7.5. Configuring Route Policies with CLI
This section provides information to configure route policies using the command line interface.
7.6. Route Policy Configuration Overview
Route policies allow you to configure routing according to specifically defined policies. You can create policies and entries to allow or deny paths based on various parameters such as destination address.
Policies can be as simple or complex as required. A simple policy can block routes for a specific location or IP address. More complex policies can be configured using numerous policy statement entries containing matching conditions to specify whether to accept or reject the route, control how a series of policies are evaluated, and manipulate the characteristics associated with a route.
7.6.1. When to Create Routing Policies
Route policies are created in the config>router context. There are no default route policies. Each route policy must be explicitly created and applied. Applying route policies can introduce more efficiency as well as more complexity to 7210 SAS routers’ capabilities.
A route policy impacts the flow of routing information or packets within and through the router. A routing policy can be specified to prevent a particular customer routes to be placed in the route table which causes those routes to not forward traffic to various destinations and the routes are not advertised by the routing protocol to neighbors.
Route policies can be created to control:
- A protocol to export all the active routes learned by that protocol.
- Route characteristics to control which route is selected to act as the active route to reach a destination and advertise the route to neighbors.
- Protocol to import all routes into the routing table. A routing table must learn about particular routes to be able to forward packets and redistribute to other routing protocols.
- Damping.
Before a route policy is applied, analyze the policy purpose and be aware of the results (and consequences) when packets match the specified criteria and the associated actions and default actions, if specified, are executed. Membership reports can be filtered based on a specific source address.
7.6.2. Default Route Policy Actions
Each routing protocol has default behaviors for the import and export of routing information. Table 88 describes the default behavior for each routing protocol.
Table 88: Default Route Policy Actions
Protocol | Import | Export |
OSPF | Not applicable. All OSPF routes are accepted from OSPF neighbors and cannot be controlled via route policies. |
|
IS-IS | Not applicable. All IS-IS routes are accepted from IS-IS neighbors and can not be controlled via route policies |
|
BGP | By default, all routes from BGP. |
|
7.6.3. Policy Evaluation
Routing policy statements can consist of as few as one or several entries. The entries specify the matching criteria. A route is compared to the first entry in the policy statement. If it matches, the specified entry action is taken, either accepted or rejected. If the action is to accept or reject the route, that action is taken and the evaluation of the route ends.
If the route does not match the first entry, the route is compared to the next entry (if more than one is configured) in the policy statement. If there is a match with the second entry, the specified action is taken. If the action is to accept or reject the route, that action is taken and the evaluation of the route ends, and so on.
Each route policy statement can have a default-action clause defined. If a default-action is defined for one or more of the configured route policies, then the default actions should be handled in the following ways:
- The process stops when the first complete match is found and executes the action defined in the entry.
- If the packet does not match any of the entries, the system executes the default action specified in the policy statement.
Figure 33 shows an example of the route policy process.
Route policies can also match a specific route policy entry and continue to search for other entries within either the same route policy or the next route policy by specifying the next-entry or next-policy option in the entry action command. Policies can be constructed to support multiple states to the evaluation and setting of various route attributes.
Figure 34 shows the next-policy and next-entry route processes.
Figure 33: Route Policy Process Example
Figure 34: Next Policy Logic Example
7.6.4. Damping
Damping initiates controls when routes flap. Route flapping can occur when an advertised route between nodes alternates (flaps) back and forth between two paths due to network problems which cause intermittent route failures. It is necessary to reduce the amount of routing state change updates propagated to limit processing requirements. Therefore, when a route flaps beyond a configured value (the suppress value), then that route is removed from the routing tables and routing protocols until the value falls below the reuse value.
A route can be suppressed according to the Figure of Merit (FoM) value. The FoM is a value that is added to a route each time it flaps. A new route begins with an FoM value of 0.
Damping is optional. If damping is configured, the following parameter values must be explicitly specified as there are no default values:
When a route's FoM value exceeds the suppress value, then the route is removed from the routing table. The route is considered to be stable when the FoM drops below the reuse value by means of the specified half life parameter. The route is returned to the routing tables. When routes have higher FoM and half life values, they are suppressed for longer periods of time. Figure 35 shows an example of a flapping route, the suppress threshold, the half life decay (time), and reuse threshold. The peaks represent route flaps, the slopes represent half life decay.
Figure 35: Damping Example
7.7. Basic Configurations
This section provides information to configure route policies and configuration examples of common tasks. The minimal route policy parameters that need to be configured are:
- Policy statement with the following parameters specified:
- At least one entry
- Entry action
The following is a sample route policy configuration output.
7.8. Configuring Route Policy Components
The following section describes the syntax used to configure the route policy components.
7.8.1. Beginning the Policy Statement
Use the following syntax to begin a policy statement configuration. In order for a policy statement to be complete an entry must be specified (see Configuring an Entry).
The following error message displays when the you try to modify a policy options command without entering begin first.
The following shows the command usage to configure a policy statement. These commands are configured in the config>router context.
There are no default policy statement options. All parameters must be explicitly configured.
7.8.2. Creating a Route Policy
To enter the mode to create or edit route policies, you must enter the begin keyword at the config>router>policy-options prompt. Other editing commands include:
- The commit command saves changes made to route policies during a session.
- The abort command discards changes that have been made to route policies during a session.
The following error message displays when the you try to modify a policy options command without entering begin first.
7.8.3. Configuring a Default Action
Specifying a default action is optional. The default action controls those packets not matching any policy statement entries. If no default action is specified for the policy, then the action associated with the protocol to which the routing policy was applied is performed. The default action is applied only to those routes that do not match any policy entries.
A policy statement must include at least one entry (see Configuring an Entry).
To enter the mode to create or edit route policies, you must enter the begin keyword at the config>router>policy-options prompt. Other editing commands include:
- The commit command saves changes made to route policies during a session.
- The abort command discards changes that have been made to route policies during a session.
The following is a sample default action configuration output.
7.8.4. Configuring an Entry
An entry action must be specified. The other parameters in the entry action context are optional. Refer to the Route Policy Command Reference for the commands and syntax.
The following are sample entry parameters and includes the default action parameters which were shown in the previous section.
7.8.5. Configuring Damping
For each damping profile, all parameters must be configured.
The suppress value must be greater than the reuse value (see Damping Example).
Damping can be enabled in the config>router>bgp context on the BGP global, group, and neighbor levels. If damping is enabled, but route policy does not specify a damping profile, the default damping profile will be used. This profile is always present and consists of the following parameters:
half-life: | 15 minutes |
max-suppress: | 60 minutes |
suppress: | 3000 |
reuse: | 750 |
The following is a sample damping configuration output.
7.8.5.1. Configuring a Prefix List
The following is a sample prefix list configuration output.
7.9. Route Policy Configuration Management Tasks
This section describes the route policy configuration management tasks.
7.9.1. Editing Policy Statements and Parameters
Route policy statements can be edited to modify, add, or delete parameters. To enter the mode to edit route policies, you must enter the begin keyword at the config>router> policy-options prompt. Other editing commands include:
- The commit command saves changes made to route policies during a session.
- The abort command discards changes that have been made to route policies during a session.
The following is a sample changed configuration output.
7.9.2. Deleting an Entry
Use the following syntax to delete a policy statement entry.
The following shows the command usage to delete a policy statement entry.
7.9.3. Deleting a Policy Statement
Use the following syntax to delete a policy statement.
The following shows the command usage to delete a policy statement.
7.10. Use of Route Policies for IGMP Filtering
The following is a sample route policy configuration output that can be used for IGMP filtering. This policy needs to be configured with a SAP for filtering to take effect.