Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

policy route pbr <name> rule <rule-number> source port <port>

Defines the source port name, number, range, or port group for a routing policy rule.

set policy route pbr name rule rule-number source port [ name | 1-65535 | start-end | port-group-name ]
delete policy route pbr name rule rule-number source port [ name | 1-65535 | start-end | port-group-name ]
show policy route pbr name rule rule-number source port
name
The name of an IP routing policy.
rule-number
The numeric identifier of a policy rule. Rule numbers determine the order in which rules are processed. Each rule must have a unique rule number. The number ranges from 1 through 9999.

You can define multiple rules by creating more than one rule configuration node.

source
Specifies matching based on a source address.
port [ name | 1-65535 | start-end | port-group-name ]
A source port to match. The format of the port is any of the following:

name: The name of an IP service; for example, http. You can specify any service name in the /etc/services file.

1-65535: A port number. The numbers range from 1 through 65535.

start-end: A specified range of ports; for example, 1001-1005.

port-group-name: A port group. A packet is considered a match if it matches any port name or number specified in the group. Only one port group may be specified. The port group must already be defined.

This criterion specifies a group of addresses, ports, or networks for packet source address.

A packet is considered a match for an address, a network, or a port group if it matches any host IP address, network address, or port name or number, respectively, in the group. However, if more than one group is specified, the packet must be a match for both groups to be considered a match. For example, if both an address group and a port group are specified, the source of the packet must match at least one item in the address group and at least one item in the port group.

An address group may be specified with a port group.

If both an address and a port are specified, the packet is considered a match only if both the address and the port match.

Configuration mode


policy { 
    route {
        pbr name {
                rule rule-number {
                    source {
                        port name
                        port 1-65535
                        port start-end
                        port port-group-name
                    }
                }
            }
        }
    }

This criterion specifies a port or a group of ports for packet source address for a routing policy rule.

You must specify the address-family, action, and table leaf nodes to configure a routing policy. It is recommended to use the delete policy route pbr name rule number command to delete a routing policy.

A packet is considered a match for an address, a network, or a port group if it matches any host IP address, network address, or port name or number, respectively, in the group. However, if more than one group is specified, the packet must be a match for both groups in order to be considered a match. For example, if an address group and a port group are both specified, the packet's source must match at least one item in the address group and at least one item in the port group.

Use the set form of this command to define the source for a routing policy rule.

Use the delete form of this command to remove the source for a routing policy rule.

Use the show form of this command to view the source for a routing policy rule.