Citrix SD-WAN

Route Filtering

For networks with Route Learning enabled, Citrix SD-WAN provides more control over which SD-WAN routes are advertised to routing neighbors rather and which routes are received from routing neighbors, rather than advertising and accepting all or no routes.

  • Export Filters are used to include or exclude routes for advertisement using OSPF and BGP protocols based on specific match criteria.

  • Import Filters are used to accept or not accept routes which are received using OSPF and BGP neighbors based on specific match criteria.

Route filtering is implemented on LAN routes and Virtual Path routes in an SD-WAN network (Data Center/Branch) and is advertised to a non-SD-WAN network through using BGP and OSPF.

How to Configure Route Import and Export Filters

  1. In the Configuration Editor, navigate to Connections > View Regions > View Site > [Site Name] > Route Learning Properties.
  2. Expand Import Filters and Export Filters to view the existing route filters. Import Filters are separate and distinct from Export Filters. You can configure up to 512 Export Filters and 512 Import Filters. This is the overall limit, not per routing domain limit.

    Note

    If there is only one Routing Domain configured, the Routing Domain column does not appear.

    Route learning connections

    Route learning template

  3. Navigate to Import Filters or Export Filters under the BGP or OSPF section.

Import export filters BGP OSPF

Use the following criteria to construct each Export Filter that you want to create.

Field Criteria Description Value
Order The Order in which filters are prioritized. The first filter that a route matches are applied to that route 100, 200, 300, 400, 500, 600
Routing Domain To match routes from a specific routing domain, choose one of the configured Routing Domains from the list Any, Def_RD default
Network Address Enter the IP Address** and Netmask of configured Network Object that describes the route’s network
  • IP address
Prefix To match routes by prefix, choose a match predicate from the list and enter a Route prefix in the adjacent field
  • eq: Equal to, - lt: Less than, - le: Less than or equal to, - gt: Greater than, - ge: Greater than or equal to
Citrix SD-WAN Cost The method (predicate) and the SD-WAN Route Cost that are used to narrow the selection of routes exported Numeric value
Service Type Select the Service types that are assigned to matching routes from a list of the existing, supported Citrix SD-WAN Services Any, Local, Virtual Path, Internet, Intranet, LAN GRE Tunnel, LAN IPsec Tunnel
Site/Service Name For Intranet, LAN GRE Tunnel, and LAN IPsec Tunnel, specify the name of the configured Service Type to use Text string
Gateway IP Address If you choose LAN GRE Tunnel as the Service Type, enter the Gateway IP for the tunnel IP address
Include Click the check box to Include routes that match this filter. Otherwise matching routes are ignored None
Enabled Click the check box to Enable this filter. Otherwise the filter is ignored None
Clone Click the Clone icon to make copy of an existing Filter None

Configure Route Policy Filter Templates

You can create multiple import or export filter templates with various filter rules and associate the template at each site. The user created site level import/export filter rules take more precedence. The template rules follow the user created rules when associated to the site in Route Learning section of Connections.

Import route policy template

Export route policy template

Route Filtering