Configuration Guide - IP Routing 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - IP Routing

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Configuring a Route-Policy

Each node of a route-policy can comprise a set of if-match, goto next-node and apply clauses.

Usage Scenario

A route-policy includes various matching rules and hence can meet the requirements of various scenarios. Except ACLs, IP prefix lists, and AS_Path filters, other filters need to be used with a route-policy.

A route-policy is used to match routes or attributes of routes, and to change the attributes when the matching rules are met. The matching rules of a route-policy can use other filters, such as ACLs, IP prefix lists, AS_Path filters, community filters, extended community filters, and RD filters.

A route-policy can consist of multiple nodes, and each node can comprise the following clauses:

if-match clauses: define the matching rules that are used to match certain route attributes. The matching rules are conditions defined by the route-policy against which routes are matched.
apply clauses: specify actions. When a route matches a node, the apply clauses set certain attributes for the route.
goto next-node clauses: further match routes against a specified node after the routes match the current node.

For more information about a route-policy, refer to the NE device Mid-End Router Feature Description - IP Routing.

Pre-configuration Tasks

Before configuring a route-policy, complete the following tasks:

Configure an IP prefix list.
Configure a routing protocol.

Configuration Procedures

Creating a Route-Policy
By applying a route-policy, you can set attributes for the imported routes as required.
(Optional) Configuring an if-match Clause
The if-match clauses define the matching rules that are used to match certain route attributes.
(Optional) Configuring an apply Clause
The apply clauses specify actions to set certain route attributes.
(Optional) Further Matching Routes Against a Specified Node
A route-policy can be configured to match routes against two or more nodes.
Applying a Route-Policy
A route-policy takes effect only when it is applied to a routing protocol.
Verifying the Route-Policy Configuration
After configuring a route-policy, verify information about the route-policy.

Creating a Route-Policy

By applying a route-policy, you can set attributes for the imported routes as required.

Procedure

Run system-view
The system view is displayed.
Run route-policy route-policy-name { permit | deny } node node
A route-policy is created, and the route-policy view is displayed.

The matching modes of a node include permit and deny:
- In permit mode, if a route matches a node, the actions specified by apply clauses are performed on the route, and the route does not continue to match against the next node. If the route fails to match the node, the route continues to match against the next node.
- In deny mode, if a route matches a node, the actions specified by apply clauses are not performed on the route; if a route matches all the if-match clauses of a node, the route is denied by the node and does not continue to match against the next node; if the route does not match any if-match clause of the node, the route continues to match against the next node.
NOTE:
On the NE, by default, the routes that fail to match a route-policy are denied. If more than one node is defined in a route-policy, at least one node needs to be set to permit mode.

If a route does not match any node in the route-policy, the route is denied by the route-policy. If all the nodes in a route-policy are set to deny mode, all the routes are denied by the route-policy.

When a route-policy is used to filter routes, the node with a smaller value is matched first.
Run commit
The configuration is committed.

(Optional) Configuring an if-match Clause

The if-match clauses define the matching rules that are used to match certain route attributes.

Procedure

Run system-view
The system view is displayed.
Run route-policy route-policy-name { permit | deny } node node
The route-policy view is displayed.
Run the following command as required to configure if-match clauses for the route-policy:
- To set a matching rule that is based on the basic ACL, perform the following steps:
  1. Run the if-match acl command to configure the ACL to match the routes.
  2. Run the quit command to return to the system view.
  3. Run the acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ] command to enter the basic ACL view.
  4. Run the rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] ^* command to configure the rule for the basic ACL.
    
    When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.
    When a filtering policy of a routing protocol is used to filter routes:
    - If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.
    - If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.
    - If a route has not matched any ACL rules, the route will not be received or advertised by the system.
    - If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.
    - If the ACL referenced by the route-policy does not exist, all routes matching the route-policy will be received or advertised by the system.
    - In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:
      
      Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.
      
      Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.
- Run if-match cost cost or if-match cost { greater-equal greater-equal-value [ less-equal less-equal-value ] | less-equal less-equal-value }
  
  The route cost is set to match routes.
- Run if-match preference preference
  
  The route preference is set to match routes.
- Run if-match ip { next-hop | route-source | group-address } { acl { acl-number | acl-name } | ip-prefix ip-prefix-name }
  
  The next hop or source address is configured to match IPv4 routes.
- Run if-match ip-prefix ip-prefix-name
  
  The IP prefix list is configured to match routes.
  
