Route Map
Route maps provide a powerful and flexible mechanism for controlling route redistribution, filtering, and attribute manipulation in NX-OS routing policies through ordered sequences of match and set clauses. Each route map entry defines permit or deny actions with match criteria based on prefix lists, AS paths, community values, interfaces, metrics, tags, and route types, combined with set actions for modifying attributes like next-hop, local preference, metric, community, and weight. Route maps are essential for implementing complex routing policies across BGP, OSPF, IS-IS, and static route redistribution scenarios.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”configuration (nxos.devices)
Section titled “configuration (nxos.devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_maps | List | [route_maps] | No |
route_maps (nxos.devices.configuration)
Section titled “route_maps (nxos.devices.configuration)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| pbr_statistics | Boolean | true, false | No | |
| entries | List | [entries] | No |
entries (nxos.devices.configuration.route_maps)
Section titled “entries (nxos.devices.configuration.route_maps)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| order | Integer | min: 0, max: 65535 | Yes | |
| action | Choice | permit, deny | No | |
| description | String | No | ||
| drop_on_fail_v4 | Boolean | true, false | No | |
| drop_on_fail_v6 | Boolean | true, false | No | |
| force_order_v4 | Boolean | true, false | No | |
| force_order_v6 | Boolean | true, false | No | |
| load_share_v4 | Boolean | true, false | No | |
| load_share_v6 | Boolean | true, false | No | |
| set_default_next_hop_v4 | Boolean | true, false | No | |
| set_default_next_hop_v6 | Boolean | true, false | No | |
| set_vrf_v4 | Boolean | true, false | No | |
| set_vrf_v6 | Boolean | true, false | No | |
| verify_availability_v4 | Boolean | true, false | No | |
| verify_availability_v6 | Boolean | true, false | No | |
| match_ip_prefix_list | String | No | ||
| match_tags | List | Integer[min: 0, max: 4294967295] | No | |
| set_community | String | No | ||
| set_community_additive | Boolean | true, false | No | |
| set_community_none | Boolean | true, false | No | |
| set_community_criteria | Choice | none, append, replace, igp, pre-bestpath | No | |
| set_metric | String | No | ||
| set_metric_is_bgp | Boolean | true, false | No | |
| set_metric_delay | Integer | min: 0, max: 4294967295 | No | |
| set_metric_load | Integer | min: 0, max: 255 | No | |
| set_metric_mtu | Integer | min: 0, max: 16777215 | No | |
| set_metric_reliability | Integer | min: 0, max: 255 | No | |
| set_metric_type | Choice | type-1, type-2, internal, external | No | |
| set_ip_next_hop_peer_address | Boolean | true, false | No | |
| set_ip_next_hop_unchanged | Boolean | true, false | No | |
| set_ip_next_hop_redist_unchanged | Boolean | true, false | No | |
| set_ipv6_next_hop_peer_address | Boolean | true, false | No | |
| set_ipv6_next_hop_unchanged | Boolean | true, false | No | |
| set_ipv6_next_hop_redist_unchanged | Boolean | true, false | No |
Examples
Section titled “Examples”Example 1: Simple route map to tag loopback routes redistributed into BGP with a community value
nxos: devices: - name: SPINE1 configuration: route_maps: - name: RM-LOOPBACKS-OUT entries: - order: 10 action: permit description: "Match loopback prefixes and set community" match_ip_prefix_list: PL-LOOPBACKS set_community: "65000:100"Example 2: Route map with multiple entries for BGP peer policy — permit specific prefixes with different community treatments
nxos: devices: - name: LEAF1 configuration: route_maps: - name: RM-TENANT-EXPORT entries: - order: 10 action: permit description: "Tag tenant subnet routes with community" match_ip_prefix_list: PL-TENANT-NETS set_community: "65000:1010" set_community_criteria: replace - order: 20 action: permit description: "Allow default route with additive community" match_ip_prefix_list: PL-DEFAULT-ONLY set_community: "65000:9999" set_community_additive: true - order: 30 action: deny description: "Deny all other prefixes"Example 3: Multiple route maps on a border leaf for inbound/outbound BGP filtering, tag-based matching, and PBR statistics
nxos: devices: - name: BORDER-LEAF1 configuration: route_maps: # Inbound policy from external BGP peer - name: RM-EXTERNAL-IN entries: - order: 10 action: permit description: "Accept external routes and tag with community" match_ip_prefix_list: PL-EXTERNAL-PREFIXES set_community: "65000:500" set_community_criteria: replace - order: 20 action: deny description: "Implicit deny all other inbound routes" # Outbound policy to external BGP peer - name: RM-EXTERNAL-OUT entries: - order: 10 action: permit description: "Advertise loopbacks to external peer" match_ip_prefix_list: PL-LOOPBACKS set_community: "65000:100" set_community_additive: true - order: 20 action: permit description: "Advertise tenant subnets with tag 1000" match_tags: - 1000 set_community: "65000:200" - order: 30 action: deny description: "Block everything else outbound" # PBR route map for traffic steering - name: RM-PBR-STEERING pbr_statistics: true entries: - order: 10 action: permit description: "Steer matched traffic to firewall" match_ip_prefix_list: PL-FIREWALL-REDIRECT set_default_next_hop_v4: trueExample 4: Route map setting metric for OSPF redistribution into BGP
nxos: devices: - name: BORDER-LEAF2 configuration: route_maps: - name: RM-OSPF-TO-BGP entries: - order: 10 action: permit description: "Redistribute OSPF routes with modified metric" match_ip_prefix_list: PL-OSPF-ROUTES set_metric: "200" set_metric_is_bgp: true - order: 20 action: permit description: "Set EIGRP-style composite metric" match_ip_prefix_list: PL-EIGRP-ROUTES set_metric: "100000" set_metric_delay: 100 set_metric_reliability: 255 set_metric_load: 1 set_metric_mtu: 1500Example 5: Route map setting metric type for OSPF external route redistribution
