The import-rib protocol isis command imports public network or other VPN instance routes to a VPN instance routing table.
The undo import-rib protocol isis command restores the default configuration.
By default, public network or other VPN instance routes are not imported to VPN instance routing tables.
import-rib { public | vpn-instance vpn-instance-name } protocol isis process-id [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ]
undo import-rib { public | vpn-instance vpn-instance-name } protocol isis process-id [ valid-route ] [ route-policy route-policy-name | route-filter route-filter-name ]
| Parameter | Description | Value |
|---|---|---|
| public |
Indicates the public network instance. |
- |
| vpn-instance vpn-instance-name |
Specifies the name of a VPN instance. |
The value is a string of 1 to 31 case-sensitive characters, spaces not supported. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string. |
| protocol |
Specifies a protocol type of route to be imported to a VPN instance routing table. |
- |
| isis process-id |
Imports IS-IS routes of the specified process. |
The value is an integer ranging from 1 to 4294967295. |
| valid-route |
Imports valid routes. |
- |
| route-policy route-policy-name |
Specifies a route-policy to filter routes to be imported. |
The name is a string of 1 to 200 case-sensitive characters, with spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. |
| route-filter route-filter-name |
Specifies the name of a route-filter. |
The value is a string of 1 to 200 case-sensitive characters, spaces not supported. If parameters are included in the referenced route-filter, specify values for them in the format of (var1, var2, ...var8) behind the route-filter name. A maximum of eight parameters can be specified, and each value ranges from 1 to 200 characters. |
Usage Scenario
In the VPN scenario, one VPN can communicate with another VPN if they have matching VPN targets, but VPNs cannot communicate with the public network. To enable a VPN to communicate with the public network, you have to ensure that the VPN and public network can obtain routes to each other. To import public network routes to a VPN instance, run the import-rib public command.
In an intelligent traffic control scenario, traffic of different users are distributed to different VPNs. To enable the traffic to reach the public network, run the import-rib public command to import public network routes to each VPN instance routing table. Traffic forwarding relies on direct routes (Vlink direct routes) generated based on user entries. When VLAN tag termination sub-interfaces are used for route import between VPN and public network, Vlink direct routes cannot be imported. As a result, traffic forwarding is interrupted. To solve this problem, route import between VPN and public network newly supports import of Vlink direct routes.Precautions
If you run the import-rib public command on a device without adding the valid-route keyword, the device will import all routes of the specified type from the public network instance's corresponding routing table to the specified VPN instance. If an imported route is preferred in this routing table, the device will advertise the route to other devices and deliver the route to the VPN instance's IP routing table to guide traffic forwarding.
If you run the import-rib public command with only the valid-route keyword added, the device will import the valid IP routes of the specified type from the public network instance's corresponding routing table to the specified VPN instance. If the imported routes are preferred in this routing table, the device will advertise these routes to other devices and deliver these routes to the VPN instance's IP routing table to guide traffic forwarding.