  NOTE:
  For the same route-policy node, the if-match acl command and the if-match ip-prefix command cannot be both configured because the latest configuration overwrites the previous one.
- Run if-match ipv6 { address | next-hop | route-source } { acl { acl-number | acl-name } | prefix-list ipv6-prefix-name }
  
  An IPv6 prefix list is configured to match IPv6 routes.
- Run the following command as required to match the route type:
  - Run if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 }
    
    OSPF is set to match routes.
  - Run if-match route-type { is-is-level-1 | is-is-level-2 }
    
    IS-IS is set to match routes.
  - Run if-match route-type { ibgp | ebgp }
    BGP is set to match routes.
- Run if-match tag tag
  
  The route tag is set to match routes.
- Run if-match protocol { direct | static | rip | ripng | ospf | ospfv3 | bgp | isis | unr } ^*
  
  A protocol-based matching rule is set to match routes of a specified protocol.
The commands in Step 3 are not listed in sequence. A node can have multiple or no if-match clauses.
NOTE:
If multiple if-match clauses of a node in a route-policy define the same matching condition type, the relationship between them is "OR"; if the if-match clauses define different matching condition types, the relationship between these clauses is "AND". If you run any of the following commands more than once, the latest configuration overrides the previous one:
- if-match acl { acl-number | acl-name }
- if-match cost cost
- if-match extcommunity-list soo extcomm-filter-name
- if-match ip next-hop { acl { acl-number | acl-name } | ip-prefix ip-prefix-name }
- if-match ip route-source{ acl { acl-number | acl-name } | ip-prefix ip-prefix-name }
- if-match ip group-address{ acl { acl-number | acl-name } | ip-prefix ip-prefix-name }
- if-match ip-prefix ip-prefix-name
- if-match ipv6 address { acl { acl-number | acl-name } | prefix-list ipv6-prefix-name }
- if-match ipv6 next-hop { acl { acl-number | acl-name } | prefix-list ipv6-prefix-name }
- if-match ipv6 route-source { acl { acl-number | acl-name } | prefix-list ipv6-prefix-name }
- if-match rd-filter rd-filter-number
- if-match rpki origin-as-validation { invalid | not-found | valid }
- if-match tag tag
- if-match protocol { direct | static | rip | ripng | ospf | ospfv3 | bgp | isis | unr } ^*
If no if-match clause is specified, all routes are matched.
Run commit
The configuration is committed.

(Optional) Configuring an apply Clause

The apply clauses specify actions to set certain route attributes.

Procedure

Run system-view
The system view is displayed.
Run route-policy route-policy-name { permit | deny } node node
The route-policy view is displayed.
Run the following command as required to configure apply clauses for the route-policy:
- Run apply cost { [ + | - ] cost | inherit }
  
  The route cost is set.
- Run apply cost-type { external | internal | type-1 | type-2 | internal-inc-ibgp | med-plus-igp }
  
  The cost type is set for routes.
- Run apply dampening half-life-reach reuse suppress ceiling
  
  The dampening parameters are set for EBGP routes.
- Run apply ip-address next-hop { ipv4-address | peer-address }
  
  The next hop address of the IPv4 route is set.
- Run apply ipv6 next-hop { ipv6-address | peer-address | }
  
  The next hop address of the IPv6 route is set.
- Run apply isis { level-1 | level-1-2 | level-2 }
  
  The level of the IS-IS route is set.
- Run apply preference preference
  
  The priority of the routing protocol is set.
- Run apply tag tag
  
  The route tag is set.
The commands in Step 3 are not listed in sequence. A node can have multiple or no apply clauses.
Run commit
The configuration is committed.

(Optional) Further Matching Routes Against a Specified Node

A route-policy can be configured to match routes against two or more nodes.

Context

The relationship between the matching rules of nodes in the same route-policy is OR. Specifically, if a route matches a node, it matches the route-policy and is no longer matched against other nodes. If you need to match the route against two or more nodes, configure a route-policy and use it to match the route against a specified node after the route matches the current node.

Procedure

Run system-view
The system view is displayed.
Run route-policy route-policy-name { permit | deny } node node
The route-policy view is displayed.
Run goto next-node [ node ]
The route-policy is configured to further match routes against a specified node after the routes match the current node.

If node is not specified in the command, the route will be further matched against the next node of the current node by default.

If the node specified in the command does not exist, the route will be further matched against the next node of the specified node by default. If the next node of the specified node does not exist either, the route fails to match the route-policy, and no apply clause will be applied to the route.
Run commit
The configuration is committed.

