if-match fragment-type

Function

The if-match fragment-type command configures a filtering rule based on the fragment type.

The undo if-match fragment-type command deletes the filtering rule based on the fragment type.

By default, no filtering rule based on the fragment type is configured.

Format

if-match fragment-type { not | match } { fragment | non-fragment | fragment-spe-first }

undo if-match fragment-type

undo if-match fragment-type { not | match } { fragment | non-fragment | fragment-spe-first }

Parameters

Parameter Description Value
not

Indicates that traffic that does not match the fragment type can pass the filtering rule.

-
match

Indicates that traffic matching the fragment type can pass the filtering rule.

-
fragment

Indicates that fragments are checked.

-
non-fragment

Indicates that non-fragmented packets are checked.

-
fragment-spe-first

Indicates that the first fragmented packet is checked.

-

Views

Flow-Route VPN instance view, Flow-Route view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
flow-route write

Usage Guidelines

Usage Scenario

The if-match fragment-type command is used to configure a filtering rule based on the fragment type for a BGP Flow Specification route or BGP VPN Flow Specification route. Traffic matching the filtering rule will be controlled with the action specified by the apply clause.

Prerequisites

A static BGP Flow Specification route or BGP VPN Flow Specification route has been created using the flow-route command in the system view.

Precautions

A maximum of three if-match fragment-type commands can be run for the same BGP Flow Specification route.

For the same packet fragmentation rule, fragment, non-fragment, fragment-spe-first, if-match fragment-type not, and if-match fragment-type match override each other.

After the flowspec ipv4-fragment-rule switch command is run in the system view, the functions of the following commands are changed:

  • The if-match fragment-type match fragment command is changed from matching fragmented packets to matching subsequent fragments.
  • The if-match fragment-type not fragment command is changed from matching non-fragmented packets to matching non-fragmented or first fragment.
  • The if-match fragment-type match non-fragment command is changed from matching non-fragmented packets to matching packets that do not support fragmentation.
  • The if-match fragment-type not non-fragment command is changed from matching fragmented packets to matching packets that support fragmentation.
  • The if-match fragment-type not fragment-spe-first command is changed from matching subsequent fragments to matching non-fragment or subsequent fragments.

Example

# Configure a filtering rule that is based on the fragment type for the static BGP Flow Specification route Rule 1.
<HUAWEI> system-view
[~HUAWEI] flow-route rule1
[*HUAWEI-flow-route] if-match fragment-type not fragment
Parent Topic: BGP Flow Specification Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >