路由映射提供了一种方法,可以过滤和/或将操作应用到路由,从而允许策略应用于路由。
对于路由反射器将route-map应用到反射路由,请确保在router bgp
模式下包含bgp route-reflector allow-outbound-policy。
路由映射是路由映射条目的有序列表。每个条目最多可指定四组不同的条款:
Matching Conditions
route-map entry 可以可选地指定一个或多个条件,如果要进一步考虑条目,则这些条件必须被匹配,如由匹配策略所控制的那样。如果route-map entry 没有明确指定任何匹配条件,则它始终匹配。
Set Actions
route-map entry 可以指定一个或多个设置操作来设置或修改route的属性。
Matching Policy
这将指定满足或不满足匹配条件时隐含的策略,以及要采取的 route-map 操作(如果有)。这两种可能性是:
- permit: 如果entry 匹配,则执行设置的操作。然后完成处理route-map,允许route,除非退出策略操作另有指示。
- deny: 如果entry 匹配,则完成对route-map 的处理并拒绝该route (return deny)。
匹配策略被指定为命令的一部分,该命令定义 route-map中的有序条目。见下文。
Call Action
在执行任何设置操作后,调用另一个route-map。如果调用的route-map返回拒绝,则处理route-map将完成,并且拒绝路由,而不管匹配策略或退出策略如何。如果调用的路由映射返回许可,那么匹配策略和退出策略将正常地管理进一步的行为。
Exit Policy
如果entry 匹配,entry 可以选择性地指定要采取的替代退出策略,而不是退出route-map并允许route的常规策略。这两种可能性是:
- next: 继续处理 route-map entries。
- goto N: 跳转到route-map 中顺序>=N的第一个route-map 条目。不允许跳转到上一个条目。
如果没有匹配的条目,route-map的默认操作是拒绝。I.e. route-map的最后一个条目基本上有一个空拒绝条目,该条目与所有路由匹配。要更改此行为,必须将空许可证条目指定为route-map中的最后一个条目。
总结以上内容:
Match | No Match | |
---|---|---|
Permit | action | cont |
Deny | deny | cont |
action
- Apply set statements
- If call is present, call given route-map. If that returns a
deny
, finish processing and returndeny
. - If Exit Policy is next, goto next route-map entry
- If Exit Policy is goto, goto first entry whose order in the list is >= the given order.
- Finish processing the route-map and permit the route.
deny
The route is denied by the route-map (return deny
).
cont
goto next route-map entry
- show route-map [WORD]
Display data about each daemons knowledge of individual route-maps. If WORD is supplied narrow choice to that particular route-map.
clear route-map counter [WORD]
清除存储的有关route-maps利用率的计数器,以便后续show命令将指示自上次清除以来的情况。如果指定了WORD,则只清除该特定route-maps的计数器。
Route Map Command
route-map ROUTE-MAP-NAME (permit|deny) ORDER
使用permit或deny的匹配策略配置route-map-name中的order条目。
Route Map Match Command
- match ip address ACCESS_LIST
匹配指定的访问列表
- match ip address prefix-list PREFIX_LIST
匹配指定的前缀列表
- match ip address prefix-len 0-32
匹配指定的前缀len。这是zebra特有的命令。
- match ipv6 address ACCESS_LIST
- match ipv6 address prefix-list PREFIX_LIST
- match ipv6 address prefix-len 0-128
- match ip next-hop address IPV4_ADDR
这是特定于BGP的匹配命令。这是特定于BGP的匹配命令。匹配指定的ipv4地址。
- match ipv6 next-hop IPV6_ADDR
这是特定于BGP的匹配命令。这是特定于BGP的匹配命令。匹配指定的ipv6\u addr。
- match as-path AS_PATH
- match metric METRIC
匹配指定的度量。
- match tag TAG
匹配与路由关联的指定标记值。此标记值可以在(1-4294967295)范围内。
- match local-preference METRIC
Matches the specified local-preference.
- match community COMMUNITY_LIST
- match peer IPV4_ADDR
这是特定于BGP的匹配命令。这是特定于BGP的匹配命令。匹配以这种方式指定邻居的对等ip地址。
- match peer IPV6_ADDR
这是特定于BGP的匹配命令。这是特定于BGP的匹配命令。匹配以这种方式指定邻居的对等ipv6地址。
- match peer INTERFACE_NAME
这是特定于BGP的匹配命令。这是特定于BGP的匹配命令。匹配以这种方式指定邻居时指定的对等接口名称。
- match source-protocol PROTOCOL_NAME
这是特定于zebra的匹配命令。这是特定于zebra的匹配命令。与指定的原始协议匹配。
- match source-instance NUMBER
这是特定于zebra的匹配命令。这是特定于zebra的匹配命令。数字的范围是(0-255)。匹配指定的原始协议实例。
Route Map Set Command
- set tag TAG
在匹配的路由上设置一个标记。此标记值可以来自(1-4294967295)。另外,如果您使用--enable realms 配置选项编译。来自(1-255)的标记值作为域值发送到Linux内核。然后可以应用路由策略。请参阅tc手册页。
- set ip next-hop IPV4_ADDRESS
将BGP next xthop地址设置为指定的IPV4_ADDRESS。输入和输出route-maps。
- set ip next-hop peer-address
Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ip address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor.
- set ip next-hop unchanged
Set the route-map as unchanged. Pass the route-map through without changing it’s value.
- set ipv6 next-hop peer-address
Set the BGP nexthop address to the address of the peer. For an incoming route-map this means the ipv6 address of our peer is used. For an outgoing route-map this means the ip address of our self is used to establish the peering with our neighbor.
- set ipv6 next-hop prefer-global
For Incoming and Import Route-maps if we receive a v6 global and v6 LL address for the route, then prefer to use the global address as the nexthop.
set ipv6 next-hop global IPV6_ADDRESS
Set the next-hop to the specified IPV6_ADDRESS for both incoming and outgoing route-maps.
set local-preference LOCAL_PREF
Set the BGP local preference to local_pref.
set local-preference +LOCAL_PREF
Add the BGP local preference to an existing local_pref.
set local-preference -LOCAL_PREF
Subtract the BGP local preference from an existing local_pref.
set distance DISTANCE
Set the Administrative distance to DISTANCE to use for the route. This is only locally significant and will not be dispersed to peers.
set weight WEIGHT
Set the route’s weight.
set metric <[+|-](1-4294967295)|rtt|+rtt|-rtt>
Set the BGP attribute MED to a specific value. Use +/- to add or subtract the specified value to/from the MED. Use rtt to set the MED to the round trip time or +rtt/-rtt to add/subtract the round trip time to/from the MED.
set as-path prepend AS_PATH
Set the BGP AS path to prepend.
set community COMMUNITY
Set the BGP community attribute.
set ipv6 next-hop local IPV6_ADDRESS
Set the BGP-4+ link local IPv6 nexthop address.
set origin ORIGIN <egp|igp|incomplete>
Set BGP route origin.
set table (1-4294967295)
Set the BGP table to a given table identifier
set sr-te color (1-4294967295)
Set the color of a SR-TE Policy to be applied to a learned route. The SR-TE Policy is uniquely determined by the color and the BGP nexthop.
Route Map Call Command
- call NAME
Call route-map name. If it returns deny, deny the route and finish processing the route-map.
Route Map Exit Action Command
on-match next
continue
Proceed on to the next entry in the route-map.
on-match goto N
continue N
Proceed processing the route-map at the first entry whose order is >= N
Route Map Optimization Command
route-map optimization
Enable route-map processing optimization. The optimization is enabled by default. Instead of sequentially passing through all the route-map indexes until a match is found, the search for the best-match index will be based on a look-up in a prefix-tree. A per-route-map prefix-tree will be constructed for this purpose. The prefix-tree will compose of all the prefixes in all the prefix-lists that are included in the match rule of all the sequences of a route-map.
Route Map Examples
A simple example of a route-map:
route-map test permit 10
match ip address 10
set local-preference 200
This means that if a route matches ip access-list number 10 it’s local-preference value is set to 200.
See Miscellaneous Configuration Examples for examples of more sophisticated usage of route-maps, including of the call
action.