home

Supported platforms

Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers
Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Show On this page:

thumbnailSupported platforms

Policy-based Routing Commands

policy route pbr <name> rule <rule-number> protocol <protocol>

Defines the protocol of an IP routing policy rule.

set policy route pbr name rule rule-number protocol { text | 0-255 | all | name }
delete policy route pbr name rule rule-number protocol [ text | 0-255 | all | name ]
show policy route pbr name rule rule-number protocol
name
The name of an IP routing policy.
rule-number
The numeric identifier of the rule. Rule numbers determine the order in which rules are executed. Each rule must have a unique rule number. The numbers range from 1 through 9999.

You can define multiple rules by creating more than one rule configuration node.

protocol
The protocol is any of the following:

text: Matches packets by protocol type. Any protocol literals or numbers listed in the file /etc/protocols can be specified. The keywords icmpv6 and all (for all protocols) are also supported.

0-255: An IP protocol number that ranges from 0 through 255.

all: All IP protocols.

! protocol: All IP protocols except for the specified name or number. Prefixing the protocol name with the negation operator (the exclamation mark) matches every protocol except the specified protocol. For example, !tcp matches all protocols except TCP.

This parameter matches the last, next-header field in the IP header chain. This match means that if the packet has no extension headers, it matches the next-header field in the main header. If the packet does have extension headers, the parameter matches the next-header field of the last extension header in the chain. In other words, the parameter always matches the ID of the transport-layer packet that is being carried.

Exercise care when employing more than one rule that uses the negation. Routing policy rules are evaluated sequentially, and a sequence of negated rules could result in unexpected behavior.

Configuration mode 


policy {
    route {
        pbr name {
                rule rule-number {
                    protocol
                        text
                        0-255 
                        all
                        name
                }
            }
        }
    }

You must specify the address-family, action, and table leaf nodes to configure a routing policy. It is recommended to use the delete policy route pbr name rule number command to delete a routing policy.

Note: The routing policy does not validate the protocol against the configured address-family. "protocol icmp" type is used with "address-family ipv4" while "protocol icmpv6" type is used with "address-family ipv6".

Use the set form of this command to define the protocol of an IP routing policy rule.

Use the delete form of this command to remove a protocol from a routing policy rule.

Use the show form of this command to view the protocol of a routing policy rule.

Last updated: May 7, 2021