Hi all,
couldn't find any information about the change of the order of the rules inside a route-map.
I know that for firewall rules or sdwan rules, you have unique identifiers forevery logic, and you can move them up or down through the GUI or via CLI ('move x before|after y'). But can I do something similar with route-maps ?
For example suppose I have the following:
config router route-map
edit "RM_EXAMPLE"
config rule
edit 10
set match-community "CL_32:3"
next
edit 100
next
edit 5
set action deny
set match-ip-address "PL_DENY_PREFIX"
next
end
next
Something not nice: in this case the identifier of the rule is important, and is related to the order the rules are executed. So even though '5' appears after '100', it is processed first. Suppose now I have rules '1' and '2', and I want to insert something in between. Is there any simple way to do it ? in Cisco there is a 'resequence' command that takes the list of rules, for example 1,2,3,4,5,6,7,8 and changes them to 10,20,30,40,50,60,70,80 so that you can now insert things in the middle of the rules.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I tested it but looks like only way to change the order in the route-map is to delete the all existing "edit"s below the place you want to insert a new one, then re-paste the deleted ones in the exact order you wanted them to be.
There seem to be no other way around.
By the way, with your example "edit 5" does nothing since "edit 100" is allowing everything before it.
Toshi
I tested it but looks like only way to change the order in the route-map is to delete the all existing "edit"s below the place you want to insert a new one, then re-paste the deleted ones in the exact order you wanted them to be.
There seem to be no other way around.
By the way, with your example "edit 5" does nothing since "edit 100" is allowing everything before it.
Toshi
Thanks Toshi for your reply, so the answer is that we need to copy and paste and resequence manually.
Regarding your last sentence:
"By the way, with your example "edit 5" does nothing since "edit 100" is allowing everything before it."
... despite of what happens with sdwan or firewall rules, for route-maps the identifiers are numbers but they work in a different way. When you create them, they are showed in the order of creation, but they are processed in ascending order. This is somewhat confusing in my opinion, but it works in this way. And it really should, since you can't 'move' items before of after others. Check it out !
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1666 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.