beautypg.com

Westermo MR Series User Manual

Page 56

background image

56

6622-3201

Web Interface and Command Line Reference Guide

www.westermo.com

(from|to) peer

This rule applies only to UPDATES coming from, or going to, this particular neighbor. This
parameter must be specified. peer is one of the following:

any

Any neighbor will be matched.

address Neighbors with this address will be matched.

group descr Neighbors in this group will be matched.

Multiple peer entries may also be specified, separated by commas or whitespace, if enclosed in
curly brackets:

deny from { 128.251.16.1, 251.128.16.2, group hojo }

prefix address/len

This rule applies only to UPDATES for the specified prefix.

Multiple address/len entries may be specified, separated by commas or whitespace, if enclosed in

curly brackets:

deny from any prefix { 192.168.0.0/16, 10.0.0.0/8 }

Multiple lists can also be specified, which is useful for macro expansion:

good=”{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }”

bad=”{ 224.0.0.0/4, 240.0.0.0/4 }”

ugly=”{ 127.0.0.1/8, 169.254.0.0/16 }”

deny from any prefix { $good $bad $ugly }

prefixlen range

This rule applies only to UPDATES for prefixes where the prefixlen matches. Prefix length
ranges are specified by using these operators:

=

(equal)

!=

(unequal)

<

(less than)

<= (less than or equal)

>

(greater than)

>= (greater than or equal)

-

(range including boundaries)

>< (except range)

>< and - are binary operators (they take two arguments). For instance, to match all prefix
lengths >= 8 and <= 12, and hence the CIDR netmasks 8, 9, 10, 11 and 12:

prefixlen 8-12

Or, to match all prefix lengths < 8 or > 12, and hence the CIDR netmasks 0-7 and 13-32:

prefixlen 8><12

prefixlen can be used together with prefix. This will match all prefixes in the 10.0.0.0/8 netblock
with net masks longer than 16:

prefix 10.0.0.0/8 prefixlen > 16

quick

If an UPDATE matches a rule which has the quick option set, this rule is considered the last
matching rule, and evaluation of subsequent rules is skipped.

set attribute ...

All matching rules can set the AS path attributes to some default. The set of every matching
rule is applied, not only the last matching one. See also the following section.

ATTRIBUTE SET AS path attributes can be modified with set.set can be used on network state-
ments, in neighbor or group blocks, and on filter rules. Attribute sets can be expressed as lists.

The following attributes can be modified:

community [delete] as-number:local

community [delete] name

Set or delete the COMMUNITIES AS path attribute. Communities are specified as

This manual is related to the following products:
See also other documents in the category Westermo Equipment: