[j-nsp] v6 BGP Policy Bug?
Stacy W. Smith
stacy at acm.org
Tue Apr 14 22:19:24 EDT 2009
Are you certain you don't see this same behavior for an IPv4 BGP
export policy? I believe what you describe is the expected behavior
and is consistent across all (or at least most) applications of
routing policy on JUNOS.
--Stacy
On Apr 14, 2009, at 5:47 PM, Mark Tinka wrote:
> Hi all.
>
> We recently experienced a situation where an M7i (JunOS
> 9.4R1.8), on which we applied an export policy for a v6 BGP
> session, was leaking more v6 routes than it should have
> been.
>
> We realized that if the final term in the BGP policy was
> 'accept', not only did the router export the BGP v6 routes,
> but it also exported all other v6 routes learned from other
> sources, i.e., IS-IS and Direct, to its BGP peers, which
> said BGP peers installed in their BGP table.
>
> To resolve this issue, we added a 'from protocol bgp' option
> along with the 'accept' in the final term.
>
> Obviously, for policies whose final term is 'reject' (we
> have a number of those), this issue does not present.
>
> This seems like odd behaviour as:
>
> a) We don't see this for v4.
>
> b) One would expect that the policy would only affect routes
> from which protocol it's been applied to.
>
> Is this a bug or a feature?
>
> Although I think it's a good idea that the final term in a
> BGP policy should specify the source of the route, folk that
> do not like this should rest in the fact that policies
> applied to a specific routing protocol would, by default,
> affect routes learned only by that protocol.
>
> Has anyone else seen this? Considering opening a case with
> JTAC.
>
> Cheers,
>
> Mark.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list