Applying a Route-Policy

A route-policy takes effect only when it is applied to a routing protocol.

Context

A route-policy can be applied to direct, static, RIP/RIPng, IS-IS, OSPF/OSPFv3, BGP/BGP4+, and BGP/MPLS IP VPN routes. In addition, a route-policy can be applied to an FRR scenario. Perform one of the following configurations as needed:

Apply a route-policy to direct routes.
Apply a route-policy to static routes.
Apply a route-policy to RIP routes.
Apply a route-policy to RIPng routes.
Apply a route-policy to IPv4 IS-IS routes.
Apply a route-policy to IPv6 IS-IS routes.
Apply a route-policy to OSPF routes.
Apply a route-policy to OSPFv3 routes.
Apply a route-policy to BGP routes.
Apply a route-policy to BGP4+ routes.
Apply a route-policy to BGP/MPLS IP VPN routes.

Procedure

Apply a route-policy to direct routes.

Run system-view
The system view is displayed.

To apply a route-policy to specific direct routes, see Table 12-2.

Table 12-2 Applying a route-policy to direct routes

Objectives	Command	Reference
To configure a device to advertise ARP Vlink direct routes that match a route-policy on the public network	arp vlink-direct-route advertise [ route-policy route-policy-name ]	Configuring the Advertisement of IPv4 ARP Vlink Direct Routes on the Public Network
To configure a device to advertise Neighbor Discovery Protocol (NDP) Vlink direct routes that match a route-policy on the public network	ipv6 nd vlink-direct-route advertise [ route-policy route-policy-name ]	Configuring the Advertisement of IPv6 NDP Vlink Direct Routes on the Public Network
To apply a route-policy to direct routes on the public network NOTE: Currently, QoS information, such as the traffic behavior or local ID, can be configured for direct routes only based on a route-policy. A router applies different QoS policies to packets based on the QoS information while forwarding these packets. In this manner, traffic statistics can be collected, and authentication and accounting can be performed based on the direct routes.	ip direct-routing-table route-policy route-policy-name	-

Run commit
The configuration is committed.

Apply a route-policy to static routes.
1. Run system-view
  The system view is displayed.
2. Run ip static-routing-table route-policy route-policy-name
  A route-policy is applied to static routes on the public network.
3. Run commit
  The configuration is committed.

Apply a route-policy to RIP routes.

Run system-view
The system view is displayed.
Run rip [ process-id ]
A RIP process is enabled, and the RIP view is displayed.

To apply a route-policy to specific RIP routes, see Table 12-3.

Table 12-3 Applying a route-policy to RIP routes

Objectives	Command	Reference
To configure a device to generate a default route or advertise a default route in the routing table to neighbors only when the matching conditions of a route-policy are met	default-route originate [ cost cost \| tag tag \| route-policy route-policy-name [ avoid-learning ] ] ^*	Configuring RIP to Advertise Default Routes
To configure RIP to import the BGP routes that match a route-policy	import-route bgp [ permit-ibgp ] [ cost { cost \| transparent } \| route-policy route-policy-name ] ^*	Configuring RIP to Import External Routes
To configure RIP to import the routes from another routing protocol that match a route-policy	import-route { static \| direct \| { isis \| ospf \| rip } [ process-id ] } [ cost cost \| route-policy route-policy-name ] ^*	Configuring RIP to Import External Routes
To set a priority for routes that match a route-policy	preference { preference \| route-policy route-policy-name } ^*	Configuring the RIP Priority

Run commit
The configuration is committed.

Apply a route-policy to RIPng routes.

Run system-view
The system view is displayed.
Run ripng [ process-id ]
A RIPng process is enabled, and the RIPng view is displayed.

To apply a route-policy to specific RIPng routes, see Table 12-4.

Table 12-4 Applying a route-policy to RIPng routes

Objectives	Command	Reference
To configure RIPng to import the routes from another routing protocol that match a route-policy	import-route { static \| direct \| bgp [ permit-ibgp ] \| unr \| { isis \| ospfv3 \| ripng } [ process-id ] } [ cost cost \| route-policy route-policy-name ] ^*	Configuring RIPng to Import External Routes
To set a priority for RIPng routes that match a route-policy	preference { preference \| route-policy route-policy-name } ^*	Configuring the RIPng Priority

Run commit
The configuration is committed.

Apply a route-policy to IPv4 IS-IS routes.

To apply a route-policy in the IS-IS view, perform the following operations:

Run the system-view command to enter the system view.
Run the isis [ process-id ] command to enter the IS-IS view.

