The ip rd-filter command creates an RD filter.
The undo ip rd-filter command deletes an RD filter.
By default, no RD filter is configured.
Product |
Support |
|---|---|
S5720-EI, S5720-HI, S5720I-SI, S5720S-SI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S |
Supported. |
S2720-EI, S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S6720-LI, and S6720S-LI |
Not supported. |
ip rd-filter rd-filter-number { deny | permit } route-distinguisher &<1-10>
undo ip rd-filter rd-filter-number [ { deny | permit } route-distinguisher &<1-10> ]
| Parameter | Description | Value |
|---|---|---|
| rd-filter-number | Specifies the number of an RD filter. | The value is an integer ranging from 1 to 255. |
| permit | Permits a route to match the rules if its RD matches the rules. | - |
| deny | Denied a route if its RD matches the rules. | - |
| route-distinguisher | Specifies the RD to aa:nn or ipv4-address:nn. You can set a maximum of 10 RDs. The switch support RDs in the following formats:
|
|
The ip rd-filter command is used together with the if-match rd-filter command. First use the ip rd-filter command to configure an RD filter, and use the if-match rd-filter command to configure a matching rule based on the RD filter in a routing policy. The routing policy is used to filter routes that are received and advertised.
The RD filter has the following rules:
If the RD filter is not configured but is used to filter routes, the matching result is permit.
For example, the RD filter 100 is not configured but is used by the routing policy:
route-policy test permit node 10
if-match rd-filter 100
When the routing policy is used to filter routes, the routes match this if-match clause, and the routes match the node 10 in the routing policy named test.
If the RD filter is configured but the RD of routes does not match any RD defined in the RD filter, the default matching result is deny.
For example, the RD of routes is 100:1, and the configuration of the RD filter is as follows:
ip rd-filter 100 permit 10.1.1.1:100
When the RD filter is used to filter routes, the matching result is deny.
The relationship between the rules of the RD filter is "OR". This is different from the community filter. This is because each route has only one RD but can have multiple communities.
For example, the RD filters in the following formats have the same matching results:
Format 1:
ip rd-filter 100 permit 100:1 200:1 10.2.2.2:1 10.3.3.3:1
Format 2:
ip rd-filter 100 permit 100:1 200:1
ip rd-filter 100 permit 10.2.2.2:1
ip rd-filter 100 permit 10.3.3.3:1
The community filters in the following formats have different matching results:
Format 1:
ip community-filter 1 permit 100:1 200:1 300:1
Format 2:
ip community-filter 1 permit 100:1
ip community-filter 1 permit 200:1 300:1
In the preceding configuration of the community filter, the community defined in each rule must be a sub-set of route communities so that the rule can be matched.
Routes are filtered according to the configuration order of multiple rules. For example:
ip rd-filter 100 deny 200:1 10.5.5.5:1
ip rd-filter 100 permit 200:* 10.5.5.5:*
In this situation, the route with the RD 200:1 or 5.5.5.5:1 is denied. If the configuration order of multiple rules is reversed as follows:
ip rd-filter 100 permit 200:* 10.5.5.5:*
ip rd-filter 100 deny 200:1 10.5.5.5:1
In this situation, the route with the RD 200:1 or 10.5.5.5:1 is permitted.
Each RD filter can be configured with a maximum of 255 rules.