Geosite/Geoip Configuration

geosite/geoip configuration geosite/geoip configuration show geosite summary show geosite summary \[command] show geosite summary \[purpose] display the currently loaded geosite dat information, including the loaded dat file, country comde statistics, domain rule statistics \[view] system view \[use cases] sonic# show geosite summary geosite statistics use default geosite data total country codes 1403 total domain rules 108358 show geoip summary show geoip summary \[command] show geoip summary \[purpose] display the currently loaded geoip dat information, including the loaded dat file, country comde statistics, and ipv4/v6 statistics \[view] system view \[use cases] sonic# show geoip summary geoip statistics use default geoip data total country codes 260 total ipv4 counts 627125 total ipv6 counts 655079 geosite load geosite load string|default \[command] geosite load string|default \[purpose] used to load and update the geosite dat file you can choose to load the default dat file or specify a dat file in a specific path as the updated dat file \[view] system configuration view \[notes] please note that after executing this command, you need to reload the device to ensure that the dat file is successfully loaded if the configuration needs to be saved, please execute write to save the configuration \[use cases] sonic(config)# geosite load default please config reload to make load effective sonic(config)# reload geoip load geoip load string|default \[command] geoip load string|default \[purpose] used to load and update the geoip dat file you can choose to load the default dat file or specify a dat file in a specific path as the updated dat file \[view] system configuration view \[notes] please note that after executing this command, you need to reload the device to ensure that the dat file is successfully loaded if the configuration needs to be saved, please execute write to save the configuration \[use cases] sonic(config)# geoip load default please config reload to make load effective sonic(config)# reload geosite lookup geosite lookup string \[command] geosite lookup string \[purpose] based on domain, query the geosite and find the country code corresponding to the domain name according to the dat file \[view] system configuration view \[use cases] sonic(config)# geosite lookup www baidu com matched country baidu matched country cn matched country geolocation cn geoip lookup geoip lookup string \[command] geoip lookup string \[purpose] based on ip, geoip can be queried, and the country code corresponding to the domain name can be found according to the dat file \[view] system configuration view \[use cases] sonic(config)# geoip lookup 52 62 62 62 ipv4 52 62 62 62 matched country au rule rule \[command] rule rule id \[ {packet action {deny|permit}}] \[src ip ip address] \[dst ip ip address]\[src port port] \[dst port port] \[ip type type]\[geosite string] \[geoip string ] no rule rule id \[purpose] add geography/geip acl rules \[parameter] parameter description rule id rule id range 0 500 also represents rule priority (higher number = higher priority) values must be unique packet action packet action when a rule is matched deny drop permit allow to pass src ip ip address source ip address format a b c d/m dst ip ip address destination ip address format a b c d/m geosite string geosite matching field string is the country code to match (e g , baidu) case insensitive geoip string geoip matching field string is the country code to match (e g , us) case insensitive \[view] acl view \[use cases] sonic(config)# access list l3 test ingress sonic(config l3 acl test)# rule 1 geosite baidu packet action permit geosite geosite string \[command] geosite string \[purpose] add geosite matching rules \[parameter] parameter description string geosite matching field, fill in the country code that needs to be matched, case insensitive \[view] route policy view \[notes] policy based routing (pbr) maps cannot consist solely of geosite/geoip match fields; they must be used in combination with quintuple match conditions for example, you can configure a full source ip match match src ip 0 0 0 0/0 \[use cases] sonic(config)# pbr map test seq 5 sonic(config pbr map)# match src ip 0 0 0 0/0 sonic(config pbr map)# geosite baidu sonic(config pbr map)# set nexthop 192 168 2 1 geoip geoip string \[command] geoip string \[purpose] add geoip matching rules \[parameter] parameter description string geoip matching field, fill in the country code that needs to be matched, case insensitive \[view] route policy view \[notes] policy based routing (pbr) maps cannot consist solely of geosite/geoip match fields; they must be used in combination with quintuple match conditions for example, you can configure a full source ip match match src ip 0 0 0 0/0 \[use cases] sonic(config)# pbr map test seq 5 sonic(config pbr map)# match src ip 0 0 0 0/0 sonic(config pbr map)# geoip cn sonic(config pbr map)# set nexthop 192 168 2 1