[j-nsp] BGP Communities and exports

[Richard A Steenbergen]

On Wed, Oct 18, 2006 at 02:00:56PM -0400, James Cornman wrote:
> Hello.
> 
> I'm working on a project for which I prefer to have as granular as
> possible, for controlling outbound routing announcements. The problem I'm
> running into is a 'Direct' route overriding a 'Static' (as it should) and
> Junipers protocols bgp export command not functioning properly (or me not
> having it configured properly).
...
> 
> Problem: The route 10.59.235.0/24 never gets into BGP and never gets
> exported to ATT. I've found it working if I move the BGP-Origination
> policy-statement to the export command within the individual BGP peer
> group. I shouldn't have to do that.

Under your current setup there is no difference between having the 
directly connected interface vs having a static route. You would 
definitely need to put bgp-origination into the export statement as you've 
got it currently written. You could of course make it a sub-policy of your 
"export the prefixes I will be announcing, both existing prefixes in BGP 
and new prefixes I am originating on this router", so you didn't need to 
type it out seperately every time.

> I've spoke to Juniper, and they claim that the export at the 'protocols
> bgp' level is being overridden, so i've attempted to have some 'next
> policy' type things at the end of BGP-Origination, but that hasn't helped.

They're probably right, based on what I can tell of your example. If you 
do a neighbor x.x.x.x export, it COMPLETELY overrides the entire export 
policy from the group level.

That said, this entire config is probably one of the worst abuses of 
Juniper policy language I have seen since Darrin was free. I'd strongly 
recommend that you completely gut and redesign it.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)