NetEngine AR600, AR6100, AR6200, and AR6300 V300R021 Command Reference

Routing Policy Configuration Commands

Support for Routing Policy
apply as-path
apply backup-interface
apply backup-nexthop
apply behavior
apply comm-filter delete
apply community
apply cost
apply cost-type
apply dampening
apply extcommunity
apply extcommunity color
apply ip-address next-hop (Route-Policy view)
apply ipv6 next-hop
apply ip-precedence
apply isis
apply local-preference
apply mpls-label
apply origin
apply ospf
apply preference
apply preferred-value
apply qos-local-id
apply tag
apply vn-id
description (Route-Policy view)
display ip as-path-filter
display ip community-filter
display ip extcommunity-list
display ip extcommunity-filter
display ip ip-prefix
display ip ipv6-prefix
display ip rd-filter
display route-policy
goto next-node
if-match acl (Route-Policy view)
if-match as-path-filter
if-match extcommunity-list
if-match community-filter
if-match cost
if-match extcommunity-filter
ip extcommunity-list
if-match interface
if-match ip
if-match ip-prefix
if-match ipv6
if-match mpls-label
if-match rd-filter
if-match route-type
if-match tag
ip as-path-filter
ip community-filter
ip extcommunity-filter
ip ip-prefix
ip ipv6-prefix
ip rd-filter
reset ip ip-prefix
reset ip ipv6-prefix
reset route-policy counters
route-policy
route-policy-change notify-delay

Support for Routing Policy

Hardware Requirements

This section is applicable to all models. For details about differences for specific models, see the description in the corresponding section.

apply as-path

Function

The apply as-path command sets the action for changing the AS_Path attribute of BGP routes in a routing policy.

The undo apply as-path command restores the default setting.

By default, the action for changing the AS_Path attribute of BGP routes is not set in a routing policy.

Format

apply as-path { { as-number-plain | as-number-dot } &<1-10> { additive } | none overwrite }

undo apply as-path

Parameters

Parameter	Description	Value
as-number-plain	Specifies an integral AS number to be added to the AS_Path list or to replace the existing AS_Path list. A maximum of 10 AS numbers can be specified in one command.	The value is an integer ranging from 1 to 4294967295.
as-number-dot	Specifies an AS number in dotted notation to be added to the AS_Path list or to replace the existing AS_Path list. A maximum of 10 AS numbers can be specified in one command.	The value is in the format of x.y, where x and y are integers that range from 1 to 65535 and from 0 to 65535, respectively.
additive	Adds the specified AS number to the original AS_Path attribute.	-
overwrite	Replaces the original AS_Path with the specified AS number.	-
none	Clears the original AS_Path list.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the AS_Path attribute of BGP routes BGP for selecting the optimal route, you can apply a routing policy containing the apply as-path command.

AS_Path is a private attribute of BGP and records all ASs that a route passes through from the local end to the destination address. Using the AS_Path attribute controls route selection and prevents routing loops. If multiple routes are destined for the same destination address, BGP compares the AS_Path lists of these routes and considers the route with the shortest AS_Path list as the optimal route.

After this command is configured, the AS_Path list for matched BGP routes will change. Assume that the original AS-Path is (30, 40, 50) and the BGP route matching condition is met. In this case:

If the apply as-path 60 70 80 additive command is run, the AS-Path list is changed to (60, 70, 80, 30, 40, 50). This configuration change is generally used to make the BGP route not preferentially selected.
If the apply as-path 60 70 80 overwrite command is run, the AS-Path list is changed to (60, 70, 80). There are many application scenarios for changing the AS-Path list, and the major application scenarios are as follows:
- Hide the real path information of routes. For example, after the AS-Path list is changed to (60, 70, 80), the AS-Path information of the route (30, 40, 50) is lost.
- Implement load balancing. For example, a router receives two routes with the same destination IP address 10.1.0.0/16. The AS_Path list of one route is (60, 70, 80) and that of the other route is (30, 40, 50). In this case, you can change the AS_Path list (30, 40, 50) to (60, 70, 80), and load balancing then may be implemented on the two routes.
- Shorten the AS-Path list to prevent the route from being discarded. If the as-path-limit command is configured, whether the number of AS numbers in the AS-Path list of the incoming route exceeds the maximum value needs to be checked. If the number exceeds the maximum value, the route is discarded. Therefore, before receiving a route with a long AS-Path list, replace the AS-Path list with a shorter AS-Path list. For example, if the original AS-Path list is (60, 70, 80, 65001, 65002, 65003), run the apply as-path 60 70 80 overwrite command to change the AS-Path list to (60, 70, 80). In this manner, the length of the AS-Path is shortened, preventing the route from being discarded.
- Shorten the AS-Path list to make the route preferentially selected and traffic directed to the local AS.
If the apply as-path none overwrite command is run, the AS-Path list is changed to be vacant. In BGP route selection, if the AS-Path list is vacant, the length of the AS-Path list is considered as 0. Therefore, clearing the AS-Path list cannot only hide the real path information, but also make the route preferentially selected and traffic directed to the local AS because the AS-Path list is shortened.

Prerequisites

The apply as-path command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects BGP route selection.

Running the apply as-path command changes the path through which network traffic passes. Use this command only when you are familiar with the network topology and impact of the command on services.

Example

# Change the AS number in the original AS_Path attribute to 200, 10.10.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply as-path 200 10.10 additive

apply backup-interface

Function

The apply backup-interface command sets the action for configuring a backup outbound interface in a routing policy.

The undo apply backup-interface command restores the default setting.

By default, the action for configuring the backup outbound interface is not set in a routing policy.

Format

apply backup-interface interface-type interface-number

undo apply backup-interface

Parameters

Parameter	Description	Value
interface-type interface-number	Specifies the type and number of the backup outbound interface.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The apply backup-interface command is used in IP FRR scenarios to configure a backup outbound interface for a route. After IP FRR is enabled, data traffic can be quickly switched to the backup outbound interface if the primary link fails.

Prerequisites

The route-policy command must be used before the apply backup-interface command.

if-match clauses can be used to configure matching rules such as IP prefix lists, and ACLs before a backup outbound interface is configured.

Follow-up Procedure

Reference a configured route-policy in the ip frr (system view) command or the ip frr (VPN instance view) command to configure IP FRR on a public network or VPN.

The apply backup-interface command is usually used together with the apply backup-nexthop command.

For P2P links, a backup next hop is not necessary. For non-P2P links, a backup next hop is necessary.

Example

# Configure the backup outbound interface and the backup next hop in the route-policy named ip_frr_rp.

<Huawei> system-view

[Huawei] route-policy ip_frr_rp permit node 10

[Huawei-route-policy] apply backup-interface gigabitethernet1/0/0

[Huawei-route-policy] apply backup-nexthop 192.168.20.2

# Delete the configured backup outbound interface from the route-policy named ip_frr_rp.

<Huawei> system-view

[Huawei] route-policy ip_frr_rp permit node 10

[Huawei-route-policy] undo apply backup-interface

apply backup-nexthop

Function

The apply backup-nexthop command sets the action for configuring a backup next hop in a routing policy.

The undo apply backup-nexthop command deletes the configured backup next hop.

By default, the action for configuring a backup next hop is not set in a routing policy.

Format

apply backup-nexthop { ipv4-address | auto }

undo apply backup-nexthop

Parameters

Parameter	Description	Value
ipv4-address	Specifies the IP address of a backup next hop.	It is in dotted decimal notation.
auto	Automatically searches for the backup next hop.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The apply backup-nexthop command is used to configure a backup next hop for a route in IP FRR and VPN FRR scenarios. After IP FRR is enabled, data traffic can be quickly switched to the backup next hop if the primary link fails.

Prerequisites

The route-policy command has been run before the apply backup-nexthop command.

if-match clauses can be used to set matching rules such as interfaces, IP prefix lists, and ACLs before a backup next hop is configured.

Follow-up Procedure

The configured route-policy can be used in the ip frr (system view) command or the ip frr (VPN instance view) command that is run to configure IP FRR for a public or private network. It can also be used in the vpn frr command that is run to enable VPN FRR.

In a VPN FRR scenario, you only need to run the apply backup-nexthop command to configure a backup next hop.

In an IP FRR scenario, you need to run both the apply backup-nexthop and apply backup-interface commands.

On a P2P link, a backup next hop may not be set. On a non-P2P link, the apply backup-nexthop command must be run to configure a backup next hop.

Example

# Configure the backup interface and the backup next hop 192.168.20.2 in the route-policy named ip_frr_rp.

<Huawei> system-view

[Huawei] route-policy ip_frr_rp permit node 10

[Huawei-route-policy] apply backup-interface gigabitethernet1/0/0

[Huawei-route-policy] apply backup-nexthop 192.168.20.2

# Delete the configured backup next hop from the route-policy named ip_frr_rp.

<Huawei> system-view

[Huawei] route-policy ip_frr_rp permit node 10

[Huawei-route-policy] undo apply backup-nexthop

apply behavior

Function

The apply behavior command configures a QoS traffic behavior for routes.

The undo apply behavior command restores the default setting.

By default, no QoS traffic behavior is configured.

Format

apply behavior behavior-name

undo apply behavior

Parameters

Parameter	Description	Value
behavior-name	Specifies the name of a QoS traffic behavior.	The value is a string of 1 to 31 case-sensitive characters without spaces, and must start with a letter.

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a large and complex network is deployed, traffic flows of different types, such as voice, video, and data, need to be managed separately, with different bandwidth and delays assigned to these traffic flows. In this case, class-based QoS needs to be configured and complex traffic classification needs to be performed. The apply behavior command is used to associate filtered route with a specific traffic behavior.

Prerequisites

Before running the apply behavior behavior-name command, you need to create a traffic behavior.

Meanwhile, certain matching conditions need to be configured to classify routes, such as the AS-Path lost, community attribute list, address prefix list, and route cost.

Precautions

The apply behavior command is mutually exclusive with the apply ip-precedence command and the apply qos-local-id command, and only one of these commands can be configured on a node of a routing policy. For example, if the apply behavior command is configured in the view created by the route-policy test permit node 10 command, configuring the apply qos-local-id command replaces apply behavior command.

Example

# Configure the behavior named example in the system view, and then apply this QoS traffic behavior in the route-policy view.

<Huawei> system-view

[Huawei] traffic behavior example

[Huawei-behavior-example] quit

[Huawei] route-policy test permit node 10

[Huawei-route-policy] apply behavior example

apply comm-filter delete

Function

The apply comm-filter delete command sets the action for deleting community attributes of a specified community filter in a routing policy.

The undo apply comm-filter command restores the default setting.

By default, the action for deleting community attributes of a specified community filter is not set in a routing policy.

Format

apply comm-filter { basic-comm-filter-number | adv-comm-filter-number | comm-filter-name } delete

undo apply comm-filter

Parameters

Parameter	Description	Value
basic-comm-filter-number	Specifies the number of a basic community filter.	The value is an integer ranging from 1 to 99.
adv-comm-filter-number	Specifies the number of an advanced community filter.	The value is an integer ranging from 100 to 199.
comm-filter-name	Specifies the name of a community filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The string cannot be all numerals. When double quotation marks are used around the string, spaces are allowed in the string.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To delete the community attributes, you can run the ip community-filter command several times to configure community attributes one by one, and apply the routing policy containing the apply comm-filter delete command to delete these community attributes.

The community attribute is a private attribute of BGP. The apply comm-filter delete command takes effect only for BGP routes.

Prerequisites

The apply comm-filter delete command can be used only after the route-policy command is used.

Precautions

After routes meet the filtering conditions, the specified community attributes of these routes are deleted.

When the delete operation is configured on a specified community attribute list, only one community attribute can be configured for the specified community attribute list. To delete multiple community attributes, you need to configure multiple community attribute lists. For example, if community attribute list 1 is used to delete 100:100 200:200 from the community attribute 100:100 200:200 carried in a route, you need to perform the following configurations on community attribute list 1:
```
[Huawei] ip community-filter 1 permit 100:100
```
```
[Huawei] ip community-filter 1 permit 200:200
```
```
[Huawei] display ip community-filter
```
```
Community filter Number: 1
permit 100:100
permit 200:200
```
```
[Huawei] route-policy RP1 permit node 10
```
```
[Huawei-route-policy] apply comm-filter 1 delete
```
If multiple community attributes are configured in the same community filter, the apply comm-filter delete command cannot delete these community attributes. To delete the community attributes, you can run the ip community-filter command several times to configure community attributes one by one, and apply the routing policy containing the apply comm-filter delete command to delete these community attributes. For example, the following command cannot delete the community attribute 100:100 200:200 of the route:
```
[Huawei] ip community-filter 1 permit 100:100 200:200
```
```
[Huawei] display ip community-filter
```
```
Community filter Number: 1
permit 100:100 200:200
```
```
[Huawei] route-policy RP1 permit node 10
```
```
[Huawei-route-policy] apply comm-filter 1 delete
```
When the apply community and apply comm-filter delete commands are run on the same node in a routing policy, the system performs the delete operation before the set operation regardless of the sequence in which the two commands are run.
```
[Huawei] display route-policy
```
```
Route-policy : 123a
```
```
  permit : 10
```
```
Match clauses:
```
```
Apply clauses: a
```
```
apply community 999:9 additive
```
```
apply comm-filter 1 delete
```
The following command output shows that community attribute 111:1 of the corresponding BGP route is deleted and community attribute 999:9 is added.
```
[Huawei] display ip community-filter
```
```
Community filter Number: 1 
```
```
permit 111:1 
```
```
permit 999:9
```

Example

# Delete the specified BGP route community attributes 1:200, 2:200, and 3:200 from the community filter.

<Huawei> system-view

[Huawei] ip community-filter 1 permit 1:200

[Huawei] ip community-filter 1 permit 2:200

[Huawei] ip community-filter 1 permit 3:200

[Huawei] route-policy test permit node 10

[Huawei-route-policy] apply comm-filter 1 delete

apply community

Function

The apply community command sets the action for changing the community attribute of BGP routes in a routing policy.

The undo apply community command restores the default setting.

By default, the action for changing the community attribute of BGP routes is not set in a routing policy.

Format

apply community none

apply community { community-number | aa:nn | internet | no-advertise | no-export | no-export-subconfed } &<1-32> [ additive ]

undo apply community

Parameters

Parameter	Description	Value
none	Indicates that all the community attributes of routes are deleted.	-
community-number \| aa:nn	Specifies the community number. A maximum of 32 community numbers can be configured in the apply community command. If you do not configure any one of internet, no-export-subconfed, no-advertise, and no-export, you can specify 32 community-number and aa:nn together. If you configure one of internet, no-export-subconfed, no-advertise, and no-export, you can specify 31 community-number and aa:nn together. If you configure two of internet, no-export-subconfed, no-advertise, and no-export, you can specify 30 values for community-number and aa:nn together. If you configure three of internet, no-export-subconfed, no-advertise, and no-export, you can specify 29 community-number and aa:nn together. If you configure all of internet, no-export-subconfed, no-advertise, and no-export, you can specify 28 community-number and aa:nn together.	The value of community-number is an integer ranging from 0 to 4294967295. The value of aa or nn ranges from 0 to 65535.
internet	Indicates that matching routes are sent to any peer. By default, all routes belong to the Internet community.	-
no-advertise	Indicates that matching routes are not sent to any peer. That is, after a router receives a route with this attribute, it does not advertise the route to other BGP peers.	-
no-export	Indicates that matching routes are sent to other sub-ASs but not to other ASs. That is, after a router receives a route with this attribute, it does not advertise the route outside the local AS.	-
no-export-subconfed	Indicates that matching routes are neither sent to other sub-ASs nor to other ASs. That is, after a router receives a route with this attribute, it does not advertise the route to other sub-ASs.	-
additive	Indicates that community attributes are added to matching routes.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To identify the BGP routes, you can apply a routing policy containing the apply community command to configure the community attribute of matched BGP routes.

