list-number | ext-comm-list-name } [ index index-number ] { deny | permit } { bandwidth link-bandwidth-value | rt route-target | soo site-of-origin }&<1-32>

undo ip extcommunity-list { ext-comm-list-number | ext-comm-list-name } [ index index-number ] [ { deny | permit } [ bandwidth link-bandwidth-value | rt route-target | soo site-of-origin ]&<1-32> ]

ip extcommunity-list { ext-comm-list-number | ext-comm-list-name } [ index index-number ] { deny | permit } { rt | soo } advanced regular-expression

undo ip extcommunity-list { ext-comm-list-number | ext-comm-list-name } [ index index-number ] [ { deny | permit } { rt | soo } advanced regular-expression ]

Default

No extended community lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.

ext-comm-list-name: Specifies an extended community list name, a case-sensitive string of 1 to 63 characters. The name cannot contain only digits.

index index-number: Specifies an index for the extended community list entry, in the range of 1 to 4294967295. An extended community list entry with a smaller index number is matched first. If you do not specify this option, the index number starts from 1 and increases by 1 for each of the consecutive extended community list entries.

deny: Specifies the match mode for the extended community list as deny.

permit: Specifies the match mode for the extended community list as permit.

bandwidth link-bandwidth-value: Specifies a link bandwidth extended community attribute, a string of 3 to 16 characters. &<1-32> indicates that you can specify a maximum of 32 link bandwidth extended community attributes. The link-bandwidth-value argument is in the 16-bit AS number:32-bit user-defined number format, for example, 100:3. The AS number is in the range of 0 to 65535, and the user-defined number is in the range of 0 to 4294967295.

rt route-target: Specifies a space-separated list of up to 32 RT extended community attribute items. Each item is a string of 3 to 24 characters.

soo site-of-origin: Specifies a space-separated list of up to 32 SoO extended community attribute items. Each item is a string of 3 to 24 characters.

An RT or SoO attribute has the following forms:

· 16-bit AS number in integer format:32-bit user-defined number. For example, 101:3. The AS number is in the range of 0 to 65535, and the user-defined number is in the range of 0 to 4294967295.

· 16-bit AS number in dotted format:32-bit user-defined number. For example, 0.1:1. The AS number range is 0.1 to 0.65535.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1. The user-defined number is in the range of 0 to 65535.

· 32-bit AS number in integer format:16-bit user-defined number. For example, 70000:3. The AS number is in the range of 65536 to 4294967295, and the user-defined number is in the range of 0 to 65535.

· 32-bit IP address/IPv4 address mask length:16-bit user-defined number. For example, 192.168.122.15/24:1.

· 32-bit AS number in dotted format:16-bit user-defined number. For example, 10.1:1. The minimum AS number is 1.0.

advanced regular-expression: Specifies a regular expression to filter extended community attributes. The value for the regular-expression argument is a string of 1 to 63 characters. For more information about regular expressions, see routing policy configuration in Layer 3—IP Routing Configuration Guide.

Usage guidelines

Application scenarios

Extended community lists are used to filter routes.

Operating mechanism

You can configure multiple entries for an extended community list. The relationship between the entries is logical OR. A route matches the extended community list as long as it matches one entry in the list. A route matches an entry only if it matches all attributes in the entry.

To view detailed extended community list information, use the display ip extcommunity-list command.

Restrictions and guidelines

You must specify the advanced regular-expression option for all entries in an extended community list, or not specify it at all. If you specify the advanced regular-expression option in the first command for an extended community list, the subsequent commands without this option specified do not take effect. Similarly, if you do not specify this option in the first command, the subsequent commands with this option specified do not take effect.

If you specify an existing extended community list by its number or name when executing this command, you can add a new entry or edit an existing entry:

· If you do not specify the index index-number option or specify an entry index that does not exist, this command adds a new entry to the list.

· If you specify an existing entry index, this command edits the specified entry. If you execute this command multiple times for an extended community list entry, the most recent configuration takes effect.

Examples

# Configure extended community list 1 to permit routes with RT 200:200 to pass.

<Sysname> system-view

[Sysname] ip extcommunity-list 1 permit rt 200:200

# Configure extended community list 2 to permit routes with SoO 100:100 to pass.

<Sysname> system-view

[Sysname] ip extcommunity-list 2 permit soo 100:100

# Configure extended community list 3 to permit routes with link bandwidth attribute 100:100 to pass.

<Sysname> system-view

[Sysname] ip extcommunity-list 3 permit bandwidth 100:100

# Configure extended community list 4 to permit routes with RT extended community attributes that begin with 10 to pass.

<Sysname> system-view

[Sysname] ip extcommunity-list 4 permit rt advanced ^10

Related commands

apply extcommunity

display ip extcommunity-list

if-match extcommunity

ip large-community-list

Use ip large-community-list to create a large community list.

Use undo ip large-community-list to remove a large community list or remove specific communities from a large community list.

Syntax

ip large-community-list { basic-large-comm-list-num | basic basic-large-comm-list-name } { deny | permit } aa:bb:cc&<1-32>

undo ip large-community-list { basic-large-com-list-num | basic basic-large-comm-list-name } [ deny | permit ] [ aa:bb:cc&<1-32> ]

ip large-community-list { adv-large-comm-list-num | advanced adv-large-comm-list-name } { deny | permit } regular-expression

undo ip large-community-list { adv-large-comm-list-num | advanced adv-large-comm-list-name } [ deny | permit ] [ regular-expression ]

Default

No large community lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

basic-large-comm-list-num: Specifies a basic large community list number in the range of 1 to 99.

basic basic-large-comm-list-name: Specifies a basic large community list name that is a case-sensitive string of 1 to 63 characters and cannot contain only digits.

adv-large-comm-list-num: Specifies an advanced large community list number in the range of 100 to 199.

advanced adv-comm-list-name: Specifies an advanced large community list name that is a case-sensitive string of 1 to 63 characters and cannot contain only digits.

deny: Specifies the match mode for the large community list as deny.

permit: Specifies the match mode for the large community list as permit.

aa:bb:cc&<1-32>: Specifies a large community number. aa, bb, and cc are all in the range of 0 to 4294967295. &<1-32> indicates that a maximum of 32 numbers can be specified.

regular-expression: Specifies a regular expression for the advanced large community list. A regular expression is a string of 1 to 63 characters. For more information about regular expressions, see routing policy configuration in Layer 3—IP Routing Configuration Guide.

Usage guidelines

You can use this command together with the if-match large-community command to match BGP routes with specific large community attributes.

If you specify neither of the deny and permit keywords, the undo command applies to large community lists in permit and deny modes.

Examples

# Configure advanced large community list 100 to permit routes with the large community attribute starting with 10.

<Sysname> system-view

[Sysname] ip large-community-list 100 permit ^10

# Configure basic large community list 1 to permit routes with large community attribute 1:1:1.

<Sysname> system-view

[Sysname] ip large-community-list 1 permit 1:1:1

Related commands

apply large-community

apply large-comm-list delete

display ip large-community-list

if-match large-community

ip rd-list

Use ip rd-list configure an RD list.

Use undo ip rd-list to remove an RD list.

Syntax

ip rd-list rd-list-number [ index index-number ] { deny | permit } route-distinguisher&<1-10>

undo ip rd-list rd-list-number [ index index-number ] [ { deny | permit } route-distinguisher&<1-10> ]

Default

No RD lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

rd-list-number: Specifies an RD list by its number in the range of 1 to 65535.

index index-number: Specifies an index number for an RD list item, in the range of 1 to 4294967295. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive RD list items.

deny: Specifies the deny mode. If a route matches the item, the route is denied without being compared with the next item. If a route does not match the item, the route is compared with the next item.

permit: Specifies the permit mode. If a route matches the item, it passes the RD list. If a route does not match the item, the route is compared with the next item.

route-distinguisher&<1-10>: Specifies a list of up to 10 RD list items. Each item is a string of 3 to 21 characters.

An RD has the following forms:

· 16-bit AS number in integer format:32-bit user-defined number. For example, 101:3.

· 16-bit AS number in dotted format:32-bit user-defined number. For example, 0.1:3. The AS number range is 0.1 to 0.65535.

· 16-bit AS number in integer format:wildcard character. For example, 101:*.

· 16-bit AS number in dotted format:wildcard character. For example, 0.1:*. The AS number range is 0.1 to 0.65535.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit IP address:wildcard character. For example, 192.168.122.15:*.

