Dynamic Routing Route Maps¶
Route maps are a powerful mechanism which can match or set various values for use by routing daemons, especially BGP. A route map can match based on criteria such as those set by Access Lists and Prefix Lists, among others. Route maps can control, for example, whether or not specific routes are accepted from neighbors, or whether or not specific routes are distributed to neighbors. They can also adjust various properties of routes, which largely depends upon the context in which they are used, such as for BGP or OSPF.
Route maps are managed on the Route Maps tab under Services > FRR Global/Zebra.
Route map entries are complex, and multiple entries can be combined by using the same name on more than one entry, but with different sequence numbers to control the order in which the route map entries are processed by FRR.
Route Map Configuration¶
To create a new route map, click Add from the Route Maps tab.
The General Options section of the page sets data about this route map entry:
The name of this route map entry.
The same name can be used for multiple entries, but each entry using the same name must use a unique sequence number.
A text description of this route map
The action taken by this route map, either
When an entry is matched and permitted, the “set” actions of a route map are carried out, if present, and then Logic Control entries, if present, are performed. The route will be allowed unless the control flow ultimately prevents that from happening.
When an entry is matched and denied, the route is not allowed.
The sequence number of this route map.
The order of entries inside route maps is important, and this order is determined by a sequence number.
Each entry in a route map must have a unique sequence number. Best practice is to leave gaps in the sequence to allow for adding entries in the future. For example, use
30, rather than
The order of entries displayed in the GUI may be different than the order set by the sequence numbers. The sequence number order is the true order in which rules are evaluated.
Route Map Contents¶
The remaining sections on the page control what this route map entry will do. There are numerous options available, from control and logic flow, to matching, setting, and altering routes.
Generally speaking, when an option in the remainder of the page is set to None, it will be ignored or have no effect.
Due to complexity, these options are broken up until multiple sections.
- Call Route Map
Will immediately process the selected route map. If the called route map returns
deny, then processing is stopped and the route is denied.
- Exit Action
Proceeds to the next rule in the route-map
- <sequence> number
Skips to the rule with the given sequence number in this route map.
Controls operations matching or setting the next hop for a route.
- Next Hop Action
Chooses between actions to take for the next hop of a route.
Specifies a peer for Next Hop Action when it is set to Match Peer or Set (Peer Only).
- Local (match only)
Matches a route when its next hop is this firewall.
- Unchanged (set only)
Leaves the next hop unchanged.
- Peer Address (set only)
For inbound IPv4 routes received from a neighbor, sets the next-hop to the address of the neighbor. For outgoing routes this is the local address used to establish an adjacency with the neighbor.
A list of available peers fills out the list. Selecting an entry uses that specific peer to match or set.
Specifies an Access List used to match the next hop value when Next Hop Action is set to Match ACL.
- Prefix List
Specifies an Prefix List used to match the next hop value when Next Hop Action is set to Match Prefix List.
Match or set the metric of a route.
- Metric Action
Chooses between actions to take for the metric of a route.
Matches the given metric value.
Sets the MED value for routes. When this router has multiple links to the same AS, the MED value influences which path the router will prefer. The router will prefer to use links with a lower MED value. Adding a
+before the metric value will result in a relative adjustment instead of setting an absolute value.
- Set OSPF6 External Type 1 Metric
Similar to above, but only operates on the OSPF6 External Type 1 Metric.
- Set OSPF6 External Type 2 Metric
Similar to above, but only operates on the OSPF6 External Type 2 Metric.
- Metric Value
The metric value to match or apply. When setting a metric, the value may be
-value offset, or a specific metric.
Sets the weight of the route to the supplied value. When a remote AS is reachable via multiple paths through other intermediate AS neighbors, the router will prefer to use a higher weight path to reach it.
The options in this section will either match or set the BGP local preference value of a route using the given Local Preference value.
BGP AS Paths¶
Matches or sets a BGP AS Path.
- AS Path Action
- Match AS Path
Match based on the BGP AS Paths selected in Match AS Path below.
- Set Exclude
Excludes the AS numbers specified in Set AS List from the path of the route.
- Set Prepend
Prepends the AS numbers specified in Set AS List to the AS path.
- Set Prepend Last-AS
Prepends the AS number specified in Set AS List to the leftmost end of the path.
- Match AS Path
The specific BGP AS Path to match.
- Set AS List
A list of BGP AS Path entries to apply to the route.
Matches or sets BGP community values in routes.
- Community Action
Match based on community value in Match Community.
- Match Exact
Match, but only if the community value matches exactly, rather than being part of a list.
Sets the BGP community value to the list in Set Community.
- Match Community
- internet, no-export, no-advertise, local-as
Match one of the well-known communities.
- <Community Name>
Match a community defined at BGP Community Lists.
- Set Community
When setting a community, this is a space-separated list of communities in
AS:VALformat, or a well-known community:
local-as. Can also be set to
noneto remove BGP community values entirely.
Adds the specified community value to the route without replacing the existing values.
- Origin Action
Match or set based on the origin (source) of the route.
- Origin Name
- Remote EGP
Routes from Exterior Gateway Protocols (e.g. BGP).
- Local IGP
Routes from Interior Gateway Protocols (e.g. OSPF).
- Unknown Heritage (Incomplete)
Routes from unknown sources.
Matched based on a specific route source protocol from a list of possible options.
Not all options in the list are supported by the FRR package currently.
Matches based on the RPKI state.
- Prefix Not Found
The prefix is not present in the configuration.
- Invalid Prefix
The prefix is known but failed validation.
- Valid Prefix
The prefix is known and passed validation.
Route Map Examples¶
This example creates a route map to control which routes will be sent to peers
via BGP. The first rule prevents any route from sending if it matches entries in
RFC1918 prefix list. The second rule allows routes that match networks
listed in the
MY-ROUTES prefix list. This ensures that even if other
mechanisms would try to export routes to peers, that no routes to private
networks are leaked.
Name: EBGP-OUT, Sequence: 10, Action: Deny, Match Prefix List: RFC1918
Name: EBGP-OUT, Sequence: 20, Action: Permit, Match Prefix List: MY-ROUTES