All Products
Search
Document Center

Cloud Enterprise Network:Work with routing policies

Last Updated:Dec 29, 2023

You can create routing policies to filter and modify routes. This allows you to manage network communication in the cloud. This topic describes how to create, modify, and delete a routing policy.

Background information

Transit routers are available in the following editions: Basic Edition and Enterprise Edition.

  • A Basic Edition transit router has only a system route table. Routing policies that you create are automatically associated with the system route table.

  • An Enterprise Edition transit router has a system route table and supports custom route tables. When you add a routing policy, you can associate the routing policy with the system route table or a custom route table. The routing policy affects only how the associated route table advertises routes.

For more information about how to view the edition of a transit router, see View the edition of a transit router.

Add a routing policy to an Enterprise Edition transit router

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. Navigate to the Basic Settings > Transit Router tab and click the ID of the transit router that you want to manage.

  4. On the details page of the transit router, click the Route Table tab.

  5. In the left-side area of the route table details page, click the ID of the default route table.

  6. On the details page of the default route table, click the Routing Policies tab.

  7. On the Routing Policies tab, click Add Route Map.

  8. On the Add Routing Policy page, set the following parameters and click OK.

    Parameter

    Description

    Routing Policy Priority

    Set a priority for the routing policy. Valid values: 1 to 100. A lower value indicates a higher priority.

    On an Enterprise Edition transit router, you cannot specify the same priority for routing policies that apply in the same region and direction. The system matches routes against the match conditions of routing policies in descending order of priority. A smaller value indicates a higher priority. You must set the priorities to proper values.

    Description

    Enter a description for the routing policy.

    The description can contain letters, digits, hyphens (-), periods (.), and underscores (_). It must start with a letter but cannot start with http:// or https://.

    Associated Route Table

    Select the route table that you want to associate with the routing policy.

    You can associate the routing policy with the system route table or a custom route table.

    Policy Direction

    Select the direction in which the routing policy applies.

    • Ingress Regional Gateway: Routes are advertised to the transit router deployed in the current region. For example, routes are advertised from network instances deployed in the current region or transit routers deployed in other regions to the transit router deployed in the current region.

    • Export from Regional Gateway: Routes are advertised from the transit router deployed in the current region. For example, routes are advertised from the transit router deployed in the current region to network instances deployed in the current region or transit routers deployed in other regions.

    Match Conditions

    Select a match condition for the routing policy.

    Click 添加Add Match Condition to add more match conditions. For more information, see Match conditions.

    Action Policy

    Select an action for the routing policy.

    • Allow: Routes that meet all the match conditions are allowed.

      If you select Allow, you can click Add Action Object and configure the following policy values:

      • Route Priority: Specify a priority for the routes that are allowed. Valid values: 1 to 100. Default value: 50. A smaller value indicates a higher priority.

      • Community: Specify a community value. Add and Replace are supported.

      • Append AS Path: An autonomous system (AS) path is appended when the transit router receives or advertises a route.

        The requirements for AS paths that are prepended vary based on routing policies used in different directions:

        • If AS paths are prepended in the Ingress Regional Gateway direction, you must specify the source instance IDs and the source region in the match condition. The source region must be the same as the region for which the routing policy is used.

        • If AS paths are prepended in the Egress Regional Gateway direction, you must specify the destination instance IDs in the match condition.

    • Reject: Routes that meet all the match conditions are rejected.

      If you select Reject, you cannot configure policy values.

    Associated Route Policy Priority

    Specify a priority for the routing policy that you want to associate with the current one.

    • You can set the parameter only if Action Policy is set to Allow. Only allowed routes are matched against the routing policy that has the specified priority.

    • The region and direction of the routing policy to be associated must be the same as those of the current routing policy.

    • The priority of the routing policy to be associated must be lower than the priority of the current routing policy.

Add a routing policy to a Basic Edition transit router

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. Navigate to the Basic Settings > Transit Router tab and click the ID of the transit router that you want to manage.

  4. On the details page of the transit router, choose the Route Table > Routing Policies tab.

  5. On the Routing Policies tab, click Add Routing Policies.

  6. On the Add Routing Policies page, set the following parameters and click OK.

    Parameter

    Description

    Routing Policy Priority

    Set a priority for the routing policy. Valid values: 1 to 100. A lower value indicates a higher priority.

