Policy Object Profile

A Cisco Catalyst SD-WAN policy is made up of at least one list, a policy definition, and an application. The list identifies values, the policy definition defines actions, and the application defines where the policy is applied. The policy object profile has lists such as AS path, class map, data prefix, mirror, policer, and so on.

Starting from Cisco IOS XE Catalyst SD-WAN Release 17.15.1a, when the policy objects are more than 50, the list is paginated to ease the configuration of policy object profiles.

AS Path

  1. Choose the AS Path policy object from the Select Policy Object drop-down list.

  2. Enter the AS Path list name in the AS Path List Name field.

  3. In the Add AS Path field, enter the AS path number.

  4. Click Save.

The following table describe the options for configuring the class map.

Field

Description

AS Path List Name

Enter a name for the class map list.

Add AS Path

Specifies the AS path number. The range is 1 to 65535.

Class Map

  1. Choose the Class Map policy object from the Select Policy Object drop-down list.

  2. Enter the class map name in the Class field.

  3. In the Select a Queue drop-down list, choose the required queue.

  4. Click Save.

The following table describe the options for configuring the class map.

Field

Description

Class

Enter a name for the class map list.

Queue

Specifies the queue number.

Data Prefix

  1. Choose the Data Prefix policy object from the Select Policy Object drop-down list.

  2. Enter the Data Prefix List Name.

  3. In the Internet Protocol field, click IPv4 or IPv6.

  4. Click Save.

The following table describe the options for configuring the data prefix.

Field

Description

Prefix List Name

Enter a name for the prefix list.

Internet Protocol

Specifies the internet protocol. The options are IPv4 and IPv6.

Prefix

  1. Choose the Prefix policy object from the Select Policy Object drop-down list.

  2. Enter the Prefix List Name.

  3. In the Internet Protocol field, click IPv4 or IPv6.

  4. Under Add Prefix, enter the prefix for the list. Optionally, click the Choose a file link to import a prefix list.

  5. Click Save.

The following table describe the options for configuring the prefix.

Field

Description

Prefix List Name

Enter a name for the prefix list.

Internet Protocol

Specifies the internet protocol. The options are IPv4 and IPv6.

Expanded Community

  1. Choose the Expanded Community policy object from the Select Policy Object drop-down list.

  2. Enter the Expanded Community List Name.

  3. In the Add Expanded Community field, enter the community details. The format example is given in the field.

  4. Click Save.

The following table describe the options for configuring the expanded community.

Field

Description

Expanded Community List Name

Enter a name for the community list.

Add Expanded Community

Specifies the expanded community.

Extended Community

  1. Choose the Extended Community policy object from the Select Policy Object drop-down list.

  2. Enter the Extended Community List Name.

  3. In the Add Extended Community field, enter the community details. The format example is given in the field.

  4. Click Save.

The following table describe the options for configuring the extended community.

Field

Description

Extended Community List Name

Enter a name for the community list.

Add Extended Community

Specifies the extended community. The format is as follows:

  • rt (aa:nn | ip-address)​: Route target community, which is one or more routers that can receive a set of routes carried by BGP. Specify this as the AS number and network number, where each number is a 2-byte value with a range from 1 to 65535, or as an IP address.

  • soo (aa:nn | ip-address)​: Route origin community, which is one or more routers that can inject a set of routes into BGP. Specify this as the AS number and network number, where each number is a 2-byte value with a range from 1 to 65535, or as an IP address. To configure multiple extended BGP communities in a single list, include multiple community options, specifying one community in each option.

Mirror

  1. Choose the Mirror policy object from the Select Policy Object drop-down list.

  2. Enter the Mirror List Name.

  3. In the Remote Destination IP field, enter the IP address of the destination for which to mirror the packets.

  4. In the Source IP field, enter the IP address of the source of the packets to mirror.

  5. Click Save.


Note


To configure mirroring parameters, define the remote destination to which to mirror the packets, and define the source of the packets. Mirroring applies to unicast traffic only. It does not apply to multicast traffic.


The following table describe the options for configuring the mirror.

Field

Description

Mirror List Name

Enter a name for the mirror list.

Remote Destination IP

Specifies the IP address of the remote destination.

Source IP

Specifies the IP address of the source.

Policer

  1. Choose the Policer policy object from the Select Policy Object drop-down list.

  2. Enter the Policer List Name.

  3. In the Burst (bytes) field.

  4. In the Exceed drop-down list, choose the action Drop or Remark.

  5. Enter the Rate (bps)

  6. Click Save.

The following table describe the options for configuring the policer.

Field

Description

Policer List Name

Enter a name for the policer list.

Burst (bytes)

Specifies the maximum traffic burst size. Range is from 15000 to 10000000.

Exceed

Specifies an action to take when the burst size or traffic rate is exceeded. The options are:

Drop—Sets the packet loss priority (PLP) to low.

Remark—Sets the PLP to high.

The default option is Drop.

Rate

Specifies the maximum traffic rate. It can be a value from 8 through 264 bps (8 through 100000000000).

Standard Community

  1. Choose the Standard Community policy object from the Select Policy Object drop-down list.

  2. Enter the Standard Community List Name.

  3. In the Add Standard Community field, enter the community details. The format example is given in the field.

  4. Click Save.

The following table describe the options for configuring the standard community.

Field

Description

Expanded Community List Name

Enter a name for the community list.

Add Expanded Community

Specifies the standard community. the options are:

  • aa:nn: Autonomous System (AS) number and network number. Each number is a 2-byte value with a range from 1 to 65535.

  • internet: Routes in this community are advertised to the Internet community. This community comprises all BGP-speaking networking devices.

  • local-as: Routes in this community are not advertised outside the local AS number.

  • no-advertise: Attaches the NO_ADVERTISE community to routes. Routes in this community are not advertised to other BGP peers.

  • no-export: Attaches the NO_EXPORT community to routes. Routes in this community are not advertised outside the local AS or outside a BGP confederation boundary. To configure multiple BGP communities in a single list, include multiple community options, specifying one community in each option.

VPN

  1. Choose the VPN policy object from the Select Policy Object drop-down list.

  2. Enter the VPN List Name and the Add VPNfields based on the hints.

  3. Click Save.

The following table describe the options for configuring the VPN object.

Field

Description

VPN List Name

Enter a name for the VPN list.

Add VPN

Enter the VPN number. The number can be 100 or 200 separated by commas or 1000—2000 range.