Route Policy Overview
Introduction
Route policies filter routes. You can configure route policy values to change the paths through which network traffic passes.
- Virtual gateway attachments
- VPN gateway attachments
- Global DC gateway attachments
- Advertise only the routes that match the conditions specified in the route policy.
- Accept only wanted and valid routes. This reduces route table size and improves network security.
- Filter routes. To enrich routing information, a routing protocol may import routes discovered by other routing protocols. Only the routes that match the conditions of the route policy can be imported and the attributes of the routes can be changed as required.
- Change the policy values of routes as needed.
Advantages
- The size of route tables can be controlled to conserve system resources.
- The route advertisement and acceptance can be controlled to improve network security.
- Route policy values can be modified to control traffic and improve network performance.
Functions
- Routes that match conditions are allowed or denied. For details, see Table 1.
- Policy values of routes that match conditions can be changed. For details, see Table 2.
Match Condition |
Description |
---|---|
Route types |
|
IP prefix lists |
An IP prefix list contains prefix rules for route filtering. You can define IP prefixes and netmasks in prefix rules to match the destination addresses or next hops of routes. An IP prefix list is used to filter routes that are advertised and received by dynamic routing protocols. For more information, see IP Prefix List Overview. |
AS_Path lists |
An AS_Path list is a collection of filters that are used to filter BGP routes based on AS_Path attributes contained in BGP routes. AS_Path attributes record the number of each AS that BGP routes pass through from the source to the destination in distance-vector order. AS_Path attributes are private attributes of BGP and AS_Path filters take effect only on BGP routes. For more information, see AS_Path List Overview. |
Policy Value |
Description |
---|---|
PrefVal |
|
AS_Path |
|
Match Rules
- If a route matches all filtering conditions of a node:
- If Action of the node is Allow, the route is allowed.
You can add, replace, or delete policy values.
- If Action of the node is Deny, the route is denied.
- If Action of the node is Allow, the route is allowed.
- If a route does not match any node in the route policy, the route is denied.
A route policy filters routes by sequential match, unique match, or deny by default.
- Sequential match: Nodes will be matched by sequence, and a node with a smaller number is matched first. Nodes in a route policy may be sorted in different orders if their numbers are changed, and the filtering results may be different.
- Unique match: If a route matches a node, it no longer tries to match other nodes.
- Deny by default: By default, routes that do not match any node in a route policy are denied. If a route policy has one or more deny nodes, you need to create a node to allow all other routes.
Notes and Constraints
- By default, an account can have up to five route policies.
- By default, a route policy can have up to 100 nodes.
- Changing a route policy will also change the associated routes. To reduce the impact on network performance, a route policy can only be changed once within 40 seconds.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.