To apply a route-policy to IPv4 IS-IS routes in the IS-IS view, see Table 12-5.

Table 12-5 Applying a route-policy to IPv4 IS-IS routes in the IS-IS view

Objectives	Command	Reference
To configure IS-IS to generate and advertise default routes to the IS-IS domain only when external routes that match a route-policy exist in the routing table of a Level-1-2 router	default-route-advertise route-policy route-policy-name [ cost cost \| tag tag \| [ level-1 \| level-1-2 \| level-2 ] ] ^* [ avoid-learning ]	Configuring IS-IS to Generate IPv4 Default Routes
To configure IS-IS to advertise the routes that are imported from another routing protocol and match a route-policy	filter-policy route-policy route-policy-name export [ protocol [ process-id ] ]	–
To configure IS-IS to accept the routes that match a route-policy	filter-policy route-policy route-policy-name import	Configuring IPv4 IS-IS to Import External Routes
To configure IS-IS to import the routes from another routing protocol that match a route-policy	import-route { direct \| static \| { ospf \| rip \| isis } [ process-id ] \| bgp [ permit-ibgp ] } [ cost-type { external \| internal } \| cost cost \| tag tag \| route-policy route-policy-name \| [ level-1 \| level-2 \| level-1-2 ] ] ^* import-route { { ospf \| rip \| isis } [ process-id ] \| bgp [ permit-ibgp ] \| direct } inherit-cost [ { level-1 \| level-2 \| level-1-2 } \| tag tag \| route-policy route-policy-name ] ^*	Configuring IPv4 IS-IS to Import External Routes
To configure Level-1 routes that match a route-policy to leak to a Level-2 area	import-route isis level-1 into level-2 [ filter-policy route-policy route-policy-name \| tag tag ] ^*	Configuring IPv4 IS-IS Route Leaking
To configure Level-2 routes that match a route-policy to leak to a Level-1 area	import-route isis level-2 into level-1 [ filter-policy route-policy route-policy-name \| tag tag ] ^*	Configuring IPv4 IS-IS Route Leaking
To configure a priority for the IS-IS routes that match a route-policy	preference { route-policy route-policy-name \| preference } ^*	Configuring a Preference Value for IPv4 IS-IS

Run the commit command to commit the configuration.

To apply a route-policy in the IS-IS FRR view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the isis [ process-id ] command to enter the IS-IS view.
3. Run the frr command to enter the IS-IS FRR view.
4. Run the frr-policy route route-policy route-policy-name command to configure IS-IS to add the backup routes that match a route-policy to the IP routing table.
  
  For details on how to configure IS-IS Auto FRR (IPv4), see Configuring IS-IS Auto FRR.
5. Run the commit command to commit the configuration.

Apply a route-policy to IPv6 IS-IS routes.

To apply a route-policy in the IS-IS view, perform the following operations:

Run the system-view command to enter the system view.
Run the isis [ process-id ] command to enter the IS-IS view.

To apply a route-policy to IPv6 IS-IS routes in the IS-IS view, see Table 12-6.

Table 12-6 Applying a route-policy to IPv6 IS-IS routes in the IS-IS view

Objectives	Command	Reference
To configure IS-IS to generate and advertise default IPv6 routes to the IS-IS domain only when external routes that match a route-policy exist in the routing table of a Level-1-2 router	ipv6 default-route-advertise route-policy route-policy-name [ cost cost \| tag tag \| [ level-1 \| level-2 \| level-1-2 ] ] ^* [ avoid-learning ]	Configuring IS-IS to Generate IPv6 Default Routes
To configure IS-IS to advertise the IPv6 routes that are imported from another routing protocol and match a route-policy	ipv6 filter-policy route-policy route-policy-name export [ protocol [ process-id ] ]	-
To configure IS-IS to accept the IPv6 routes that match a route-policy	ipv6 filter-policy route-policy route-policy-name import	Configuring IPv6 IS-IS to Import External Routes
To configure IS-IS to import the IPv6 routes from another routing protocol that match a route-policy	ipv6 import-route { direct \| static \| \| unr { ripng \| isis \| ospfv3 } [ process-id ] } \| bgp [ permit-ibgp ] } [ cost cost \| tag tag \| route-policy route-policy-name \| route-filter route-filter-name \| [ level-1 \| level-2 \| level-1-2 ] ] ^* ipv6 import-route { { ospfv3 \| ripng \| isis } [ process-id ] \| bgp [ permit-ibgp ] \| direct \| unr } inherit-cost [ tag tag \| route-policy route-policy-name \| route-filter route-filter-name \| [ level-1 \| level-2 \| level-1-2 ] ] ^*	Configuring IPv6 IS-IS to Import External Routes
To configure Level-1 IPv6 routes that match a route-policy to leak to a Level-2 area	ipv6 import-route isis level-1 into level-2 [ filter-policy route-policy route-policy-name \| tag tag ] ^*	Configuring IPv6 IS-IS Route Leaking
To configure Level-2 IPv6 routes that match a route-policy to leak to a Level-1 area	ipv6 import-route isis level-2 into level-1 [ filter-policy route-policy route-policy-name \| tag tag ] ^*	Configuring IPv6 IS-IS Route Leaking
To configure a priority for the IPv6 IS-IS routes that match a route-policy	ipv6 preference { route-policy route-policy-name \| preference } ^*	Configuring a Priority Value for IPv6 IS-IS

Run the commit command to commit the configuration.

To apply a route-policy in the IS-IS IPv6 topology view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the isis [ process-id ] command to enter the IS-IS view.
3. Run the ipv6 topology topology-name [ topology-id { multicast | topology-id } ] command to bind the IS-IS process to an IPv6 topology and enter the IS-IS IPv6 topology view.
4. Run the import-route { direct | { ospfv3 | ripng | isis } [ process-id ] | bgp [ permit-ibgp ] } inherit-cost [ tag tag | route-policy route-policy-name | { level-1 | level-2 | level-1-2 } ] ^* command to import routes to the IS-IS IPv6 topology.
  
  For details on how to configure IPv6 IS-IS multi-topology, see Enabling MT for an IS-IS Process.
5. Run the commit command to commit the configuration.

Apply a route-policy to OSPF routes.

To apply a route-policy in the OSPF view, perform the following operations:

Run the system-view command to enter the system view.
Run the ospf [ process-id ] command to enable an OSPF process and enter the OSPF view.

To apply a route-policy to OSPF routes in the OSPF view, see Table 12-7.

Table 12-7 Applying a route-policy to OSPF routes

Objectives	Command	Reference
To configure OSPF to advertise the default routes in the routing table that are not generated by OSPF to a common area based on the parameters of a route-policy	default-route-advertise [ [ always \| permit-calculate-other ] \| cost cost \| type type \| route-policy route-policy-name \| distribute-delay delay-time ] ^*	Configuring OSPF to Import a Default Route
To configure OSPF to accept the routes that match a route-policy	filter-policy route-policy route-policy-name [ secondary ] import	Configuring OSPF to Filter Received Routes
To configure OSPF to import the routes that match a route-policy	import-route { bgp [ permit-ibgp ] \| direct \| rip [ process-id-rip ] \| static \| isis [ process-id-isis ] \| ospf [ process-id-ospf ] [ cost cost \| route-policy route-policy-name \| tag tag \| type type ] ^* }	baoj
To configure a route-policy for OSPF local MT so that only the routes that match the route-policy are added to the MIGP routing table	local-mt filter-policy route-policy route-policy-name	-
To configure a priority for OSPF routes that match a route-policy	preference [ ase \| inter \| intra ] { preference \| route-policy route-policy-name } ^*	Setting the OSPF Priority

Run the commit command to commit the configuration.

To apply a route-policy in the OSPF area view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the ospf [ process-id ] command to enable an OSPF process and enter the OSPF view.
3. Run the area area-id command to enter the OSPF area view.
4. Perform either of the following operations to apply a route-policy in the OSPF area view:
  - Run the filter route-policy route-policy-name export command to apply a route-policy to outgoing Type 3 LSAs (summary LSAs) in the area.
  - Run the filter route-policy route-policy-name import command to apply a route-policy to incoming Type 3 LSAs in the area.
  Configuring OSPF to Filter LSAs in an Area
5. Run the commit command to commit the configuration.
To apply a route-policy in the OSPF FRR view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the ospf [ process-id ] command to enable an OSPF process and enter the OSPF view.
3. Run the frr command to enter the OSPF FRR view.
4. Run the loop-free-alternate command to enable OSPF IP FRR to generate a loop-free backup link.
5. Run the frr-policy route route-policy route-policy-name command to configure OSPF to add the backup routes that match a route-policy to the IP routing table.
  
  For details on how to configure OSPF IP FRR, see Configuring OSPF IP FRR.
6. Run the commit command to commit the configuration.

Apply a route-policy to OSPFv3 routes.

To apply a route-policy in the OSPFv3 view, perform the following operations:

Run the system-view command to enter the system view.
Run the ospfv3 [ process-id ] command to enable an OSPFv3 process and enter the OSPFv3 view.

To apply a route-policy to OSPFv3 routes in the OSPFv3 view, see Table 12-8.

Table 12-8 Applying a route-policy to OSPFv3 routes

Objectives	Command	Reference
To configure OSPFv3 to advertise the default routes in the routing table that are not generated by OSPFv3 to an OSPFv3 routing area based on the parameters of a route-policy	default-route-advertise [ always \| permit-calculate-other \| cost cost \| type type \| tag tag \| distribute-delay delay \| route-policy route-policy-name ] ^*	Configuring OSPFv3 to Filter the Routes to Be Advertised
To configure OSPFv3 to import the routes that match a route-policy	import-route { bgp [ permit-ibgp ] \| direct \| static \| isis [ process-id ] \| ripng [ process-id ] \| ospfv3 [ process-id ] } [ cost cost \| tag tag \| type type \| route-policy route-policy-name ] ^* }	Configuring OSPFv3 to Import External Routes
To configure a priority for OSPFv3 routes that match a route-policy	preference [ ase ] { preference \| route-policy route-policy-name } ^*	-

Run the commit command to commit the configuration.

To apply a route-policy in the OSPFv3 area view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the ospfv3 [ process-id ] command to enable an OSPFv3 process and enter the OSPFv3 view.
3. Run the area area-id command to enter the OSPFv3 area view.
4. Perform either of the following operations to apply a route-policy in the OSPFv3 area view:
  - Run the filter route-policy route-policy-name export command to apply a route-policy to outgoing Type 3 LSAs (Inter-Area-Prefix-LSAs) in the area.
  - Run the filter route-policy route-policy-name import command to apply a route-policy to incoming Type 3 LSAs in the area.
  For details on how to apply a route-policy to Type 3 LSAs, see Configuring OSPFv3 to Filter LSAs in an Area.
5. Run the commit command to commit the configuration.
To apply a route-policy in the OSPFv3 FRR view, perform the following operations:
1. Run the system-view command to enter the system view.
2. Run the ospfv3 [ process-id ] command to enable an OSPFv3 process and enter the OSPFv3 view.
3. Run the frr command to enter the OSPFv3 IP FRR view.
4. Run the loop-free-alternate command to enable OSPFv3 IP FRR.
5. Run the frr-policy route route-policy route-policy-name command to configure OSPFv3 to add the backup routes that match a route-policy to the IP routing table.
  
  For details on how to configure OSPFv3 IP FRR, see Configuring OSPFv3 IP FRR.
6. Run the commit command to commit the configuration.

Apply a route-policy to BGP routes.

Run the system-view command to enter the system view.
Run the bgp { as-number-plain | as-number-dot } command to enter the BGP view.
Run the ipv4-family unicast command to enter the IPv4 unicast address family view.

To apply a route-policy to specific BGP routes, see Table 12-9.

Table 12-9 Applying a route-policy to BGP routes

Objectives	Command	Reference
To configure a summarized BGP route and apply a route-policy to it	aggregate ipv4-address { mask \| mask-length } [ as-set \| attribute-policy route-policy-name1 \| detail-suppressed \| origin-policy route-policy-name2 \| suppress-policy route-policy-name3 ] ^*	Configuring BGP Route Aggregation
To configure BGP route dampening	dampening [ half-life-reach reuse suppress ceiling \| route-policy route-policy-name ] ^*	Configuring BGP Route Dampening
To configure BGP to import the routes from another routing protocol that match a route-policy	import-route protocol [ process-id ] [ med med \| route-policy route-policy-name ] ^*	Configuring BGP to Import Routes
To import local routes that match a route-policy to the BGP routing table and advertise them to BGP peers	network ipv4-address [ mask \| mask-length ] [ route-policy route-policy-name ]	Configuring BGP to Import Routes
To enable BGP route iteration based on a route-policy	nexthop recursive-lookup route-policy route-policy-name	Setting Next_Hop Attributes for Routes
To configure a device to send a default route to a peer or a peer group and use a route-policy to modify the attributes of the default route	peer { group-name \| ipv4-address } default-route-advertise [ route-policy route-policy-name ] [ conditional-route-match-all { ipv4-address1 { mask1 \| mask-length1 } } &<1-4> \| conditional-route-match-any { ipv4-address2 { mask2 \| mask-length2 } } &<1-4> ]	Configuring a BGP Device to Send a Default Route to Its Peer
To prevent a device from performing bit-error-triggered protection switching when a route-policy is used as an export policy NOTE: When bit-error-triggered protection switching is configured, bit errors occur, and Local_Pref or MED is modified using an export route-policy, run the command to apply the Local_Pref or MED in the export route-policy.	peer { group-name \| ipv4-address } route-policy route-policy-name export ignore-bit-error	-
To configure a device to accept the routes that match a route-policy from a peer or peer group or advertise the routes that match a route-policy to a peer or peer group	peer { group-name \| ipv4-address } route-policy route-policy-name { import \| export }	Configuring to Control the Advertisement of BGP Routing Information and Controlling the Acceptance of BGP Routing Information
To use a route-policy to set a BGP priority	preference route-policy route-policy-name	Setting the BGP Priority
To prevent the BGP routes that match a route-policy from being added to the IP routing table	routing-table rib-only [ route-policy route-policy-name ]	(Optional) Preventing a Device from Adding BGP Routes to the IP Routing Table

Run the commit command to commit the configuration.

Apply a route-policy to BGP4+ routes.

Run system-view
The system view is displayed.
Run bgp { as-number-plain | as-number-dot }
The BGP view is displayed.
Run ipv6-family [ unicast ]
The IPv6 unicast address family view is displayed.

To apply a route-policy to specific BGP4+ routes, see Table 12-10.

Table 12-10 Applying a route-policy to BGP4+ routes

Objectives	Command	Reference
To configure a summarized BGP4+ route and apply a route-policy to it	aggregate ipv6-address prefix-length [ as-set \| attribute-policy route-policy-name1 \| detail-suppressed \| origin-policy route-policy-name2 \| suppress-policy route-policy-name3 ] ^*	Configuring BGP4+ Route Summarization
To configure BGP4+ route dampening and apply dampening parameters to the routes that match a route-policy	dampening [ half-life-reach reuse suppress ceiling \| route-policy route-policy-name ] ^*	Configuring BGP4+ Route Dampening
To configure BGP4+ to import the routes from another routing protocol that match a route-policy	import-route protocol [ process-id ] [ med med \| route-policy route-policy-name ] ^*	Configuring BGP4+ to Import Routes
To import local routes that match a route-policy to the BGP4+ routing table and advertise them to BGP4+ peers	network ipv6-address prefix-length [ route-policy route-policy-name ]	Configuring BGP4+ to Import Routes
To enable BGP4+ route iteration based on a route-policy	nexthop recursive-lookup route-policy route-policy-name	Setting the Next_Hop Attribute
To configure a device to send a default route to a peer or a peer group and use a route-policy to modify the attributes of the default route	peer { group-name \| ipv6-address } default-route-advertise [ route-policy route-policy-name ]	Configuring BGP4+ to Advertise Default Routes to Peers or peer groups
To configure a device to accept the routes that match a route-policy from a peer or peer group or advertise the routes that match a route-policy to a peer or peer group	peer { group-name \| ipv6-address } route-policy route-policy-name { import \| export }	Configuring a Policy for Advertising BGP4+ Routes and Configuring a Policy for Receiving BGP4+ Routes
To use a route-policy to set a BGP4+ priority	preference route-policy route-policy-name	Setting the BGP4+ Priority
To prevent the BGP4+ routes that match a route-policy from being added to the IPv6 routing table	routing-table rib-only [ route-policy route-policy-name ]	Preventing BGP4+ from Adding Routes to the IP Routing Table

Run commit
The configuration is committed.

Apply a route-policy to BGP/MPLS IP VPN routes.
- To apply a route-policy in the BGP-VPNv4 address family view, perform the following operations:
  1. Run the system-view command to enter the system view.
  2. Run the bgp { as-number-plain | as-number-dot } command to enter the BGP view.
  3. Run the ipv4-family vpnv4 command to enter the BGP-VPNv4 address family view.
  4. Run the nexthop recursive-lookup bit-error-detection { med + med-adjust-value | local-preference - localpref-adjust-value } ^* [ route-policy route-policy-name ] command to associate bit error events with the adjustment of the local preference or MED value for routes that match a route-policy. If route-policy route-policy-name is not specified in the command, the local preferences or MED values of all routes are adjusted.
    
