Login
- Table of Contents
-
- 04-Layer 3 Command Reference
- 00-Preface
- 01-ARP Commands
- 02-IP Addressing Commands
- 03-DHCP Commands
- 04-DHCPv6 Commands
- 05-DNS Commands
- 06-IPv6 DNS Commands
- 07-NAT Commands
- 08-Adjacency Table Commands
- 09-Flow Classification Commands
- 10-IPv6 Basics Commands
- 11-IP Performance Optimization Commands
- 12-Basic IP Routing Commands
- 13-Static Routing Commands
- 14-IPv6 Static Routing Commands
- 15-GRE Commands
- 16-RIP Commands
- 17-RIPng Commands
- 18-Policy-Based Routing Commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 18-Policy-Based Routing Commands | 71.30 KB |
Policy-based routing configuration commands
apply default output-interface
apply ip-address default next-hop
apply output-interface ip-address next-hop
display ip policy-based-route setup
display ip policy-based-route statistics
reset policy-based-route statistics
Policy-based routing configuration commands
apply default output-interface
Use apply default output-interface to set a default output interface.
Use undo apply default output-interface to remove the configuration.
Syntax
apply default output-interface interface-type interface-number [ track track-entry-number ] [ interface-type interface-number [ track track-entry-number ] ]
undo apply default output-interface [ interface-type interface-number [ interface-type interface-number ] ]
Views
Policy node view
Default command level
2: System level
Parameters
interface-type interface-number: Specifies an interface by its type and number.
track track-entry-number: Specifies a track entry by its number, in the range of 1 to 1024.
Usage guidelines
You can specify up to two default output interfaces by performing this command once or twice.
A specified default output interface must be P2P type. Using a non-P2P output interface (broadcast and NBMA interfaces such as Ethernet and virtual-template interfaces) can result in forwarding failures when the interface has multiple next hops.
With an interface specified, the undo apply default output-interface command removes the specified default output interface.
Without any interface specified, the undo apply default output-interface command removes all default output interfaces.
Examples
# Set GigabitEthernet 1/0/5 as the default output interface.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply default output-interface gigabitethernet1/0/5
apply ip-address default next-hop
Use apply ip-address default next-hop to set the default next hops.
Use undo apply ip-address default next-hop to remove the configuration.
Syntax
apply ip-address default next-hop ip-address [ track track-entry-number ] [ ip-address [ track track-entry-number ] ]
undo apply ip-address default next-hop [ ip-address [ ip-address ] ]
Views
Policy node view
Default command level
2: System level
Parameters
ip-address: Specifies the default next hop IP address.
track track-entry-number: Specifies a track entry by its number, in the range of 1 to 1024.
Usage guidelines
You can specify up to two default next hops by performing this command once or twice.
With a next hop specified, the undo apply ip-address default next-hop command removes the specified default next hop.
Without any next hop specified, the undo apply ip-address default next-hop command removes all default next hops.
Examples
# Set the default next hop of 1.1.1.1.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply ip-address default next-hop 1.1.1.1
apply ip-address next-hop
Use apply ip-address next-hop to set the next hops for packets.
Use undo apply ip-address next-hop to remove the configuration.
Syntax
apply ip-address next-hop ip-address [ direct ] [ track track-entry-number ] [ ip-address [ direct ] [ track track-entry-number ] ]
undo apply ip-address next-hop [ ip-address [ ip-address ] ]
Views
Policy node view
Default command level
2: System level
Parameters
ip-address: Specifies the next hop IP address.
direct: Specifies that the next hop must be directly connected to take effect.
track track-entry-number: Specifies a track entry by its number, in the range of 1 to 1024.
Usage guidelines
You can specify up to two next hops by performing this command once or twice.
With a next hop specified, the undo apply ip-address next-hop command removes the specified next hop.
Without any next hop specified, the undo apply ip-address next-hop command removes all next hops.