The community attribute is a private attribute of BGP. It simplifies the application of routing policies and facilitates route maintenance and management. A community is a set of destination addresses with the same characteristics. These addresses have no physical boundary and are independent of their ASs. They share one or multiple community attributes, which can be changed or set by running the apply community command.

Prerequisites

The apply community command can be used only after the route-policy command is used.

Precautions

If the apply community command is configured in a routing policy, the community attributes of the BGP routes that match the routing policy are changed according to the configurations in the routing policy.

Assume that the original community name of a BGP route is 30. If this BGP route matches a certain routing policy, the AS number is replaced or added on the basis of the routing policy. For example:

If the apply community 100 command is run, the community name is changed to 100.
If the apply community 100 150 command is run, the community name is changed to 100 or 150. That is, the BGP route belongs to two communities.
If the apply community 100 150 additive command is run, the community name is changed to 30, 100 or 150. That is, the BGP route belongs to three communities.
If the apply community none command is run, the community attribute of the BGP route is deleted.

Example

# Configure a routing policy named setcommunity, match the route with the AS_Path filter being 8, and change its community attribute to no-export.

<Huawei> system-view

[Huawei] route-policy setcommunity permit node 16

[Huawei-route-policy] if-match as-path-filter 8

[Huawei-route-policy] apply community no-export

apply cost

Function

The apply cost command sets the action for changing the cost of routes in a routing policy.

The undo apply cost command restores the default setting.

By default, the action for changing the cost of routes is not set in a routing policy.

Format

apply cost [ + | - ] cost

undo apply cost

Parameters

Parameter	Description	Value
+	Increases the route cost.	If the MED of BGP routes or cost of non-BGP routes is greater than the maximum value (4294967295) after the adjustment, 4294967295 takes effect.
-	Reduces the route cost.	If the MED of BGP routes or cost of non-BGP routes is less than the minimum value (0) after the adjustment, 0 takes effect.
cost	Specifies the route cost. To control route selection, you can adjust the route cost to prevent routing loops.	The value is an integer ranging from 0 to 4294967295.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the cost of routes for selecting the optimal route, you can apply a routing policy containing the apply cost command.

Prerequisites

The apply cost command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects route selection.

The costs of imported routes are independent of the routing policy after the undo apply cost command is used to cancel the configuration of route costs.

Example

# Define an apply clause to set the route cost to 120.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply cost 120

apply cost-type

Function

The apply cost-type command sets the action for changing the cost type of routes in a routing policy.

The undo apply cost-type command restores the default setting.

By default, the action for changing the cost type of routes is not set in a routing policy.

Format

apply cost-type { external | internal | type-1 | type-2 }

undo apply cost-type

Parameters

Parameter	Description	Value
external	Sets the cost type of IS-IS external routes.	-
internal	Sets the cost type of IS-IS internal routes or sets the MED value of BGP routes as the IGP cost of the next hop.	-
type-1	Sets Type 1 external routes of OSPF.	-
type-2	Sets Type 2 external routes of OSPF.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the cost type of routes for selecting the optimal route, you can apply a routing policy containing the apply cost-type command.

Prerequisites

The apply cost-type command can be used only after the route-policy command is used.

Precautions

The priority of the apply cost-type clause is higher than that of the apply cost clause, which affects route selection when a routing policy takes effect.

Precautions

Different operations are performed when the apply cost-type internal command is applied to IS-IS routes and BGP routes:

When the apply cost-type internal command is applied to IS-IS routes:

Routes are configured as IS-IS internal routes.
When the apply cost-type internal command is applied to BGP routes:

When a router advertises a route learned from an IBGP peer to an EBGP peer, if the apply cost-type internal command is run, the router sets the MED value of the route to be advertised to the EBGP peer as the IGP cost of the next hop of the route.

Precautions

Different operations are performed when the apply cost-type internal command is applied to IS-IS routes and BGP routes:

When the apply cost-type internal command is applied to IS-IS routes:

Routes are configured as IS-IS internal routes.
When the apply cost-type internal command is applied to BGP routes:

When a router advertises a route learned from an IBGP peer to an EBGP peer, if the apply cost-type internal command is run, the router sets the MED value of the route to be advertised to the EBGP peer as the IGP cost of the next hop of the route.

Example

# Set the cost type to OSPF external Type-1.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply cost-type type-1

apply dampening

Function

The apply dampening command sets the action for changing the dampening parameters of EBGP routes in a routing policy.

The undo apply dampening command restores the default setting.

By default, the action for changing the dampening parameters of EBGP routes is not set in a routing policy.

Format

apply dampening half-life-reach reuse suppress ceiling

undo apply dampening

Parameters

Parameter	Description	Value
half-life-reach	Specifies the half-life of a reachable route.	The value is an integer ranging from 1 to 45, in minutes.
reuse	Specifies the threshold for routes to be released from the dampening state. When the penalty value falls below the threshold, routes are reused.	The value is an integer ranging from 1 to 20000.
suppress	Specifies the threshold for routes to enter the dampening state. When the penalty value exceeds the threshold, routes are suppressed.	The value is an integer ranging from 1 to 20000. The configured value of suppress must be greater than the value of reuse.
ceiling	Specifies the upper limit of the penalty value of routes.	The value is an integer ranging from 1001 to 20000. The configured value of ceiling must be greater than the value of suppress.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The apply dampening command, which is mostly used in BGP, is used to prevent frequent route dampening from affecting routers on the network.

You can configure different route dampening parameters for different nodes in the same routing policy. When route flapping occurs, BGP can use different route dampening parameters to suppress the routes that match the routing policy.

Procedure

If the apply dampening command is run multiple times, the latest configuration overwrites the previous one.

Configuration Impact

If the apply dampening command is run, each time route flapping occurs, BGP adds a certain penalty value to this route.

Precautions

The parameters in this command do not have default values and must be set. The values of reuse, suppress, and ceiling are listed in ascending order: reuse < suppress <ceiling. According to the formula, MaxSuppressTime = half-life-reach x 60 x (ln (ceiling/reuse)/ln (2)), routes are unsuppressed if the value of MaxSuppressTime is less than 1. Therefore, the value of the ceiling/reuse must be great enough so that the value of MaxSuppressTime can be greater than or equal to 1.

Example

# Set dampening parameters for EBGP routes.

<Huawei> system-view

[Huawei] route-policy aa permit node 10

[Huawei-route-policy] apply dampening 20 2000 10000 16000

apply extcommunity

Function

The apply extcommunity command sets the action for changing the extended community attribute of BGP routes in a routing policy.

The undo apply extcommunity command restores the default setting.

By default, the action for changing the extended community attribute of BGP routes is not set in a routing policy.

Format

apply extcommunity { rt { as-number:nn | 4as-number:nn | ipv4-address:nn } } &<1-16> [ additive ]

undo apply extcommunity [ rt ]

Parameters

Parameter	Description	Value
rt	Indicates the route-target extended community. A maximum of 16 route targets can be configured.	-
as-number	Specifies the AS number.	The value is an integer ranging from 0 to 65535.
4as-number	Specifies a 4-byte AS number.	A 4-byte AS number is divided into the following types: It is an integer ranging from 65536 to 4294967295. It is in the format of x.y, where x and y are integers that range from 0 to 65535, respectively
ipv4-address	Specifies the IPv4 address.	It is in dotted decimal notation.
nn	Specifies an integer.	When the value of as-number is a 2-byte AS number, the value of nn ranges from 0 to 4294967295. When the value of 4as-number is a 4-byte AS number, the value of nn ranges from 0 to 65535. For ipv4-address, the value of nn ranges from 0 to 65535.
additive	Indicates that existing community attributes can be added to routes.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When controlling inter-AS VPN route receiving and advertising, apply the routing policy that contains the apply extcommunity command to change the RT extended community attribute of matched routes. Currently, only the RT extended community attribute is supported. This command cannot specify an extended community attribute for public routes.

Prerequisites

The apply extcommunity command can be used only after the route-policy command is used.

Precautions

When the routing policy that contains the action is used in the BGP view, BGP IPv4 unicast address view, or BGP IPv6 unicast address view, the action does not take effect.

When a routing policy takes effect, it affects inter-AS VPN route receiving and advertising.

If the keyword additive is not set in the apply extcommunity command, the original extended community attribute is replaced.

Example

# Add 100:2, 10.1.1.1:22, 100.100:100 to the VPN route-target extended community attribute of BGP.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply extcommunity rt 100:2 rt 10.1.1.1:22 rt 100.100:100 additive

apply extcommunity color

Function

The apply extcommunity color command specifies the Color extcommunity attribute for BGP routes.

The undo apply extcommunity color command disables this function.

By default, the Color extcommunity attribute is not specified for BGP routes.

Format

apply extcommunity { color priority:site-id } & <1-16> [ additive ]

undo apply extcommunity [ color ]

Parameters

Parameter	Description	Value
priority	Specifies a priority.	The value is an integer ranging from 0 to 15.
site-id	Specifies a site ID.	The value is an integer ranging from 1 to 4294967295.
additive	Specifies the additive extcommunity attribute.	-

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

On a Tunnel-encap-ext network, to specify the Color extcommunity attribute for BGP routes, run the apply extcommunity color command on a PE. After this configuration is performed, the BGP routes to be advertised carry the Color extcommunity attribute, which identifies the PE. The Color extcommunity attribute is used to generate tunnel encapsulation information, so that the PE forwards the packets to a tunnel.

Prerequisites

A route-policy has been configured using the route-policy command.

Configuration Impact

If a route matches the filtering rules of a specified route-policy, the Color extcommunity attribute will be applied to the route.

Precautions

If additive is not specified in the apply extcommunity color command, the newly configured Color extcommunity attribute overwrites the previous one.

The Color extcommunity attribute for BGP routes can be specified only in a VPN import route-policy, VPN export route-policy, or EVPN export route-policy. The attribute cannot be specified in an EVPN import route-policy.

Example

# Add 1:10 to the Color extcommunity attribute for BGP routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply extcommunity color 1:10 additive

apply ip-address next-hop (Route-Policy view)

Function

The apply ip-address next-hop command sets the action for changing the next hop address of BGP routes in a routing policy.

The undo apply ip-address next-hop command restores the default setting.

By default, the action for changing the next hop address of BGP routes is not set in a routing policy.

Format

apply ip-address next-hop { ipv4-address | peer-address }

undo apply ip-address next-hop { ipv4-address | peer-address }

Parameters

Parameter	Description	Value
ipv4-address	Specifies the next hop address.	It is in dotted decimal notation.
peer-address	Sets the next hop address to the local address when the apply clause is used by an export policy. Sets the next hop address to the peer address when the apply clause is used by an import policy.	-

Parameter

Description

Value

ipv4-address

Specifies the next hop address.

It is in dotted decimal notation.

peer-address

Sets the next hop address to the local address when the apply clause is used by an export policy.

Sets the next hop address to the peer address when the apply clause is used by an import policy.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the next hop address of BGP routes for selecting the optimal route, you can apply a routing policy containing the apply ip-address next-hop command.

The next hop address of a BGP route is set using the policy in the following situations:

IBGP: Configure the import or export policy for the IBGP peer. If the next hop address configured in the routing policy is unreachable, the IBGP peer adds the corresponding route to the BGP routing table. However, this route is invalid.
EBGP: Configure the import policy for the EBGP peer. If an export policy is configured, the route destined for the EBGP peer is discarded because the next hop address is unreachable.

Prerequisites

The apply ip-address next-hop command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects BGP route selection.

When a routing policy is specified in the import-route and network commands, the apply ip-address next-hop clause in the routing policy does not take effect.

Example

# Define an apply clause to set the next hop address as 192.168.1.8.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply ip-address next-hop 192.168.1.8

apply ipv6 next-hop

Function

The apply ipv6 next-hop command sets the action for changing an IPv6 next hop address of a BGP route in a route-policy.

The undo apply ipv6 next-hop command restores the default setting.

By default, the action for changing the IPv6 next hop addresses of BGP routes are not configured in a route-policy.

Format

apply ipv6 next-hop { peer-address | ipv6-address }

undo apply ipv6 next-hop { peer-address | ipv6-address }

Parameters

Parameter	Description	Value
ipv6-address	Specifies the IPv6 next hop address.	The value is a 32-digit hexadecimal number, in the format of X:X:X:X:X:X:X:X.
peer-address	Specifies the peer address as the next hop.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The apply ipv6 next-hop command configures an IPv6 next hop address for a BGP route.

In BGP, the next hop address of a route can be set through the route-policy in the following situations:

IBGP

For an IBGP peer, the configured inbound and outbound policies can take effect. If the next hop address configured in the policy is unreachable, the IBGP peer still adds the route to the BGP routing table, but the route is not valid.
EBGP

For an EBGP peer, when the policy is used to modify the next hop address of a route, the inbound policy is configured. If the outbound policy is configured, the route is discarded because its next hop is unreachable.

Prerequisites

The apply ipv6 next-hop command can be used only after the route-policy command is used.

After a BGP route matches a route-policy, you can change the IPv6 next hop address of the BGP route.

When a route-policy is being applied in the import-route and network commands, the apply ipv6 next-hop clause in the route-policy does not take effect.

Example

# Set FC00:0:0:6::1 as the next hop address.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply ipv6 next-hop fc00:0:0:6::1

apply ip-precedence

Function

The apply ip-precedence command sets the QoS parameter ip-precedence for routes.

The undo apply ip-precedence command restores the configuration.

By default, no IP precedence is set.

Format

apply ip-precedence ip-precedence

undo apply ip-precedence

Parameters

Parameter	Description	Value
ip-precedence	IP precedence	The value can be a preference value or a keyword: The value is an integer ranging from 0 to 7. The preference keyword can be Routine, Priority, Immediate, Flash, Flash-override, Critical, Internet, or Network. Table 10-193 shows the relationship between preference values and keywords.

Table 10-193 Relationship between preference values and keywords

Value	Keyword
0	Routine
1	Priority
2	Immediate
3	Flash
4	Flash-override
5	Critical
6	Internet
7	Network

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After receiving routes, a BGP route receiver matches the attributes of the BGP routes based on the import route-policy, sets the IP precedence, delivers the BGP routes together with the associated QoS parameters, and applies QoS traffic policies to the classified data. In this case, the BGP route receiver can apply QoS policies to the data sent to the destination network segment based on the IP precedence. This applies QoS policies in BGP.

Prerequisites

The apply ip-precedence command can be used only after the route-policy command is used.

Configuration Impact

If a route matches a route-policy, you can change the value of the Precedence field in the IP header. The Precedence field is the first three bits of the Type of Service (ToS) field in the IP header.

Precautions

If an integer is used to specify ip-precedence, the precedence is saved as an integer in the configuration file. If a keyword is used to specify ip-precedence, the precedence is saved as a keyword in the configuration file.

Example

# Set the IP precedence in the route-policy named test.

<Huawei> system-view

[Huawei] route-policy test permit node 10

[Huawei-route-policy] apply ip-precedence internet

apply isis

Function

The apply isis command sets the action for changing the level of routes imported to IS-IS in a routing policy.

The undo apply isis command restores the default setting.

By default, the action for changing the level of routes imported to IS-IS is not set in a routing policy.