· 32-bit AS number in integer format:16-bit user-defined number. For example, 65536:1. The minimum AS number is 65536.

· 32-bit AS number in integer format:wildcard character. For example, 65536:*. The minimum AS number is 65536.

· 32-bit AS number in dotted format:16-bit user-defined number. For example, 65535.65535:1. The minimum AS number is 1.0.

· 32-bit AS number in dotted format:wildcard character. For example, 1.0:*. The minimum AS number is 1.0.

Usage guidelines

An RD list matches the RDs of BGP routes. An RD list is identified by an RD list number and can contain multiple items that specify RD ranges. The relationship between the items is logical OR. A route matches the RD list if it matches one item in the list. A route does not match the RD list if it does not match any items in the list.

To filter routes by RD, use the ip rd-list command together with the if-match rd-list command. If you specify a nonexistent RD list for the if-match rd-list command, all routes pass the RD match criterion.

For more information about RDs, see MPLS L3VPN configuration in MPLS L3VPN Configuration Guide.

Examples

# Configure RD list 1 to permit routes with RD 100: 1.

<Sysname> system-view

[Sysname] ip rd-list 1 permit 100:1

Related commands

display ip rd-list

if-match rd-list

reset ip as-path

Use reset ip as-path to clear BGP AS path list statistics.

Syntax

reset ip as-path [ as-path-number | as-path-name ]

Views

User view

Predefined user roles

network-admin

Parameters

as-path-number: Specifies an AS path list by its number in the range of 1 to 256.

as-path-name: Specifies an AS path list by its name, a case-sensitive string of 1 to 51 characters. The AS path list name cannot contain only digits.

Usage guidelines

If you do not specify an AS path list number or name, this command clears statistics for all AS path lists.

Examples

# Clear statistics for BGP AS path list abc.

<Sysname> reset ip as-path abc

Related commands

display ip as-path

route-policy

Use route-policy to create a routing policy and a node and enter routing policy node view, or enter the view of an existing routing policy node.

Use undo route-policy to remove a routing policy or a node of it.

Syntax

route-policy route-policy-name { deny | permit } node node-number

undo route-policy route-policy-name [ deny | permit ] [ node node-number ]

Default

No routing policies exist.

Views

System view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy name, a case-sensitive string of 1 to 63 characters.

deny: Specifies the deny match mode for the routing policy node. If a route matches all the if-match clauses of the node, it is denied without being compared with the next node. If a route does not match any if-match clauses of the node, the route is compared with the next node.

permit: Specifies the permit match mode for the routing policy node. If a route matches all the if-match clauses of the node, it is handled by the apply clauses of the node. If a route does not match any if-match clauses of the node, the route is compared with the next node.

node node-number: Specifies a node number in the range of 0 to 65535. A node with a smaller number is matched first.

Usage guidelines

Application scenarios

Use a routing policy to filter routing information.

Operating mechanism

A routing policy can contain several nodes and each node contains a set of if-match and apply clauses. The if-match clauses define the match criteria of the node and the apply clauses define the actions to be taken on packets matching the criteria. The relation between the if-match clauses of different types is logical AND and the relation between the if-match clauses of the same type is logical OR. if-match clauses of all types must be met. The relation between nodes is logical OR. A packet passing a node passes the routing policy. If a packet does not pass any nodes, the packet does not pass the routing policy.

Examples

# Create node 10 in permit mode for routing policy policy1 and enter routing policy node view.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10]

Related commands

display route-policy

route-policy non-exist-deny

Use route-policy non-exist-deny to prevent BGP routes from passing a routing policy that does not exist.

Use undo route-policy non-exist-deny to restore the default.

Syntax

route-policy non-exist-deny

undo route-policy non-exist-deny

Default

All routes can pass a routing policy that does not exist.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Application scenarios

With this feature enabled, no routes can pass a routing policy that does not exist. The routing policy can filter routes correctly only after you create it.

Restrictions and guidelines

This command takes effect only on BGP routes. If you enable this feature and use a routing policy that does not exist for route filtering, non-BGP routes can still pass the routing policy.

Examples

# Prevent all routes from passing a routing policy that does not exist.

<Sysname> system-view

[Sysname] route-policy non-exist-deny

route-policy prefix-protocol-check

Use route-policy prefix-protocol-check to enable IP protocol consistency check between routes and the prefix list specified in an if-match clause.

Use undo route-policy prefix-protocol-check to restore the default.

Syntax

route-policy prefix-protocol-check

undo route-policy prefix-protocol-check

Default

The routing policy does not check the IP protocol consistency between routes and the prefix list specified in an if-match clause:

· If the if-match clause uses an IPv6 address prefix list, all IPv4 routes can match the clause.

· If the if-match clause uses an IPv4 address prefix list, all IPv6 routes can match the clause.

Views

System view

Predefined user roles

network -admin

Usage guidelines

This feature functions as follows:

· If the if-match clause uses an IPv6 prefix list, all IPv4 routes cannot match the clause.

· If the if-match clause uses an IPv4 prefix list, all IPv6 routes cannot match the clause.

If both of the following conditions exist, a routing protocol (either IGP or BGP) will check the IP protocol consistency between routes and the prefix list specified in an if-match clause:

· The route-policy prefix-protocol-check command is executed.

· The routing protocol uses a routing policy for route filtering.

If both of the following conditions exist, a routing protocol (either IGP or BGP) will not check the IP protocol consistency between routes and the prefix list specified in an if-match clause:

· The undo route-policy prefix-protocol-check command is executed.

· The routing protocol uses a routing policy for route filtering.

Examples

# Enable IP protocol consistency check between routes and the prefix list specified in an if-match clause.

<Sysname> system-view

[Sysname] route-policy prefix-protocol-check

Related commands

if-match ip

if-match ipv6

route-policy-change delay-time

Use route-policy-change delay-time to set the routing policy change delay timer.

Use undo route-policy-change delay-time to restore the default.

Syntax

route-policy-change delay-time { time-value | unlimited }

undo route-policy-change delay-time

Default

Routing policy changes immediately take effect, but the routing protocol waits five seconds before processing routes from the new routing policy.

Views

System view

Predefined user roles

network-admin

Parameters

time-value: Specifies the routing policy change delay timer in the range of 60 to 3600 seconds. When this delay timer expires, the routing protocol waits five seconds before processing routes from the new routing policy.

unlimited: Sets an infinite delay timer.

Usage guidelines

Application scenarios

This command makes a routing policy take effect after a delayed time interval, which prevents incomplete routing policy configuration from being issued to cause incorrect route advertisement.

Operating mechanism

A routing policy changes when one of the following events occurs:

· A routing policy is created.

· A routing policy node, if-match clause, or apply clause is added, modified, or deleted for a routing policy.

· An IPv4 prefix list, IPv6 prefix list, AS path list, community list, extended community list, or MAC list is added, modified, or deleted.

· The ACL used by an if-match clause changes.

After you configure this command, the system automatically starts the timer when a routing policy changes. The changes will not take effect on the routing policy until the change delay timer expires.

Restrictions and guidelines

To have enough time to complete routing policy configuration, you can specify the unlimited keyword for the command. Then, execute the undo form of the command after you complete the configuration.

If you modify the routing policy change delay timer before it expires, the timer will be reset.

Examples

# Set the routing policy change delay timer to 60 seconds.

<Sysname> system-view

[Sysname] route-policy-change delay-time 60

IPv4 routing policy commands

apply fast-reroute

Use apply fast-reroute to set a backup link for fast reroute (FRR).

Use undo apply fast-reroute to restore the default.

Syntax

apply fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ip-address ] | backup-nexthop ip-address }

undo apply fast-reroute

Default

No backup link for FRR is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

backup-interface interface-type interface-number: Specifies a backup output interface by its type and number. If the specified interface is a non-P2P interface, you must also specify a backup next hop. Non-P2P interfaces include NBMA and broadcast interfaces.

backup-nexthop ip-address: Specifies a backup next hop.

Usage guidelines

This command sets a backup link in the routing policy for FRR.

Using the routing policy, a routing protocol can designate a backup link for specific routes to implement FRR. If the primary link is used as an optimal route, the backup link is issued to the FIB together with the primary link. When the primary link fails, FRR immediately directs packets to the backup link to minimize interruption time.

