[j-nsp] apply-path and interface addresses
Erdem Sener
erdems at gmail.com
Fri Sep 7 10:14:07 EDT 2007
Hi Pekka,
The following works for at least 8.2:
[edit policy-options]
lab at router# show prefix-list p1
apply-path "interfaces lo0 unit 0 family inet address <*>";
[edit policy-options]
lab at router# show prefix-list p1 | display inheritance
##
## apply-path was expanded to:
## 10.0.0.4/32;
##
apply-path "interfaces lo0 unit 0 family inet address <*>";
[edit policy-options]
lab at router# show prefix-list p2 | display inheritance
##
## apply-path was expanded to:
## 10.0.0.4/32;
##
apply-path "interfaces lo0 unit <*> family inet address <*>";
HTH
Erdem
On 9/7/07, Pekka Savola <pekkas at netcore.fi> wrote:
> Hi,
>
> Apply-path is a nice feature, but for some reason it doesn't seem to
> work for interface addresses, e.g.:
>
> apply-path "interfaces lo0 unit 0 family inet address <*>";
> or:
> apply-path "interfaces <*> unit <*> family inet address <*>";
> or:
> apply-path "interfaces <*> unit <*> family inet address <*>/32";
>
> Am I missing something or is it impossible to use apply-path when an
> address also includes the prefix length?
>
> These would have two main applications:
> 1) gather all the addresses of the router on loopback interfaces
> (e.g. because due to tunnel PIC encapsulation those addresses used
> as tunnel endpoints must be special-handled in firewall filters)
> 2) gather some special physical interface-related addresses
> a) with the same prefix mask as in config (e.g., 1.1.1.1/30 stays
> the same)
> b) replacing the prefix mask in config with /32 or /128 (1.1.1.1/30
> becomes 1.1.1.1/32).
>
> --
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list