policy route pbr <name> rule <rule-number> port <port>
Defines the source port name, number, range, or port group for a routing policy rule.
- name
- The name of an IP routing policy.
- rule-number
- The numeric identifier of a policy rule. Rule numbers determine the order in which rules are processed. Each rule must have a unique rule number. The number ranges from 1 through 9999.
You can define multiple rules by creating more than one rule configuration node.
- port [ port | 1-65535 | start-end | port-group-name ]
- A source port to match. The format of the port is any of the following:
port-name: The name of an IP service; for example, http. You can specify any service name in the /etc/services file.
1-65535: A port number. The numbers range from 1 through 65535.
start-end: A specified range of ports; for example, 1001-1005.
port-group-name: A port group. A packet is considered a match if it matches any port name or number specified in the group. Only one port group may be specified. The port group must already be defined.
This criterion specifies a group of addresses, ports, or networks for packet source address.
A packet is considered a match for an address, a network, or a port group if it matches any host IP address, network address, or port name or number, respectively, in the group. However, if more than one group is specified, the packet must be a match for both groups to be considered a match. For example, if both an address group and a port group are specified, the source of the packet must match at least one item in the address group and at least one item in the port group.
An address group may be specified with a port group.
If both an address and a port are specified, the packet is considered a match only if both the address and the port match.
Configuration mode
policy {
route {
pbr name {
rule rule-number {
port name
port 1-65535
port start-end
port port-group-name
}
}
}
}
You must specify the address-family, action, and table leaf nodes to configure a routing policy. It is recommended to use the delete policy route pbr name rule number command to delete a routing policy.
This criterion specifies a port or a group of ports for packet source address for a routing policy rule.
A packet is considered a match for an address, a network, or a port group if it matches any host IP address, network address, or port name or number, respectively, in the group. However, if more than one group is specified, the packet must be a match for both groups in order to be considered a match. For example, if an address group and a port group are both specified, the packet's source must match at least one item in the address group and at least one item in the port group.
An address group can be specified together with a port group, and a network group can be specified together with a port group. You cannot specify both an address and a network group.
The address family must match the specified family by using the set policy route pbr name rule number address-family ipv4 command.
Use the set form of this command to define the source for a routing policy rule.
Use the delete form of this command to remove the source for a routing policy rule.
Use the show form of this command to view the source for a routing policy rule.