[j-nsp] Strange behavior of BGP policy
Tim Vollebregt
tim at interworx.nl
Tue Nov 9 06:08:18 EST 2010
Hi Alexander,
When using this policy you are doing the following:
-Reject sending default route
-Sending prefix 178.214.192.0/19
-Accepting all other advertisements by BGP it's default behaviour.
I think this would be fine:
show policy-options policy-statement to-MHost
term Itself {
from {
protocol static;
route-filter 178.214.192.0/19 exact;
}
then next policy;
}
term reject {
then reject;
}
Regards,
Tim
policy-options policy-statement to-MHost
term Itself {
from {
protocol static;
route-filter 178.214.192.0/19 exact;
}
then accept;
then
next policy;
}
term reject {
then reject;
}
On 09-11-10 11:18, Alexander Shikoff wrote:
> Hello,
>
> On MX80-48T with JunOS 10.2R1.8 I have a BGP session with downstream
> configured as follows:
>
> minotaur at br1-gdr.ki# show routing-instances World protocols bgp group Downstreams
> neighbor 178.214.196.6
> description "MHost: World";
> import [ Local-Pref-400 from-MHost Deny-Rest ];
> export to-MHost;
> peer-as 21098;
>
>
> Filtering of outgoing prefixes is performed via to-MHost policy:
> minotaur at br1-gdr.ki# show policy-options policy-statement to-MHost
> term Default {
> from {
> route-filter 0.0.0.0/0 exact;
> }
> then reject;
> }
> term Itself {
> from {
> protocol static;
> route-filter 178.214.192.0/19 exact;
> }
> then accept;
> }
> then accept;
>
>
> As you can see only route 178.214.192.0/19 from static routes should be
> redistributed into BGP, but I see another routes (direct, static, OSPF)
> also being redistributed:
> minotaur at br1-gdr.ki# run show route 178.214.192.0/19 advertising-protocol bgp
> 178.214.196.6
>
> World.inet.0: 337026 destinations, 668447 routes (333360 active, 10 holddown, 3675
> hidden)
> Prefix Nexthop MED Lclpref AS path
> * 178.214.192.0/19 Self I
> * 178.214.192.0/27 Self 2 I
> * 178.214.192.64/32 Self I
> * 178.214.192.65/32 Self 2 I
> * 178.214.192.68/32 Self 2 I
> * 178.214.192.69/32 Self I
> * 178.214.192.96/28 Self I
> * 178.214.192.128/29 Self I
> * 178.214.192.136/30 Self I
> * 178.214.192.140/30 Self 2 I
> * 178.214.192.144/30 Self I
> * 178.214.193.0/30 Self 2 I
> * 178.214.193.4/30 Self 2 I
> * 178.214.194.0/30 Self 2 I
> * 178.214.194.4/30 Self 2 I
> * 178.214.195.0/24 Self 2 I
> * 178.214.196.4/30 Self I
>
> Why does policy accepts another direct/static/OSPF routes?
>
> Thanks.
>
More information about the juniper-nsp
mailing list