Route Policy and Policy Route

Principle
 Objectives

n Know functions of route policy

n Know how to define route policy
n Be familiar with applications of route policy
n Know functions of policy route
n Be familiar with applications of policy route

2
Contents

n Route Policy’s Concept and Function

n How to Define Route Policy
n Common Applications of Route Policy
n Policy Route’s Concept and Function
n Working Process of Policy Route

3
 Introduction of Route Policy

Problem One:
Router B needs to filter routes distributed
by Router A, only receiving routes from
Lo0:30.30.1.1/32 AS100
20.20.1.1/32 and shielding routes from
Lo1:20.20.1.1/32 30.30.1.1/32
A
10.1.1.1/30 20.1.1.1/30 Problem Two:
Router A only distributes AS100 routes to
router B and other routing entries will be
10.1.1.2/30 20.1.1.2/30
shielded for security reason.

B Problem Three:
Router B needs to firstly choose
AS200
10.1.1.0/30 link to AS100.

© ZTE All rights reserved 4

 Introduction of Route Policy

An efficient method is needed to solve above

problems!!

Route Policy

n Route Policy is one kind of policy for route information.

It can control and filter route information according to
the configured policy flexibly.

© ZTE All rights reserved 5

 Functions of Route Policy

n One effective method to filter route information

n Distribute specified routes based on policy
n Receive specified routes based on policy
n Redistribute specified routes based on policy
n Set route attributes for the specified routes based on policy

© ZTE All rights reserved 6

Contents

n Route Policy’s Concept and Function

n How to Define Route Policy
n Common Applications of Route Policy
n Policy Route’s Concept and Function
n Working Process of Policy Route

7
 How to Define Route Policy
n Route-Map
It mainly consists of clauses Match and Set and conducts setting according to
matching conditions
n Access Control List
It is used to configure matching conditions
n Prefix-List
It functions like ACL, used to configure matching conditions. It can both be used
individually and used together with route map and Area Filter-List.
n As-Path Access-List
It is only used for BGP protocol to filter routes according to AS path information
and it is used together with route map.
n Community-List
It is only used for BGP protocol to filter routes according to Community List and it is
used together with route map.
n OSPF Route Filter

It is used for OSPF protocol to filter Type-5 and Type-7 LSAs.

n OSPF Area Filter-List
It is used for route filtering inter-areas, filtering Type-3 LSA.
© ZTE All rights reserved 8
 Route-Map

n Route-map is the one popular route policy definition method,

which works like a route filter.
n Route-map is used to match specified attributes of the route.
Once the route is matched, route-map will set certain attributes
of the route, or filter the route.
n Route-map include Match sub-clauses and Set sub-clauses.
n Match sub-clauses is to define match conditions and the
matching object is the attributes of route.
n Set sub-clauses is to define the executive action after matching
the conditions.

© ZTE All rights reserved 9

 Executive rules of route-map
Match all Match
sub-clauses of
seq1
Set att based
Y on set sub- finish matching this
match att1
seq1 clauses of Route-map
match att2
seq1

Match all Match

N
sub-clauses of
seq2

Set att based

Y finish matching this
Route-map match att3 on set sub-
seq2 Route-map
match att4 clauses of
seq2
Test
Match all Match
N sub-clauses of
seq3
Set att based
match att5 Y on set sub- finish matching this
seq3 Route-map
match att6 clauses of
N seq3

Not match
Route-map

© ZTE All rights reserved 10

 Route-Map--Match sub-clause

n Match sub-clauses is to define match conditions and

the match condition is the attributes of route such as:
l IP address (used with ACL and Prefix-list )

l route metric

l route tag

l as-path (only for BGP and used with as-path access-list )

l community-list (only for BGP and used with community-list )

l route type

© ZTE All rights reserved 11

 Route-Map--Set sub-clause

n Set sub-clauses is to define the executive action after

matching the conditions. The actions are listed below:
l set as-path (only for BGP)

l set community (only for BGP)

l set dampening (only for BGP)

l set local-preference (only for BGP)

l set origin (only for BGP)

l set route metric

l set route metric-type

© ZTE All rights reserved 12

 ACL and Prefix-list

n ACL is the most popular method to set the matching conditions.

l Standard ACL, can only use source address as the matching condition
l Extended ACL, can use source address, destination address, source
port, destination port, protocol type as accurate matching conditions.

n Prefix-list is similar to ACL and used to set matching conditions.

l The matching object of Prefix-list is destination address of route.
l There are two parts of address prefix range, specified by length and
ge/le. If both two parts of prefix range are specified, destination
address of the route must match both two prefix parts simultaneously.

