beautypg.com

Configuring ip route policy – Brocade Network OS Administrator’s Guide v4.1.1 User Manual

Page 562

background image

may contain more than one match condition. The overall matching condition of the instance is true
only if all matching conditions are met. The following is an example of a route map:

switch# route-map test deny 1 match interface te 0/1

switch# route-map test permit 2 match ip next-hop prefix-list pre-test set tag 5000

In the example above, route-map test comprises of two instances: instance 1 denies entry for any
routes whose next-hop interface is te 0/1, and instance 2 allows entry for routes whose next-hop
address matches the IP subnets specified by prefix-list pre-test (the prefix-list instance is not shown).
Additionally, each matched route has its tag set to 5000.

NOTE
The maximum number of OSPF networks that can be advertised and processed in a single area in a
router is limited to 600.

A route map instance does not need to contain a matching condition; its existence implies that the
matching condition for this instance is true.

A route map instance may contain more than one set clause. All set clauses are applied to the match
routes when applicable.

When a route map is applied, each instance is looked at in the order specified by the instance ID. If
there is a match, the instance’s action are applied, and its set clauses are applied if the action is
permitted. The search terminates at the first match. A route that does not find a match in a route map
is denied.

Configuring IP route policy

Similar to ACLs, a route map and IP prefix list need to be applied for a specified policy to take effect.
The following example applies a route-map to the redistribution of static routes into an OSPF domain.
(For complete information on these commands, refer to the Network OS Command Reference.)

To set an IP route policy, perform the following steps in privileged EXEC mode.

1. Enter the router ospf (or router bgp) command to enable the appropriate Layer 3 protocol. This

example uses OSPF and creates the route map instance "test."

switch# router ospf redistribute static route-map test area 0

2. Enter the ip route command to create the prefix for a static route.

switch# ip route 11.11.11.0/24 2.2.2.1

3. Enter the ip route command to create the next hop in the static route. Repeat as needed.

switch# ip route 11.11.11.0/24 2.2.2.2

4. Enter the route-map command to create the route map and prefix list instance.

switch# route-map test permit 1 match ip address prefix-list pretest

5. Enter the ip prefix-list command to configure the IP prefix list instance.

switch# ip prefix-list pretest 2 permit 1.1.1.0/24

In the example above, when the route-map test permit 1 command executes, only the static route
1.1.1.0/24 is exported into the OSPF domain, because there are no matching rules in pretest for
route 11.11.11.0/24. The default action of pretest is deny (there is no match); therefore, the route
11.11.11.0/24 is not exported into the OSPF domain.

You can configure the router to permit or deny specific IP addresses explicitly. The router permits all
IP addresses by default. If you want permit to remain the default behavior, define individual filters to
deny specific IP addresses. If you want to change the default behavior to deny, define individual
filters to permit specific IP addresses. Once you define a filter, the default action for addresses that
do not match a filter is deny. To change the default action to permit, configure the last filter as
permit any any.

Configuring IP route policy

562

Network OS Administrator’s Guide

53-1003225-04

See also other documents in the category Brocade Computer Accessories: