[j-nsp] Routing-policy - import route into routing-instance

Thu Oct 14 07:35:10 EDT 2004

Hi Phil,

You can do this with the vrf-import policy statement
within the routing-instance statement. So if you
wanted to import routes from two communities from a
BGP peer, you would do something like the following:

policy-options {
 policy-statement vpn-a-import {
    term vpn-a {   
        from {
          protocol bgp;
          community vpn-a;
         }
        then accept;
     }
    term vpn-b {
         from {
          protocol bgp;
          community vpn-b;
          }
    then accept;
     }
 }
community vpn-a members target:1234:1;
community vpn-b members target:1234:2;
}

routing-instances {
    vpn-a {

      vrf-export vpn-a-export;
       vrf-import vpn-a-import;
    }
 }

The export statement is usually limited to just
tagging with the vpn-b community then accepting.

You could use the vrf target statement and perhaps an
extra import statement if you're not doing anything
much with policy control in your VPN.

Chris

--- "Sykes, Phil" <Phil.Sykes at cwe.cwplc.com> wrote:

>  
> Hi Folks,
> 
>  I'd like to be able to use routing-policy to import
> a route from BGP into a
> particular routing-instance, based on community,
> e.g. 
> 
> protocols {
> 	bgp {
> 		group foo {
> 			import move-to-instance;
> 		}
> 	}
> }
> 
> policy-options {
> 	policy-statement move-to-instance {
> 		from {
> 			community instance-community;
> 		}
> 		then {
> 			routing-instance different-instance;
> 			^^^^^^^^^^^^^^^^ (this command doesn't exist)
> 		}
> 	}
> }
> 
> routing-instances {
>     different-instance {
>         instance-type forwarding;
>     }
> }
> 
>  I can't import this route via 'instance-import' in
> routing-instances,
> because it is not (and must not be) the selected
> route in the router's
> master routing-instance RIB (any way round that also
> gratefully received :-)
> 
> The BGP neighbor that the route is coming from does
> not necessarily support
> multiple routing tables, and needs to be sending
> routes into the master
> routing-instance. 
>  I don't really want to import routes into the
> different-instance, and then
> export them into the master routing-instance,
> although I recognise that
> might be one way of doing it.
> 
> Cheers,
> 
> Phil
> 
> --
> Phil Sykes, Senior Network Engineer
> IP Engineering, Cable & Wireless Network Services
> p: +49 89 92699 204  m: +49 172 89 79 727  aim:
> philsykesatcw
> 
> This e-mail has been scanned for viruses by the
> Cable & Wireless e-mail security system - powered by
> MessageLabs. For more information on a proactive
> managed e-mail security service,  visit
> http://www.cw.com/uk/emailprotection/ 
>  
> The information contained in this e-mail is
> confidential and may also be subject to legal
> privilege. It is intended only for the recipient(s)
> named above. If you are not named above as a
> recipient, you must not read, copy, disclose,
> forward or otherwise use the information contained
> in this email. If you have received this e-mail in
> error, please notify the sender (whose contact
> details are above) immediately by reply e-mail and
> delete the message and any attachments without
> retaining any copies.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
> 