Examples

# Configure node 10 of routing policy policy1 to set the backup output interface Ten-GigabitEthernet 0/0/15 and backup next hop 193.1.1.8 for the route destined for 100.1.1.0/24. ‌

<Sysname> system-view

[Sysname] ip prefix-list abc index 10 permit 100.1.1.0 24

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match ip address prefix-list abc

[Sysname-route-policy-policy1-10] apply fast-reroute backup-interface ten-gigabitethernet 0/0/15 backup-nexthop 193.1.1.8

apply ip-address next-hop

Use apply ip-address next-hop to set a next hop for IPv4 routes.

Use undo apply ip-address next-hop to restore the default.

Syntax

apply ip-address next-hop { ip-address [ public | vpn-instance vpn-instance-name ] | advertiser-address }

undo apply ip-address next-hop

Default

No next hop is set for IPv4 routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the next hop IP address.

public: Specifies the public network.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the next hop belongs to the public network.

advertiser-address: Specifies the IPv4 address of the BGP route advertiser as the next hop. This keyword functions as follows:

· Before advertising a route to IPv4 peers and peer groups, BGP sets the local peer address as the next hop of the route.

· After receiving a route from an IPv4 peer or peer group, BGP sets the source peer address as the next hop of the route.

Usage guidelines

If you use the ip-address argument to set a next hop, the configuration does not take effect on redistributed routes.

You can use the peer route-policy command to specify a routing policy to set the address of an indirectly connected interface as the next hop for routes from directly connected EBGP peers. In this situation, configuration of the peer ebgp-max-hop command is required. The command allows the establishment of an EBGP session to the indirectly connected peer. If you do not execute the peer ebgp-max-hop command, the next hop will be unreachable and services will be interrupted.

If you execute this command multiple times to set different next hops for IPv4 routes, the most recent configuration takes effect.

Examples

# Configure node 10 in permit mode for routing policy policy1 to set next hop 193.1.1.8 for routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply ip-address next-hop 193.1.1.8

display ip prefix-list

Use display ip prefix-list to display IPv4 prefix list statistics.

Syntax

display ip prefix-list [ name prefix-list-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all IPv4 prefix lists.

Examples

# Display the statistics for IPv4 prefix list abc.

<Sysname> display ip prefix-list name abc

Prefix-list: abc

Permitted 0

Denied 0

index: 10 Deny 6.6.6.0/24 ge 26 le 28

Table 8 Command output

Field	Description
Prefix-list	Name of the IPv4 prefix list.
Permitted	Total number of routes that match the criterion and are permitted after the IPv4 prefix list was created. The value for this field is reset to zero after device reboot.
Denied	Total number of routes that match the criterion and are denied after the IPv4 prefix list was created. The value for this field is reset to zero after device reboot.
index	Index of an item.
deny	Match mode of the item: · Permit. · Deny.
6.6.6.0/24	IP address and mask.
ge	Greater-equal, the lower mask length limit.
le	Less-equal, the upper mask length limit.

‌

Related commands

ip prefix-list

reset ip prefix-list

if-match ip

Use if-match ip to match IPv4 routes whose destination, next hop, or source address matches an ACL or IPv4 prefix list.

Use undo if-match ip to remove the specified ACL or IPv4 prefix list match criterion.

Syntax

if-match ip { address | next-hop | route-source } { acl { ipv4-acl-number | name ipv4-acl-name } | prefix-list prefix-list-name }

undo if-match ip { address | next-hop | route-source } [ acl | prefix-list ]

Default

No ACL or IPv4 prefix list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

address: Matches the destination address of IPv4 routes.

next-hop: Matches the next hop of IPv4 routes.

route-source: Matches the source address of BGP routes. This keyword corresponds to the Neighbor field in the output from the display ip routing-table verbose command.

acl ipv4-acl-number: Specifies an ACL by its number. The value range for the ipv4-acl-number argument is 2000 to 3999 for the address keyword, and 2000 to 2999 for the next-hop and route-source keywords.

acl name ipv4-acl-name: Specifies an ACL by its name, a case-insensitive string of 1 to 63 characters. The ACL name must start with a letter and cannot be all.

prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

When you specify an IPv4 ACL, follow these guidelines:

· If the specified ACL does not exist or does not have any rules, all IPv4 routes can match the ACL.

· If a rule in the specified ACL is applied to a VPN instance, the rule does not take effect.

Follow these restrictions and guidelines to use an IPv4 advanced ACL rule to configure an ACL match criterion:

· To match the destination address of IPv4 routes, execute the rule [ rule-id ] { deny | permit } ip source sour-addr sour-wildcard command to create the rule.

