Route maps
Route maps are policy tools that are used to match destination prefixes, interfaces, or other route properties. Optionally, they may change the properties of the route, depending on the match.
The route map includes one or more sequences,
each of which contains match
statements and, optionally, set
statements. When a route map is applied, its sequences
are evaluated in order. If all the match
statements
in a sequence match the target route, the match succeeds and the route
is permitted or denied according to the permit | deny
instruction in the route-map
command that defined
the sequence; if the sequence contains set
statements,
they are applied to the target route. If any of the match
statements in the sequence does not match the target route, the
match fails and the next sequence in the route map is evaluated. If
all the sequences fail to match the route, the route is denied.
If the named route map does not already exist,
the route-map command creates the route map
and
enters the route map context. For example:
switch(config)# route-map Map1 permit switch(route-map-Map1-10)#
At this point, you are ready to enter match
and set
commands, described below.
When you have finished entering match
and set
commands, an exit
command exits
the route map context and returns to the general configuration context.
When entering match
commands,
most allow only one command of a given type in a sequence. (For instance,
you can enter match source-protocol rip
or match source-protocol ospf
, but not both.) The exceptions
are matching VLAN interfaces and next hops. Multiple match
interface vlan vid
commands
are concatenated to a single command, and a match succeeds if any
of the VLANs matches. For example, the following two route maps are
equivalent:
switch(config)# route-map Map2 permit switch(route-map-Map2-10)# match interface vlan 11 switch(route-map-Map2-10)# match interface vlan 12 switch(route-map-Map2-10)# match interface vlan 13 switch(route-map-Map2-10)# ex switch(config)# route-map Map3 permit switch(route-map-Map3-10)# match interface vlan 11 12 13 switch(route-map-Map3-10)# ex
Similarly, multiple instances of the match ip next-hop IP-addr
and match ipv6 next-hop IPv6-addr
commands are concatenated internally into single commands, respectively.
The general limitation of only one match command of a given type applies within a sequence. The same type of match command can be repeated in other sequences in the same route map.
All of the match clauses of the sequence must
match for a match to succeed. (For this purpose, multiple match interface vlan, match ip next-hop
, and match
ipv6 next-hop
clauses are treated as a single clause. In
such a clause, the interfaces or next hops are treated in logical
OR fashion: if there is a match with any one of them, the match clause
succeeds.)
A match sequence that contains no match commands will permit all routes. (Such a sequence may be used in a route map that denies certain routes but permits all others.)
Like most match
commands, set
commands allow only one command of a given type in
a sequence. So, for instance, if a match sequence is successful, you
can set a metric of 23, but not metrics of 23 and 25 simultaneously.
To re-enter the context of an existing route
map that has only one sequence (say, to add or delete match or set
statements), the sequence number is optional: route-map name permit | deny
. If the route-map has
more than one sequence, the sequence number is required: route-map name permit | deny seq seq-num
.
To create a new sequence in an existing route
map (that is, under the same route map name), use the route-map
command with a different sequence number. Sequence numbers are significant:
they determine the order of evaluation of sequences in route maps—the
sequence with the lowest number is evaluated first.