    You cannot specify the same priority for routing policies that apply in the same region and direction. The system matches routes against the match conditions of routing policies in descending order of priority. A smaller value indicates a higher priority. Set the priorities to proper values.

    Description

    Enter a description for the routing policies.

    The description can contain letters, digits, hyphens (-), periods (.), and underscores (_). It must start with a letter but cannot start with http:// or https://.

    Region

    Select the region in which the routing policy applies.

    Policy Direction

    Select the direction in which the routing policy applies.

    • Ingress Regional Gateway: Routes are advertised to the transit router deployed in the current region. For example, routes are advertised from network instances deployed in the current region or transit routers deployed in other regions to the transit router deployed in the current region.

    • Export from Regional Gateway: Routes are advertised from the transit router deployed in the current region. For example, routes are advertised from the transit router deployed in the current region to network instances deployed in the current region or transit routers deployed in other regions.

    Match Conditions

    Select a match condition for the routing policy.

    Click 添加Add Match Condition to add more match conditions. For more information, see Match conditions.

    Action Policy

    Select an action for the routing policy.

    • Allow: Routes that meet all the match conditions are allowed.

      If you select Allow, you can click Add Action Object and configure the following policy values:

      • Route Priority: Specify a priority for the routes that are allowed. Valid values: 1 to 100. Default value: 50. A smaller value indicates a higher priority.

      • Community: Specify a community value. Add and Replace are supported.

      • Append AS Path: An autonomous system (AS) path is appended when the transit router receives or advertises a route.

        The requirements for AS paths that are prepended vary based on routing policies used in different directions:

        • If AS paths are prepended in the Ingress Regional Gateway direction, you must specify the source instance IDs and the source region in the match condition. The source region must be the same as the region for which the routing policy is used.

        • If AS paths are prepended in the Egress Regional Gateway direction, you must specify the destination instance IDs in the match condition.

    • Reject: Routes that meet all the match conditions are rejected.

      If you select Reject, you cannot configure policy values.

    Associated Route Policy Priority

    Specify a priority for the routing policy that you want to associate with the current one. This parameter is optional.

    • You can set the parameter only if Action Policy is set to Allow. Only allowed routes are matched against the routing policy that has the specified priority.

    • The region and direction of the routing policy to be associated must be the same as those of the current routing policy.

    • The priority of the routing policy to be associated must be lower than the priority of the current routing policy.

Modify a routing policy

Before you modify a routing policy, take note of the following limits:

  • After you create a routing policy on an Enterprise Edition transit router, you cannot modify the route table that is associated with the routing policy or the direction in which the routing policy applies.

  • After you create a routing policy on a Basic Edition transit router, you cannot modify the region or direction in which the routing policy applies.

  • You cannot modify the default routing policy of a Basic Edition transit router or Enterprise Edition transit router. The priority value of the default routing policy is larger than 1000. If you do not want the default routing policy added by the system to take effect, you can add a custom routing policy which has a higher priority than the default routing policy.

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. Navigate to the Basic Settings > Transit Router tab and click the ID of the transit router that you want to manage.

  4. On the details page of the transit router, click the Route Table tab.

  5. On the Route Table tab, find the routing policy that you want to modify.

    • If you are using a Basic Edition transit router, click the Routing Policies tab to find the routing policy.

    • If you are using an Enterprise Edition transit router, click the ID of the route table in the left-side area. On the details page of the route table, click the Routing Policies tab and find the routing policy.

  6. Find the routing policy and click Modify in the Actions column.

  7. On the Edit Route Map page, modify the priority, description, match conditions, and action policy, and click OK.

Delete a routing policy

  1. Log on to the CEN console.

  2. On the Instances page, click the ID of the CEN instance that you want to manage.

  3. Navigate to the Basic Settings > Transit Router tab and click the ID of the transit router that you want to manage.

  4. On the details page of the transit router, click the Route Table tab.

  5. On the Route Table tab, find the routing policy that you want to modify.

    • If you are using a Basic Edition transit router, click the Routing Policies tab to find the routing policy.

    • If you are using an Enterprise Edition transit router, click the ID of the route table in the left-side area. On the details page of the route table, click the Routing Policies tab and find the routing policy.

  6. Find the routing policy and click Delete in the Actions column.

  7. In the Delete Routing Policy message, click OK.

References