Routes Tab
Configuration > Networking > Routing > Routes
Each appliance builds a route table with entries that are added automatically by the system, added manually by a user, or learned from a routing protocol (SD-WAN Fabric Subnet Sharing, BGP, or OSPF).
Route Maps
Orchestrator supports the ability to apply route maps to various routing protocols. This provides more control to import and export routes to and from the SD-WAN fabric. You can configure your route maps to modify information of a route through ACLs and applying tags by using commands. Each route map has a match command and set command. The match command verifies the attributes of the original route the protocol supports. The set command modifies information that is redistributed into the target protocol.
NOTE: Prefix match criteria is ‘exact match + less than’. Both the prefix specified and any subnets of that prefix will be matched. This behavior will be updated in a future release to allow for selection of ‘exact,’ ‘greater than,’ or ‘less than’ criteria.
To permit a default-route, deny 0.0.0.0/1, deny 128.0.0.0/1, and then permit any.
Route mapping is supported for the following protocols and the direction of those protocols:
Local, static to SD-WAN fabric
BGP, OSPF to SD-WAN fabric
SD-WAN fabric to BGP Outbound peers
Local, BGP, OSPF to BGP outbound peers
Local BGP Peers to EdgeConnect BGP sessions
The following table lists the routing protocols and the associated commands supported.
Command | Redistribution Support | BGP | OSPF | SD-WAN | Local/Static |
---|---|---|---|---|---|
Match prefix | Yes | Yes | Yes | Yes | Yes |
Set metric | Yes | Yes | Yes | Yes | Yes |
Set tag | Yes | Yes | Yes | Yes | Yes |
You can filter the type of routes displayed by clicking All, Local / Static, SD-WAN Fabric, BGP, or OSPF.
Import
Click Import to import route details from a CSV file into the selected appliance. The CSV file should contain values for the following fields in the exact order specified: Subnet, Mask Length, Metric, Is Local, Advertise to Silver Peak Peers, Advertise to BGP Peers, Next Hop, Advertise to OSPF Neighbors, Interface Name, Segment.
NOTE: The CSV file should not contain a header row, and it should have no spaces after commas. You can specify only the Subnet, Mask Length, and Metric, and Orchestrator uses default values for the remaining fields. If you include values in any of the remaining fields, however, all fields must have a value (that is, none can be blank).
The following lines illustrate what two rows in a CSV import file might look like:
10.1.0.0,16,50,TRUE,FALSE,TRUE,10.1.0.1,FALSE,lan0,Default
10.2.0.0,16,50,,,,,,,
Export
Click Export to save the contents of the Routes table to a CSV file.
Filter by Subnet
Filter by subnet is a filtering tool that can be used to filter all existing routes and the results are populated on the Routes tab.
A Very Large Query Response pop-up will display if the number of the routes filtered exceeds 500,000. You can filter by subnet, cancel, or continue waiting to help mitigate this issue.
NOTE: If the number of the routes filtered is greater than 500,000 the following pop-up will display.
Segment
The segments you have configured on the Routing Segmentation tab are listed in the Segment field. After you specify the segment, the Routes table displays only the routes belonging to that segment.
The following information is displayed for each route listed in the table:
Field | Description |
---|---|
Appliance Name | Name of the appliance. |
Segment | Routes displayed belonging to this segment. |
Subnet/Mask | Actual subnet to be shared or learned. |
Next Hop | Next hop IP address for the route. A maximum of 16 next-hops are supported per logical interface. |
Interface | Interface for outgoing traffic. Display only. |
Zone | Firewall zone associated with the route. |
State | Shows whether the route is up or down. |
Metric | Metric of the subnet. Value must be between 0 and 100. When a peer has more than one tunnel with a matching subnet (for example, in a high availability deployment), it chooses the tunnel with the lower numerical value. |
Advertise to Peers | Select to share subnet information with categories of peers. Select from the following options:
To add a subnet to the table without divulging it to peers, clear this option. |
Type | Indicates one of the following route types:
|
Additional Info | Indicates any tags for restricting route lookups:
|
Comment | Any additional information you would like to include. |
To edit a route, select the edit icon in the Routes table.
Route Table Lookup Criteria
Each Route table has lookup criteria that is used in the following order:
Longest Prefix Match
Route Table admin distance of the source protocol (lower the better)
Metric (lower the better)
Use peer priority (if configured) as a tie-breaker
If there are two or more routes that match all the above criteria, use multiple routes.
Admin Distance Configuration
You can configure the admin distance by using the Admin Distance template on the Templates tab. The default settings in this template determine the most reliable route with the use of admin distance. See the table below for the various default admin distances per route type.
Route Type | Default Admin Distance |
---|---|
Local | 1 |
SD-WAN Fabric - Static | 10 |
SD-WAN Fabric - BGP | 15 |
SD-WAN Fabric - OSPF | 15 |
eBGP | 20 |
OSPF | 110 |
iBGP | 200 |
Navigate to the BGP and OSPF tabs for more information about applying or configuring your route maps.
Edit or Add Routes
The following table describes the elements in the Routes dialog box. They represent various features you can apply to your route.
Field | Description |
---|---|
Automatically advertise local LAN subnets | Indicates whether the system-created LAN subnets of your appliance should be advertised to your peers. |
Automatically advertise local WAN subnets | Indicates whether the system-created local WAN subnets of your appliance should be advertised to your peers. |
Metric for automatically added routes | Metric assigned to subnets of interfaces on this appliance. Specify a value from 0 to 100. The default value is 50. When a peer has more than one tunnel with a matching subnet (for example, in a high-availability deployment), it chooses the tunnel with the lower metric value. |
Redistribute routes to SD-WAN fabric | Route redistribution map for the SD-WAN fabric. Click the edit icon next to this field and specify the appropriate route redistribution map. |
Filter routes from SD-WAN fabric with matching local ASN | Indicates whether to filter routes from the SD-WAN fabric with matching local Autonomous System Number (ASN). |
Include BGP local ASN to routes sent to SD-WAN fabric | Indicates whether all routes must carry local ASN over subnet sharing to remote EdgeConnect peers. |
Tag BGP communities to routes | Send the specified communities with routes that are advertised to both SD-WAN fabric peers and BGP peers, if the routes are learned from any of the following source protocols:
|
Communities | BGP communities to share. A community must be a combination of two numbers (0 to 65535) separated by a colon. For multiple communities, use a comma to separate them. You can have up to nine communities per route shared with subnet sharing. Subnet sharing is the protocol used to exchange routes between EdgeConnect appliances across the SD-WAN fabric. |
Use SD-WAN fabric learned routes | Indicates whether to use SD-WAN fabric learned routes. |
Enable Equal Cost Multi Path (ECMP) | Indicates whether you want to enable Equal Cost Multi-Path routing support. |
Add Routes
Use the Add Routes dialog box to add a user-defined route to an appliance’s route table.
In the Routes dialog box, click Add Routes.
The Add Route dialog box opens.
Configure the following elements as needed.
Field Description Subnet/Mask Subnet IP address and mask (for example, 4.4.4.4/32). Next Hop Next hop IP address for the route. If you specify a next hop, you cannot select a zone for the route. (Optional) Interface Interface for outgoing traffic. Click in the field and select the appropriate interface. If you specify an interface, you cannot select a zone for the route. (Optional) Zone Firewall zone to apply to the route. Select the appropriate firewall zone from the drop-down list. Initially, this field is set to Default. If you specify a next hop or an interface, you cannot select a zone for the route; the field automatically sets to None and cannot be changed. (Optional) Metric Metric for the subnet. Specify a value from 0 to 100. When a peer has more than one tunnel with a matching subnet (for example, in a high-availability deployment), it chooses the tunnel with the lower metric value. The default value is 50. Tag Tag for restricting route lookups. It is primarily used to filter routes from being redistributed in a routing loop. Select one of the following options from the drop-down list: - ANY – Allows route lookups for traffic arriving on a LAN-side or WAN-side interface.
- FROM_LAN – Restricts route lookups to traffic arriving on a LAN-side interface.
- FROM_WAN – Restricts route lookups to traffic arriving on a WAN-side interface.
Comments Additional information you want to provide about this route. (Optional) Click Add.
Import Subnets
Do the following to import route details from a CSV file into the selected appliance.
Click Choose File.
Locate and select the CSV file on your local machine, and then click Open.
Click Import.
Orchestrator imports the information from the selected file and the Routes table displays new or updated route details.
SD-WAN Fabric Route Redistribution Maps
Route Maps are policies that can be applied to static, OSPF, BGP, and SD-WAN fabric learned routes. These policies have match and set criteria. A route map is applied to the routes during the route redistribution between routing protocols and allows for filtering routes or modifying route attributes.
Maximum allowed amounts for SD-WAN route maps and rules per route map:
You can specify up to 20 SD-WAN route maps.
You can apply up to 128 rules per route map.
You can add, delete, rename, or clone route maps using this window. You can add rules to your route map to further specify routing protocols by clicking Add Rule. Use rules to allow or deny routes based on numerous matching criteria.
NOTE: Prefix match criteria is ‘exact match + less than’. Both the prefix specified and any subnets of that prefix will be matched. This behavior will be updated in a future release to allow for selection of ‘exact,’ ‘greater than,’ or ‘less than’ criteria.
To permit a default-route, deny 0.0.0.0/1, deny 128.0.0.0/1, and then permit any.
You can specify the following fields in each rule for the selected route map.
Priority
Field | Description |
---|---|
Priority |
|
Select Match Criteria
Source Protocol | Complete the Following Fields (based on protocol selected) |
---|---|
Local/Static |
|
BGP |
|
OSPF |
|
NOTE: The above fields in the right column will change depending on the source protocol chosen.
Set Actions
Field | Description |
---|---|
Permit | Enable or disable. This setting allows or denies the route map. |
OSPF Tag | Value of OSPF tag to set in routing information sent to destination. NOTE: This field is displayed only if Source Protocol is set to OSPF. |
Metric | Metric for the route. |
Comment | Comment you want to include. |