Route Control Route Map
Location in GUI: Tenants » XXX » Policies » Protocol » Route Maps for Route Control
Diagram
Section titled “Diagram”Classes
Section titled “Classes”policies (apic.tenants)
Section titled “policies (apic.tenants)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_control_route_maps | List | [route_control_route_maps] | No |
route_control_route_maps (apic.tenants.policies)
Section titled “route_control_route_maps (apic.tenants.policies)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
| description | String | Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ | No | |
| type | Choice | combinable, global | No | combinable |
| contexts | List | [contexts] | No |
contexts (apic.tenants.policies.route_control_route_maps)
Section titled “contexts (apic.tenants.policies.route_control_route_maps)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
| description | String | Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ | No | |
| action | Choice | deny, permit | No | permit |
| order | Integer | min: 0, max: 9 | No | 0 |
| set_rule | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | No | |
| match_rules | List | String | No |
Examples
Section titled “Examples”Example-1: This is a basic route-map ROUTE_MAP_1 used to control which routes are advertised/received (based on which direction the route map is applied in). The route-map type is combinable, meaning it will match the prefixes explicitly configured in the match rules, in addition to any BD subnets for which the BD is associated with an L3Out, and any external EPG subnets marked for export route control. The route map consists of a single context named DC_PREFIXES, for which the action is permit to accept all matching prefixes. The context order is set to 4 even though it is the only context in to accomodate for future flexibility if another context is to be added above this one. Within the context, a match rule DC_PREFIXES is configured, and no set rules are configured, meaning the matched prefixes will be advertised/received as is.
apic: tenants: - name: ABC policies: route_control_route_maps: - name: ROUTE_MAP_1 type: combinable contexts: - name: DC_PREFIXES action: 'permit' order: 4 match_rules: - DC_PREFIXESExample-2: This route-map ROUTE_MAP_2 shows an example of the application of BGP routing policies. Its type is global, meaning matching will only occur based on the associated match rules (DC_PREFIXES in this example), and BD/extEPG subnet flags will be ignored. This behaves the same way as the well-known route-maps on NX-OS and other platforms. The route-map is configured with a set rule named SET_BGP_ATTRS, which can set a number of BGP attributes as per the overall BGP/routing design (e.g. weight, next-hop, community, metric, AS path, etc.)
apic: tenants: - name: ABC policies: route_control_route_maps: - name: ROUTE_MAP_1 type: global contexts: - name: DC_PREFIXES action: permit match_rules: - DC_PREFIXES set_rule: SET_BGP_ATTRSExample-3: This route-map ROUTE_MAP_3 is a multi-context route-map. This is configured to treat different prefixes differently, such as to set attributes differently for each context. This example showcases a common use case with ACI multi-site when using inter-site L3Outs. The first context of DR_PREFIXES matches the DR_DC_PREFIXES and DR_DMZ_PREFIXES match rules, and will then use the PREPEND_AS set rule to prepend the remote site subnets’ AS-path to optimize the N/S traffic path. The second context of HQ_PREFIXES matches against the HQ_DC_PREFIXES and HQ_DMZ_PREFIXES match rules, but without using any set rule. If not using inter-site L3Outs, the first context action may be set to deny to prevent any routing mishaps altogether.
apic: tenants: - name: ABC policies: route_control_route_maps: - name: ROUTE_MAP_1 type: global contexts: - name: DR_PREFIXES action: permit match_rules: - DR_DC_PREFIXES - DR_DMZ_PREFIXES set_rule: PREPEND_AS - name: HQ_PREFIXES action: permit match_rules: - HQ_DC_PREFIXES - HQ_DMZ_PREFIXES