Format

apply isis { level-1 | level-1-2 | level-2 }

undo apply isis

Parameters

Parameter	Description	Value
level-1	Indicates IS-IS Level-1 routes.	-
level-1-2	Indicates IS-IS Level-1 and Level-2 routes.	-
level-2	Indicates IS-IS Level-2 routes.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A large number of external routes can be imported to IS-IS, which causes extra burdens on IS-IS-enabled devices. To solve this problem, run the apply isis command to set the level of the routes to be imported to IS-IS.

Prerequisites

The apply isis command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects route receiving and advertising in IS-IS.

Example

# Set the level of the routes imported to IS-IS.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply isis level-1

apply local-preference

Function

The apply local-preference command sets the action for changing the local preference of BGP routes in a routing policy.

The undo apply local-preference command restores the default setting.

By default, the action for changing the local preference of BGP routes is not set in a routing policy.

Format

apply local-preference preference

undo apply local-preference

Parameters

Parameter	Description	Value
preference	Specifies the local preference of BGP routes.	The value is an integer ranging from 0 to 4294967295.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The Local-Pref attribute is a private attribute of BGP. The apply local-preference command sets only the local preference for BGP routes. The Local_Pref attribute is used to determine the optimal route when traffic leaves an AS. When a BGP router obtains multiple routes to the same destination address but with different next hops through IBGP peers, the route with the largest Local_Pref value is selected.

Prerequisites

The apply local-preference command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects BGP route selection.

The Local_Pref attribute applies to the routing within an AS rather than be advertised to the outside of the AS. In this case, the apply local-preference command does not take effect when EBGP neighbor relationships are set up.

After the apply local-preference command is run in a route-policy or its configuration is changed, route updates are triggered.

Example

# Set the local preference of BGP routes to 130.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply local-preference 130

apply mpls-label

Function

The apply mpls-label command sets the action for allocating MPLS labels to public routes in a routing policy.

The undo apply mpls-label command restores the default setting.

By default, the action for allocating MPLS labels to public routes is not set in a routing policy.

Format

apply mpls-label

undo apply mpls-label

Parameters

None

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In the scenario where inter-AS VPN Option C or Carrier Support Carrier (CSC) is deployed, you can use the apply mpls-label command to allocate labels to public routes.

Prerequisites

The apply mpls-label command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it allocates MPLS labels to public routes.

Example

# Assign MPLS labels to the routes that match the routing policy.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply mpls-label

apply origin

Function

The apply origin command sets the action for changing the Origin attribute of BGP routes in a routing policy.

The undo apply origin command restores the default setting.

By default, the action for changing the Origin attribute of BGP routes is not set in a routing policy.

Format

apply origin { egp { as-number-plain | as-number-dot } | igp | incomplete }

undo apply origin

Parameters

Parameter	Description	Value
egp as-number-plain	Sets the origin of BGP routes as EGP. The parameter as-number-plain specifies the Integral AS number of an external route. An AS number uniquely identifies an AS. as-number-plain is required when you need to change the origin of BGP routes as EGP. EGP has the secondary highest priority. The Origin attribute of the routes obtained through EGP is EGP.	The value is an integer ranging from 1 to 4294967295.
egp as-number-dot	Sets the origin of BGP routes as EGP. The parameter as-number-dot specifies the AS number in dotted notation of an external route. An AS number uniquely identifies an AS. as-number-dot is required when you need to change the origin of BGP routes as EGP. EGP has the secondary highest priority. The Origin attribute of the routes obtained through EGP is EGP.	The value is in the format of x.y, where x and y are integers that range from 1 to 65535 and from 0 to 65535, respectively.
igp	Sets the origin of BGP routes as IGP. IGP has the highest priority. The Origin attribute of the routes obtained through an IGP of the AS that originates the routes, such as the routes imported to the BGP routing table through the network command, is IGP.	-
incomplete	Sets the origin code of BGP routes as unknown. Incomplete has the lowest priority. The Origin attribute of the routes learned through other methods, such as the routes imported by BGP through the import-route command, is Incomplete.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the Origin attribute of routes for selecting the optimal route, you can apply a routing policy containing the apply origin command. The Origin attribute is a private attribute of BGP and defines the origin of a route.

Prerequisites

The apply origin command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects BGP route selection.

Example

# Set the origin of BGP routes to IGP.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply origin igp

apply ospf

Function

The apply ospf command sets the action performed for configuring an OSPF area to which the route is imported in a routing policy.

The undo apply ospf command restores the default setting.

By default, the action performed for configuring an OSPF area to which the route is imported is not set in a routing policy.

Format

apply ospf { backbone | stub-area }

undo apply ospf

Parameters

Parameter	Description	Value
backbone	Imports routes to the OSPF backbone area.	-
stub-area	Imports routes to an OSPF NSSA.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The apply ospf command can be used to specify the OSPF backbone area or NSSA area to which routes are imported. This can prevent OSPF from importing too many external routes, which brings heavy burden on OSPF devices.

Prerequisites

The apply ospf command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, routes are imported to the specified OSPF area.

Example

# Import routes to the OSPF backbone area.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply ospf backbone

apply preference

Function

The apply preference command sets the action for changing the preference of routes in a routing policy.

The undo apply preference command restores the default setting.

By default, the action for changing the preference of routes is not set in a routing policy.

Format

apply preference preference

undo apply preference

Parameters

Parameter	Description	Value
preference	Specifies the route precedence. Route sharing and route selection are difficult because multiple routing protocols can run on the device at the same time; therefore, a default preference needs to be specified for each routing protocol. When different protocols discover multiple routes to the same destination, the route discovered by the protocol with a higher preference is selected to forward IP packets. The smaller the preference value, the higher the preference.	The value is an integer ranging from 1 to 255.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the preference of routes for selecting the optimal route, you can apply a routing policy containing the apply preference command.

Prerequisites

The apply preference command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects route selection.

Example

# Set the preference for routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply preference 90

apply preferred-value

Function

The apply preferred-value command sets the action for changing the preferred value of BGP routes in a routing policy.

The undo apply preferred-value command restores the default setting.

By default, the action for changing the preferred value of BGP routes is not set in a routing policy.

Format

apply preferred-value preferred-value

undo apply preferred-value

Parameters

Parameter	Description	Value
preferred-value	Specifies the preferred value of BGP routes. In route selection, the BGP route with the largest preferred value is preferred.	The value is an integer ranging from 0 to 65535.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To change the preferred value of BGP routes for selecting the optimal route, you can apply a routing policy containing the apply preferred-value command.

Prerequisites

The apply preferred-value command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, it affects BGP route selection.

The preferred value of a route indicates the weight of the route in BGP routing. The preferred value is not a standard RFC-defined attribute and is valid only on local devices. The preferred value is inapplicable to export policies of BGP.

Example

# Set the preferred value for BGP routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply preferred-value 66

apply qos-local-id

Function

The apply qos-local-id command sets the QoS local ID.

The undo apply qos-local-id command cancels the configuration.

By default, no QoS local ID is set.

Format

apply qos-local-id qos-local-id

undo apply qos-local-id

Parameters

Parameter	Description	Value
qos-local-id	Specifies the QoS local ID.	The value is an integer ranging from 1 to 4095.

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The QoS local ID is a local identifier of QoS. In actual applications, you can set the QoS local ID in the route-policy, and add the command that matches the QoS local ID in the QoS policy. The QoS local ID set in the route-policy is delivered to the FIB table. During packet forwarding, the system obtains the QoS local ID from the FIB table and applies the related QoS policy according to the QoS local ID.

Configuration Impact

The apply qos-local-id command is mutually exclusive with the apply behavior and apply ip-precedence commands, and only one of these commands can be configured on a node of a routing policy. For example, if the apply qos-local-id command is configured in the view created by the route-policy test permit node 10 command, configuring the apply ip-precedence command replaces apply qos-local-id command.

Example

# Set the QoS local ID in the route-policy named test.

<Huawei> system-view

[Huawei] route-policy test permit node 10

[Huawei-route-policy] apply qos-local-id 10

apply tag

Function

The apply tag command sets the action for changing the tag of routes in a routing policy.

The undo apply tag command restores the default setting.

By default, the action for changing the tag of routes is not set in a routing policy.

Format

apply tag tag

undo apply tag

Parameters

Parameter	Description	Value
tag	Specifies the tag of routes. Routes can be tagged as required. You can set the same tag for the same type of route. Routes can be flexibly controlled and managed through tags in the routing policy.	The value is an integer ranging from 0 to 4294967295.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To identify the routes, you can apply a routing policy containing the apply tag command to add the same tag to the matched routes.

Prerequisites

The apply tag command can be used only after the route-policy command is used.

Precautions

When a routing policy takes effect, routes will be matched by routing policies related to the tag.

BGP routes do not support tags. The apply tag command sets the tag for only IGP routes.

Example

# Set the tag of routes to 100.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply tag 100

apply vn-id

Function

The apply vn-id command sets a VN ID in the MPLS Label field of an EVPN route.

The undo apply vn-id command cancels the configuration.

By default, the VN ID in the MPLS Label field of an EVPN route uses a VPN instance ID specified using the evpn vn-id command.

Format

apply vn-id vn-id

undo apply vn-id

Parameters

Parameter	Description	Value
vn-id vn-id	Specifies a VN ID in the MPLS Label field of an EVPN route.	The value is an integer ranging from 1 to 16777215.

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

On a Tunnel-encap-ext network, if the VN ID of VPN-out on the Hub device differs from the VN ID of a PE, you can run the apply vn-id command on the RR to change the VN ID of EVPN routes in the export route-policy to be the same as the VN ID of VPN-out. This ensures that traffic is routed through the Hub-CE link.

Precautions

This command takes effect only in EVPN export route-policies and VPN import route-policies.

Example

# Set the VN ID in the MPLS Label field of EVPN routes to 10.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] apply vn-id 10

description (Route-Policy view)

Function

The description command configures the description of a route-policy.

The undo description command deletes the description of a route-policy.

By default, no description is configured for the route-policy.

Format

description text

undo description

Parameters

Parameter	Description	Value
text	Specifies the description of a route-policy.	The description is a string of 1 to 80 case-sensitive characters that can contain spaces.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The description command can be used to configure a description for a created route-policy. If many route-policies have been configured, configuring descriptions for the policies will facilitate policy management.

Prerequisites

A route-policy has been created by using route-policy command.

Example

# Configure the description of the route-policy named temp.

<Huawei> system-view

[Huawei] route-policy temp permit node 10

[Huawei-route-policy] description This policy-name is temp

display ip as-path-filter

Function

The display ip as-path-filter command displays the configuration of the AS_Path filter.

Format

display ip as-path-filter [ as-path-filter-number | as-path-filter-name ]

Parameters

Parameter	Description	Value
as-path-filter-number	Displays the configuration of an AS_Path filter with a specified number.	It is an integer that ranges from 1 to 256.
as-path-filter-name	Displays the configuration of an AS_Path filter with a specified name.	The name is a string of 1 to 51 characters without any space. It is case-sensitive.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The AS_Path attribute is a BGP-specific attribute. An AS_Path filter is used to filter BGP routes.

You can run the display ip as-path-filter command to:

View detailed information about a configured AS_Path filter.
Check whether an AS_Path filter is deleted successfully after running the undo ip as-path-filter command.

Precautions

The display ip as-path-filter command:

Displays the configuration information about a specified AS_Path filter, if the number or name of the AS_Path filter is specified.
Displays the configuration information about all AS_Path filters, if neither the number nor name of the AS_Path filter is specified.
Does not display any information, if the AS_Path filter does not exist in the system or the AS_Path filter that is queried does not exist.

Example

# Display the configured AS_Path filter.

<Huawei> display ip as-path-filter

As path filter number: 1
         permit    1.1 100,200
As path filter name: abc
         deny      2.2 200,400

Table 10-194 Description of the display ip as-path-filter command output

Item	Description
As path filter number	AS_Path filter number.
As path filter name	AS_Path filter name.
permit	Matching mode is permit.
1.1 100,200	Content of the regular expression.
deny	Matching mode is deny.

display ip community-filter

Function

The display ip community-filter command displays the configuration of the community filter.

Format

display ip community-filter [ basic-comm-filter-num | adv-comm-filter-num | comm-filter-name ]

Parameters

Parameter	Description	Value
basic-comm-filter-num	Displays the configuration of a basic community filter with a specified number.	The value is an integer ranging from 1 to 99.
adv-comm-filter-num	Displays the configuration of an advanced community filter with a specified number.	The value is an integer ranging from 100 to 199.
comm-filter-name	Displays the configuration of a community filter with a specified name.	The name is a string of 1 to 51 characters. The string cannot be all numerals.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The community attribute is a BGP-specific attribute. A community filter is used to filter BGP routes.

You can run the display ip community-filter command to:

View detailed information about a configured community filter.
Check whether a community filter is successfully deleted after running the undo ip community-filter command.

Precautions

The display ip community-filter command:

Displays the configuration information about a specified community filter, if the number or name of the community filter is specified.
Displays the configuration information about all community filters, if neither the number nor name of the community filter is specified.
Does not display any information, if the community filter does not exist in the system or the community filter that is queried does not exist.

Example

# Display all community filters.

<Huawei> display ip community-filter

Community filter Number: 10

         deny  no-export

Community filter Number: 110

         permit 110:110

Named Community basic filter: aa (ListID = 200)

         permit  1 internet

Named Community advanced filter: bb (ListID = 700)

         permit ^20

Table 10-195 Description of the display ip community-filter command output

Item	Description
Community filter Number	Indicates the number of a community filter.
permit	Indicates that the matching mode is permit.
deny	Indicates that the matching mode is deny.
Named Community basic filter	Indicates the name of a basic community filter.
Named Community advanced filter	Indicates the name of an advanced community filter.

display ip extcommunity-list

Function

To view configured extcommunity filters, run the display ip extcommunity-list command.

Format

display ip extcommunity-list color [ extcomm-list-name ]

Parameters

Parameter	Description	Value
color	Displays Color extcommunity filters.	-
extcomm-list-name	Specifies the name of a Color extcommunity filter.	The value is a string of 1 to 51 case-sensitive characters, spaces not supported.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

You can run the display ip excommunity-list command to:

View detailed configurations of the existing extcommunity filters.
Check whether an extcommunity filter is deleted successfully after the undo ip excommunity-list command is run.

Example

# Display the detailed configuration of a Color extcommunity filter.

<Huawei> display ip extcommunity-list color aa

Named Extended Community basic list: aa 
index: 10 permit color : 1213

Table 10-196 Description of the display ip extcommunity-list command output

Item	Description
index	Index of an entry in the Color extcommunity list
Named Extended Community basic list	Name of the basic extcommunity filter
permit	Matching mode, which is permit
deny	Matching mode, which is deny
color	Color extcommunity attribute

display ip extcommunity-filter

Function

display ip extcommunity-filter command displays the configuration of the extended community filter.

Format

display ip extcommunity-filter [ basic-extcomm-filter-num | advanced-extcomm-filter-num | extcomm-filter-name ]

Parameters

Parameter	Description	Value
basic-extcomm-filter-num	Specifies the basic extended community filter number.	The value is an integer that ranges from 1 to 199.
advanced-extcomm-filter-num	Specifies the advanced extended community filter number.	The value is an integer that ranges from 200 to 399.
extcomm-filter-name	Displays the configuration of an extended community filter with a specified name.	The value is a string of 1 to 51 characters without any space. It is case-sensitive.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The extended community attribute is a BGP-specific attribute. An extended community filter is used to filter VPN routes.

You can run the display ip extcommunity-filter command to:

View detailed information about a configured extended community filter.
Check whether an extended community filter is successfully deleted after running the undo ip excommunity-filter command.

