net route-domain
net route-domain(1) BIG-IP TMSH Manual net route-domain(1)
NAME
route-domain - Configures route-domains for traffic management.
MODULE
net
SYNTAX
Configure the route-domain component within the net module using the syntax in the following sections.
CREATE/MODIFY
create route-domain [ [name] | none]
options:
id [integer]
modify route-domain [name]
options:
app-service [[string] | none]
bwc-policy [string]
connection-limit [integer]
description [string]
flow-eviction-policy [ [eviction policy name] | none ]
fw-enforced-policy [ [policy_name] | none ]
fw-staged-policy [ [policy_name] | none ]
id [integer]
parent [ [name] | none]
security-nat-policy [ [policy_name] | none]
service-policy [ [policy_name] | none ]
strict [disabled | enabled]
routing-protocol
[add | delete | replace-all-with] {
[protocol name] ...
}
vlans
[add | delete | replace-all-with] {
[vlan name] ...
}
edit route-domain [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
reset-stats route-domain [name]
fw-enforced-policy-rules { [rule name] }
fw-staged-policy-rules { [rule name] }
security-nat-rules { [rule name] }
options:
fw-context-stat
ip-intelligence-categories
port-misuse
DISPLAY
list route-domain
list route-domain [ [name] | [glob] | [regex] ] ... ]
show running-config route-domain
show running-config route-domain
[ [name] | [glob] | [regex] ] ... ]
options:
all-properties
one-line
non-default-properties
show route-domain [ [ [name] | [glob] | [regex] ] ... ]
options:
fw-context-stat
ip-intelligence-categories
port-misuse
DELETE
delete route-domain [name]
DESCRIPTION
Using route domains, you can assign the same IP address to more than one device on a network, as long as each
instance of the IP address resides in a separate routing domain.
EXAMPLES
create route-domain myRouteDomain id 1 vlans add { my_vlan }
Creates a route domain named myRouteDomain with an ID of 1 that includes my_vlan.
list route-domain all-properties
Displays all properties of all route domains.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the object. Only the application service can modify or delete the object.
bwc-policy
Configures the bandwidth control policy for the route-domain. If set, it will enforce a throughput policy
for incoming network traffic.
connection-limit
Configures the connection limit for the route domain. If set to a value other than zero, this specifies
the total number of open connections allowed on this route domain. The default value is 0, unlimited.
description
User defined description.
id Specifies a unique numeric identifier for the route-domain. This option is required during creation; it
may not be modified once set.
flow-eviction-policy
Specifies a flow eviction policy for the route domain to use, to select which flows to evict when the
number of connections approaches the connection limit on the route domain. The default value is none.
fw-enforced-policy
Specifies an enforced firewall policy. fw-enforced-policy rules are enforced on a route-domain.
fw-enforced-policy-rules
Specifies firewall rules enforced on net route-domain via referenced fw-enforced-policy.
fw-staged-policy
Specifies a staged firewall policy. fw-staged-policy rules are not enforced while all the visibility
aspects namely statistics, reporting and logging function as if the fw-staged-policy rules were enforced
on a route-domain.
fw-staged-policy-rules
Specifies firewall rules staged on net route-domain via referenced fw-staged-policy.
security-nat-rules
Specifies security nat rules associated with net route-domain via referenced security-nat-policy.
parent
Specifies the route domain the system searches when it cannot find a route in the configured domain. The
default value is None.
If you specify a parent, during route table lookup, if the system cannot find a route in the current
route domain, the system searches routes in the parent route domain. If no route is found in the parent
route domain, the system searches the parent route domain's parent, and so on, until the system finds
either a match or a parent with a value of None. For example, if rd_1 has a parent of rd_0 (in this
example, route domain rd_0 has a parent of None), and you include vlan_a in rd_1, when requests arrive
for vlan_a, the system looks in rd_1 for a route for the specified destination. If no route is found, the
system searches route domain 0. If it still cannot find a route, the request for vlan_a fails. If, using
the same example, you set the parent to None, under the same conditions, the system looks in rd_1, and if
it cannot find a matching route, the system refrains from searching any other route domain, the request
for vlan_a fails.
port-misuse
Used to show or reset port misuse policy statistics for the route domain.
fw-context-stat
Used to show or reset firewall statistics for the route domain.
regex
Displays the items that match the regular expression. The regular expression must be preceded by an at
sign (@[regular expression]) to indicate that the identifier is a regular expression. See help regex for
a description of regular expression syntax.
security-nat-policy
Configures the Security NAT Policy (see security nat policy). If specified, this is the NAT policy used
to perform first-match classification for incoming traffic to a virtual server if 'the virtual server
itself does not have a NAT policy configured AND security-nat-policy.use-route-domain-policy is enabled
on the virtual'.
service-policy
Configures the service policy for the route-domain. If set, it will enforce the service policy for
incoming network traffic. The service policy can be used to set specific policy based configurations like
flow timers, which applies to the flows that matches the policy specification.
strict
Specifies whether the system allows a connection to span route domains. The default value is enabled.
Note: When you enable this option, the system may find invalid iRules(r) that passed validation.
routing-protocol
Specifies routing protocols, by name, for the system to use in the route domain. The default value is
none. Dynamic routing must be licensed to use this option.
vlans
Specifies VLANs, by name, for the system to use in the route domain. The default value is none.
ip-intelligence-categories
Used to show/ reset statistics on IP intelligence white/ black lists categories.
SEE ALSO
create, delete, edit, glob, list, modify, security nat policy, net service-policy, net vlan, net vlan-group,
regex, show, tmsh, net bwc-policy
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013, 2016. All rights reserved.
BIG-IP 2017-09-06 net route-domain(1)