Examples
# Set a directly-connected next hop of 1.1.1.1.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply ip-address next-hop 1.1.1.1 direct
apply ip-df zero
Use apply ip-df zero to set the Don’t Fragment (DF) bit in the IP header of matching packets to 0, which means the packet can be fragmented.
Use undo apply ip-df to remove the configuration.
Syntax
apply ip-df zero
undo apply ip-df
Views
Policy node view
Default command level
2: System level
Examples
# Set the DF bit in the IP header of matching packets to 0.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply ip-df zero
apply ip-precedence
Use apply ip-precedence to set a precedence for packets.
Use undo apply ip-precedence to remove the configuration.
Syntax
apply ip-precedence value
undo apply ip-precedence
Views
Policy node view
Default command level
2: System level
Parameters
value: Sets the precedence for IP packets. Eight precedence values (0 to 7) are available. Each precedence value corresponds to a precedence type, as shown in Table 1. You can set either a precedence value or a precedence type for IP packets.
Table 1 IP precedences and the corresponding types
|
Precedence value |
Precedence type |
|
0 |
routine |
|
1 |
priority |
|
2 |
immediate |
|
3 |
flash |
|
4 |
flash-override |
|
5 |
critical |
|
6 |
internet |
|
7 |
network |
Examples
# Set the precedence to 5 (critical) for packets.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply ip-precedence critical
apply output-interface
Use apply output-interface to set output interfaces for packets.
Use undo apply output-interface to remove the configuration.
Syntax
apply output-interface interface-type interface-number [ track track-entry-number ] [ interface-type interface-number [ track track-entry-number ] ]
undo apply output-interface [ interface-type interface-number [ interface-type interface-number ] ]
Views
Policy node view
Default command level
2: System level
Parameters
interface-type interface-number: Specifies an interface by its type and number.
track track-entry-number: Specifies a track entry by its number, in the range of 1 to 1024.
Usage guidelines
You can specify up to two output interfaces by performing this command once or twice.
A specified output interface must be P2P type. Using a non-P2P output interface (broadcast and NBMA interfaces such as Ethernet and virtual-template interfaces) can result in forwarding failures when the interface has multiple next hops.
With an interface specified, the undo apply output-interface command removes the specified output interface.
Without any interface specified, the undo apply output-interface command removes all output interfaces.
Non-broadcast multi-access (NBMA) networks adopt the unicast mode to send packets.
Examples
# Specify tunnel 3 as the output interface for IP packets.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] apply output-interface tunnel 3
apply output-interface ip-address next-hop
Use apply output-interface ip-address next-hop dhcpc to specify the output interface and next hop. The next hop is the gateway address learned through DHCP.
Use undo apply output-interface to remove the configuration.
Syntax
apply output-interface interface-type interface-number ip-address next-hop dhcpc
undo apply output-interface
Views
Policy node view
Default command level
2: System level
Parameters
interface-type interface-number: Specifies an output interface by its type and number.
ip-address next-hop dhcpc: Specifies the gateway address learned through DHCP as the next hop.
Examples
# Specify the management subinterface GigabitEthernet 1/0/5.1 as the output interface. (Because GigabitEthernet 1/0/5.1 obtains its IP address through DHCP and the next hop address is unknown, you need to specify the gateway address learned through DHCP as the next hop address.)
<Sysname> system-view
[Sysname] policy-based-route management permit node 1
[Sysname-pbr-management-1] apply output-interface gigabitethernet1/0/5.1 ip-address next-hop dhcpc
display ip policy-based-route
Use display ip policy-based-route to display information about local PBR and interface PBR.
Syntax
display ip policy-based-route [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display information about local PBR and interface PBR.