Precautions

The display ip extcommunity-filter command:

Displays the configuration information about a specified extended community filter, if the number or name of the extended community filter is specified.
Displays the configuration information about all extended community filters, if neither the number nor name of the extended community filter is specified.
Does not display any information, if the extended community filter does not exist in the system or the extended community filter that is queried does not exist.

Example

# Display information about the extended community filter.

<Huawei> display ip extcommunity-filter

Extended Community filter Number 10

         permit rt : 100:10

Extended Community filter Number 280
         permit rt 100:65
Extended Community filter basic filter: bas-abc
         permit rt : 200:10
Extended Community filter advanced filter: adv-abc
         deny 1.1.1.1:10

Table 10-197 Description of the display ip extcommunity-filter command output

Item	Description
Extended Community filter Number	Indicates the number of an extended community filter.
Extended Community filter basic filter	Basic extended community filter name.
Extended Community filter advanced filter	Advanced extended community filter name.
permit	Indicates that the matching mode is permit.
deny	Indicates that the matching mode is deny.
rt	Indicates the extended community attribute of the specified RT.

display ip ip-prefix

Function

The display ip ip-prefix command displays the configuration of IPv4 prefix lists.

Format

display ip ip-prefix [ ip-prefix-name ]

Parameters

Parameter	Description	Value
ip-prefix-name	Displays the configuration of an IP prefix list with a specified name.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

An IPv4 prefix list is used to filter IPv4 addresses. To achieve the following purposes, run the display ip ip-prefix command:

View detailed configuration of a configured IPv4 prefix list.
Check whether an IPv4 prefix list is deleted after running the undo ip ip-prefix command.
View the number of routes that do or do not match the route-policy in an IPv4 prefix list.

Precautions

The display ip ip-prefix command:

Displays the configuration of a specified IPv4 prefix list if the name of the IPv4 prefix list is specified.
Displays the configuration of all IPv4 prefix lists if no IPv4 prefix list name is specified.
Does not display information if no IPv4 prefix list exists in the system or the queried IPv4 prefix list does not exist.

Before collecting the number of routes that do or do not match the route-policy in an IPv4 prefix list within a certain period, run the reset ip ip-prefix command to clear existing statistics.

If The specified filter list does not exist is displayed in the command output, the specified IPv4 prefix list failed to be configured. To re-configure it, run the ip ip-prefix command in the system view.

Example

# Display the configuration of the IP prefix list named p1.

<Huawei> display ip ip-prefix p1

Prefix-list pl
Permitted 0
  Description prefixok
Denied 0
         index: 10      permit  192.168.0.0/16          ge  17  le  18

Table 10-198 Description of the display ip ip-prefix command output

Item	Description
Prefix-list	Name of an IPv4 prefix list.
Permitted	Number of routes that match a route-policy.
Description	Description of an IPv4 prefix list. This field is displayed only after a description is configured using the ip ip-prefix ip-prefix-name description text command.
Denied	Number of routes that do not match the route-policy.
index	Index of the entry in the IPv4 prefix list.
permit	Contents of the entry in the IPv4 prefix list.
ge 17	The mask is greater than or equal to 17.
le 18	The mask is less than or equal to 18.

display ip ipv6-prefix

Function

display ip ipv6-prefix displays the configuration of IPv6 prefix lists.

Format

display ip ipv6-prefix [ ipv6-prefix-name ]

Parameters

Parameter	Description	Value
ipv6-prefix-name	Displays the configuration of an IP prefix list with a specified name. If ipv6-prefix-name is not specified, the configuration of all the configured IPv6 prefix lists is displayed.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

An IPv6 prefix list is used to filter IPv6 addresses. To achieve the following purposes, run the display ip ipv6-prefix command:

View detailed configuration of a configured IPv6 prefix list.
Check whether an IPv6 prefix list is deleted after running the undo ip ipv6-prefix command.
View the number of routes that do or do not match the route-policy in an IPv6 prefix list.

Precautions

The display ip ipv6-prefix command:

Displays the configuration of a specified IPv6 prefix list if the name of the IPv6 prefix list is specified.
Displays the configuration of all IPv6 prefix lists if no IPv6 prefix list name is specified.
Does not display information if no IPv6 prefix list exists in the system or the queried IPv6 prefix list does not exist.

Before collecting the number of routes that do or do not match the route-policy in an IPv6 prefix list within a certain period, run the reset ip ipv6-prefix command to clear existing statistics.

Example

# Display the configuration of all the IPv6 prefix lists.

<Huawei> display ip ipv6-prefix

  Prefix-list6 abc
  Description prefixok 
  Permitted 0
  Denied 0
  index:   10             permit  ::/0
  index:   20             permit  ::/1              ge  1   le  128

Table 10-199 Description of the display ip ipv6-prefix command output

Item	Description
Prefix-list6	Name of an IPv6 prefix list.
Description	Description of an IPv6 prefix list. This field is displayed only after a description is configured using the ip ipv6-prefix ipv6-prefix-name description text command.
Permitted	Number of routes that match a route-policy.
Denied	Number of routes that do not match a route-policy.
index	Index of the entry in the IPv6 prefix list.
permit	Contents of the entry in the IPv6 prefix list.
ge	Greater than or equal to.
le	Less than or equal to.

display ip rd-filter

Function

The display ip rd-filter command displays the configuration of the route distinguisher (RD) filter.

Format

display ip rd-filter [ rd-filter-number ]

Parameters

Parameter	Description	Value
rd-filter-number	Displays the configuration of a RD filter with a specified number.	The value is an integer ranging from 1 to 255.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The RD attribute is carried in VPN routes. An RD filter is used to filter VPN routes.

You can run the display ip rd-filter command to:

View detailed information about a configured RD filter.
Check whether an RD filter is successfully deleted after running the undo ip rd-filter command.

Precautions

The display ip rd-filter command:

Displays the configuration information about a specified RD filter, if the number of RD filter is specified.
Displays the configuration information about all RD filters, if the number of the RD filter is not specified.
Does not display any information, if the RD filter does not exist in the system or the RD filter that is queried does not exist.

Example

# Display the configured RD filter.

<Huawei> display ip rd-filter

Route Distinguisher Filter 1

        permit 10.1.1.1:1 10.2.2.2:* 100:1 200:*

Route Distinguisher Filter 2

        deny 1:1 2:2

        permit 1:* 2:*

Table 10-200 Description of the display ip rd-filter command output

Item	Description
Route Distinguisher Filter	Number of the RD filter
permit	Matching mode: permit
deny	Matching mode: deny

display route-policy

Function

The display route-policy command displays the configuration of the Route-Policy.

Format

display route-policy [ route-policy-name ]

Parameters

Parameter	Description	Value
route-policy-name	Displays the configuration of a routing policy with a specified name.	The name is a string of 1 to 40 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

To the configuration of the Route-Policy, run display route-policy command.

Example

# Display the routing policy named policy1.

<Huawei> display route-policy policy1

Route-policy : policy1

state : active

  permit : 10 (matched counts: 2)

    Match clauses :

        if-match acl 2000

    Apply clauses :

        apply cost 100

        apply tag 100

Table 10-201 Description of the display route-policy command output

Item	Description
Route-policy	Name of the routing policy
state	Route-policy state: active: The route-policy can be used normally. inactive: The route-policy cannot be used normally, and all services bound to the route-policy fail to match the route-policy.
permit	Matching mode and node index of the routing policy
matched counts: 2	Number of nodes that routes are matched in a routing policy
Match clauses	Matching condition list
Apply clauses	Apply clause list

goto next-node

Function

The goto next-node command further matches routes against a specified node after the routes match the current node.

The undo goto next-node command restores the default configuration.

By default, if a route matches the current node, it matches the route-policy and is no longer matched against other nodes.

Format

goto next-node [ node ]

undo goto next-node

Parameters

Parameter	Description	Value
node	Specifies the index of a node against which routes are further matched.	The value is an integer ranging from 1 to 65535 and must be greater than the index of the current node.

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The relationship among the matching rules of nodes in the same route-policy is OR. Specifically, if a route matches a node, it matches the route-policy and is no longer matched against other nodes. If you want the route to be matched against two or more nodes, run the goto next-node [ node ] command so that the route is further matched against a specified node after the route matches the current node.

If node is not specified in the command, the route will be further matched against the next node of the current node by default.

If the node specified in the command does not exist, the route will be further matched against the next node of the specified node by default. If the next node of the specified node does not exist either, the route fails to match the route-policy, and no apply clause will be applied to the route.

Precautions

If the goto next-node command is run in the route-policy view and a route matches all the specified nodes, the apply clauses of these nodes will be applied to the route.

If the route fails to match one node, the route is matched against the next node until it succeeds in matching a node, and then the apply clauses of the nodes that the route matches will be applied to the route. If the route fails to match all nodes, no apply clauses will be applied to the route.

If the goto next-node command is run for multiple nodes, and QoS policy propagation on BGP (QPPB) policies are configured for these nodes using one or more of the apply ip-precedence, apply qos-local-id, apply behavior, and apply traffic-index commands, only the configuration of the last node takes effect.

In the same route-policy, a maximum of 50 nodes can be specified using the command.

In the same route-policy, if this command is configured to match routes against multiple nodes, a maximum of 10 AS numbers, 16 RT extended community attributes, 16 color extended community attributes, and 36 community attributes can be added to the routes that match the nodes; if multiple community filters are used in the same route-policy to delete community attributes from the routes that match filtering conditions, only the first community filter takes effect.

Example

# Configure a route-policy named aaa to further match routes against node 20 after the routes match node 10.

<Huawei> system-view

[Huawei] route-policy aaa permit node 10

[Huawei-route-policy] if-match tag 123

[Huawei-route-policy] apply cost 10

[Huawei-route-policy] goto next-node 20

[Huawei-route-policy] quit

[Huawei] route-policy aaa permit node 20

[Huawei-route-policy] if-match mpls-label

[Huawei-route-policy] apply local-preference 30

if-match acl (Route-Policy view)

Function

The if-match acl command sets a matching rule that is based on the Access Control List (ACL).

The undo if-match acl command deletes the matching rule based on the specified ACL.

By default, no matching rule based on the ACL is configured.

Format

if-match acl { acl-number | acl-name }

undo if-match acl { acl-number | acl-name }

Parameters

Parameter	Description	Value
acl-number	Specifies the number of a basic ACL.	The value is an integer ranging from 2000 to 2999.
acl-name	Specifies the name of a named ACL.	The value is a string of 1 to 32 case-sensitive characters without spaces. The value must start with a letter (case sensitive).

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can run the if-match acl command to set a matching rule based on the ACL to match IPv4 prefixes.

Prerequisites

The if-match acl command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes using the ACL. Routes that match the ACL will be checked by other if-match clauses of this node. Routes that do not match the ACL will be checked by the next node.

An ACL name is a character string that starts with a letter. For example, 2a is an invalid ACL name.

The if-match acl command and the if-match ip-prefix command are mutually exclusive. If you run the if-match ip-prefix command after running the if-match acl command, the configuration of the if-match ip-prefix command overrides the configuration of the if-match acl command.

For a named ACL, when the rule command is used to configure a filtering rule, the filtering rule is effective only with the source address range that is specified by the source parameter and with the time period that is specified by the time-range parameter.

Example

# Set a matching rule that is based on ACL 2000.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match acl 2000

if-match as-path-filter

Function

The if-match as-path-filter command creates a matching rule based on the AS_Path filter.

The undo if-match as-path-filter command deletes a matching rule based on the specified AS_Path filter.

By default, no matching rule based on the AS_Path filter is configured.

Format

if-match as-path-filter { as-path-filter-number &<1-16> | as-path-filter-name }

undo if-match as-path-filter [ as-path-filter-number &<1-16> | as-path-filter-name ]

Parameters

Parameter	Description	Value
as-path-filter-number	Specifies the number of an AS_Path filter. A maximum of 16 AS_Path filters can be specified.	The value is an integer ranging from 1 to 256.
as-path-filter-name	Specifies the name of the AS_Path filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The value cannot contain only numerals. NOTE: When double quotation marks are used around the string, spaces are allowed in the string.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The AS_Path attribute is the private attribute of BGP. The if-match as-path-filter command is applicable to only BGP routes. The ip as-path-filter command must be used to define an AS_Path filter so that the matching rule based on this AS_Path filter can take effect. For example:

If the if-match as-path-filter 1 command is used but AS_Path filter 1 is not configured, all routes are permitted, that is, all routes match the matching rule.
If the if-match as-path-filter 1 command after the ip as-path-filter 1 permit *20 command is used, the BGP routes with the AS_Path attribute being 20 are permitted.

Multiple if-match as-path-filter clauses can be specified. The relationship between if-match as-path-filter clauses is "OR". The relationship between if-match clauses is "AND".

Prerequisites

Before running the if-match as-path-filter command, run the ip as-path-filter command to configure an AS_Path filter.

Precautions

The routing policy matches routes using the AS-Path filter. Routes that match the AS-Path filter will be checked by other if-match clauses of this node. Routes that do not match the AS-Path filter will be checked by the next node.

A maximum of 16 AS_Path filters can be specified. The relationship between these AS_Path filters is OR. Specifically, if a route matches one of these AS_Path filters, it matches the matching rules of the command.

Example

# Configure AS_Path filter 2 to permit AS200 and AS300. Create a routing policy named test, and define AS_Path filter 2 in an if-match clause for node 10 of the routing policy.

<Huawei> system-view

[Huawei] ip as-path-filter 2 permit _200_300

[Huawei] route-policy test permit node 10

[Huawei-route-policy] if-match as-path-filter 2

if-match extcommunity-list

Function

The if-match extcommunity-list command sets a matching rule that is based on an extcommunity filter.

The undo if-match extcommunity-list command cancels the configuration.

By default, no matching rules based on extcommunity filters are set.

Format

if-match extcommunity-list color extcomm-list-name

undo if-match extcommunity-list color extcomm-list-name

Parameters

Parameter	Description	Value
color extcomm-list-name	Specifies the name of a Color extcommunity filter.	The value is a string of 1 to 51 case-sensitive characters, spaces not supported. A name containing digits only is not supported. NOTE: The string can contain spaces if it is enclosed in double quotation marks (").

Views

Route-policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Extended community attributes help flexibly control a route-policy. To enable a node to filter routes based on an extcommunity filter, run the if-match extcommunity-list command. This configuration sets a matching rule that is based on the extcommunity filter. The action specified by the apply clause can be performed to change certain route attributes only when the routing information matches the matching rule.

The if-match extcommunity-list command must be used together with the ip extcommunity-list command. For example:

If the if-match extcommunity-list color aa command is run but the extcommunity-filter color aa command is not run, all the routes are permitted.
If both the if-match extcommunity-list color aa command and the ip extcommunity-list color basic aa permit 10 command are run, routes with the Color value being 10 are permitted.

Configuration Impact

Routes are filtered based on extcommunity attributes. Those with the specified extcommunity attributes are permitted and those without the specified extcommunity attributes are denied.

Example

# Define a rule to match routes based on a specified Color extcommunity filter.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match extcommunity-list color aa

if-match community-filter

Function

The if-match community-filter command creates a matching rule based on the community filter.

The undo if-match community-filter command deletes the matching rule based on the specified community filter.

By default, no matching rule based on the community filter is configured.

Format

if-match community-filter { basic-comm-filter-num [ whole-match ] | adv-comm-filter-num } &<1-16>

if-match community-filter comm-filter-name [ whole-match ]

undo if-match community-filter [ basic-comm-filter-num | adv-comm-filter-num ] &<1-16>

undo if-match community-filter comm-filter-name

Parameters

Parameter	Description	Value
basic-comm-filter-num	Specifies the number of a basic community filter.	The value is an integer ranging from 1 to 99.
adv-comm-filter-num	Specifies the number of an advanced community filter.	The value is an integer ranging from 100 to 199.
comm-filter-name	Specifies the name of a community filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The string cannot be all numerals. When double quotation marks are used around the string, spaces are allowed in the string.
whole-match	Indicates complete matching. That is, all the communities in the command must be matched. Complete matching is valid only for the basic community filter.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The community attribute is a private attribute of BGP. The if-match community-filter command is applicable to only BGP routes. The ip community-filter command must be used to define a community filter so that the matching rule based on this community filter can take effect. For example:

If the if-match community-filter 1 command is used but community filter 1 is not configured, all routes are permitted, that is, all routes can match the matching rule.
If the if-match community-filter 1 command is used after the ip community-filter 1 permit 1:1 command is used, the BGP routes with the community attribute being 1:1 are permitted.

Multiple if-match community-filter clauses can be specified. The relationship between if-match community-filter clauses is "OR". The relationship between if-match clauses is "AND".

Prerequisites

Before using the if-match community-filter command, you must use the ip community-filter command to configure a community filter.

The if-match community-filter command can be used only after a route-policy is configured by using the route-policy command.

Precautions

The routing policy matches routes using the community filter. Routes that match the community filter will be checked by other if-match clauses of this node. Routes that do not match the community filter will be checked by the next node.

A maximum of 16 community filters can be configured in the if-match community-filter command.

The parameter whole-match is valid only for its front community filter number. If multiple community filters are specified in the if-match community-filter command and packets are required to completely match each filter, you need to specify the parameter whole-match behind each community filter and it is valid to only the basic community filter.

The name of a community filter cannot be all numerals.

Example

# Set a matching rule that is based on the community filter 1.

<Huawei> system-view

[Huawei] ip community-filter 1 permit 100:200

[Huawei] route-policy test permit node 10

[Huawei-route-policy] if-match community-filter 1

# Set the complete matching rule for community attribute filters 1 and 2.

<Huawei> system-view

[Huawei] route-policy test permit node 11

[Huawei-route-policy] if-match community-filter 1 whole-match 2 whole-match

# Set a matching rule that is based on the community filter named aa.

<Huawei> system-view 
[Huawei] route-policy test permit node 12 
[Huawei-route-policy] if-match community-filter aa

if-match cost

Function

The if-match cost command creates a matching rule based on the route cost.

The undo if-match cost command deletes the matching rule based on the specified route cost.

By default, no matching rule based on the route cost is configured.

Format

if-match cost cost

undo if-match cost

if-match cost { greater-equal greater-equal-value [ less-equal less-equal-value ] | less-equal less-equal-value }

Parameters

Parameter	Description	Value
cost	Specifies the route cost. Route costs can be changed to prevent routing loops.	The value is an integer ranging from 0 to 4294967295.
greater-equal greater-equal-value	Specifies the minimum value of route cost.	The value is an integer ranging from 0 to 4294967294.
less-equal less-equal-value	Specifies the maximum value of route cost. less-equal-value is demanded to be greater than greater-equal-value.	The value is an integer ranging from 1 to 4294967295.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can use the if-match cost command to configure a node to filter routes based on the route costs. After such a matching rule is configured, you can apply the apply clauses to change the attributes of the routes that match the matching rule.

Prerequisites

The if-match cost command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on the route cost. Routes that match the route cost will be checked by other if-match clauses of this node. Routes that do not match the route cost will be checked by the next node.

Example

# Match the route with the cost 8.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match cost 8

if-match extcommunity-filter

Function

The if-match extcommunity-filter command sets a matching rule that is based on the extended community filter.

The undo if-match extcommunity-filter command deletes the matching rule based on the specified extended community filter.

By default, no matching rule based on the extended community filter is configured.

Format

if-match extcommunity-filter { { basic-extcomm-filter-num | adv-extcomm-filter-num } &<1-16> | extcomm-filter-name }

undo if-match extcommunity-filter [ [ basic-extcomm-filter-num | adv-extcomm-filter-num ] &<1-16> | extcomm-filter-name ]

Parameters

Parameter	Description	Value
basic-extcomm-filter-num	Specifies the number of a basic extended community filter.	It is an integer ranging from 1 to 199.
adv-extcomm-filter-num	Specifies the number of an advanced extended community filter.	It is an integer ranging from 200 to 399.
extcomm-filter-name	Specifies the name of an extended community filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The string cannot be all numerals.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The extended community attributes help flexibly control the routing policy. You can use the if-match extcommunity-filter command to configure a node to filter routes based on the extended community filter.

The if-match extcommunity-filter command is applicable to only BGP routes and must work in conjunction with the ip extcommunity-filter command. For example:

If the if-match extcommunity-filter 1 command is used but the extended community filter 1 is not configured, all routes are permitted, that is, all routes can match the matching rule.
If the if-match extcommunity-filter 1 command is used after the ip extcommunity-filter 1 permit rt 1:1 command is used, the BGP routes with the extended community attribute being 1:1 are permitted.

Multiple if-match extcommunity-filter clauses can be specified. The relationship between if-match extcommunity-filter clauses is "OR". The relationship between if-match clauses is "AND".

Prerequisites

Before using the if-match extcommunity-filter command, you must use the ip extcommunity-filter command to configure an extended community filter.

Precautions

The routing policy matches routes using the extended community filter. Routes that match the extended community filter will be checked by other if-match clauses of this node. Routes that do not match the extended community filter will be checked by the next node.

A maximum of 16 extended community filters can be configured in the if-match extcommunity-filter command. The relationship between these AS_Path filters is OR. Specifically, if a route matches one of these AS_Path filters, it matches the matching rules of the command.

Example

# Define a rule to match the routes of the specified extended community filter.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match extcommunity-filter 100

ip extcommunity-list

Function

The ip extcommunity-list command specifies extended community attributes for BGP routes.

The undo ip extcommunity-list command disables this function.

By default, no extended community attribute is specified for BGP routes.

Format

ip extcommunity-list color basic basic-extcomm-list-name [ index index-value ] { deny | permit } { color-value } &<1-16>

undo ip extcommunity-list color basic basic-extcomm-list-name [ index index-value ]

Parameters

Parameter	Description	Value
color basic basic-extcomm-list-name	Specifies the name of a Color extcommunity list.	The value is a string of 1 to 51 case-sensitive characters, spaces not supported. A name containing digits only is not supported. NOTE: The character string can contain spaces if it is enclosed in double quotation marks (").
index index-value	Specifies the index of a matched item in the Color extcommunity list.	The value is an integer ranging from 1 to 4294967295. By default, the number starts from 10 and is incremented by 10 based on the configuration sequence. NOTE: A Color extended community attribute list supports a maximum of 65535 indexes.
deny	Sets the matching mode of an extcommunity filter to deny.	-
permit	Sets the matching mode of an extcommunity filter to permit.	-
color-value	Specifies a value for the Color extcommunity attribute.	The value is an integer ranging from 1 to 4294967295.

Each entry in a Color extcommunity list has an index, which is specified using the index-value parameter. If no index is configured for a new entry, an index is generated based on the following rules by default:

The index of a new entry is generated from the index of the last entry in the same Color extcommunity list plus 10. The index of each new entry is incremented by 10.
If the index of a new entry is 4294967286 and then another entry is created with no index specified, the default index of the latter entry uses the index of the last created entry in the same Color extcommunity list plus 1. This is because an index cannot exceed 4294967295. Indexes are increased at intervals of 1 until an index reaches 4294967295, and since then you need to manually specify an index for each subsequent new entry; otherwise, the configuration fails.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An extcommunity filter can be used as a matching condition in a route-policy.

The relationship between the rules configured in an extcommunity list is OR.

For example, a Color extcommunity list can be configured in either of the following formats, and the filtering result is the same.

Format 1:

ip extcommunity-list color basic aa permit 10 20

Format 2:

ip extcommunity-list color basic aa permit 10

ip extcommunity-list color basic aa permit 20

To delete the extcommunity filter of a single node, run the undo ip extcommunity-list command.

To view the detailed configuration of an extcommunity filter, run the display ip extcommunity-list command.

Follow-up Procedure

Run the route-policy-change notify-delay command to set a delay for the RM module to instruct the protocols to re-apply the route-policy after the route-policy changes.

Configuration Impact

The ip extcommunity-list command is used to filter routes based on the Color attribute. The routes that hit the if-match clause are permitted and the unmatched routes are denied.

Precautions

By default, an extended community filter works in deny mode. Specifically, a route that has not been permitted in a filtering is denied by this extcommunity filter. If all matching rules in an extcommunity filter work in deny mode, all routes are denied by the filter. To prevent this problem, configure one matching rule in permit mode after one or multiple matching rules in deny mode so that the routes except for those denied by the preceding matching rules are permitted by the filter.

Example

# Specify a Color extcommunity filter named aa for BGP routes.

<Huawei> system-view

[Huawei] ip extcommunity-list color basic aa permit 10

if-match interface

Function

The if-match interface command creates a matching rule based on the outbound interface.

The undo if-match interface command deletes the matching rule based on the specified outbound interface.

By default, no matching rule based on the outbound interface is configured.

Format

if-match interface { interface-type interface-number } &<1-16>

undo if-match interface [ interface-type interface-number ] &<1-16>

Parameters

Parameter	Description	Value
interface-type interface-number	Specifies the type and number of the outbound interface. A maximum of 16 outbound interfaces can be specified in the if-match interface command.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The if-match interface command is used to filter routes based on the outbound interfaces.

A maximum of 16 outbound interfaces can be configured in this command.

If a node contains multiple if-match interface clauses, the relationship between the if-match interface clauses is OR. If a node contains both if-match interface clauses and other if-match clauses with different matching rules, the relationship between the if-match interface clauses and other if-match clauses is AND. For example, if a node contains if-match interface 10ge1/0/1, if-match interface 10ge1/0/2, and if-match acl 2000 clauses, if-match interface 10ge1/0/1 and if-match interface 10ge1/0/2 are ORed, whereas if-match interface 10ge1/0/1 and if-match acl 2000 are ANDed.

Prerequisites

The if-match interface command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on outbound interface information. Routes that match the outbound interface information will be checked by other if-match clauses of this node. Routes that do not match the outbound interface information will be checked by the next node.

Example

# Define a rule to match the routes with the outbound interface GE1/0/0.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match interface gigabitethernet 1/0/0

if-match ip

Function

The if-match ip command creates a matching rule based on IP information.

The undo if-match ip command deletes the matching rule based on specified IP information.

By default, no matching rule based on IP information is configured.

Format

if-match ip { next-hop | route-source | group-address } { acl { acl-number | acl-name } | ip-prefix ip-prefix-name }

undo if-match ip { next-hop | route-source | group-address } [ acl { acl-number | acl-name } | ip-prefix ip-prefix-name ]

Parameters

Parameter	Description	Value
next-hop	Specifies the next hop address.	-
route-source	Specifies the source address of routes.	-
group-address	Indicates the IP address of the multicast group.	The value is in dotted decimal notation.
acl	Indicates route filtering using the ACL.	-
acl-number	Specifies the number of a basic ACL.	The value is an integer ranging from 2000 to 2999.
acl-name	Specifies the name of a basic ACL.	The value is a string of 1 to 32 case-sensitive characters without spaces. The value must start with a letter (case sensitive).
ip-prefix ip-prefix-name	Specifies the name of an IP prefix list that is used to filter routes.	The value is a string of case-sensitive characters without space and ranges from 1 to 169.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An ACL or IP prefix must be configured before running the if-match ip command so that the matching rule can take effect. For example:

If the if-match ip next-hop ip-prefix aa command is used but the IP prefix aa is not configured, all routes are permitted, that is, all routes match the matching rule. This rule also applies to ACL.
If the if-match ip next-hop ip-prefix aa and ip ip-prefix aa permit 10.1.1.1 32 commands are used, the routes with the next hop being 10.1.1.1 is permitted. This rule also applies to ACL.

Prerequisites

The if-match ip command can be used only after the route-policy command is used.

Before running the if-match ip command, configure an ACL or an IP prefix.

Precautions

The routing policy matches routes based on the next hop address or source address. Routes that match the next hop address or source address will be checked by other if-match clauses of this node. Routes that do not match the next hop address or source address will be checked by the next node.

If the next hop address or source address of a route is 0.0.0.0, the system considers the mask length of the route as 0 to match the filtering rules by default.

If the next hop address or source address of a route to be filtered is not 0.0.0.0, by default, the system considers the mask length as 32 and matches the route.

When you run the rule command to configure a filtering rule in a named ACL, only the source and time-range parameters are valid for the filtering rule.

Example

# Set an IP prefix list named p1 to filter routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match ip next-hop ip-prefix p1

# Set a rule that source addresses of routes match ACL 2000 to filter routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match ip route-source acl 2000

if-match ip-prefix

Function

The if-match ip-prefix command creates a matching rule based on the IP prefix list.

The undo if-match ip-prefix command deletes the matching rule based on the specified IP prefix list.

By default, no matching rule based on the IP prefix list is configured in the routing policy.

Format

if-match ip-prefix ip-prefix-name

undo if-match ip-prefix ip-prefix-name

Parameters

Parameter	Description	Value
ip-prefix-name	Specifies the name of an IP address prefix list.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

Route-Policy view, Tunnel-selector view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The routing policy matches routes using the IP prefix list. Routes are either permitted or denied.

The ip ip-prefix command must be used so that the matching rule can take effect. For example:

If the if-match ip-prefix aa command is used but the IP prefix aa is not configured, all routes are permitted, that is, all routes match the matching rule.
If the if-match ip-prefix aa and ip ip-prefix aa permit 10.1.1.1 32 commands are used, the routes with the IP prefix being 10.1.1.1 and mask being 32 are permitted.

Prerequisites

The if-match ip-prefix command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on IP prefix information. Routes that match the IP prefix information will be checked by other if-match clauses of this node. Routes that do not match the IP prefix information will be checked by the next node.

The if-match acl and if-match ip-prefix commands cannot be used together in the same node of a routing policy, because the latest configuration will override the previous one.

Example

# Set an IP prefix list named p1 to filter routes.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match ip-prefix p1

if-match ipv6

Function

The if-match ipv6 command sets a matching rule that is based on IPv6 information.

The undo if-match ipv6 command deletes the matching rule based on specified IPv6 information.

By default, no matching rule based on IPv6 information is set.

Format

if-match ipv6 { address | next-hop | route-source } prefix-list ipv6-prefix-name

undo if-match ipv6 { address | next-hop | route-source } prefix-list ipv6-prefix-name

Parameters

Parameter	Description	Value
address	Matches the destination address of IPv6 routes.	-
next-hop	Matches the next hop of IPv6 routes.	-
route-source	Matches the source address of the advertised IPv6 routes.	-
prefix-list	Specifies the IP prefix list.	-
ipv6-prefix-name	Specifies the name of the IPv6 prefix list.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The ip ipv6-prefix command must be used to configure an IPv6 prefix so that the matching rule (based on the destination addresses, next hop addresses, or source addresses of IPv6 routes) configured through the if-match ipv6 command can take effect. Otherwise, all routes are permitted.

Prerequisites

The if-match ipv6 command can be used only after the route-policy command is used.

Before using the if-match ipv6 command, you must use the ip ipv6-prefix command to configure an IPv6 prefix.

Configuration Impact

When you filter routes based on the destination addresses, next hop addresses, or source addresses of IPv6 routes, the routes that match the matching rule are permitted and the routes that do not match the matching rule are denied.

If the next hop address or source address of a route to be filtered is 0::0, by default, the system matches the route considering that its mask length is 0.

If the next hop address or source address of a route to be filtered is not 0::0, by default, the system matches the route and considers its mask length as 128.

Creating an IPv6 prefix list before it is referenced is recommended. If a nonexistent IPv6 prefix list is referenced using the command, all routes match the IPv6 prefix list.

Example

# Define an if-match clause to match the related IPv6 routing information.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match ipv6 address prefix-list p1

[Huawei-route-policy] if-match ipv6 next-hop prefix-list p1

[Huawei-route-policy] if-match ipv6 route-source prefix-list p1

if-match mpls-label

Function

The if-match mpls-label command creates a matching rule based on the MPLS label.

The undo if-match mpls-label command deletes the matching rule based on the specified MPLS label.

By default, no matching rule based on the MPLS label is configured.

Format

if-match mpls-label

undo if-match mpls-label

Parameters

None

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In the scenario where inter-AS VPN Option C or Carrier Support Carrier (CSC) is deployed, you can use the if-match mpls-label command to allocate labels to public routes.

Prerequisites

The if-match mpls-label command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on the MPLS label. Routes that match the MPLS label will be checked by other if-match clauses of this node. Routes that do not match the MPLS label will be checked by the next node.

Example

# Assign MPLS labels to the routes that match the routing policy.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match mpls-label

if-match rd-filter

Function

The if-match rd-filter command creates a matching rule based on the RD filter.

The undo if-match rd-filter command deletes the matching rule based on the specified RD filter.

By default, no matching rule based on the RD filter is configured.

Format

if-match rd-filter rd-filter-number

undo if-match rd-filter

Parameters

Parameter	Description	Value
rd-filter-number	Specifies the number of an RD filter.	The value is an integer ranging from 1 to 255.

Views

Route-Policy view or tunnel-selector view.

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The if-match rd-filter command and the ip rd-filter command work together to filter routes based on RD attributes. For example:

If if-match rd-filter 1 is configured, but rd-filter 1 is not configured, then all current routes will be permitted.
If if-match rd-filter 1 is configured, and ip rd-filter 1 permit 1:1 has been configured, then routes with RD 1:1 will be permitted.

Prerequisites

The if-match rd-filter command must be run after the route-policy command is run.

Precautions

The routing policy matches routes using the RD filter. Routes that match the RD filter will be checked by other if-match clauses of this node. Routes that do not match the RD filter will be checked by the next node.

Example

# Define a matching rule to match an RD filter.

<Huawei> system-view

[Huawei] route-policy abc permit node 10

[Huawei-route-policy] if-match rd-filter 1

if-match route-type

Function

The if-match route-type command sets a matching rule that is based on the route type.

The undo if-match route-type command deletes the matching rule based on the specified route type.

By default, no matching rule based on the route type is configured.

Format

if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 }

undo if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 }

Parameters

Parameter	Description	Value
external-type1	Indicates OSPF external Type 1 routes.	-
external-type1or2	Indicates OSPF external routes.	-
external-type2	Indicates OSPF external Type 2 routes.	-
internal	Indicates internal routes, including OSPF inter-area routes and intra-area routes.	-
is-is-level-1	Indicates IS-IS Level-1 routes.	-
is-is-level-2	Indicates IS-IS Level-2 routes.	-
nssa-external-type1	Indicates NSSA external Type 1 routes.	-
nssa-external-type1or2	Indicates NSSA external routes.	-
nssa-external-type2	Indicates NSSA external Type 2 routes.	-

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can run the if-match route-type command to filter OSPF or IS-IS routes based on the route type.

Multiple if-match route-type clauses can be specified. The relationship between if-match route-type clauses is "OR". The relationship between if-match clauses is "AND".

Prerequisites

The if-match route-type command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on the route type. Routes that match the route type will be checked by other if-match clauses of this node. Routes that do not match the route type will be checked by the next node.

For the same node in a routing policy, if two if-match route-type clauses are the same, the latter if-match route-type will not override the previous if-match route-type. After the latter clause is configured, both clauses take effect simultaneously. The relationship between if-match route-type clauses is "OR". That is, the actions defined by apply clauses can be performed on a route as long as the route meets one of the matching rules. For example, if both the if-match route-type is-is-level-1 and if-match route-type external-type1or2 commands are configured on the same node of a route policy, both IS-IS Level-1 routes and OSPF external routes can match the route policy.

external-type1or2 refers to external-type1 or external-type2. For the same node in a route policy, configuring both the if-match route-type external-type1 and if-match route-type external-type2 is equivalent to configuring the if-match route-type external-type1or2 command. The two operations generate the same configuration file.

Similarly, nssa-external-type1or2 refers to nssa-external-type1 or nssa-external-type2. For the same node in a route policy, configuring both the if-match route-type nssa-external-type1 and if-match route-type nssa-external-type2 commands is equivalent to configuring the if-match route-type nssa-external-type1or2 command. The two operations generate the same configuration file.

Example

# Define a rule to match the routes of the specified type.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match route-type nssa-external-type1

if-match tag

Function

The if-match tag command sets a matching rule that is based on the route tag.

The undo if-match tag command deletes the matching rule based on the specified route tag.

By default, no matching rule based on the route tag is configured.

Format

if-match tag tag

undo if-match tag

Parameters

Parameter	Description	Value
tag	Indicates the tag value. Route tags classify routes as required. The same type of routes has the same tags. Routes are managed and controlled based on the tag by using the routing policy.	The value is an integer ranging from 0 to 4294967295.

Views

Route-Policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can run the if-match tag command to filter routes based on the tags.

Prerequisites

The if-match tag command can be used only after the route-policy command is used.

Precautions

The routing policy matches routes based on the route tag. Routes that match the route tag will be checked by other if-match clauses of this node. Routes that do not match the route tag will be checked by the next node.

Example

# Define a rule to match the OSPF routes with the tag value 8.

<Huawei> system-view

[Huawei] route-policy policy permit node 10

[Huawei-route-policy] if-match tag 8

ip as-path-filter

Function

The ip as-path-filter command creates an AS_Path filter.

The undo ip as-path-filter command deletes a specified AS_Path filter.

By default, no AS_Path filter is configured.

Format

ip as-path-filter { as-path-filter-number | as-path-filter-name } { deny | permit } regular-expression

undo ip as-path-filter { as-path-filter-number | as-path-filter-name } [ { deny | permit } regular-expression ]

Parameters

Parameter	Description	Value
as-path-filter-number	Specifies the number of an AS_Path filter.	The value is an integer ranging from 1 to 256.
as-path-filter-name	Specifies the name of an AS_Path filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The string cannot be all numerals. When double quotation marks are used around the string, spaces are allowed in the string.
deny	Sets the matching mode of the AS_Path filter to deny.	-
permit	Sets the matching mode of the AS_Path filter to permit.	-
regular-expression	Specifies the AS_Path regular expression. For details about a regular expression, see Filtering Command Outputs in the NetEngine AR600, AR6100, AR6200, and AR6300 Configuration Guide - Basic Configuration.	The value is a string of 1 to 255 characters, with spaces supported.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An AS_Path filter uses the regular expression to define matching rules. After an AS_Path filter is set, the RM module immediately instructs each protocol to apply the filter by default.

The AS_Path attribute is a private attribute of BGP, and is used to filter BGP routes.

The filter can be directly applied by using a command such as peer as-path-filter.
The filter can be used as a matching condition of a routing policy by using a command such as if-match as-path-filter zz.

Configuration Impact

Multiple rules, permit or deny, can be specified in an AS_Path filter. The relationship between theses rules is "OR". This means that if a route meets one of the matching rules, the route matches the AS_Path filter.

By default, AS_Path filters work in deny mode. If all matching rules in a filter are configured to work in deny mode, all routes are denied by the filter; to prevent this problem, configure one matching rule in permit mode after one or multiple matching rules in deny mode so that the routes except for those denied by preceding matching rules are permitted by the filter.

Follow-up Procedure

To view detailed configurations of the AS_Path filter, run the display ip as-path-filter command.

Example

# Create the AS_Path filter with the sequence number being 1, and permit routes that begin with 10 in the AS_Path to pass.

<Huawei> system-view

[Huawei] ip as-path-filter 1 permit ^10_

# Create the AS_Path filter 2, and permit routes that contain 20 in the AS_Path to pass through.

<Huawei> system-view

[Huawei] ip as-path-filter 2 permit _20_

# Create the AS_Path filter 3, and prohibit routes that contain 30 or 40 in the AS_Path from passing through.

<Huawei> system-view

[Huawei] ip as-path-filter 3 deny _30_
[Huawei] ip as-path-filter 3 deny _40_

[Huawei] ip as-path-filter 3 permit .*

ip community-filter

Function

The ip community-filter command creates a community filter.

The undo ip community-filter command deletes a community filter.

By default, no community filter is configured.

Format

ip community-filter { basic comm-filter-name | basic-comm-filter-num } { permit | deny } [ community-number | aa:nn | internet | no-export-subconfed | no-advertise | no-export ] &<1-20>

ip community-filter { advanced comm-filter-name | adv-comm-filter-num } { permit | deny } regular-expression

undo ip community-filter { basic comm-filter-name | basic-comm-filter-num } [ permit | deny ] [ community-number | aa:nn | internet | no-export-subconfed | no-advertise | no-export ] &<1-20>

undo ip community-filter { advanced comm-filter-name | adv-comm-filter-num } [ [ permit | deny ] regular-expression ]

Parameters

Parameter	Description	Value
basic comm-filter-name	Specifies the name of a basic community filter.	The value is a string of 1 to 51 case-sensitive characters. The string cannot be all digits. NOTE: When double quotation marks are used around the string, spaces are allowed in the string.
basic-comm-filter-num	Specifies the number of a basic community filter.	The value is an integer ranging from 1 to 99.
deny	Sets the matching mode of the community filter to deny.	-
permit	Sets the matching mode of the community filter to permit.	-
community-number	Specifies the community number.	The value is an integer ranging from 0 to 4294967295.
aa:nn	Specifies the community number. You can configure a maximum of 20 community numbers once. If you do not configure any one of internet, no-export-subconfed, no-advertise, and no-export, you can specify 20 community-number and aa:nn together. If you configure one of internet, no-export-subconfed, no-advertise, and no-export, you can specify 19 community-number and aa:nn together. If you configure two of internet, no-export-subconfed, no-advertise, and no-export, you can specify 18 community-number and aa:nn together. If you configure three of internet, no-export-subconfed, no-advertise, and no-export, you can specify 17 community-number and aa:nn together. If you configure all of internet, no-export-subconfed, no-advertise, and no-export, you can specify 16 community-number and aa:nn together.	aa and nn are integers ranging from 0 to 65535.
internet	Indicates that the matching routes can be sent to any peer.	-
no-export-subconfed	Indicates that routes are not advertised outside an AS. If an AS confederation is used, routes are not advertised to any other sub-ASs in the AS confederation.	-
no-advertise	Indicates that routes are not advertised to other peers.	-
no-export	Indicates that routes are not advertised outside an AS. If an AS confederation is used, routes are not advertised outside the AS confederation, but to other sub-ASs.	-
advanced comm-filter-name	Specifies the name of an advanced community filter.	The value is a string of 1 to 51 case-sensitive characters. The string cannot be all digits. NOTE: When double quotation marks are used around the string, spaces are allowed in the string.
adv-comm-filter-num	Specifies the number of an advanced community filter.	The value is an integer ranging from 100 to 199.
regular-expression	Specifies the regular expression used to match the community information. For details about the regular expression, see "Filtering Command Outputs" in the NetEngine AR600, AR6100, AR6200, and AR6300 Configuration Guide - Basic Configuration.	The value is a string of 1 to 255 case-sensitive characters, with spaces supported.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The community attribute is a private attribute of BGP, and can be used only to filter BGP routes. The community attribute can be used as a matching rule of a routing policy by using the ip community-filter and if-match community-filter commands together.

Precautions

Only the community number or known community attribute can be specified for a basic community filter. The regular expression can be used as a matching rule in an advanced community filter.

The ip community-filter basic comm-filter-name command or the ip community-filter basic-comm-filter-num command can be used to configure a basic community filter. basic comm-filter-name specifies the name of a basic community filter, and the name cannot be all digits. A maximum of 20 community numbers can be configured in one command. basic-comm-filter-num specifies only the basic community filter with the number ranging from 1 to 99. A maximum of 20 community numbers can be configured in one command.
The ip community-filter advanced comm-filter-name command or the ip community-filter adv-comm-filter-num command can be used to configure an advanced community filter. advanced comm-filter-name specifies the name of an advanced community filter, and the name cannot be all digits. adv-comm-filter-num specifies only the advanced community filter with the number ranging from 100 to 199.

The relationship between the rules of the community filter is "AND". This is different from the RD filter. This is because each route has only one RD but can have multiple communities.

For example, the community filters in the following formats have different matching results:

Format 1:

ip community-filter 1 permit 100:1 200:1 300:1

Format 2:

ip community-filter 1 permit 100:1

ip community-filter 1 permit 200:1 300:1

In the preceding configuration of the community filter, the community defined in each rule must be a sub-set of route communities so that the rule can be matched.

The apply comm-filter delete command run in the Route-Policy view deletes the specified community attribute from routes. An ip community-filter command can be used to specify community attributes but one such command specifies only one community attribute each time. To delete more than one community attribute, run the ip community-filter command multiple times. If multiple community attributes are specified in one filter, none of them can be deleted. For information about examples, see apply comm-filter delete.

A community filter must have been configured using the ip community-filter command before the filter is referenced by another command using comm-filter-num or comm-filter-name.

A community filter cannot be deleted using the undo ip community-filter command when it is being referenced using comm-filter-num or comm-filter-name. To delete the community filter, cancel the reference configuration first.

By default, Community filters work in deny mode. If all matching rules in a filter are configured to work in deny mode, all routes are denied by the filter; to prevent this problem, configure one matching rule in permit mode after one or multiple matching rules in deny mode so that the routes except for those denied by preceding matching rules are permitted by the filter.

Follow-up Procedure

Run the display ip community-filter command to view detailed configuration for the community filter.

Example

# Configure a basic community filter of which the sequence number is 1.

<Huawei> system-view

[Huawei] ip community-filter 1 deny internet

# Configure an advanced community filter of which the sequence number is 100.

<Huawei> system-view

[Huawei] ip community-filter 100 permit ^10

ip extcommunity-filter

Function

The ip extcommunity-filter command creates an extended community filter.

The undo ip extcommunity-filter command deletes an extended community filter.

By default, no extended community filter is configured.

Format

ip extcommunity-filter { basic-extcomm-filter-num | basic basic-extcomm-filter-name } { deny | permit } { rt { as-number:nn | 4as-number:nn | ipv4-address:nn } } &<1-16>

ip extcommunity-filter { advanced-extcomm-filter-num | advanced advanced-extcomm-filter-name } { deny | permit } regular-expression

undo ip extcommunity-filter { basic-extcomm-filter-num | basic basic-extcomm-filter-name } [ { deny | permit } { rt { as-number:nn | 4as-number:nn | ipv4-address:nn } } &<1-16> ]

undo ip extcommunity-filter { advanced-extcomm-filter-num | advanced advanced-extcomm-filter-name } [ regular-expression ]

Parameters

Parameter	Description	Value
deny	Sets the matching mode of the extended community filter to deny.	-
permit	Sets the matching mode of the extended community filter to permit.	-
rt	Sets the extended community filter type to RT.	-
as-number	Specifies an AS number.	The value is an integer ranging from 0 to 65535.
4as-number	Specifies a 4-byte AS number.	A 4-byte AS number is divided into the following types: It is an integer ranging from 65536 to 4294967295. It is in the format of x.y, where x and y are integers that range from 0 to 65535.
ipv4-address	Specifies an IPv4 address.	The value is in dotted decimal notation.
nn	Specifies an integer.	When the value of as-number is a 2-byte AS number, the value of nn ranges from 0 to 4294967295. When the value of 4as-number is a 4-byte AS number, the value of nn ranges from 0 to 65535. For ipv4-address, the value of nn ranges from 0 to 65535.
basic-extcomm-filter-num	Specifies the number of a basic extended community filter.	The value is an integer ranging from 1 to 199.
basic basic-extcomm-filter-name	Specifies the name of a basic extended community filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The value cannot contain only numerals. When double quotation marks are used around the string, spaces are allowed in the string.
advanced-extcomm-filter-num	Specifies the number of an advanced extended community filter.	The value is an integer ranging from 200 to 399.
advanced advanced-extcomm-filter-name	Specifies the name of an advanced extended community filter.	The name is a string of 1 to 51 case-sensitive characters without spaces. The value cannot contain only numerals. When double quotation marks are used around the string, spaces are allowed in the string.
regular-expression	Specifies the regular expression used to match the extended community information. For details about a regular expression, see "Filtering Command Outputs" in the NetEngine AR600, AR6100, AR6200, and AR6300 Configuration Guide - Basic Configuration.	It is a string of 1 to 255 space-tolerant characters.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

The extended community attribute is a private attribute of BGP, and can be used only to filter BGP routes. The extended community attribute can be used as a matching rule of a routing policy by using the ip extcommunity-filter and if-match extcommunity-filter commands together. Currently, only the RT extended community attribute is supported.

The relationship between ip extcommunity-filter commands with the same extended community filter number specified is "AND".

Run the display ip extcommunity-filter command to view detailed configuration for the extended community filter.

Precautions

By default, extended community filters work in deny mode. If all matching rules in a filter are configured to work in deny mode, all routes are denied by the filter; to prevent this problem, configure one matching rule in permit mode after one or multiple matching rules in deny mode so that the routes except for those denied by preceding matching rules are permitted by the filter.

Example

# Configure an RT extended community filter of which the sequence number is 1.

<Huawei> system-view

[Huawei] ip extcommunity-filter 1 deny rt 200:200

ip ip-prefix

Function

The ip ip-prefix command creates an IPv4 prefix list or an entry in an IPv4 prefix list.

The undo ip ip-prefix command deletes an IPv4 prefix list or an entry from an IPv4 prefix list.

By default, no IPv4 prefix list is created.

Format

ip ip-prefix ip-prefix-name [ index index-number ] { permit | deny } ipv4-address mask-length [ match-network ] [ greater-equal greater-equal-value ] [ less-equal less-equal-value ]

undo ip ip-prefix ip-prefix-name [ index index-number ]

ip ip-prefix ip-prefix-name description text

undo ip ip-prefix ip-prefix-name description [ text ]

Parameters

Parameter	Description	Value
ip-prefix-name	Specifies the name of an IPv4 prefix list.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
index index-number	Specifies the sequence number of an entry in the IPv4 prefix list.	The value is an integer that ranges from 1 to 4294967295. By default, the sequence number increases by 10 according to the configuration order, and the first sequence number is 10. NOTE: A maximum of 65535 entries can be configured in an IP prefix list.
permit	Specifies the matching mode of the IP prefix list as permit. In permit mode, if the IP address to be filtered is within the defined prefix range, the IP address matches the routing policy and does not continue to match the next entry. Otherwise, the IP address continues to match the next entry.	-
deny	Specifies the matching mode of the IP prefix list as deny. In deny mode, if the IP address to be filtered is within the defined prefix range, the IP address fails to match the routing policy and cannot match the next entry. Otherwise, the IP address continues to match the next entry.	-
ipv4-address	Specifies an IP address.	The value is in dotted decimal notation.
mask-length	Specifies the mask length.	The value is an integer that ranges from 0 to 32.
match-network	Matches the network address. match-network is used to filter routes to a specified IP address and can be configured only when ipv4-address is 0.0.0.0. For example, the ip ip-prefix prefix1 permit 0.0.0.0 8 command filters all routes with mask length 8, while the ip ip-prefix prefix1 permit 0.0.0.0 8 match-network command filters all routes to the IP address range from 0.0.0.1 to 0.255.255.255.	-
greater-equal greater-equal-value	Specifies the lower threshold of the mask length. If greater-equal greater-equal-value and less-equal less-equal-value are not specified, the value of mask-length is the mask length.	greater-equal-value must meet the following requirement: mask-length ≤ greater-equal-value ≤ less-equal-value ≤ 32. If greater-equal is configured, the mask ranges from greater-equal-value to 32.
less-equal less-equal-value	Specifies the upper threshold of the mask length. If greater-equal greater-equal-value and less-equal less-equal-value are not specified, the value of mask-length is the mask length.	less-equal-value must meet the following requirement: mask-length ≤ greater-equal-value ≤ less-equal-value ≤ 32. If less-equal is configured, the mask ranges from mask-length to less-equal-value.
description text	Specifies the description of the IP prefix list.	The value is a string of 1 to 80 case-sensitive characters without spaces. If the string is enclosed within double quotation marks ("), the string can contain spaces.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The ip ip-prefix command is used to configure an IPv4 prefix list. An IP prefix can be used as a filter by various protocols or used together with a routing policy.

The ip ip-prefix command can be used together with the following commands to filter routing information to be advertised globally based on an IP prefix list:
- filter-policy export (RIP)
- filter-policy export (OSPF)
- filter-policy export (IS-IS)
- filter-policy export (BGP)
- filter-policy export (BGP)
The ip ip-prefix command can be used together with the following commands to filter routing information to be accepted globally based on an IP prefix list:
- filter-policy import (RIP)
- filter-policy import (OSPF)
- filter-policy import (IS-IS)
- filter-policy import (BGP)
- filter-policy import (BGP)
The ip ip-prefix command can be used together with the following commands to configure a route filtering policy based on an IP prefix list for a specific peer:
- peer ip-prefix (BGP)
The ip ip-prefix command can be used together with the following commands to configure a route filtering policy based on an IP prefix list for a specific peer:
- peer ip-prefix (BGP)
The import-route isis level-1 into level-2 filter-policy ip-prefix ip-prefix-name [ tag tag ] command configures route leak from an IS-IS Level-1 area to a Level-2 area based on an IP prefix list.
The import-route isis level-2 into level-1 filter-policy ip-prefix ip-prefix-name [ tag tag ] command configures route leak from an IS-IS Level-2 area to a Level-1 area based on an IP prefix list.
The ip ip-prefix command and the if-match ip-prefix command can be used together to test received or sent routes based on an IP prefix list.

An IP prefix list can contain multiple entries with each entry specifying an IP prefix range. The relationship between the entries is "OR". That is, if a route matches one entry, the route matches the IP prefix list; if a route does not match any entry, the route fails to match the IP prefix list.

An IP prefix range is determined by mask-length and [greater-equal-value, less-equal-value]. If mask-length and [greater-equal-value, less-equal-value] are specified, an IP address must match the specified prefix range.

When the value of ipv4-address is 0.0.0.0, a wildcard address, all routes within the mask length range are permitted or denied no matter what value the mask length is specified as.

For example, the five routes to 10.1.1.0/24, 10.1.1.1/32, 10.1.1.0/26, 10.2.2.0/24, and 10.1.0.0/16 are filtered based on different IP prefix lists, and the results are different.

Single-Node Matching
- Case 1:
```
ip ip-prefix aa index 10 permit 10.1.1.0 24
```
  Matching result: The route 10.1.1.0/24 is permitted, and the other routes are denied.
  
  Note: This is a single-node accurate matching case, which indicates that only the route whose destination IP address and mask are the same as those specified by the IP prefix meets the matching conditions. In this case, permit is configured as the matching mode. Therefore, the route 10.1.1.0/24 is permitted, and the other routes are denied because they do not meet the matching conditions.
- Case 2:
```
ip ip-prefix aa index 10 deny 10.1.1.0 24
```
  Matching result: All routes are denied.
  
  Note: This is also a single-node accurate matching case, which indicates that only the route whose destination IP address and mask are the same as those specified by the IP prefix meets the matching conditions. In this case, deny is configured as the matching mode. Therefore, all routes are denied, regardless of whether they meet the matching conditions.
Multi-Node Matching
- Case 1:
```
ip ip-prefix aa index 10 deny 10.1.1.0 24
ip ip-prefix aa index 20 permit 10.1.1.1 32
```
  Matching result: The route 10.1.1.0/24 is denied; the route 10.1.1.1/32 is permitted; the other routes are denied.
  Note: This is a multi-node accurate matching case.
  - When the route 10.1.1.0/24 is matching node 10 (node with the index 10), it meets the matching conditions but is denied because the matching mode is deny.
  - When the route 10.1.1.1/32 is matching node 10, it does not meet the matching conditions and continues to match node 20 (node with the index 20). Because this route matches the matching conditions of node 20, and the matching mode of node 20 is permit, this route is permitted.
  - Other routes do not meet the matching conditions of nodes 10 and 20, and these routes are denied by default.
- Case 2:
```
ip ip-prefix aa index 10 permit 10.1.1.0 24 less-equal 32
```
  Configuration result: mask-length is 24, and less-equal-value is 32.
  
  Matching result: The routes with the mask length ranging from 24 to 32 are permitted, and the other routes are denied.
  
  When configuring greater-equal and less-equal, ensure that their values meet the requirement: mask-length ≤ greater-equal-value ≤ less-equal-value. Otherwise, the configuration fails.
- Case 3:
```
ip ip-prefix aa index 10 permit 10.1.1.0 24 greater-equal 26
```
  Configuration result: greater-equal-value is 26, and less-equal-value is 32.
  
  Matching result: The routes with the mask length ranging from 26 to 32 are permitted, and the other routes are denied.
- Case 4:
```
ip ip-prefix aa index 10 permit 10.1.1.0 24 greater-equal 26 less-equal 32
```
  Configuration result: greater-equal-value is 26, and less-equal-value is 32.
  
  Matching result: The routes with the mask length ranging from 26 to 32 are permitted, and the other routes are denied.
Wildcard-Address Matching
- Case 1:
```
ip ip-prefix aa index 10 permit 0.0.0.0 8 less-equal 32
```
  Configuration result: mask-length is 8, and less-equal-value is 32. Because the address 0.0.0.0 is a wildcard address, routes with the mask length ranging from 8 to 32 bits meet the matching conditions.
  
  Matching result: Routes with the mask length ranging from 8 to 32 bits are all permitted.
- Case 2:
```
ip ip-prefix aa index 10 deny 0.0.0.0 24 less-equal 32
ip ip-prefix aa index 20 permit 0.0.0.0 0 less-equal 32
```
  Configuration result: For node 10, mask-length is 24, and less-equal-value is 32. Because the address 0.0.0.0 is a wildcard address, routes with the mask length ranging from 24 to 32 bits are all denied. For node 20, mask-length is 0, and less-equal-value is 32. Because the address 0.0.0.0 is a wildcard address, all routes except the routes with the mask length ranging from 24 to 32 bits are permitted.
  
  Matching result: The routes with the mask length ranging from 24 to 32 is denied, and the other routes are permitted.
- Case 3:
```
ip ip-prefix aa index 10 deny 10.2.2.0 24
ip ip-prefix aa index 20 permit 0.0.0.0 0 less-equal 32
```
  Configuration result: For node 10, the route 10.2.2.0/24, which meets the matching conditions, is denied. For node 20, the other routes are all permitted.
  
  Matching result: All routes except the route 10.2.2.0/24 are permitted.

Example

# Configure the IP prefix list named p1 to permit only the routes with the mask length ranging from 17 to 18 on the network segment 10.0.0.0/8.

<Huawei> system-view

[Huawei] ip ip-prefix p1 permit 10.0.0.0 8 greater-equal 17 less-equal 18

# Configure the IP prefix list named p3 to deny the routes to the IP address ranging from 0.0.0.1 to 0.255.255.255.

<Huawei> system-view

[Huawei] ip ip-prefix p3 index 10 deny 0.0.0.0 8 match-network

[Huawei] ip ip-prefix p3 index 20 permit 0.0.0.0 0 less-equal 32

ip ipv6-prefix

Function

The ip ipv6-prefix command configures an IPv6 prefix list or an entry in an IPv6 prefix list.

The undo ip ipv6-prefix command deletes an IPv6 prefix list or an entry from an IPv6 prefix list.

By default, no IPv6 prefix list is created.

Format

ip ipv6-prefix ipv6-prefix-name [ index index-number ] { deny | permit } ipv6-address prefix-length [ match-network ] [ greater-equal greater-equal-value ] [ less-equal less-equal-value ]

undo ip ipv6-prefix ipv6-prefix-name [ index index-number ]

ip ipv6-prefix ipv6-prefix-name description text

undo ip ipv6-prefix ipv6-prefix-name description [ text ]

Parameters

Parameter	Description	Value
ipv6-prefix-name	Specifies the name of an IPv6 prefix list.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
index index-number	Specifies the sequence number of an entry in the IPv6 prefix list.	The value is an integer that ranges from 1 to 4294967295. By default, the sequence number increases by 10 according to the configuration order, and the first sequence number is 10. NOTE: A maximum of 65535 entries can be configured in an IPv6 prefix list.
permit	Specifies the matching mode of the IPv6 prefix list as permit. In permit mode, if the IPv6 address to be filtered is within the defined prefix range, the IPv6 address matches the routing policy and does not continue to match the next entry. Otherwise, the IPv6 address continues to match the next entry.	-
deny	Specifies the matching mode of the IPv6 prefix list as deny. In deny mode, if the IPv6 address to be filtered is within the defined prefix range, the IPv6 address fails to match the routing policy and cannot match the next entry. Otherwise, the IPv6 address continues to match the next entry.	-
ipv6-address	Specifies the IPv6 prefix range in the form of an IPv6 address. If :: is specified, the address 0::0 is matched.	-
prefix-length	Specifies the IPv6 prefix range using the mask length.	The value is an integer that ranges from 0 to 128. If ::0 less-equal 128 is used, all IPv6 addresses are matched.
match-network	Matches the network address. match-network is used to filter routes to a specified IPv6 address and can be configured only when ipv6-address is ::. For example, the ip ipv6-prefix prefix1 permit :: 96 command filters all IPv6 routes with mask length 96, while the ip ipv6-prefix prefix1 permit :: 96 match-network command filters all routes to the IPv6 address range from ::1 to ::FFFF:FFFF.	-
greater-equal greater-equal-value	Specifies the lower threshold of the mask length.	greater-equal-value must meet the following requirement: prefix-length ≤ greater-equal-value ≤ less-equal-value ≤ 128.
less-equal less-equal-value	Specifies the upper threshold of the mask length.	less-equal-value must meet the following requirement: prefix-length ≤ greater-equal-value ≤ less-equal-value ≤ 128.
description text	Specifies the description of the IPv6 prefix list.	The value is a string of 1 to 80 case-sensitive characters without spaces. If the string is enclosed within double quotation marks ("), the string can contain spaces.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

An IPv6 prefix list is used to filter IPv6 addresses. An IPv6 prefix list may contain multiple entries with each entry specifying an IPv6 prefix range. The relationship between the entries is "OR". That is, if a route matches one entry, the route matches the IPv6 prefix list; if a route does not match any entry, the route fails to match the IPv6 prefix list.

After an IPv6 prefix list is configured, by default, the RM module immediately instructs each protocol application to use the list to filter IPv6 addresses. To delay using an IPv6 prefix list to filter IPv6 addresses, run the route-policy-change notify-delay command to set the delay.

On the AR, all unmatched routes are filtered by default. If all entries are in deny mode, all routes are filtered. It is recommended to define a permit :: 0 less-equal 128 entry after multiple entries in deny mode to permit all the other IPv6 routes.

Example

# Permit the routes with the mask length ranging from 32 to 64 bits.

<Huawei> system-view

[Huawei] ip ipv6-prefix abc permit :: 0 greater-equal 32 less-equal 64

# Deny the routes with the IP prefix FC00:0:0:D00::/32 and with the prefix longer than 32 bits, and permit the other IPv6 routes.

<Huawei> system-view

[Huawei] ip ipv6-prefix abc deny fc00:0:0:d00:: 32 less-equal 128

[Huawei] ip ipv6-prefix abc permit :: 0 less-equal 128

# Configure the IPv6 prefix list named p3 to deny the routes to the IPv6 address ranging from ::1 to ::FFFF:FFFF.

<Huawei> system-view

[Huawei] ip ipv6-prefix p3 index 10 deny :: 96 match-network

[Huawei] ip ipv6-prefix p3 index 20 permit :: 0 less-equal 128

ip rd-filter

Function

The ip rd-filter command creates an RD filter.

The undo ip rd-filter command deletes an RD filter.

By default, no RD filter is configured.

Format

ip rd-filter rd-filter-number { deny | permit } route-distinguisher &<1-10>

undo ip rd-filter rd-filter-number [ { deny | permit } route-distinguisher &<1-10> ]

Parameters

Parameter	Description	Value
rd-filter-number	Specifies the number of an RD filter.	The value is an integer ranging from 1 to 255.
permit	Permits a route to match the rules if its RD matches the rules.	-
deny	Denied a route if its RD matches the rules.	-
route-distinguisher	Specifies the RD to aa:nn or ipv4-address:nn. You can set a maximum of 10 RDs. The AR support RDs in the following formats: ipv4-address:nn, such as 10.1.1.1:200 aa:nn, such as 100:1 aa.aa:nn, such as 100.100:1 ipv4-address:* in the wildcard format, such as 10.1.1.1:, indicating that the RD begins with 10.1.1.1 aa: in the wildcard format, such as 100:, indicating that the RD begins with 100 aa.aa: in the wildcard format, such as 100.100:*, indicating that the RD begins with 100.100	The IPv4 address is in dotted decimal notation. The nn in ipv4-address:nn is an integer ranging from 0 to 65535. In aa:nn, the aa is an integer ranging from 0 to 65535, and nn is an integer ranging from 0 to 4294967295. The aa and nn in aa:, aa.aa:, and aa.aa:nn are both integers ranging from 0 to 65535.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

The ip rd-filter command is used together with the if-match rd-filter command. First use the ip rd-filter command to configure an RD filter, and use the if-match rd-filter command to configure a matching rule based on the RD filter in a routing policy. The routing policy is used to filter routes that are received and advertised.

The RD filter has the following rules:

If the RD filter is not configured but is used to filter routes, the matching result is permit.

For example, the RD filter 100 is not configured but is used by the routing policy:
```
route-policy test permit node 10
```
```
if-match rd-filter 100
```
When the routing policy is used to filter routes, the routes match this if-match clause, and the routes match the node 10 in the routing policy named test.
If the RD filter is configured but the RD of routes does not match any RD defined in the RD filter, the default matching result is deny.

For example, the RD of routes is 100:1, and the configuration of the RD filter is as follows:
```
ip rd-filter 100 permit 10.1.1.1:100
```
When the RD filter is used to filter routes, the matching result is deny.
The relationship between the rules of the RD filter is "OR". This is different from the community filter. This is because each route has only one RD but can have multiple communities.

For example, the RD filters in the following formats have the same matching results:

Format 1:
```
ip rd-filter 100 permit 100:1 200:1 10.2.2.2:1 10.3.3.3:1
```
Format 2:
```
ip rd-filter 100 permit 100:1 200:1
```
```
ip rd-filter 100 permit 10.2.2.2:1
```
```
ip rd-filter 100 permit 10.3.3.3:1
```
The community filters in the following formats have different matching results:

Format 1:
```
ip community-filter 1 permit 100:1 200:1 300:1
```
Format 2:
```
ip community-filter 1 permit 100:1
```
```
ip community-filter 1 permit 200:1 300:1
```
In the preceding configuration of the community filter, the community defined in each rule must be a sub-set of route communities so that the rule can be matched.
Routes are filtered according to the configuration order of multiple rules. For example:
```
ip rd-filter 100 deny 200:1 10.5.5.5:1
```
```
ip rd-filter 100 permit 200:* 10.5.5.5:*
```
In this situation, the route with the RD 200:1 or 5.5.5.5:1 is denied. If the configuration order of multiple rules is reversed as follows:
```
ip rd-filter 100 permit 200:* 10.5.5.5:*
```
```
ip rd-filter 100 deny 200:1 10.5.5.5:1
```
In this situation, the route with the RD 200:1 or 5.5.5.5:1 is permitted.
Each RD filter can be configured with a maximum of 255 rules.

Example

# Configure an RD filter.

<Huawei> system-view

[Huawei] ip rd-filter 1 permit 100:1

reset ip ip-prefix

Function

The reset ip ip-prefix command resets the statistics of the specified IPv4 prefix list.

Format

reset ip ip-prefix [ ip-prefix-name ]

Parameters

Parameter

Description

Value

ip-prefix-name

Specifies the name of an IPv4 prefix list.

If ip-prefix-name is not specified, you can reset the statistics of all the IPv4 prefix lists.

The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

User view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The IPv4 prefix list can be used to filter IPv4 addresses. When filtering IPv4 addresses, the system records the numbers of prefixes that are permitted and denied by the IPv4 prefix list. You can run the display ip ip-prefix command to view the numbers.

To view the number of IPv4 prefixes that are permitted and denied by the IPv4 prefix list, run the reset ip ip-prefix command to clear statistics about permitted and denied routes in the IPv4 prefix list, and then run the display ip ip-prefix command to display the number of IPv4 prefixes since the previous operation.

Configuration Impact

The reset ip ip-prefix command clears statistics about the IPv4 prefix list. After that, the previous statistics cannot be shown.

Precautions

The reset ip ip-prefix command:

Clears statistics in a specified IPv4 prefix list, if the name of the IPv4 prefix list is specified using ip-prefix-name.
Clears statistics in all IPv4 prefix lists, if the name of the IPv4 prefix list is not specified using ip-prefix-name.

Example

# Reset the statistics of the specified IPv4 prefix list.

<Huawei> reset ip ip-prefix abc

reset ip ipv6-prefix

Function

The reset ip ipv6-prefix command resets the timer of a specified IPv6 prefix list.

Format

reset ip ipv6-prefix [ ipv6-prefix-name ]

Parameters

Parameter	Description	Value
ipv6-prefix-name	Specifies the name of an IP prefix list.	The name is a string of 1 to 169 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

User view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The IPv6 prefix list can be used to filter IPv6 addresses. When filtering IPv6 addresses, the system records the numbers of prefixes that are permitted and denied by the IPv6 prefix list. You can run the display ip ipv6-prefix command to view the numbers.

To view the number of IPv6 prefixes that are permitted and denied by the IPv6 prefix list, run the reset ip ipv6-prefix command to clear statistics about permitted and denied routes in the IPv6 prefix list, and then run the display ip ipv6-prefix command to display the number of IPv6 prefixes since the previous operation.

Configuration Impact

The reset ip ipv6-prefix command clears statistics about the IPv6 prefix list. After that, the previous statistics cannot be shown.

Precautions

The reset ip ipv6-prefix command:

Clears statistics in a specified IPv6 prefix list, if the name of the IPv6 prefix list is specified using ipv6-prefix-name.
Clears statistics in all IPv6 prefix lists, if the name of the IPv6 prefix list is not specified using ipv6-prefix-name.

Example

# Resets the timer of the IPv6 prefix list named abc.

<Huawei> reset ip ipv6-prefix abc

reset route-policy counters

Function

The reset route-policy command resets route-policy counters.

Format

reset route-policy route-policy-name counters

Parameters

Parameter	Description	Value
route-policy-name	Specifies the name of a route-policy.	The name is a string of 1 to 40 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

User view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The route-policy is used to filter routes and set the attributes of a route that matches a route-policy. When a route-policy filters routes, the system records the number of routes that match the route-policy nodes. You can run the display route-policy to view the numbers.

The reset route-policy counters command clears the number of routes which match or do not match the route-policy. You can run both the reset route-policy counters command and the display route-policy command to instruct whether to record the number of routes matching a specified route-policy.

Configuration Impact

The reset route-policy counters command clears the number of routes which match or do not match the route-policy. After that, the number cannot be restored.

Example

# Reset the counters of a route-policy named policy1.

<Huawei> reset route-policy policy1 counters

route-policy

Function

The route-policy command creates a route-policy and displays the Route-Policy view.

The undo route-policy command deletes a specified route-policy.

By default, no route-policy is configured.

Format

route-policy route-policy-name { permit | deny } node node

undo route-policy route-policy-name [ node node ]

Parameters

Parameter	Description	Value
route-policy-name	Specifies the name of a route-policy. If the route-policy does no exist, the route-policy is created and its view is displayed. If the route-policy exists, its view is displayed.	The name is a string of 1 to 40 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
permit	Specifies the matching mode of the route-policy as permit. In permit mode, a route matches all the if-match clauses, the route matches the route-policy and the actions defined by the apply clause are performed on the route. Otherwise, the route continues to match the next entry.	-
deny	Specifies the matching mode of the routing policy as deny. In deny mode, if a route matches all the if-match clauses, the route is denied; otherwise, the route needs to be matched with the next node.	-
node node	Specifies the index of the node in the routing policy. When the routing policy is used to filter routes, the node with the smaller value of node is matched first. If a route matches a node in the route-policy, the system does not continue to match it with other nodes. If a route fails to match all the nodes in the route-policy, the route is filtered out.	The value is an integer ranging from 0 to 65535.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A route-policy is used to filter routes and set route attributes for the routes that match the routing policy. A routing policy consists of multiple nodes. One node can be configured with multiple if-match and apply clauses. The if-match clauses define matching rules for this node, and the apply clauses define behaviors for the routes that match the rules.

The relationship among if-match clauses of the same node that are based on different route attributes is AND. A route matches a node only when the route matches all the filtering rules specified in the if-match clauses of the node. The apply clauses specify actions. The relationship among if-match clauses of the same node that are based on the same route attribute is OR. The system matches routes against the if-match clauses in order. If a route matches an if-match clause, the system no longer matches the route against the rest if-match clauses. For example, the if-match community-filter 1 and if-match as-path-filter 1 configurations in node 10 are based on different route attributes. Therefore, the relationship among if-match clauses of this node is AND. The if-match community-filter 1 and if-match community-filter 2 configurations in node 20 are both based on the community attribute. Therefore, the relationship among if-match clauses of this node is OR. If no if-match clause is specified, all the routes can pass the node.

The relationship between nodes in a route-policy is OR. That is, if a route matches one node, the route matches the routing policy. If a route does not match any node, the route fails to match the routing policy.

You can run the display route-policy command to view the number of routes that match and do not match the route-policy.

Procedure

After a route-policy is created, the system prompts "Info: New Sequence of this List !" and displays the Route-Policy view. The system displays no prompt when a routing policy is deleted.

Precautions

After a route-policy is configured, by default, the RM immediately notifies each protocol to apply the route-policy to filter routes. To delay applying a route-policy, you need to run the route-policy-change notify-delay command to set the delay for applying the route-policy.

You can run the display route-policy command to view the number of routes that match and do not match the route-policy.

A route-policy-name must have been configured using the route-policy command before the route-policy-name is referenced by another command.

A route-policy-name cannot be deleted using the undo route-policy command when it is being referenced using route-policy-name. To delete the route-policy-name, cancel the reference configuration first.

If an if-match clause of a route-policy defines an ip-prefix-based filtering rule, the filtering rule applies to IPv4 prefixes, not to IPv6 prefixes, and IPv6 prefixes match the filtering rule by default. If IPv6 prefixes also need to be filtered, add an ipv6-prefix-based if-match clause. Similarly, if an if-match clause of a route-policy defines an ipv6-prefix-based filtering rule, the filtering rule applies to IPv6 prefixes, not to IPv4 prefixes, and IPv4 prefixes match the filtering rule by default. If IPv4 prefixes also need to be filtered, add an ip-prefix-based if-match clause.

The configuration of a peer takes precedence over that of the peer group to which the peer belongs. That is, when a route-policy is used to control BGP route advertisement or receiving, the priority of this configuration on a BGP peer is higher than that of the configuration on the peer group.

Example

# Configure the route-policy named policy1 whose node number is 10 and the matching mode is permit.

<Huawei> system-view

[Huawei] route-policy policy1 permit node 10

[Huawei-route-policy]

route-policy-change notify-delay

Function

The route-policy-change notify-delay command sets the delay before the RM to notify each protocol of applying a new policy after the original route-policy changes.

The undo route-policy-change notify-delay command restores the default setting.

By default, this command is not configured, and the delay time is 0s.

Format

route-policy-change notify-delay delay-time

undo route-policy-change notify-delay

Parameters

Parameter	Description	Value
delay-time	Specifies the delay for applying a new policy after the original route-policy changes.	The value is an integer ranging from 1 to 180, in seconds.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

The AR process the changes of a route-policy according to the following rules.

After the configuration of a route-policy changes, by default, the RM immediately notifies the protocol of performing related operations. To delay processing the changes of the route-policy, you can run the route-policy-change notify-delay command to set the delay for change processing. The new policy is applied after the timer expires:

If the configuration of the route-policy changes again within the delay, the RM resets the timer.
If the new policy is configured for BGP, the refresh bgp all command can be used within the delay set by the route-policy-change notify-delay command to trigger BGP to immediately use the new policy.

The following commands are related to the timer:

route-policy
ip ip-prefix
ip ipv6-prefix
ip as-path-filter
ip community-filter
ip extcommunity-filter
ip rd-filter
aclip extcommunity-list

Example

# Set the delay before the RM to notify each protocol of applying a new policy after the original route-policy changes.

<Huawei> system-view

[Huawei] route-policy-change notify-delay 20

Support for Routing Policy
apply as-path
apply backup-interface
apply backup-nexthop
apply behavior
apply comm-filter delete
apply community
apply cost
apply cost-type
apply dampening
apply extcommunity
apply extcommunity color
apply ip-address next-hop (Route-Policy view)
apply ipv6 next-hop
apply ip-precedence
apply isis
apply local-preference
apply mpls-label
apply origin
apply ospf
apply preference
apply preferred-value
apply qos-local-id
apply tag
apply vn-id
description (Route-Policy view)
display ip as-path-filter
display ip community-filter
display ip extcommunity-list
display ip extcommunity-filter
display ip ip-prefix
display ip ipv6-prefix
display ip rd-filter
display route-policy
goto next-node
if-match acl (Route-Policy view)
if-match as-path-filter
if-match extcommunity-list
if-match community-filter
if-match cost
if-match extcommunity-filter
ip extcommunity-list
if-match interface
if-match ip
if-match ip-prefix
if-match ipv6
if-match mpls-label
if-match rd-filter
if-match route-type
if-match tag
ip as-path-filter
ip community-filter
ip extcommunity-filter
ip ip-prefix
ip ipv6-prefix
ip rd-filter
reset ip ip-prefix
reset ip ipv6-prefix
reset route-policy counters
route-policy
route-policy-change notify-delay

Translation

Favorite

Download

Update Date：2024-12-20

Document ID：EDOC1100203224

Downloads：1465

Average rating：0.0Points

Digital Signature File

digtal sigature tool