© ZTE All rights reserved 13

 AS-Path access-list
n AS-Path access-List is only for BGP protocol and it is used
to set matching conditions of route-map.

n When defining AS-Path access-list, usually we will use AS

regular expression.

Character Meaning
$ Ending of Input String
. Any Character
_ Beginning and Ending of A String
^ Beginning of Input String

© ZTE All rights reserved 14

 Examples of AS Regular Expression

Expression Meaning
^$ Route not passing through any AS-Path, i.e.
originate locally
^100$ Only indicate route that originates from
AS100 and not passes through any other AS

_100$ All paths originate from AS100

_100_ Path passing through AS100
^100_ A path, for which AS100 is the last system it
passing through.

© ZTE All rights reserved 15

 Community-list

n Community-list is only used for BGP protocol.

n Community-list is similar to as-path access-list and it is also
used to set matching conditions of route-map.
n The matching object of community-list is community
attribute of BGP route.

© ZTE All rights reserved 16

 OSPF route filter (filter and area filter-list)
n Filter:
l When configuring OSPF, filter command can be configured to decide
whether the external OSPF route (which is calculated by Type-5/Type-7
LSA) is imported into local route table or not.
l Filter is to filter the imported route not LSA.

n Area filter-list:
l When configuring OSPF with multi-areas, area filter-list can be configured
to control the inter-area route (which is calculated by Type-3 LSA)
imported/exported to a certain area.
l When configuring area filter-list, prefix-list is usually configured together.
l Filter and area filter-list will not effect LSA learning in OSPF database.

© ZTE All rights reserved 17

Contents

n Route Policy’s Concept and Function

n How to Define Route Policy
n Common Applications of Route Policy
n Policy Route’s Concept and Function
n Working Process of Policy Route

18
 Common Applications of Route Policy

n Receive route information selectively

l RIP and BGP directly filter routes distributed by neighbors
l Link state protocol can not filter LSAs directly and what it can do is just to
choose whether to import a route into routing table
l Adopt route-map to filter the received route according to route-map conditions.

n Distribute route information selectively

l When BGP distribute route, apply route-map to distribute the route which can
match route-map conditions.
l When OSPF distribute route, apply OSPF filter to control external and inter-area
route distribution.

n Set attributes of redistributed route

l When configuring route redistribution, apply route-map to filter the
redistributed route or set the attribute of route which match the route-map
conditions.

© ZTE All rights reserved 19

Contents

n Route Policy’s Concept and Function

n How to Define Route Policy
n Common Applications of Route Policy
n Policy Route’s Concept and Function
n Working Process of Policy Route

20
 Introduction of Policy route
n Ordinarily packets forwarding is done based on destination
IP address of route table.

n However, when meeting such kinds of requirements as

shown below, we shall adopt other solutions.
n 1. As figure shown, packet forwarding is controlled based on the source
IP address. The packet from PC1 is forwarded to gei-0/0/0/1 on router A
and the packet from PC2 is forwarded to gei-0/0/0/2.
n 2. packet forwarding is controlled based on the length of packet or other
attributes of packet.

1
/ 0/0/
i-0 B
ge

PC1
A D
ge
i-0
/0/
0/2
PC2 C

© ZTE All rights reserved 21

 Functions of Policy Route

n Policy route is one kind of route selection mechanism based on

user-defined policy.
n When applying Policy Route, we can make routing perform for
packet forwarding according to policy rather than routing table.
n By applying Route Policy, traffic engineering can also be realized.
Different traffics with different attributes or QoS can be guided
to forward along different route based on policy.

© ZTE All rights reserved 22

Contents

n Route Policy’s Concept and Function

n How to Define Route Policy
n Common Applications of Route Policy
n Policy Route’s Concept and Function
n Working Process of Policy Route

23
 Working Process of Policy Route
n Network administrator configure route-map with match/set sub-clause and apply the
route-map to the packet-input interface and realize route selection based on policy.
Match next
Sequence condition

route-map
Router applied to the Yes Follow route-map
Receive sequence to Match Seq1
inbound Condition?
packet port? process the packet No

No Yes

Look up route table Sequence

deny
forward packet based on Permit or
destination address Deny?

permit

No Outbound
port/Next-hop
Valid?

Send packet to outbound

Port/next-hop yes

© ZTE All rights reserved 24

 Difference between route policy and policy route

n Route policy is policy but policy route is one special route. They are
different concepts and applied in different scenarios.

n The main function of policy route is to control packet forwarding based

on the policy not route table.

n The main function of route policy is to control route advertisement when

distributing, receiving and redistributing route information.

© ZTE All rights reserved 25

 Summary

n Functions and applications of Route Policy

n Functions and applications of Policy Route

© ZTE All rights reserved 26

Thank you