Policy service supports configuration of IP prefix list for IPv4 and IPv6.
efa policy prefix-list create ? Flags: --type string Type of prefix-list. Valid types is ipv4|ipv6 --name string Name of Prefix list --rule stringArray Rule in format seq[seq-num], action[permit/deny], prefix[IPv4 prefix|IPv6 prefix],ge[prefix-len],le[prefix-len]. Example: seq [5], action[permit], prefix [10.0.0.0/8|2001:db8: :/32],ge[10], le[24]
Note
Use thege and le keywords to specify the
range of the prefix length for exact match. Exact match is assumed when
neither ge nor le is specified.The following example creates an IPv4 prefix list:
efa policy prefix-list create –-name prefix_v4 –-type ipv4 –-rule seq[5],action[permit],prefix[10.0.0.0/8],ge[16]
The following example creates an IPv6 prefix list:
efa policy prefix-list create --type ipv6 --name prefix_1_in –rule "seq[11], action[permit], prefix[2001:db8::/48]" Name: prefix_1_in +------+---------+--------+---------------+----+----+---------+ | Type | Seq num | Action | Prefix | Ge | Le | Status | +------+---------+--------+---------------+----+----+---------+ | ipv6 | 11 | permit | 2001:db8::/48 | | | Success | +------+---------+--------+---------------+----+----+---------+ Prefix-list details
efa policy prefix-list update –type [ipv4|ipv6] --name [list name] --operation [operation name]
Note
add-device and remove-device operations configure or remove a prefix
list rules on the specified devices. add-rule
and remove-rule operations configure or remove a prefix
list rules on the specified devices. If the prefix list is
configured on the device, the rule is added or removed from the
device.The following is an example of IPv4 prefix list update:
The following example configures prefix list on the devices:
efa policy prefix-list update –-name prefix_v4 –-type ipv4 –-operation add-device --ip 10.20.246.10-11
The following example removes prefix list from the devices:
efa policy prefix-list update –-name prefix_v4 –-type ipv4 –-operation remove-device --ip 10.20.246.10-11
The following example adds rule to the already created prefix list:
efa policy prefix-list update –-name prefix_v4 –-type ipv4 –-operation add-rule –-rule seq[5],action[permit],prefix[10.0.0.0/8],ge[16]
The following example removes rule from the existing prefix list:
efa policy prefix-list update –-name prefix_v4 –-type ipv4 –-operation remove-rule –-rule seq[5],action[permit],prefix[10.0.0.0/8],ge[16]
The following example updates an IPv6 prefix list:
efa policy prefix-list update --type ipv6 --name prefix_1_in --operation add-device --ip 10.20.246.29-30 +-------------+------+---------+--------+---------------+----+----+ | Name | Type | Seq num | Action | Prefix | Ge | Le | +-------------+------+---------+--------+---------------+----+----+ | prefix_1_in | ipv6 | 11 | permit | 2001:db8::/48 | | | +-------------+------+---------+--------+---------------+----+----+ Prefix-list details +--------------+---------+--------+ | IP Address | Result | Reason | +--------------+---------+--------+ | 10.20.246.29 | Success | | +--------------+---------+--------+ | 10.20.246.30 | Success | | +--------------+---------+--------+ Device Results efa policy prefix-list update --type ipv6 --name prefix_1_in --rule "seq[11],action[permit],prefix[2001:db8::/48],ge[64],le[128]" --operation add-rule +-------------+------+---------+--------+---------------+----+-----+ | Name | Type | Seq num | Action | Prefix | Ge | Le | +-------------+------+---------+--------+---------------+----+-----+ | prefix_1_in | ipv6 | 13 | permit | 2001:db8::/32 | 48 | 128 | +-------------+------+---------+--------+---------------+----+-----+ | prefix_1_in | ipv6 | 14 | permit | 2003:db8::/32 | 64 | 128 | +-------------+------+---------+--------+---------------+----+-----+ | prefix_1_in | ipv6 | 15 | deny | 2003:db8::/63 | 64 | 128 | +-------------+------+---------+--------+---------------+----+-----+ | prefix_1_in | ipv6 | 11 | permit | 2001:db8::/48 | 64 | 128 | +-------------+------+---------+--------+---------------+----+-----+ Prefix-list details +--------------+---------+--------+ | IP Address | Result | Reason | +--------------+---------+--------+ | 10.20.246.29 | Success | | +--------------+---------+--------+ | 10.20.246.30 | Success | | +--------------+---------+--------+ Device Results
This step deletes the prefix list on all devices and XCO.
efa policy prefix-list delete ? Flags: --type string Type of prefix-list. is ipv4 or ipv6 --name string Name of Prefix list
The following example deletes an IPv4 prefix list with name prefix_v4:
efa policy prefix-list delete –-type ipv4 –-name prefix_v4
The following example deletes an IPv6 prefix list:
System validates the IP prefix list name and type before running the delete operation. If a prefix list is bound to BGP peer or peer-group, an attempt to delete prefix-list will check for the presence of binding and report an error.
efa policy prefix-list delete --name plist2 --type ipv6 +--------+------+---------+ | Name | Type | Status | +--------+------+---------+ | plist2 | ipv6 | Success | +--------+------+---------+ Prefix-list details +--------------+---------+--------+ | IP Address | Result | Reason | +--------------+---------+--------+ | 10.20.246.29 | Success | | +--------------+---------+--------+ | 10.20.246.30 | Success | | +--------------+---------+--------+
Note
For more information about commands and supported parameters, see ExtremeCloud Orchestrator Command Reference, 3.2.1 .