peer filter-policy
Function
The peer filter-policy command configures a filtering policy to advertise routes to or receive routes from peers or peer group.
The undo peer filter-policy command deletes the filtering policy used to advertise routes to or receive routes from peers or peer group.
By default, no filtering policy is configured to advertise routes to or receive routes from peers or peer group.
Format
peer { group-name | ipv4-address | ipv6-address } filter-policy { acl-number | acl-name acl-name | acl6-number | acl6-name acl6-name } { import | export }
undo peer { group-name | ipv4-address | ipv6-address } filter-policy { acl-number | acl-name acl-name | acl6-number | acl6-name acl6-name } { import | export }
Parameters
| Parameter | Description | Value |
|---|---|---|
group-name |
Specifies the name of a peer group. |
The name is a string of 1 to 47 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. |
ipv4-address |
Specifies the IPv4 address of a peer. |
It is in dotted decimal notation. |
ipv6-address |
Specifies the IPv6 address of a peer. |
The value is a 32-digit hexadecimal number, in the format of X:X:X:X:X:X:X:X. |
acl-number |
Specifies the number of a basic ACL. |
The value is an integer that ranges from 2000 to 2999. |
acl-name acl-name |
Specifies the name of an ACL. |
The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter. |
acl6-number |
Specifies the number of a basic IPv6 ACL. |
The value is an integer that ranges from 2000 to 2999. |
acl6-name acl6-name |
Specifies the name of an IPv6 ACL. |
The value is a string of 1 to 64 case-sensitive characters without spaces. The name should start with a letter and can contain numbers, hyphens (-), or underscores (_). |
import |
Filters received routes. |
- |
export |
Filters routes to be advertised. |
- |
ipv4-address, acl-name acl-name, and acl-number are valid only in the BGP view, BGP-IPv4 unicast address family view, BGP-IPv4 multicast address family view, BGP-VPN instance IPv4 address family view, BGP-VPNv4 address family view, BGP-IPv6 unicast address family view, and BGP-VPNv6 address family view.
ipv6-address, acl6-name acl6-name, and acl6-number are valid only in the BGP-IPv6 unicast address family view and BGP-VPN instance IPv6 address family view.
Views
BGP view, BGP-IPv4 unicast address family view, BGP-IPv4 multicast address family view, BGP-VPN instance IPv4 address family view, BGP-VPNv4 address family view, BGP-IPv6 unicast address family view, BGP-VPN instance IPv6 address family view, BGP-VPNv6 address family view
Usage Guidelines
Usage Scenario
The peer filter-policy command is used to configure an ACL-based policy for filtering routes received from peers or routes to be advertised to peers.
A proper basic ACL needs to be selected based on the address family of a peer or peer group.
Prerequisites
Peer relationships have been established using the peer as-number command.
A basic ACL needs to be configured.
Precautions
If the peer filter-policy command is run multiple times, the latest configuration overwrites the previous one. For example, if the peer 10.1.1.2 filter-policy 2600 import command is run and then the peer 10.1.1.2 filter-policy 2400 import command is run, the configuration of the peer 10.1.1.2 filter-policy 2400 import command overwrites that of the peer 10.1.1.2 filter-policy 2600 import command.
When the rule command is run to configure rules for an ACL, only the source address range specified by source and the time period specified by time-range take effect.
Example
# Set the IPv4 filtering policy for peers.
<HUAWEI> system-view
[HUAWEI] acl 2000
[HUAWEI-acl-basic-2000] rule permit
[HUAWEI-acl-basic-2000] quit
[HUAWEI] bgp 100
[HUAWEI-bgp] peer 10.1.1.2 as-number 200
[HUAWEI-bgp] ipv4-family unicast
[HUAWEI-bgp-af-ipv4] peer 10.1.1.2 filter-policy 2000 import
<HUAWEI> system-view
[HUAWEI] acl ipv6 2001
[HUAWEI-acl6-basic-2001] rule permit
[HUAWEI-acl6-basic-2001] quit
[HUAWEI] bgp 100
[HUAWEI-bgp] peer fc00:0:0:2::3 as-number 200
[HUAWEI-bgp] ipv6-family unicast
[HUAWEI-bgp-af-ipv6] peer fc00:0:0:2::3 filter-policy 2000 import