Filter Policies
Router Configuration Guide 481
A filter policy can be modified directly – by changing/adding/deleting the existing entry in
that filter policy or indirectly. Examples of indirect change to filter policy include, among
others, changing embedded filter entry this policy embeds (see the Embedded Filters section),
changing redirect policy this filter policy uses.
Finally, a filter policy deployed on a given interface can be changed by changing the policy
the interface is associated with.
All of the above changes can be done in service. A filter policy that is associated with service/
interface cannot be deleted unless all associations are removed first.
For a large (complex) filter policy change, it may take a few seconds to load and initiate the
filter policy configuration. Filter policy changes are downloaded to line cards immediately,
therefore operators should use filter policy copy or transactional CLI to ensure partial policy
change is not activated.
Filter Policy Copy and Renumbering
To assist operators in filter policy management, SR OS supports entry copy and entry
renumbering operations.
Filter copy allows operators to perform bulk operations on filter policies by copying one
filter’s entries to another filter. Either all entries or a specified entry of the source filter can
be selected for copy. When entries are copied, entry order is preserved unless destination
filter’s entry ID is selected (applicable to single entry copy). The filter copy allows overwrite
of the existing entries in the destination filter by specifying “overwrite” option during the
copy command. Filter copy can be used, for example, when creating new policies from
existing policies or when modifying an existing filter policy (an existing source policy is
copied to a new destination policy, the new destination policy is modified, then the new
destinations policy is copied back the source policy with overwrite specified).
Entry renumbering allows operators to change relative order of a filter policy entry by
changing the entry Id. Entry renumbering can also be used to move two entries closer together
or further apart, thus creating additional entry space for new entries.
To Next Page
Loading...