<Sysname> display ip policy-based-route
Policy Name interface
pr02 local
pr02 Virtual-Template0
pr01 GigabitEthernet1/0/5
|
Field |
Description |
|
Policy Name |
Policy name. |
|
interface |
PBR type. This field displays local for a local PBR or a specific interface (such as GigabitEthernet 1/0/5) to which the policy has been applied to implement interface PBR. |
display ip policy-based-route setup
Use display ip policy-based-route setup to display PBR configuration.
Syntax
display ip policy-based-route setup { policy-name | interface interface-type interface-number | local } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
policy-name: Displays the PBR configuration of the specified policy by its name, a string of 1 to 19 characters.
interface interface-type interface-number: Displays the PBR configuration on the specified interface.
local: Displays the local PBR information.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display PBR configuration for policy pr01.
<Sysname> display ip policy-based-route setup pr01
policy Name interface
pr01 GigabitEthernet1/0/5
# Display PBR configuration on GigabitEthernet 1/0/5.
<Sysname> display ip policy-based-route setup interface GigabitEthernet1/0/5
Interface GigabitEthernet1/0/5 policy based routing configuration information:
policy-based-route: pr01
permit node 1:
if-match acl 3101
apply next-hop 1.1.1.1
# Display local PBR configuration.
<Sysname> display ip policy-based-route setup local
Local policy based routing configuration information:
policy-based-route: pr01
permit node 1:
if-match acl 3101
apply next-hop 1.1.1.1
|
Field |
Description |
|
policy Name |
Policy name. |
|
interface |
Interface where the policy is applied. Local means the policy is applied locally. |
|
Interface GigabitEthernet 1/0/5 policy based routing configuration information |
PBR configuration on GigabitEthernet 1/0/5. |
|
Local policy based routing configuration information |
Local PBR information. |
|
policy-based-route |
Policy name. |
|
permit node |
The match mode is permit. |
|
if-match acl |
Match packets against ACL. |
|
apply output-interface Serial2/0 |
Specify the output interface. |
display ip policy-based-route statistics
Use display ip policy-based-route statistics to display PBR statistics.
Syntax
display ip policy-based-route statistics { interface interface-type interface-number | local } [ | { begin | exclude | include } regular-expression ]
Any view
Default command level
1: Monitor level
Parameters
interface interface-type interface-number: Displays the statistics of PBR on the specified interface.
local: Displays the statistics of local PBR.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
Packets matching a deny-mode node are forwarded according to the routing table. Therefore, no statistics are available for such packets.
Examples
# Display the statistics of PBR on GigabitEthernet 1/0/5.
<Sysname> display ip policy-based-route statistic interface GigabitEthernet1/0/5
Interface GigabitEthernet1/0/5 policy based routing statistics information:
policy-based-route: aaa
permit node 5
if-match acl 3101
apply next-hop 1.1.1.1
matched: 0
Total matched: 0
|
Field |
Description |
|
Interface GigabitEthernet 1/0/5 policy based routing statistics information |
PBR statistics on GigabitEthernet 1/0/5. |
|
policy-based-route: aaa |
Policy name. |
|
permit node |
The match mode of node is permit. |
|
if-match acl |
Match packets against ACL. |
|
apply output-interface |
Output interface. |
|
matched |
Matching packets on the node. |
|
Total matched |
Total matching packets on all nodes. |
display policy-based-route
Use display policy-based-route to display PBR policy information.
Syntax
display policy-based-route [ policy-name ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
policy-name: Displays information about the specified policy. A policy name is a string of 1 to 19 characters.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If no policy name is specified, this command displays information about all policies.
If a policy is specified, this command displays information about the specified policy.
Examples
# Display the PBR policy information.
<Sysname> display policy-based-route
Policy based routing configuration information:
policy-based-route : aaa
Node 1 permit :
apply next-hop 1.1.1.1
Table 5 Command output
|
Field |
Description |
|
policy-based-route |
Policy name. |
|
Node 1 permit |
The match mode of Node 1 is permit. |
|
apply output-interface |
Specify the output interface. |
if-match acl
Use if-match acl to configure an ACL match criterion.