· To match the destination address mask of IPv4 routes, execute the rule [ rule-id ] { deny | permit } ip destination dest-addr dest-wildcard command to create the rule. Do not use this rule if the next-hop or route-source keyword is specified.

If the specified IPv4 prefix list does not exist, all IPv4 routes can match the routing policy node.

Examples

# Configure node 10 of routing policy policy1 to match IPv4 routes whose next hop matches IP prefix list p1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match ip next-hop prefix-list p1

ip prefix-list

Use ip prefix-list to configure an IPv4 prefix list or an item for the list.

Use undo ip prefix-list to remove an IPv4 prefix list or an item of it.

Syntax

ip prefix-list prefix-list-name [ index index-number ] { deny | permit } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ]

undo ip prefix-list prefix-list-name [ ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ] | index index-number ]

Default

No IPv4 prefix lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

prefix-list-name: Specifies an IPv4 prefix list name, a case-sensitive string of 1 to 63 characters.

index index-number: Specifies an index number for an IPv4 prefix list item, in the range of 1 to 65535. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive prefix list items. This option is required for target configuration. For more information about target configuration, see Fundamentals Configuration Guide.

permit: Specifies the permit mode. If a route matches the item, it passes the IPv4 prefix list. If a route does not match the item, the route is compared with the next item.

ip-address mask-length: Specifies an IPv4 prefix and mask length. The value range for the mask-length argument is 0 to 32.

greater-equal min-mask-length, less-equal max-mask-length: Specifies a prefix length range. The greater-equal keyword means "greater than or equal to" and the less-equal keyword means "less than or equal to." The prefix length range relation is mask-length <= min-mask-length <= max-mask-length <= 32.

· If only the min-mask-length argument is specified, the prefix length range is [ min-mask-length, 32 ].

· If only the max-mask-length argument is specified, the prefix length range is [ mask-length, max-mask-length ].

· If both the min-mask-length and max-mask-length arguments are specified, the prefix length range is [ min-mask-length, max-mask-length ].

Usage guidelines

An IPv4 prefix list is used to filter IPv4 addresses. It can contain multiple items, each of which specifies a range of IPv4 prefixes. The relation between the items is logical OR. If an item is passed, the IPv4 prefix list is passed. If no item is passed, the IP prefix list cannot be passed.

If the ip-address mask-length argument is specified as 0.0.0.0 0, only the default route will be matched.

To match all routes, use 0.0.0.0 0 less-equal 32.

Examples

# Configure IP prefix list p1 to permit routes destined for network 10.0.0.0/8 and with mask length 17 or 18.

<Sysname> system-view

[Sysname] ip prefix-list p1 permit 10.0.0.0 8 greater-equal 17 less-equal 18

Related commands

display ip prefix-list

reset ip prefix-list

Use reset ip prefix-list to clear IPv4 prefix list statistics.

Syntax

reset ip prefix-list [ prefix-list-name ]

Views

User view

Predefined user roles

network-admin

Parameters

prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all IPv4 prefix lists.

Examples

# Clear the statistics for IPv4 prefix list abc.

<Sysname> reset ip prefix-list abc

Related commands

display ip prefix-list

ip prefix-list

IPv6 routing policy commands

apply ipv6 fast-reroute

Use apply ipv6 fast-reroute to set a backup link for fast reroute (FRR).

Use undo apply ipv6 fast-reroute to restore the default.

Syntax

apply ipv6 fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ipv6-address ] | backup-nexthop ipv6-address }

undo apply ipv6 fast-reroute

Default

No backup link for FRR is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

backup-nexthop ipv6-address: Specifies an IPv6 backup next hop.

Usage guidelines

This command sets a backup link in the routing policy for FRR.

Examples

# Configure node 10 of routing policy policy1 to set the backup next hop 1::1/64 for the route destined for 100::1/64.

<Sysname> system-view

[Sysname] ipv6 prefix-list abc index 10 permit 100::1 64

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match ipv6 address prefix-list abc

[Sysname-route-policy-policy1-10] apply ipv6 fast-reroute backup-nexthop 1::1

apply ipv6 next-hop

Use apply ipv6 next-hop to set a next hop for IPv6 routes.

Use undo apply ipv6 next-hop to restore the default.

Syntax

apply ipv6 next-hop { ipv6-address | advertiser-address }

undo apply ipv6 next-hop

Default

No next hop is set for IPv6 routes.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies the next hop IPv6 address.

advertiser-address: Specifies the IPv6 address of the BGP route advertiser as the next hop. This keyword functions as follows:

· Before advertising a route to IPv6 peers and peer groups, BGP sets the local peer address as the next hop of the route.

· After receiving a route from an IPv6 peer or peer group, BGP sets the source peer address as the next hop of the route.

Usage guidelines

If you use the ipv6-address argument to set a next hop, the configuration does not take effect on redistributed routes.

If you execute this command multiple times to set different next hops for IPv6 routes, the most recent configuration takes effect.

Examples

# Configure node 10 for routing policy policy1 to set next hop 3ffe:506::1 for IPv6 routes matching AS path list 1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match as-path 1

[Sysname-route-policy-policy1-10] apply ipv6 next-hop 3ffe:506::1

display ipv6 prefix-list

Use display ipv6 prefix-list to display IPv6 prefix list statistics.

Syntax

display ipv6 prefix-list [ name prefix-list-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all IPv6 prefix lists.

Examples

# Display the statistics for all IPv6 prefix lists.

<Sysname> display ipv6 prefix-list

Prefix-list6: 666

Permitted 0

Denied 0

index: 10 Permit 6::/64 ge 66 le 88

Table 9 Command output

Field	Description
Prefix-list6	Name of the IPv6 prefix list.
Permitted	Total number of routes that match the criterion and are permitted after the IPv6 prefix list was created. The value for this field is reset to zero after device reboot.
Denied	Total number of routes that match the criterion and are denied after the IPv6 prefix list was created. The value for this field is reset to zero after device reboot.
index	Index number of an item.
permit	Match mode of the item: · Permit. · Deny.
6::/64	IPv6 address and prefix length for matching.
ge	Greater-equal, the lower prefix length limit.
le	Less-equal, the upper prefix length limit.

‌

Related commands

ipv6 prefix-list

reset ipv6 prefix-list

if-match ipv6

Use if-match ipv6 to match IPv6 routes whose destination, next hop, or source address matches an ACL or IPv6 prefix list.

Use undo if-match ipv6 to remove the specified ACL or IPv6 prefix list match criterion.

Syntax

if-match ipv6 { address | next-hop | route-source } { acl { ipv6-acl-number | name ipv6-acl-name } | prefix-list prefix-list-name

undo if-match ipv6 { address | next-hop | route-source } [ acl | prefix-list ]

Default

No ACL or IPv6 prefix list match criterion is configured.

Views

Routing policy node view

Predefined user roles

network-admin

Parameters

address: Matches the destination address of IPv6 routes.

next-hop: Matches the next hop of IPv6 routes.

route-source: Matches the source address of IPv6 routes.

acl ipv6-acl-number: Specifies an IPv6 ACL by its number. The value range for the ipv6-acl-number argument is 2000 to 3999 for the address keyword, and 2000 to 2999 for the next-hop and route-source keywords.

acl name ipv6-acl-name: Specifies an IPv6 ACL by its name, a case-insensitive string of 1 to 63 characters. The ACL name must start with a letter and cannot be all.

prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

When you specify an IPv6 ACL, follow these guidelines:

· If the specified ACL does not exist or does not have any rules, all IPv6 routes can match the ACL.

· If a rule in the specified ACL is applied to a VPN instance, the rule does not take effect.

Follow these restrictions and guidelines to use an IPv6 advanced ACL rule to configure an ACL match criterion:

· To match the destination address of IPv6 routes, execute the rule [ rule-id ] { deny | permit } ipv6 source source-address source-prefix command to create the rule.

· To match the destination address prefix of IPv6 routes, execute the rule [ rule-id ] { deny | permit } ipv6 destination dest-address dest-prefix command to create the rule. Do not use this rule if the next-hop or route-source keyword is specified.

If the specified IPv6 prefix list does not exist, all IPv6 routes can match the routing policy node.

Examples

# Configure node 10 of routing policy policy1 to permit routes whose next hop matches IPv6 prefix list p1.

<Sysname> system-view

[Sysname] route-policy policy1 permit node 10

[Sysname-route-policy-policy1-10] if-match ipv6 next-hop prefix-list p1

ipv6 prefix-list

Use ipv6 prefix-list to configure an IPv6 prefix list or an item for it.

