Filtering IPv6 IS-IS Routes

If some IPv6 IS-IS routes are not preferred, configure conditions to filter IS-IS routes. Only IS-IS routes meeting the specified conditions can be added to an IPv6 routing table.

Context

Only routes in an IPv6 routing table can be used to forward IPv6 packets. An IS-IS route can take effect only after it has been successfully added to an IPv6 routing table.

If an IPv6 IS-IS route does not need to be added to a routing table, configure a basic ACL, an IPv6 prefix, or a routing policy to filter routes so that only IPv6 IS-IS routes that meet the specified conditions can be added to an IPv6 routing table. IPv6 IS-IS routes that do not meet the specified conditions cannot be added to the IPv6 routing table nor selected to forward IPv6 packets.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run isis [ process-id ]

    The IS-IS view is displayed.

  3. Add some IS-IS routes to the IP routing table.

    Run any of the following commands as required:

    • Configure a basic ACL:

      1. Run ipv6 filter-policy { acl6-number | acl6-name acl6-name } import

      2. Run quit

        Return to the system view.

      3. Run acl ipv6 { name basic-acl6-name basic | [ number ] basic-acl6-number } [ match-order { config | auto } ]

        The ACL view is displayed.

      4. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment | source { source-ipv6-address { prefix-length | source-wildcard } | source-ipv6-address/prefix-length | any } | time-range time-name | [ vpn-instance vpn-instance-name | vpn-instance-any ] ] *

        A rule is configured for the ACL.

        When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.

        When a filtering policy of a routing protocol is used to filter routes:

        • If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.

        • If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.

        • If a route has not matched any ACL rules, the route will not be received or advertised by the system.

        • If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.

        • In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:

          Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.

          Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.

    • Based on the IP prefix:

      Run ipv6 filter-policy ipv6-prefix ipv6-prefix-name import

    • Based on the Route-Policy:

      Run ipv6 filter-policy route-policy route-policy-name import

  4. Run commit

    The configuration is committed.

Parent Topic: Configuring IPv6 IS-IS Route Selection
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >