Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Creating a route filtering policy

In this section, you configure a route filtering policy on R2 using access lists to deny incoming routes from 10.0.20.0/24.

Table 1. Route filtering configuration

Router

Step

Command(s)

R2

Create an access list and a rule to deny specified routes.

vyatta@R2# set policy access-list 100 rule 10 action deny

R2

Match any destination.

vyatta@R2# set policy access-list 100 rule 10 destination any

R2

Match source 10.0.20.0.

vyatta@R2# set policy access-list 100 rule 10 source network 10.0.20.0

R2

Specify the inverse mask for the network.

vyatta@R2# set policy access-list 100 rule 10 source inverse-mask 0.0.0.255

R2

Create a rule to permit all other routes.

vyatta@R2# set policy access-list 100 rule 20 action permit

R2

Match any destination.

vyatta@R2# set policy access-list 100 rule 20 destination any

R2

Match any source.

vyatta@R2# set policy access-list 100 rule 20 source any

R2

Commit the changes.

vyatta@R2# commit

R2

Display the configuration.

vyatta@R2# show policy
 access-list 100 {
    rule 10 {
        action deny
        destination {
            any
        }
        source {
            inverse-mask 0.0.0.255
            network 10.0.20.0
        }
    }
    rule 20 {
        action permit
        destination {
            any
        }
        source {
            any
        }
    }
 }