Defining a community acl – Brocade Communications Systems Layer 3 Routing Configuration ICX 6650 User Manual
Page 357
Brocade ICX 6650 Layer 3 Routing Configuration Guide
339
53-1002603-01
Filtering
The num:num parameter indicates a specific community number to filter. Use this parameter to
filter for a private (administrator-defined) community. You can enter up to 20 community numbers
with the same command.
If you want to filter for the well-known communities “LOCAL_AS”, “NO_EXPORT” or
“NO_ADVERTISE”, use the corresponding keyword (described below).
The internet keyword checks for routes that do not have the community attribute. Routes without a
specific community are considered by default to be members of the largest community, the
Internet.
The local-as keyword checks for routes with the well-known community “LOCAL_AS”. This
community applies only to confederations. The Layer 3 switch advertises the route only within the
sub-AS. For information about confederations, refer to
“Configuration notes for BGP4 autonomous
The no-advertise keyword filters for routes with the well-known community “NO_ADVERTISE”. A
route in this community should not be advertised to any BGP4 neighbors.
The no-export keyword filters for routes with the well-known community “NO_EXPORT”. A route in
this community should not be advertised to any BGP4 neighbors outside the local AS. If the router
is a member of a confederation, the Layer 3 switch advertises the route only within the
confederation. For information about confederations, refer to
Defining a community ACL
To configure community ACL 1, enter a command such as the following.
Brocade(config)#ip community-list 1 permit 123:2
This command configures a community ACL that permits routes that contain community 123:2.
NOTE
“Matching based on community ACL”
on page 345 for information about how to use a
community list as a match condition in a route map.
Syntax: ip community-list standard string [seq seq-value] deny | permit community-num
Syntax: ip community-list extended string [seq seq-value] deny | permit
community-num | regular-expression
The string parameter specifies the ACL name. (If you enter a number, the CLI interprets the number
as a text string.)
The standard or extended parameter specifies whether you are configuring a standard community
ACL or an extended one. A standard community ACL does not support regular expressions whereas
an extended one does. This is the only difference between standard and extended IP community
lists.
The seq seq-value parameter is optional and specifies the community list sequence number. You
can configure up to 199 entries in a community list. If you do not specify a sequence number, the
software numbers them in increments of 5, beginning with number 5. The software interprets the
entries in a community list in numerical order, beginning with the lowest sequence number.