net route-domain
net route-domain(1) BIG-IP TMSH Manual net route-domain(1)
NAME
route-domain - Configures route-domains for traffic management.
MODULE
net
SYNTAX
Configure the route-domain component within the net module using the
syntax in the following sections.
CREATE/MODIFY
create route-domain [ [name] | none]
options:
id [integer]
modify route-domain [name]
options:
app-service [[string] | none]
bwc-policy [string]
connection-limit [integer]
description [string]
flow-eviction-policy [ [eviction policy name] | none ]
fw-enforced-policy [ [policy_name] | none ]
fw-staged-policy [ [policy_name] | none ]
id [integer]
parent [ [name] | none]
security-nat-policy [ [policy_name] | none]
service-policy [ [policy_name] | none ]
strict [disabled | enabled]
routing-protocol
[add | delete | replace-all-with] {
[protocol name] ...
}
vlans
[add | delete | replace-all-with] {
[vlan name] ...
}
edit route-domain [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
reset-stats route-domain [name]
fw-enforced-policy-rules { [rule name] }
fw-staged-policy-rules { [rule name] }
security-nat-rules { [rule name] }
options:
fw-context-stat
ip-intelligence-categories
port-misuse
DISPLAY
list route-domain
list route-domain [ [name] | [glob] | [regex] ] ... ]
show running-config route-domain
show running-config route-domain
[ [name] | [glob] | [regex] ] ... ]
options:
all-properties
one-line
non-default-properties
show route-domain [ [ [name] | [glob] | [regex] ] ... ]
options:
fw-context-stat
ip-intelligence-categories
port-misuse
DELETE
delete route-domain [name]
DESCRIPTION
Using route domains, you can assign the same IP address to more than
one device on a network, as long as each instance of the IP address
resides in a separate routing domain.
EXAMPLES
create route-domain myRouteDomain id 1 vlans add { my_vlan }
Creates a route domain named myRouteDomain with an ID of 1 that
includes my_vlan.
list route-domain all-properties
Displays all properties of all route domains.
OPTIONS
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
bwc-policy
Configures the bandwidth control policy for the route-domain. If
set, it will enforce a throughput policy for incoming network
traffic.
connection-limit
Configures the connection limit for the route domain. If set to a
value other than zero, this specifies the total number of open
connections allowed on this route domain. The default value is 0,
unlimited.
description
User defined description.
id Specifies a unique numeric identifier for the route-domain. This
option is required during creation; it may not be modified once
set.
flow-eviction-policy
Specifies a flow eviction policy for the route domain to use, to
select which flows to evict when the number of connections
approaches the connection limit on the route domain. The default
value is none.
fw-enforced-policy
Specifies an enforced firewall policy. fw-enforced-policy rules
are enforced on a route-domain.
fw-enforced-policy-rules
Specifies firewall rules enforced on net route-domain via
referenced fw-enforced-policy.
fw-staged-policy
Specifies a staged firewall policy. fw-staged-policy rules are not
enforced while all the visibility aspects namely statistics,
reporting and logging function as if the fw-staged-policy rules
were enforced on a route-domain.
fw-staged-policy-rules
Specifies firewall rules staged on net route-domain via referenced
fw-staged-policy.
security-nat-rules
Specifies security nat rules associated with net route-domain via
referenced security-nat-policy.
parent
Specifies the route domain the system searches when it cannot find
a route in the configured domain. The default value is None.
If you specify a parent, during route table lookup, if the system
cannot find a route in the current route domain, the system
searches routes in the parent route domain. If no route is found
in the parent route domain, the system searches the parent route
domain's parent, and so on, until the system finds either a match
or a parent with a value of None. For example, if rd_1 has a
parent of rd_0 (in this example, route domain rd_0 has a parent of
None), and you include vlan_a in rd_1, when requests arrive for
vlan_a, the system looks in rd_1 for a route for the specified
destination. If no route is found, the system searches route
domain 0. If it still cannot find a route, the request for vlan_a
fails. If, using the same example, you set the parent to None,
under the same conditions, the system looks in rd_1, and if it
cannot find a matching route, the system refrains from searching
any other route domain, the request for vlan_a fails.
port-misuse
Used to show or reset port misuse policy statistics for the route
domain.
fw-context-stat
Used to show or reset firewall statistics for the route domain.
regex
Displays the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
security-nat-policy
Configures the Security NAT Policy (see security nat policy). If
specified, this is the NAT policy used to perform first-match
classification for incoming traffic to a virtual server if 'the
virtual server itself does not have a NAT policy configured AND
security-nat-policy.use-route-domain-policy is enabled on the
virtual'.
service-policy
Configures the service policy for the route-domain. If set, it
will enforce the service policy for incoming network traffic. The
service policy can be used to set specific policy based
configurations like flow timers, which applies to the flows that
matches the policy specification.
strict
Specifies whether the system allows a connection to span route
domains. The default value is enabled.
Note: When you enable this option, the system may find invalid
iRules(r) that passed validation.
routing-protocol
Specifies routing protocols, by name, for the system to use in the
route domain. The default value is none. Dynamic routing must be
licensed to use this option.
vlans
Specifies VLANs, by name, for the system to use in the route
domain. The default value is none.
ip-intelligence-categories
Used to show/ reset statistics on IP intelligence white/ black
lists categories.
SEE ALSO
create, delete, edit, glob, list, modify, security nat policy, net
service-policy, net vlan, net vlan-group, regex, show, tmsh, net bwc-
policy
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013, 2016. All
rights reserved.
BIG-IP 2017-09-06 net route-domain(1)