Skip to content
AsterNOS
Ask AI

Policy Route Configuration

show pbr interface

Section titled “show pbr interface”

[Command] show pbr interfaceinterface-name

[Purpose] View the binding relationship between interfaces and policy routes

[View] System view

[Use Cases]

sonic# show pbr interface Ethernet13
  Ethernet13(54) with pbr-policy test

show pbr map

Section titled “show pbr map”

[Command] show pbr mapmap-name

[Purpose] Display the configured policy routes

[View] System view

[Use Cases]

sonic# show pbr map
pbr-map TEST valid: no
    Seq: 10 rule: 309
        Installed: no Reason: Invalid NH
        SRC Match: 10.255.255.0/30
        nexthop 10.254.254.1
          Installed: no Tableid: 10000

show pbr nexthop-groups

Section titled “show pbr nexthop-groups”

[Command] show pbr nexthop-groups

[Purpose] Displays the next address group for the policy route

[View] System view

[Use Cases]

sonic# show pbr nexthop-groups
Nexthop-Group: TEST Table: 10001 Valid: 1 Installed: 1
  Valid: 0 nexthop Ethernet32
  Valid: 1 nexthop Ethernet31

pbr-map

Section titled “pbr-map”

[Command] pbr-mapnameseqnumber

[Purpose] Create a policy route and enter the view

[Parameter]

ParameterDescription
nameSpecify the policy name
numberPolicy ID, value range: 1-700, the lower the number, the higher the priority

[View] System configuration view

[Use Cases]

sonic(config)# pbr-map TEST seq 10
sonic(config-pbr-map)#

match {

Section titled “match {”

[Command] match {dst-ip ip-address|dst-port port|ip-protocol protocol|src-ip ip-address|src-port port}

[Purpose] Create match conditions for policy routing

[Parameter]

ParameterDescription
dst-ip ip-addressMatch the destination IP address of the packet
dst-port portMatch the destination port of the packet
ip-protocol protocolMatch the protocol type of the packet
src-ip ip-addressMatch the source IP address of the packet
src-port portMatch the source port of the packet

[View] Policy route view

[Use Cases]

sonic(config)# pbr-map TEST seq 10
sonic(config-pbr-map)# match src-ip 1.1.1.0/24

set {

Section titled “set {”

[Command] set {nexthop ip-address|nexthop-group name}

[Purpose] Configure an action of redirecting packets to a next-hop IP address

[Parameter]

ParameterDescription
nexthop ip-addressNexthop ip address
nexthop-group nameNexthop group name

[View] Policy route view

[Notes] The redirect nexthop command allows user to specify a maximum of 4 next-hop IP addresses. If multiple next-hop IP addresses are configured, the device redirects packets in active/standby mode. The device determines the primary link and backup links according to the sequence in which next-hop IP addresses were configured. The next-hop IP address that was configured first has the highest priority and this next hop is used as the primary path. Other next hops are used as backup paths. When the primary link becomes Down, a next hop with higher priority is used as the primary path.

[Use Cases]

sonic(config)# nexthop-group TEST
sonic(config-pbr-map)# set nexthop 1.1.1.0/24

nexthop-group

Section titled “nexthop-group”

[Command] nexthop-groupname

[Purpose] Create a next-hop address group and enter the view

[View] System configuration view

[Use Cases]

sonic(config)# nexthop-group TEST
sonic(config-nh-group)#

nexthop

Section titled “nexthop”

[Command] nexthopip-address

[Purpose] Configure the member addresses in the next-hop address group

[View] Nexthop group view

[Notes] If multiple next-hop IP addresses are specified, the device redirects packets in ECMP load balancing mode.

[Use Cases]

sonic(config)# nexthop-group TEST
sonic(config-nh-group)# nexthop 1.1.1.0/24
sonic(config-nh-group)# nexthop 1.1.2.0/24

pbr-policy

Section titled “pbr-policy”

[Command] pbr-policyname

[Purpose] Bind the policy route to the specified interface

[View] Interface view

[Use Cases]

sonic(config)# interface ethernet 1
sonic(config-if-1)# pbr-policy TEST

src_interface

Section titled “src_interface”

[Command] src_interfaceinterface_num no src_interfaceinterface_num

[Purpose] Specify that messages from a specific source interface can go to the specified next hop: based on the message source and corresponding matching conditions, go to the corresponding exit output

[View] Policy route view

[Notes] This traceability function needs to be used in conjunction with SPI functionality to enable SPI functionality based on the different types of requirement messages.

[Use Cases]

sonic(config)# pbr-map test seq 6
sonic(config-pbr-map)# src_interface 13