Information Technology Reference
In-Depth Information
Policy Lists
Complex route maps often have more than one match clause of different types. In a medium
to large network, many of the same match clauses are reused repeatedly by different route
maps. If the same sets of match clauses can be extracted from a route map, they can be
reused by more than one route map or in different instances of the same route map. These
independent match clauses are called
policy lists
.
A policy list is a subset of route maps that contains only match clauses. When a policy list
is referenced in another route map, all the match clauses are evaluated and processed as if
they were configured directly in the route map. Match clauses are configured in policy lists
with permit or deny statements. The route map evaluates and processes each match
clause and permits or denies routes based on the configuration in the referenced policy list.
A policy list is configured with the
ip policy-list
command and is referenced within another
route map using the
match
policy-list
command. Two or more policy lists can be
referenced within a route map, and each entry can contain one or more policy lists. When
multiple policy lists are configured in the same
match policy-list
command, it is an OR
operation; when multiple
match policy-list
statements are configured, it is an AND
operation. The policy lists and all other match and set options within a route map instance
can coexist.
Example 4-13 shows a route map configuration using policy lists. Two policy lists are
configured: as100 and as200. In as100, a match is found when both the AS path starts with
AS 100 and the community is 300:105. In as200, a match is found when the AS path starts
with AS 200 and the community is 300:105. With the route map foo, first a match is made
to select the prefix to be 10.0.0.0/8, and then an OR operation is made for the two policy
lists. The final action is to change the local preference to 105 for the updates that match.
Example 4-13
Example of Policy List Configuration
ip prefix-list 1 permit 10.0.0.0/8
ip as-path access-list 1 permit ^100_
ip as-path access-list 2 permit ^200_
ip community-list 1 permit 300:105
!
ip policy-list as100 permit
match as-path 1
match community 1
!
ip policy-list as200 permit
match as-path 2
match community 1
!
route-map foo permit 10
match ip address prefix-list 1
match policy-list as100 as200
set local-preference 105
route-map foo permit 20