Use undo ipv6 prefix-list to remove an IPv6 prefix list or an item.

Syntax

ipv6 prefix-list prefix-list-name [ index index-number ] { deny | permit } ipv6-address { prefix-length [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] | inverse inverse-prefix-length }

undo ipv6 prefix-list prefix-list-name [ ipv6-address { prefix-length [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] | inverse inverse-prefix-length } | index index-number ]

Default

No IPv6 prefix lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

prefix-list-name: Specifies an IPv6 prefix list name, a case-sensitive string of 1 to 63 characters.

index index-number: Specifies an index number for an IPv6 prefix list item, in the range of 1 to 65535. An item with a smaller index number is matched first. If you do not specify this option, the index number starts from 10 and increases by 10 for each of the consecutive IPv6 prefix list items. This option is required for target configuration. For more information about target configuration, see Fundamentals Configuration Guide.

permit: Specifies the permit mode. If a route matches the item, it passes the IPv6 prefix list. If a route does not match the item, the route is compared with the next item.

ipv6-address: Specifies an IPv6 address.

prefix-length: Specifies the IPv6 prefix length. The value range for the prefix-length argument is 0 to 128.

The prefix length range relation is mask-length <= min-mask-length <= max-mask-length <= 128.

· If only the min-prefix-length argument is specified, the prefix length range is [ min-prefix-length, 128 ].

· If only the max-prefix-length argument is specified, the prefix length range is [ prefix-length, max-prefix-length ].

· If both the min-prefix-length and max-prefix-length arguments are specified, the prefix length range is [ min-prefix-length, max-prefix-length ].

inverse inverse-prefix-length: Matches IPv6 addresses from the least significant bit to the specified length. The value range for the inverse-prefix-length argument is 1 to 128.

Usage guidelines

An IPv6 prefix list is used to filter IPv6 addresses. An IPv6 prefix list can have multiple items, and each of them specifies a range of IPv6 prefixes. The relation between the items is logical OR. A route passing an item passes the IPv6 prefix list. A route passing no item does not pass the IPv6 prefix list.

If the ipv6-address prefix-length argument is specified as :: 0, only the default route matches.

To match all routes, configure :: 0 less-equal 128.

Examples

# Permit IPv6 addresses with a mask length between 32 bits and 64 bits.

<Sysname> system-view

[Sysname] ipv6 prefix-list abc permit :: 0 greater-equal 32 less-equal 64

# Deny IPv6 addresses with a prefix 3FFE:D00::/32 and a prefix length greater than or equal to 32 bits.

<Sysname> system-view

[Sysname] ipv6 prefix-list abc deny 3FFE:D00:: 32 less-equal 128

Related commands

display ipv6 prefix-list

reset ipv6 prefix-list

Use reset ipv6 prefix-list to clear IPv6 prefix list statistics.

Syntax

reset ipv6 prefix-list [ prefix-list-name ]

Views

User view

Predefined user roles

network-admin

Parameters

prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all IPv6 prefix lists.

Examples

# Clear the statistics for IPv6 prefix list abc.

<Sysname> reset ipv6 prefix-list abc

Related commands

display ipv6 prefix-list

ipv6 prefix-list

06-Layer 3—IP Routing Command Reference

apply aigp

Restrictions and guidelines

apply community

apply cost

Application scenarios

Operating mechanism

Application scenarios

Restrictions and guidelines

apply ip-precedence

Application scenarios

Restrictions and guidelines

apply label-value

Application scenarios

Restrictions and guidelines

display ip extcommunity-list

display route-policy

if-match as-path

if-match interface

if-match mpls-label

if-match protocol

Application scenarios

Operating mechanism

Restrictions and guidelines

if-match route-type

ip as-path

ip extcommunity-list

Application scenarios

Operating mechanism

reset ip as-path

route-policy

Application scenarios

Operating mechanism

Application scenarios

Restrictions and guidelines

Application scenarios

Operating mechanism

Restrictions and guidelines

apply fast-reroute

if-match ip

ip prefix-list

reset ip prefix-list

display ipv6 prefix-list

reset ipv6 prefix-list

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

News & Events

Contact Us