[j-nsp] Policy-options: Logical AND for community values

Stefan Fouant sfouant at shortestpathfirst.net
Tue Sep 20 11:56:29 EDT 2011


On 9/20/2011 10:18 AM, Rafael Rodriguez wrote:
> Hello list,
>
> I've run into a snag and need some advice.
>
> *Goal:*
> Within a policy, reject prefixes that meet two conditions.  All other
> prefixes are accepted.
>
> *Conditions (logical AND):*
> 1)  Prefix must contain a community tag of "65000:999"
> 2)  Prefix must NOT contain a community tag of "65000:.11.." (regex)
>
> In condition 2) it is much easier for me to describe what I don't want than
> it is to describe what I do want (invert-match community).

Hi Rafael,

I don't have the time to give a detailed answer at the moment, but have 
you thought about looking into Junos Policy subroutines?  This seems 
like it'd be a perfect fit for your requirements.

Definitely one of the lesser understood features of Junos but it's very 
powerful when you need it.

http://www.juniper.net/techpubs/en_US/junos10.0/information-products/topic-collections/config-guide-policy/policy-routing-policies-subroutine-evaluation-method.html

Stefan Fouant
JNCIE-ER, JNCIE-M, JNCIE-SEC, JNCI
Technical Trainer, Juniper Networks

Follow us on Twitter @JuniperEducate


More information about the juniper-nsp mailing list