Dynamic and Static Prefix-Group with Match XPath Configuration
Overview
The prefix-group module allows prefix list creation in IPv4 and IPv6 without any action associated to it, unlike the Prefix-List module which creates prefixes list and associates an action such as permit or deny to it.
The prefix-group module uses Match XPath feature which is a configuration option to specify the path where changes must be applied in a device’s configuration. Using this, you can add the match-xpath configuration option in the CLI in addition to IPv4 and IPv6 addresses directly on creation of prefixes group.
Match XPath feature in prefix group helps to reference values from the system configuration and dynamically generate prefix list entries based on table paths (x-paths).
Feature Characteristics
|
•
|
Prefix matching: When a prefix is configured in the referenced attribute, it must match the expected prefix type, either IPv4 or IPv6. If the prefix does not match the expected type, it is not added to the prefix group. |
|
•
|
Wild card matching: In some network devices, to allow more flexible application, the Match XPath feature supports the matching of certain wild cards or regular expressions. |
|
•
|
* matches zero or more characters |
|
•
|
[!a-z] excludes characters
|
|
•
|
Case sensitivity: This feature is case sensitive. |
|
•
|
Apart from creation and deletion of match-xpath entries, no other modifications are allowed. |
Benefits
|
•
|
Helps in dynamic configuration scenarios where the configuration is applied to specific parts of the device's configuration hierarchy without affecting other unrelated settings. |
|
•
|
Avoids repetition of prefixes configuration as it is derived from a source configuration. |
|
•
|
Makes the configuration more flexible and reusable. |
|
•
|
Allows fine-grained control over the accepted routes, enabling more efficient and secure routing decisions. |
Configuration
Prefix groups can be configured either as static or dynamic. However, the configuration cannot be implemented in one transaction. The static IPs must be unconfigured before configuring a dynamic IP.
Both static and dynamic configurations can be used interchangeably by the features using prefix-group.
IPv4
Follow these steps to configure IPv4 prefix-group:
|
1.
|
Enter configuration mode |
|
2.
|
For static configuration, add the IPv4 address in prefix-group and commit the changes. |
Copy
OcNOS(config)#ip prefix-group 1
OcNOS(config-ip-prefix-group)#100.100.100.0/24
OcNOS(config-ip-prefix-group)#commit
OcNOS(config-ip-prefix-group)#end
|
3.
|
Exit the configuration |
Copy
OcNOS(config-ip-prefix-group)#exit
|
4.
|
For dynamic configuration, apply the path dynamically based on the interface starting with a specific string. Set match-xpath in IPv4 prefix-group and commit the changes |
Copy
OcNOS(config)#
OcNOS(config)#ip prefix-group 2
OcNOS(config-ip-prefix-group)#match-xpath interfaces/interface/name=xe*/ipv4/config/primary-ip-addr=*
OcNOS(config-ip-prefix-group)#commit
OcNOS(config-ip-prefix-group)#end
IPv6
Follow these steps to configure IPv6 prefix-group:
|
1.
|
Enter Configuration mode |
|
2.
|
For static configuration, add the IPv6 address in prefix-group and commit the changes. |
Copy
OcNOS(config)#ipv6 prefix-group ipv6
OcNOS(config-ipv6-prefix-group)#1000::1/64
OcNOS(config-ipv6-prefix-group)#commit
OcNOS(config-ipv6-prefix-group)#end
|
3.
|
Exit the configuration |
Copy
OcNOS(config-ipv6-prefix-group)#exit
|
4.
|
For dynamic configuration, apply the path dynamically based on the interface starting with a specific string. Set match-xpath in IPv6 prefix-group and commit the changes |
Copy
OcNOS(config)#ipv6 prefix-group ipv6-1
OcNOS(config-ipv6-prefix-group)#match-xpath interfaces/interface/name=xe33/ipv6/addresses/config/ipv6-address=*
OcNOS(config-ipv6-prefix-group)#commit
OcNOS(config-ipv6-prefix-group)#end
OcNOS#
On successful configuration, prefixes are added to the prefix-group and XPath is added to the database.
Snippet Configuration
To verify the configuration, use the show running-config command.
IPv4
Static
Copy
OcNOS#show running-config prefix-groups
!
ip prefix-group 1
100.100.100.0/24
!
Dynamic
Copy
OcNOS#show running-config interface xe33
!
interface xe33
load-interval 30
ip address 20.20.20.1/24
mtu 9216
!
OcNOS#show running-config interface xe34
!
interface xe34
load-interval 30
ip address 30.30.30.1/24
mtu 9216
!
OcNOS#
Copy
OcNOS#
OcNOS#show running-config prefix-groups
!
ip prefix-group 2
match-xpath interfaces/interface/name=xe*/ipv4/config/primary-ip-addr=*
!
IPv6
Static
Copy
OcNOS#show running-config ipv6 prefix-groups
!
ipv6 prefix-group ipv6
1000::/64
!
Dynamic
Copy
OcNOS#show running-config interface xe33
!
interface xe33
ipv6 address 2000::1/64
!
Copy
OcNOS#show running-config ipv6 prefix-groups
!
ipv6 prefix-group ipv6-1
match-xpath interfaces/interface/name=xe33/ipv6/addresses/config/ipv6-address=*
!
OcNOS#show ipv6 prefix-group
Prefix Group Name: ipv6-1
Total Number of Prefixes: 1
Prefixes:
2000::1/64
OcNOS#
Validation
Use the following show commands for both IPv4 and IPv6 to display the static and dynamic prefix-group.
IPv4
Copy
OcNOS#show ip prefix-group
Prefix Group Name: 1
Total Number of Prefixes: 1
Prefixes:
100.100.100.0/24
OcNOS#
OcNOS#show ip prefix-group
Prefix Group Name: 2
Total Number of Prefixes: 2
Prefixes:
20.20.20.1/24
30.30.30.1/24
OcNOS#
IPv6
Copy
OcNOS#show ipv6 prefix-group
Prefix Group Name: 1
Total Number of Prefixes: 1
Prefixes:
1000::/64
OcNOS#
OcNOS#show ipv6 prefix-group
Prefix Group Name: ipv6-1
Total Number of Prefixes: 1
Prefixes:
2000::1/24
OcNOS#
CLI Commands
The following CLI commands are introduced in this feature. For more details, refer to the Interface Commands section.