ACL Support in RPL Prefix Sets
Access Control List (ACL) type prefix set entries holds IPv4 or IPv6 prefix match specifications, each of
which has an address and a wildcard mask. The address and wildcard mask is a standard dotted-decimal IPv4
or colon-separated hexadecimal IPv6 address. The set of bits to be matched are provided in the form of wildcard
also called as inverted mask in which a binary 0 means a mandatory match and binary 1 means a do not match
condition. The prefix set allows to specify contiguous and non-contiguous set of bits that should be matched
in any route.
rd-set
An rd-set is used to create a set with route distinguisher (RD) elements. An RD set is a 64-bit value prepended
to an IPv4 address to create a globally unique Border Gateway Protocol (BGP) VPN IPv4 address.
You can define RD values with the following commands:
• a.b.c.d:m:*—BGP VPN RD in IPv4 format with a wildcard character. For example,
10.0.0.2:255.255.0.0:*.
• a.b.c.d/m:n—BGP VPN RD in IPv4 format with a mask. For example, 10.0.0.2:255.255.0.0:666.
• a.b.c.d:** —BGP VPN RD in IPv4 format with a wildcard character. For example, 10.0.0.2:255.255.0.0.
• a.b.c.d:n— BGP VPN RD in IPv4 format. For example, 10.0.0.2:666.
• asn:*— BGP VPN RD in ASN format with a wildcard character. For example, 10002:255.255.0.0.
• asn:n—BGP VPN RD in ASN format. For example, 10002:666.
The following is an example of an rd-set:
rd-set rdset1
10.0.0.0/8:*,
10.0.0.0/8:777,
10.0.0.0:*,
10.0.0.0:777,
65000:*,
65000:777
end-set
Routing Policy Language Components
Four main components in the routing policy language are involved in defining, modifying, and using policies:
the configuration front end, policy repository, execution engine, and policy clients themselves.
The configuration front end (CLI) is the mechanism to define and modify policies. This configuration is then
stored on the router using the normal storage means and can be displayed using the normal configuration
show commands.
The second component of the policy infrastructure, the policy repository, has several responsibilities. First,
it compiles the user-entered configuration into a form that the execution engine can understand. Second, it
performs much of the verification of policies; and it ensures that defined policies can actually be executed
properly. Third, it tracks which attach points are using which policies so that when policies are modified the
appropriate clients are properly updated with the new policies relevant to them.
Cisco ASR 9000 Series Aggregation Services Router Routing Configuration Guide, Release 5.1.x
476 OL-30423-03
Implementing Routing Policy
Routing Policy Language Overview
To Next Page
Loading...
Need help?
General
