policy route pbr <name> rule <rule-number> protocol <protocol>
Defines the protocol of an IP routing policy rule.
- name
- The name of an IP routing policy.
- rule-number
- The numeric identifier of the rule. Rule numbers determine the order in which rules are executed. Each rule must have a unique rule number. The numbers range from 1 through 9999.
You can define multiple rules by creating more than one rule configuration node.
- protocol
- The
protocol is any of the following:
text: Matches packets by protocol type. Any protocol literals or numbers listed in the file /etc/protocols can be specified. The keywords icmpv6 and all (for all protocols) are also supported.
0-255: An IP protocol number that ranges from 0 through 255.
all: All IP protocols.
! protocol: All IP protocols except for the specified name or number. Prefixing the protocol name with the negation operator (the exclamation mark) matches every protocol except the specified protocol. For example, !tcp matches all protocols except TCP.
This parameter matches the last, next-header field in the IP header chain. This match means that if the packet has no extension headers, it matches the next-header field in the main header. If the packet does have extension headers, the parameter matches the next-header field of the last extension header in the chain. In other words, the parameter always matches the ID of the transport-layer packet that is being carried.
Exercise care when employing more than one rule that uses the negation. Routing policy rules are evaluated sequentially, and a sequence of negated rules could result in unexpected behavior.
Configuration mode
policy {
route {
pbr name {
rule rule-number {
protocol
text
0-255
all
name
}
}
}
}
You must specify the address-family, action, and table leaf nodes to configure a routing policy. It is recommended to use the delete policy route pbr name rule number command to delete a routing policy.
Use the set form of this command to define the protocol of an IP routing policy rule.
Use the delete form of this command to remove a protocol from a routing policy rule.
Use the show form of this command to view the protocol of a routing policy rule.