Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

Policy Applications CLI Reference

CLI commands for configuring and monitoring policy applications.

Application-Aware Routing Command Hierarchy

Configure and apply the policy on vSmart controllers:

policy
  lists
    app-list list-name
      (app application-name | app-family application-family)
    data-prefix-list list-name
      ip-prefix prefix/length
    site-list list-name
      site-id site-id
    vpn-list list-name
      vpn vpn-id
  sla-class sla-class-name
    jitter milliseconds
    latency milliseconds
    loss percentage
policy
  app-route-policy policy-name
    vpn-list list-name      
      default-action sla-class sla-class-name
      sequence number
        match
          app-id app-id-name          
          destination-data-prefix-list list-name
          destination-ip prefix/length
          destination-port number
          dscp number
          plp (high | low)
          protocol number
          source-data-prefix-list list-name
          source-ip prefix/length
          source-port address
        action          
          backup-sla-preferred-color color
          count
          log
          sla-class sla-class-name [preferred-color color] [strict]
      default-action
        sla-class sla-class-name
apply-policy site-list list-name
  app-route-policy policy-name

Configure the data plane tunnel performance monitoring parameters on the vEdge router:

bfd
  app-route
    multiplier number
    poll-interval milliseconds
  color color
    hello-interval milliseconds
    multiplier number
    pmtu-discovery

Cflowd Traffic Flow Monitoring Command Hierarchy

Configure on vSmart controllers only.

policy
  lists
    prefix-list list-name
      ip-prefix prefix/length
    site-list list-name
      site-id site-id
    vpn-list list-name
      vpn vpn-id
  cflowd-template template-name 
    collector vpn vpn-id address ip-address port port-number transport transport-type
    flow-active-timeout seconds 
    flow-inactive-timeout seconds
    flow-sampling-interval number
    template-refresh seconds
policy
  data-policy policy-name
    default-action action
    sequence number
      match
        destination-data-prefix-list list-name
        destination-ip prefix/length
        destination-port number
        dscp number
        protocol number
        source-data-prefix-list list-name
        source-ip prefix/length
        source-port address
      action
        count counter-name
        drop
        accept
          cflowd
apply-policy 
  site-list list-name  
    data-policy policy-name  
    cflowd-template template-name

Local Internet Exit Command Hierarchy

Configure and apply a centralized data policy on the vSmart controller:

policy
  lists
    prefix-list list-name
      ip-prefix prefix/length
    site-list list-name
      site-id site-id
    vpn-list list-name
      vpn vpn-id
  cflowd-template template-name 
    collector vpn vpn-id address ip-address port port-number 
    flow-active-timeout seconds 
    flow-inactive-timeout seconds  
    template-refresh seconds
policy
  data-policy policy-name
    default-action action
    sequence number
      match
        destination-data-prefix-list list-name
        destination-ip prefix/length
        destination-port number
        dscp number
        protocol number
        source-data-prefix-list list-name
        source-ip prefix/length
        source-port address
      action
        count counter-name
        drop
        accept
          nat use-vpn 0
apply-policy 
  site-list list-name  
    data-policy policy-name

On a vEdge router, enable NAT functionality in the WAN VPN:

vpn vpn-id
  interface interface-name
    nat
      refresh (bi-directional | outbound)
      tcp-timeout minutes
      udp-timeout minutes

Operational Commands

clear app cflowd flow-all (on vEdge routers only)
clear app cflowd flows (on vEdge routers only)
clear app cflowd statistics (on vEdge routers only)
show app-route stats on vEdge routers only)
show app cflowd collector (on vEdge routers only)
show app cflowd flow-count (on vEdge routers only)
show app cflowd flows (on vEdge outers only)
show app cflowd statistics (on vEdge routers only)
show app cflowd template (on vEdge routers only)
show ip routes (on vEdge routers)
show policy from-vsmart (on vEdge routers only)
show running-config (on vSmart controllers only)

  • Was this article helpful?