Defining an ipv6 prefix list, Defining an as path list – H3C Technologies H3C SecPath F1000-E User Manual

Page 945

920

system-view

[Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16

[Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16

[Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16

[Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32

Defining an IPv6 prefix list

Identified by name, each IPv6 prefix list can comprise multiple items. Each item specifies a prefix range

to match and is identified by an index number.
An item with a smaller index number is matched first. If one item is matched, the IPv6 prefix list is passed,

and the routing information will not go to the next item.
To define an IPv6 prefix list:

Step Command

Remarks

Enter system view.

system-view

N/A

Define an IPv6

prefix list.

ip ipv6-prefix ipv6-prefix-name [ index index-number ]
{ deny | permit } ipv6-address prefix-length

[ greater-equal min-prefix-length ] [ less-equal

max-prefix-length ]

Not defined by default.

NOTE:

If all items are set to the deny mode, no routes can pass the IPv6 prefix list. You need to define the permit ::
0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.

For example, the following configuration filters routes 2000:1::/48, 2000:2::/48 and 2000:3::/48, but
allows other routes to pass.

system-view

[Sysname] ip ipv6-prefix abc index 10 deny 2000:1:: 48

[Sysname] ip ipv6-prefix abc index 20 deny 2000:2:: 48

[Sysname] ip ipv6-prefix abc index 30 deny 2000:3:: 16

[Sysname] ip ipv6-prefix abc index 40 permit :: 0 less-equal 128

Defining an AS path list

You can define multiple items for an AS path list that is identified by number. The relation between items

is logical OR. If a route matches one of these items, it passes the AS path list.
To define an AS path list:

Step Command

Remarks

Enter system view.

system-view

N/A

Define an AS path
ACL.

ip as-path as-path-number { deny |
permit } regular-expression

Not defined by default.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer