The if-match ip command creates a matching rule based on IP information.
The undo if-match ip command deletes the matching rule based on specified IP information.
By default, no matching rule based on IP information is configured.
if-match ip { next-hop | route-source | group-address } { acl { acl-number | acl-name } | ip-prefix ip-prefix-name }
undo if-match ip { next-hop | route-source | group-address } [ acl { acl-number | acl-name } | ip-prefix ip-prefix-name ]
| Parameter | Description | Value |
|---|---|---|
| next-hop | Specifies the next hop address. | - |
| route-source | Specifies the source address of routes. | - |
| group-address | Indicates the IP address of the multicast group. | The value is in dotted decimal notation. |
| acl | Indicates route filtering using the ACL. | - |
| acl-number | Specifies the number of a basic ACL. | The value is an integer ranging from 2000 to 2999. |
| acl-name | Specifies the name of a basic ACL. | The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter. |
| ip-prefix ip-prefix-name | Specifies the name of an IP prefix list that is used to filter routes. | The value is a string of case-sensitive characters without space and ranges from 1 to 169. |
Usage Scenario
An ACL or IP prefix must be configured before running the if-match ip command so that the matching rule can take effect. For example:
If the if-match ip next-hop ip-prefix aa command is used but the IP prefix aa is not configured, all routes are permitted, that is, all routes match the matching rule. This rule also applies to ACL.
If the if-match ip next-hop ip-prefix aa and ip ip-prefix aa permit 10.1.1.1 32 commands are used, the routes with the next hop being 10.1.1.1 is permitted. This rule also applies to ACL.
Prerequisites
The if-match ip command can be used only after the route-policy command is used.
Before running the if-match ip command, configure an ACL or an IP prefix.
Precautions
The routing policy matches routes based on the next hop address or source address. Routes that match the next hop address or source address will be checked by other if-match clauses of this node. Routes that do not match the next hop address or source address will be checked by the next node.
If the next hop address or source address of a route to be filtered is 0.0.0.0, by default, the system considers the mask length as 0 and matches the route.
If the next hop address or source address of a route to be filtered is not 0.0.0.0, by default, the system considers the mask length as 32 and matches the route.
When you run the rule command to configure a filtering rule in an ACL, only the source and time-range parameters are valid for the filtering rule.
Creating an ACL before it is referenced is recommended. If a nonexistent ACL is referenced using the command, all routes match the ACL.
Creating an IP prefix list before it is referenced is recommended. By default, nonexistent IP prefix lists cannot be referenced using the command. If the route-policy nonexistent-config-check disable command is run in the system view and a nonexistent IP prefix list is referenced using the current command, all routes match the IP prefix list.
# Set an IP prefix list named p1 to filter routes.
<HUAWEI> system-view
[HUAWEI] route-policy policy permit node 10
[HUAWEI-route-policy] if-match ip next-hop ip-prefix p1
# Set a rule that source addresses of routes match ACL 2000 to filter routes.
<HUAWEI> system-view
[HUAWEI] route-policy policy permit node 10
[HUAWEI-route-policy] if-match ip route-source acl 2000