Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentExtremeWare XOS Command

151

152

153

154

155

156

157

158

159

160

Switch Protection

ExtremeWare XOS 11.0 Concepts Guide 159

nlri 10.203.134.0/24;

nlri 10.204.134.0/24;

} then {

next-hop 192.168.174.92;

origin egp;

}

Policy entries are evaluated in order, from the beginning of the file to the end, as follows:

• If a match occurs, the action in the then statement is taken:

— if the action contains an explicit permit or deny, the evaluation process terminates.

— if the action does not contain an explicit permit or deny, then the action is an implicit permit, and

the evaluation process terminates.

• If a match does not occur, then the next policy entry is evaluated.

• If no match has occurred after evaluating all policy entries, the default action is deny.

Often a policy will have a rule entry at the end of the policy with no match conditions. This entry will

match anything not otherwise processed, so that user can specify an action to override the default deny

action.

The next sections list detailed information about policy match conditions, about matching BGP AS

paths, and about action statements. For information on those subjects, see the following sections:

• Policy match conditions on page 159

• Autonomous system expressions on page 160

• Policy action statements on page 162

Policy match conditions. Table 30 lists the possible policy entry match conditions.

Table 30: Policy match conditions

Match Condition Description

as-path [<as-number>

| <as-path-regular-expression>];

Where <as-number> is a valid Autonomous system number

in the range [1 - 65535].

Where <as-path-regular-expression> is a multi-character

regular expression (with 2-byte unsigned Integer being an

Atom). Regular expression will consist of the AS-Numbers

and various regular expression symbols. Regular

expressions must be enclosed in double quotes ("").

community [no-advertise | no-export |

no-export-subconfed | number <community_num> |

<community_regular_expression> |

<as_num> : <num>];

Where no-advertise, no-export and no-export-subconfed are

the standard communities defined by RFC.

<community_num> is a four byte unsigned integer,

<as_num> is a two byte AS-Number and <num> is the

2-bytes community number.

Community regular expression is a multi-character regular

expression (with four byte unsigned integer being an Atom).

Regular expression is enclosed in double quotes ("").

med <number>; Where <number> is a 4-byte unsigned integer.

next-hop [<ipaddress> |

<ipaddress-regular-expression>];

Where <ipaddress> is a valid IP address in dotted decimal

format.