Use undo if-match acl to remove the ACL match criterion.
Syntax
if-match acl acl-number
undo if-match acl
Views
Policy node view
Default command level
2: System level
Parameters
acl-number: Specifies the ACL number, in the range of 2000 to 3999. The number of a basic ACL ranges from 2000 to 2999 and that of an advanced ACL ranges from 3000 to 3999.
Examples
# Permit the packets matching ACL 2010.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] if-match acl 2010
if-match packet-length
Use if-match packet-length to define a packet length match criterion.
Use undo if-match packet-length to remove the match criterion.
Syntax
if-match packet-length min-len max-len
undo if-match packet-length
Views
Policy node view
Default command level
2: System level
Parameters
min-len: Specifies the minimum IP packet length in bytes, in the range of 0 to 65535.
max-len: Specifies the maximum IP packet length in bytes, in the range of 1 to 65535. The value of max-len must be no less than that of min-len.
Examples
# Match the packets with a length from 100 to 200 bytes.
<Sysname> system-view
[Sysname] policy-based-route aa permit node 11
[Sysname-pbr-aa-11] if-match packet-length 100 200
ip local policy-based-route
Use ip local policy-based-route to configure local PBR based on a specified policy.
Use undo ip local policy-based-route to remove the configuration.
Syntax
ip local policy-based-route policy-name
undo ip local policy-based-route policy-name
Default
No policy is referenced for local PBR.
Views
System view
Default command level
2: System level
Parameters
policy-name: Policy name, a string of 1 to 19 characters.
Usage guidelines
You can configure only one policy for local PBR. If you perform this command multiple times, only the last specified policy takes effect.
Local PBR is used to route locally generated packets. Do not configure local PBR unless required.
Examples
# Configure local PBR based on policy aaa.
<Sysname> system-view
[Sysname] ip local policy-based-route aaa
ip policy-based-route
Use ip policy-based-route to configure PBR by applying a policy on the interface.
Use undo ip policy-based-route to remove the configuration.
Syntax
ip policy-based-route policy-name
undo ip policy-based-route policy-name
Default
No policy is applied on an interface.
Views
Interface view
Default command level
2: System level
Parameters
policy-name: Specifies a policy by its name, a string of 1 to 19 characters.
Usage guidelines
You can apply only one policy on an interface PBR. If you perform this command multiple times, only the last specified policy takes effect.
Examples
# Apply policy aaa on GigabitEthernet 1/0/5.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/0/5
[Sysname-GigabitEthernet1/0/5] ip policy-based-route aaa
policy-based-route
Use policy-based-route to create a policy node, and enter policy node view. If the specified policy node already exists, the command directly places you into policy node view.
Use undo policy-based-route to remove a created policy or policy node.
Syntax
policy-based-route policy-name [ deny | permit ] node node-number
undo policy-based-route policy-name [ deny | node node-number | permit ]
Views
System view
Default command level
2: System level
Parameters
policy-name: Specifies a policy name, a string of 1 to 19 characters.
deny: Specifies the match mode of the policy node as deny.
permit: Specifies the match mode of the policy node as permit.
node node-number: Specifies the number of a policy node, in the range of 0 to 65535. A smaller number has a higher priority.
Examples
# Create permit-mode of Node 10 for policy 1, and enter policy node view.
<Sysname> system-view
[Sysname] policy-based-route policy1 permit node 10
[Sysname-pbr-policy1-10]
reset policy-based-route statistics
Use reset policy-based-route statistics to clear PBR statistics.
Syntax
reset policy-based-route statistics [ policy-name ]
Views
User view
Default command level
1: Monitor level
Parameters
policy-name: Specifies a policy by its name, a string of 1 to 19 characters.
Usage guidelines
If no policy is specified, this command clears all the PBR statistics.
Examples
# Clear all PBR statistics.
<Sysname> reset policy-based-route statistics
