260
C
HAPTER
16: IP R
OUTING
P
ROTOCOL
O
PERATION
Defining a Route Policy
A route policy can include multiple nodes. Each node is a unit for the matching
operation. The nodes are tested against the
node_number
.
Perform the following configurations in System View.
The
permit
parameter specifies that if a route satisfies all the
if-match
clauses of a
node, the route passes the filtering of the node, and the
apply
clauses for the node
are executed without taking the test of the next node. If a route does not satisfy all
the
if-match
clauses of a node, however, the route takes the test of the next node.
The
deny
parameter specifies that the
apply
clauses are not executed. If a route
satisfies all the
if-match
clauses of the node, the node denies the route and the
route does not take the test of the next node. If a route does not satisfy all the
if-match
clauses of the node, however, the route takes the test of the next node.
The router tests the route against the nodes in the route policy in sequence, once a
node is matched, the route policy filtering will be passed.
By default, the route policy is not defined.
If multiple nodes are defined in a route-policy, at least one of them should be in
permit
mode. Apply the route policy to filter routing information. If the routing
information does not match any node, the routing policy denies the routing
information. If all the nodes in the route policy are in deny mode, all routing
information is denied by the route policy.
Defining If-match Clauses for a Route-policy
The
if-match
clauses define the matching rules that the routing information must
satisfy to pass the route policy. The matching objects are attributes of the routing
information.
Perform the following configurations in Route Policy View.
Table 253
Defining a route-policy
Operation
Command
Enter Route Policy View
route-policy
route_policy_name
{
permit
|
deny
}
node
{
node_number
}
Remove the specified route-policy
undo route-policy
route_policy_name
[
permit
|
deny
|
node
node_number
]
Table 254
Defining if-match Conditions
Operation
Command
Match the destination address of
the routing information
if-match
{
acl acl_number
|
ip-prefix
ip_prefix_name
}
Cancel the matched destination
address of the routing information
undo if-match
{
acl
|
ip-prefix
}
Match the next-hop interface of the
routing information
if-match interface
{
interface_type_
interface_number
}
Cancel the matched next-hop
interface of the routing information
undo if-match interface
Match the next-hop of the routing
information
if-match ip next-hop { acl acl_number |
ip-prefix ip_prefix_name }
Summary of Contents for 5500 SI - Switch - Stackable
Page 24: ...24 ABOUT THIS GUIDE...
Page 50: ...50 CHAPTER 1 GETTING STARTED...
Page 54: ...54 CHAPTER 2 ADDRESS MANAGEMENT CONFIGURATION...
Page 78: ...78 CHAPTER 3 PORT OPERATION...
Page 88: ...88 CHAPTER 4 XRN CONFIGURATION...
Page 122: ...122 CHAPTER 8 VLAN VPN CONFIGURATION...
Page 216: ...216 CHAPTER 15 SSH TERMINAL SERVICES...
Page 268: ...268 CHAPTER 16 IP ROUTING PROTOCOL OPERATION...
Page 308: ...308 CHAPTER 17 NETWORK PROTOCOL OPERATION...
Page 349: ...349...
Page 350: ...350 CHAPTER 18 MULTICAST PROTOCOL...
Page 522: ...522 CHAPTER 22 FILE SYSTEM MANAGEMENT...
Page 584: ...584 CHAPTER 30 PASSWORD CONTROL CONFIGURATION OPERATIONS...
Page 600: ...600 CHAPTER 31 MSDP CONFIGURATION...
Page 614: ...614 CHAPTER 32 CLUSTERING...
Page 670: ...670 CHAPTER C AUTHENTICATING THE SWITCH 5500 WITH CISCO SECURE ACS...