[j-nsp] RE: bgp config changes (was: autonomous-system N loops L)
Richard A Steenbergen
ras at e-gerbil.net
Fri Dec 12 16:18:22 EST 2003
On Fri, Dec 12, 2003 at 03:56:51AM -0500, bbird at epik.net wrote:
> The reason I mentioned import policy, is because of an event that was
> originally attributed to the behavior you've described. The policy I
> changed on a neighbor, was a prefix-limit filter. And upon making
> that change, I discovered other neighbors being reset. In the
> configuration template, the prefix-limit is neither import nor export
> policy. However, I equate this to a test condition on import, more
> than an export policy. I was later advised, that this shouldn't have
> occurred, and wouldn't if I upgraded to something newer (speaking
> only of the prefix-limit).
Oooh, another good point. Honk if you miss Cisco's style of having
prefix-lists available seperately from route-maps. I for one sure do.
The ability to do prefix filtering in policy-statements is certainly a
good thing, no question there, but it is not a true replacement for the
equivilent of Cisco's "neighbor x.x.x.x prefix-list whatever" filtering.
Creating a policy-statement per customer and using route-filter statements
is nasty, and creates unnecessary complications for IRR based prefix-list
You cannot use a Juniper "prefix-list" for this either, since jnpr's
prefix lists are actually... lists of prefixes... and don't let you do any
"orlonger" type processing. I always found this an incredibly annoying
damper in the otherwise handy ability to use use a prefix-list in a
firewall term, since you still have to duplicate the entire list in both a
policy route-filter list and a prefix-list...
My kingdom for a prefix-list which supports the route-filter type prefix
modifiers, and a "neighbor x.x.x.x prefix-list" statement...
Richard A Steenbergen <ras at nlayer.net> http://www.nlayer.net/
GPG Key ID: 0xDA93CCE6 (D8E1 B8DD 486F B161 FA92 C2C5 113E BA5E DA93 CCE6)
nLayer Communications, Inc. Chief Technical Officer
More information about the juniper-nsp