    For details on how to configure bit-error-triggered L3VPN route switching, see Configuring Bit-Error-Triggered VPN Route Switching.
  5. Run the commit command to commit the configuration.
- To apply a route-policy in the VPN instance view, perform the following operations:
  1. Run the system-view command to enter the system view.
  2. Run the ip vpn-instance vpn-instance-name command to enter the VPN instance view.
  3. Perform either of the following operations as required:
    - To associate the VPN instance IPv4 or IPv6 address family with one export route-policy, run the export route-policy route-policy-name [ add-ert-first ] command.
      
      The export command can control route transmission between different VPN instances on a PE, while the peer route-policy export command can control only the VPNv4 or VPNv6 routes that a PE sends to other PE peers.
    - To associate the VPN instance IPv4 or IPv6 address family with one import route-policy, run the import route-policy route-policy-name command.
      
      The import route-policy command can control route transmission between different VPN instances on a PE, while the peer route-policy import command can control only the VPNv4 or VPNv6 routes that a PE sends to other PE peers.
      
      To configure a device to advertise ARP Vlink direct routes that match a route-policy on a VPN, run the arp vlink-direct-route advertise [ route-policy route-policy-name ] command. For details, see Configure a direct route between a PE and a CE.
  4. Run the commit command to commit the configuration.
- To apply a route-policy in the VPN instance IPv4 address family view, perform the following operations:
  1. Run the system-view command to enter the system view.
  2. Run the ip vpn-instance vpn-instance-name command to enter the VPN instance view.
  3. Run the ipv4-family command to enable the IPv4 address family for the VPN instance and enter the VPN instance IPv4 address family view.
  4. Run the ip { direct-routing-table | static-routing-table } route-policy route-policy-name command to apply a route-policy to direct or static routes in the VPN instance IPv4 address family.
    
    After the ip route-policy command is run, a device can modify attributes of direct or static routes based on the route-policy.
  5. Run the commit command to commit the configuration.
- To apply a route-policy in the VPN instance IPv6 address family view, perform the following operations:
  1. Run the system-view command to enter the system view.
  2. Run the ip vpn-instance vpn-instance-name command to enter the VPN instance view.
  3. Run the ipv6-family command to enable the IPv6 address family for the VPN instance and enter the VPN instance IPv6 address family view.
  4. Run the nd vlink-direct-route advertise [ route-policy route-policy-name ] command to configure a device to advertise NDP Vlink direct routes that match a route-policy on a VPN. For details, see Configure a direct route between a PE and a CE.
  5. Run the commit command to commit the configuration.

Verifying the Route-Policy Configuration

After configuring a route-policy, verify information about the route-policy.

Prerequisites

The route-policy has been configured.

Procedure

Run the display route-policy [ route-policy-name ] command to check information about the route-policy.
(Optional) Run the reset route-policy route-policy-name counterscommand to reset route-policy counters.

Example

Run the display route-policy policy1 command to view information about the route-policy named policy1.

<HUAWEI> display route-policy policy1
Route-policy : policy1
  permit : 10 (matched counts: 3)
    Match clauses :
        if-match acl 2000
    Apply clauses :
        apply cost 100
        apply tag 100

Translation

简体中文

Download

Updated: 2019-01-14

Document ID: EDOC1100058916

Downloads: 57

Average rating:

This Document Applies to these Products

Related Version

Reminder

Configuration Guide - IP Routing 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - IP Routing

Configuring a Route-Policy

Usage Scenario

Pre-configuration Tasks

Configuration Procedures

Creating a Route-Policy

Procedure

(Optional) Configuring an if-match Clause

Procedure

(Optional) Configuring an apply Clause

Procedure

(Optional) Further Matching Routes Against a Specified Node

Context

Procedure

Applying a Route-Policy

Context

Procedure

Verifying the Route-Policy Configuration

Prerequisites

Procedure

Example

About Huawei

How to Buy

Partner

Resources

Others

Enterprise App

Reminder

Enterprise

Corporate

Consumer

Carrier

Africa

Latin America

Middle East

Asia Pacific

North America

Europe

Configuration Guide - IP Routing 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - IP Routing

Configuring a Route-Policy

Usage Scenario

Pre-configuration Tasks

Configuration Procedures

Creating a Route-Policy

Procedure

(Optional) Configuring an if-match Clause

Procedure

(Optional) Configuring an apply Clause

Procedure

(Optional) Further Matching Routes Against a Specified Node

Context

Procedure

Applying a Route-Policy

Context

Procedure

Verifying the Route-Policy Configuration

Prerequisites

Procedure

Example

About Huawei

How to Buy

Partner

Resources

Others

Enterprise App