The prefix limit command sets the maximum number of route prefixes allowed for a VPN instance IPv6 address family, preventing a PE from importing excessive VPN routes.
The undo prefix limit command restores the default setting.
By default, the maximum number of route prefixes allowed for a VPN instance IPv6 address family is not limited.
| Parameter | Description | Value |
|---|---|---|
| number |
Specifies the maximum number of route prefixes allowed for a VPN instance IPv6 address family. |
The value is an integer ranging from 1 to 4294967295. |
| alert-percent |
Specifies the proportion of the alarm threshold to the maximum number of route prefixes allowed for a VPN instance IPv6 address family. When the number of route prefixes in a VPN instance IPv6 address family exceeds number x alert-percent/100, the system generates an alarm. In this case, additional VPN routes can still be added to the routing table of the VPN instance IPv6 address family until the number of route prefixes of the VPN instance IPv6 address family reaches number. |
The value is an integer ranging from 1 to 100. |
| route-unchanged |
Indicates that the routing table remains unchanged. By default, route-unchanged is not configured. When the number of route prefixes in the routing table exceeds number, routes are processed as follows:
|
- |
| simply-alert |
Indicates that when the number of VPN route prefixes exceeds number, VPN routes can still be added to the routing table of the VPN instance IPv6 address family, but the system will generate an alarm. |
- |
Usage Scenario
If many useless route prefixes imported into a VPN instance constitute a large proportion of route prefixes on a device, run the prefix limit command to set a limit on the maximum number of prefixes supported by the VPN instance.
After the prefix limit command is run in the IPv6 address family of the VPN instance, when the number of route prefixes exceeds number x alert-percent/100, the system generates alarm L3VPN_1.3.6.1.2.1.10.166.11.0.3 L3VPN_MIB_TRAP_MID_THRESH_EXCEED; when the number of route prefixes falls to number * alert-percent/100 or lower, the system generates clear alarm L3VPN_1.3.6.1.4.1.2011.5.25.177.1.3.8 L3VPN_MIB_TRAP_MID_CLEARED. When the number of route prefixes exceeds number, the system generates alarm RM_1.3.6.1.4.1.2011.5.25.145.19.3.1 hwL3vpnIpv6PrefixExceed; when the number of route prefixes falls to number or lower, the system generates clear alarm RM_1.3.6.1.4.1.2011.5.25.145.19.3.2 hwL3vpnIpv6PrefixExceedClear. Using the command together with the peer route-limit command that is configured in the BGP-VPN instance IPv6 address family view is recommended. When receiving a VPNv6 route from its peer PE, a PE saves the route to its VPNv6 routing table indexed by the RD and imports the route into the routing table of the associated VPN instance IPv6 address family if the VPN target of the route exists in the VPN target list of the VPN instance. Running the prefix limit command can prevent excess routes from being added to the routing table of a VPN instance IPv6 address family, but cannot prevent a PE from importing excessive routes from other PEs. Excessive routes will consume a great amount of space in the VPNv6 routing table. The prefix limit command does not apply to static and direct routes on a PE. This means that static and direct routes can still be added to the routing table of a VPN instance IPv6 address family when the number of route prefixes in the VPN instance IPv6 address family reaches the maximum.Precautions
If the number of route prefixes exceeds the set limit and the undo prefix limit command is run, the system will receive the route prefixes from routing tables generated by protocols to create a private network routing table.
<HUAWEI> system-view [~HUAWEI] ip vpn-instance vpn1 [*HUAWEI-vpn-instance-vpn1] ipv6-family [*HUAWEI-vpn-instance-vpn1-af-ipv6] route-distinguisher 100:1 [*HUAWEI-vpn-instance-vpn1-af-ipv6] prefix limit 1000 simply-alert