nxos: devices: - name: BORDER-LEAF3 configuration: route_maps: - name: RM-BGP-TO-OSPF entries: - order: 10 action: permit description: "Redistribute as OSPF type-1 external" match_ip_prefix_list: PL-BGP-ROUTES set_metric: "50" set_metric_type: type-1 - order: 20 action: permit description: "Redistribute remaining as type-2 external" set_metric_type: type-2Example 6: Route map with BGP next-hop manipulation for route reflector and redistribution scenarios
nxos: devices: - name: RR1 configuration: route_maps: - name: RM-RR-NEXTHOP entries: - order: 10 action: permit description: "Set next-hop to peer address for reflected routes" match_ip_prefix_list: PL-TENANT-ROUTES set_ip_next_hop_peer_address: true set_ipv6_next_hop_peer_address: true - order: 20 action: permit description: "Preserve next-hop unchanged for eBGP routes" match_ip_prefix_list: PL-EXTERNAL-ROUTES set_ip_next_hop_unchanged: true set_ipv6_next_hop_unchanged: true - name: RM-REDIST-NEXTHOP entries: - order: 10 action: permit description: "Keep original next-hop for redistributed routes" set_ip_next_hop_redist_unchanged: true set_ipv6_next_hop_redist_unchanged: trueRoute maps provide a powerful and flexible mechanism for controlling route redistribution, filtering, and attribute manipulation in NX-OS routing policies through ordered sequences of match and set clauses. Each route map entry defines permit or deny actions with match criteria based on prefix lists, AS paths, community values, interfaces, metrics, tags, and route types, combined with set actions for modifying attributes like next-hop, local preference, metric, community, and weight. Route maps are essential for implementing complex routing policies across BGP, OSPF, IS-IS, and static route redistribution scenarios.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”configuration (nxos.devices)
Section titled “configuration (nxos.devices)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_maps | List | [route_maps] | No |
route_maps (nxos.devices.configuration)
Section titled “route_maps (nxos.devices.configuration)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| pbr_statistics | Boolean | true, false | No | |
| entries | List | [entries] | No |
entries (nxos.devices.configuration.route_maps)
Section titled “entries (nxos.devices.configuration.route_maps)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| order | Integer | min: 0, max: 65535 | Yes | |
| action | Choice | permit, deny | No | |
| description | String | No | ||
| drop_on_fail_v4 | Boolean | true, false | No | |
| drop_on_fail_v6 | Boolean | true, false | No | |
| force_order_v4 | Boolean | true, false | No | |
| force_order_v6 | Boolean | true, false | No | |
| load_share_v4 | Boolean | true, false | No | |
| load_share_v6 | Boolean | true, false | No | |
| set_default_next_hop_v4 | Boolean | true, false | No | |
| set_default_next_hop_v6 | Boolean | true, false | No | |
| set_vrf_v4 | Boolean | true, false | No | |
| set_vrf_v6 | Boolean | true, false | No | |
| verify_availability_v4 | Boolean | true, false | No | |
| verify_availability_v6 | Boolean | true, false | No | |
| match_ip_prefix_list | String | No | ||
| match_tags | List | Integer[min: 0, max: 4294967295] | No | |
| set_community | String | No | ||
| set_community_additive | Boolean | true, false | No | |
| set_community_none | Boolean | true, false | No | |
| set_community_criteria | Choice | none, append, replace, igp, pre-bestpath | No |
Examples
Section titled “Examples”Example 1: Simple route map to tag loopback routes redistributed into BGP with a community value
nxos: devices: - name: SPINE1 configuration: route_maps: - name: RM-LOOPBACKS-OUT entries: - order: 10 action: permit description: "Match loopback prefixes and set community" match_ip_prefix_list: PL-LOOPBACKS set_community: "65000:100"Example 2: Route map with multiple entries for BGP peer policy — permit specific prefixes with different community treatments
nxos: devices: - name: LEAF1 configuration: route_maps: - name: RM-TENANT-EXPORT entries: - order: 10 action: permit description: "Tag tenant subnet routes with community" match_ip_prefix_list: PL-TENANT-NETS set_community: "65000:1010" set_community_criteria: replace - order: 20 action: permit description: "Allow default route with additive community" match_ip_prefix_list: PL-DEFAULT-ONLY set_community: "65000:9999" set_community_additive: true - order: 30 action: deny description: "Deny all other prefixes"Example 3: Multiple route maps on a border leaf for inbound/outbound BGP filtering, tag-based matching, and PBR statistics
nxos: devices: - name: BORDER-LEAF1 configuration: route_maps: # Inbound policy from external BGP peer - name: RM-EXTERNAL-IN entries: - order: 10 action: permit description: "Accept external routes and tag with community" match_ip_prefix_list: PL-EXTERNAL-PREFIXES set_community: "65000:500" set_community_criteria: replace - order: 20 action: deny description: "Implicit deny all other inbound routes" # Outbound policy to external BGP peer - name: RM-EXTERNAL-OUT entries: - order: 10 action: permit description: "Advertise loopbacks to external peer" match_ip_prefix_list: PL-LOOPBACKS set_community: "65000:100" set_community_additive: true - order: 20 action: permit description: "Advertise tenant subnets with tag 1000" match_tags: - 1000 set_community: "65000:200" - order: 30 action: deny description: "Block everything else outbound" # PBR route map for traffic steering - name: RM-PBR-STEERING pbr_statistics: true entries: - order: 10 action: permit description: "Steer matched traffic to firewall" match_ip_prefix_list: PL-FIREWALL-REDIRECT set_default_next_hop_v4: true