Skip to content
Network as Code

Route Control

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

route_control (vxlan.overlay_extensions)

Section titled “route_control (vxlan.overlay_extensions)”
NameTypeConstraintMandatoryDefault Value
groupsList[groups]No
switchesList[switches]No

groups (vxlan.overlay_extensions.route_control)

Section titled “groups (vxlan.overlay_extensions.route_control)”
NameTypeConstraintMandatoryDefault Value
nameStringYes
route_mapsList[route_maps]No
ipv4_prefix_listsList[ipv4_prefix_lists]No
ipv6_prefix_listsList[ipv6_prefix_lists]No
standard_community_listsList[standard_community_lists]No
extended_community_listsList[extended_community_lists]No
mac_listList[mac_list]No
ip_as_path_access_listsList[ip_as_path_access_lists]No
ipv4_access_listsList[ipv4_access_lists]No
ipv6_access_listsList[ipv6_access_lists]No
time_rangeList[time_range]No
ipv4_object_groupsList[ipv4_object_groups]No
ipv6_object_groupsList[ipv6_object_groups]No

switches (vxlan.overlay_extensions.route_control)

Section titled “switches (vxlan.overlay_extensions.route_control)”
NameTypeConstraintMandatoryDefault Value
nameStringYes
groupsListStringYes

route_maps (vxlan.overlay_extensions.route_control.groups)

Section titled “route_maps (vxlan.overlay_extensions.route_control.groups)”
NameTypeConstraintMandatoryDefault Value
nameStringYes

Examples

Section titled “Examples”

In this example, we can see the relation between policies defined under vxlan.overlay_extensions.route_control. Policies are grouped in one group named: external_policies_RCtrlGrp under vxlan.overlay_extensions.groups. Finally this group is attached to two leaf switches under vxlan.overlay_extensions.switches.groups

Example-1

Section titled “Example-1”

This example will create route maps, prefix lists and community-list, which are commonly used in BGP (Border Gateway Protocol) routing configurations to manipulate and control route attributes. Here’s a detailed explanation:

Route Maps

Section titled “Route Maps”

A route map allows for conditional matching and manipulation of routes. It is used to define how routes are handled based on specific conditions.

  1. route-map rm-bgp permit 10:
    • match ip address prefix-list IPPREF1: This matches routes that fit the criteria specified in the prefix list named IPPREF1.
    • match community CL-LPREF110: This matches routes that have the community attribute specified in the community list CL-LPREF110.
    • set local-preference 110: If a route matches both the IP prefix list and community list, its local preference is set to 110. Local preference is used to prioritize routes within an autonomous system; higher values are preferred.
  2. route-map rm-bgp permit 20:
    • match ip address prefix-list IPPREF2: This matches routes using the prefix list IPPREF2.
    • match community CL-LPREF120: This matches routes with the community attribute specified in CL-LPREF120.
    • set local-preference 120: Routes matching these criteria will have their local preference set to 120, giving them a higher priority compared to those set by sequence 10.
  3. route-map rm-bgp permit 100: This line permits any other routes that do not match the above criteria without any modifications.

Prefix Lists

Section titled “Prefix Lists”

Prefix lists define IP address ranges to be matched against.

  • ip prefix-list IPPREF1:

    • seq 10 permit 172.16.0.0/16: This allows any IP address within the 172.16.0.0/16 network.
    • seq 20 permit 172.17.0.0/19: This permits any IP address within the 172.17.0.0/19 network.

  • ip prefix-list IPPREF2:

    • seq 10 permit 10.0.0.0/24: This allows the specific network 10.0.0.0/24.
    • seq 20 permit 10.100.0.0/19 le 24: This permits any IP address within the 10.100.0.0/19 network, allowing prefix lengths up to /24 (which means it can match subnets of this range with subnet masks between /19 and /24).

Community Lists

Section titled “Community Lists”

Community lists define BGP community attributes used to tag routes for various routing policies.

  • ip community-list standard CL-LPREF110:
    • seq 10 permit 65000:110: This matches routes tagged with the BGP community 65000:110.
  • ip community-list standard CL-LPREF120:
    • seq 10 permit 65000:120: This matches routes tagged with the BGP community 65000:120.
Terminal window
route-map rm-bgp permit 10
  match ip address prefix-list IPPREF1
  match community CL-LPREF110
  set local-preference 110
route-map rm-bgp permit 20
  match ip address prefix-list IPPREF2
  match community CL-LPREF120
  set local-preference 120
route-map rm-bgp permit 100
!
ip prefix-list IPPREF1 seq 10 permit 172.16.0.0/16
ip prefix-list IPPREF1 seq 20 permit 172.17.0.0/19
ip prefix-list IPPREF2 seq 10 permit 10.0.0.0/24
ip prefix-list IPPREF2 seq 20 permit 10.100.0.0/19 le 24
!
ip community-list standard CL-LPREF110 seq 10 permit 65000:110
ip community-list standard CL-LPREF120 seq 10 permit 65000:120
route_control.nac.yaml
---
vxlan:
  overlay_extensions:
    route_control:
      standard_community_lists:
        - name: CL-LPREF110
          entries:
            - seq_number: 10
              operation: permit
              communities:
                - 65000:110
        - name: CL-LPREF120
          entries:
            - seq_number: 10
              operation: permit
              communities:
                - 65000:120


      ipv4_prefix_lists:
        - name: IPPREF1
          entries:
            - seq_number: 10
              operation: permit
              prefix: 172.16.0.0/16
            - seq_number: 20
              operation: permit
              prefix: 172.17.0.0/19
        - name: IPPREF2
          entries:
            - seq_number: 10
              operation: permit
              prefix: 10.0.0.0/24
            - seq_number: 20
              operation: permit
              prefix: 10.100.0.0/19
              le: 24


      route_maps:
        - name: rm-bgp
          entries:
            - seq_number: 10
              operation: permit
              match:
                - ipv4:
                    address_prefix_list:
                      - IPPREF1
                - community_list:
                    community: CL-LPREF110
              set:
                - local_preference: 110
            - seq_number: 20
              operation: permit
              match:
                - ipv4:
                    address_prefix_list:
                      - IPPREF2
                - community_list:
                    community: CL-LPREF120
              set:
                - local_preference: 120
            - seq_number: 100
              operation: permit
      groups:
        - name: external_policies_RCtrlGrp
          standard_community_lists:
            - name: CL-LPREF110
            - name: CL-LPREF120
          ipv4_prefix_lists:
            - name: IPPREF1
            - name: IPPREF2
          route_maps:
            - name: rm-bgp


      switches:
        - name: netascode-leaf21
          groups:
            - external_policies_RCtrlGrp
        - name: netascode-leaf22
          groups:
            - external_policies_RCtrlGrp