Filtering IPv4 IS-IS Routes

If some IS-IS routes are not preferred, configure conditions to filter IS-IS routes. Only IS-IS routes meeting the specified conditions can be added to an IP routing table.

Context

Only routes in an IP routing table can be used to forward IP packets. An IS-IS route can take effect only after it has been added to an IP routing table.

If an IS-IS route does not need to be added to a routing table, configure a basic ACL, an IP prefix, or a routing policy to filter routes so that only IS-IS routes that meet the specified conditions can be added to an IP routing table. IS-IS routes that do not meet the specified conditions cannot be added to the IP routing table nor selected to forward IP packets.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run isis [ process-id ]

    The IS-IS view is displayed.

  3. Configure conditions for filtering IS-IS routes.

    Run any of the following commands as required:

    • Based on the basic ACL:

      1. Run filter-policy { acl-number | acl-name acl-name } import

        IS-IS is configured to filter received routes.

      2. Run quit

        Return to the system view.

      3. Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]

        The basic ACL view is displayed.

      4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *

        The rule for the basic ACL is configured.

        When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

        When a filtering policy of a routing protocol is used to filter routes:

        • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

        • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

        • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

        • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

        • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

          Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

          Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

    • Based on the IP prefix:

      Run filter-policy ip-prefix ip-prefix-name import

    • Based on the route policy:

      Run filter-policy route-policy route-policy-name import

  4. Run commit

    The configuration is committed.

Parent Topic: Configuring IPv4 IS-IS Route Selection
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >