Users Guide

Table Of Contents
Enter an ORIGIN attribute in ROUTE-MAP mode.
set origin {egp | igp | incomplete}
Enter a tag value for the redistributed routes in ROUTE-MAP mode, from 0 to 4294967295.
set tag tag-value
Enter a value as the routes weight in ROUTE-MAP mode, from 0 to 65535.
set weight value
Check set conditions
OS10(config)# route-map ip permit 1
OS10(conf-route-map)# match metric 2567
Continue clause
Only BGP route-maps support the continue clause. When a match is found, set clauses run and the packet forwards no
route-map processing occurs. If you configure the continue clause without configuring a module, the next sequential module
processes.
If you configure the continue command at the end of a module, the next module processes even after a match is found. The
example shows a continue clause at the end of a route-map module if a match is found in the route-map test module 10,
module 30 processes.
Route-map continue clause
OS10(config)# route-map test permit 10
OS10(conf-route-map)# continue 30
ACL flow-based monitoring
Flow-based monitoring conserves bandwidth by selecting only the required flow to mirror instead of mirroring entire packets
from an interface. This feature is available for L2 and L3 ingress traffic. Specify flow-based monitoring using ACL rules. Flow-
based monitoring copies incoming packets that match the ACL rules applied on the ingress port and forwards, or mirrors them
to another port. The source port is the monitored port (MD), and the destination port is the monitoring port (MG).
When a packet arrives at a monitored port, the packet validates against the configured ACL rules. If the packet matches an ACL
rule, the system examines the corresponding flow processor and performs the action specified for that port. If the mirroring
action is set in the flow processor entry, the port details are sent to the destination port.
Flow-based mirroring
Flow-based mirroring is a mirroring session in which traffic matches specified policies that mirrors to a destination port. Port-
based mirroring maintains a database that contains all monitoring sessions, including port monitor sessions. The database has
information regarding the sessions that are enabled or not enabled for flow-based monitoring. Flow-based mirroring is also
known as policy-based mirroring.
To enable flow-based mirroring, use the flow-based enable command. Traffic with particular flows that traverse through
the ingress interfaces are examined. Appropriate ACL rules apply in the ingress direction. By default, flow-based mirroring is not
enabled.
To enable evaluation and replication of traffic traversing to the destination port, configure the monitor option using the permit,
deny, or seq commands for ACLs assigned to the source or the monitored port (MD). Enter the keywords capture
session session-id with the seq, permit, or deny command for the ACL rules to allow or drop IPv4, IPv6, ARP, UDP,
EtherType, ICMP, and TCP packets.
IPV4-ACL mode
seq sequence-number {deny | permit} {source [mask] | any | host ip-address} [count [byte]]
[fragments] [threshold-in-msgs count] [capture session session-id]
1250
Access Control Lists