[j-nsp] Optimizing the FIB on MX
Alexander Arseniev
arseniev at btinternet.com
Wed Feb 17 16:07:01 EST 2016
Hello,
On 17/02/2016 19:51, Vincent Bernat wrote:
> Hey!
>
>
> If the condition system would allow me to match a next-hop or an
> interface in addition to a route, I could do:
>
> 3. Reject any route with upstream as next-hop if there is a default
> route to upstream.
>
> 4. Reject any route with peer as next-hop if there is a default route
> to peer.
>
> 5. Accept everything else.
True, one cannot match on "next-hop" in "condition", only on exact
prefix+table name.
But this can be done using "route isolation" approach.
So, the overall approach is:
1/ create a separate table and leak a 0/0 route there matching on 0/0
exact + next-hop ("isolate the interested route"). Use "instance-import"
+ policy.
2/ create condition
policy-options {
condition default-to-upstream {
if-route-exists {
0.0.0.0/0;
table isolate-0/0.inet.0;
}
}
3/ use condition to match & reject the specifics:
policy-options {
policy-statement reject-same-nh-as-0/0 {
term 1 {
from {
protocol bgp;
route-filter 0/0 longer;
condition default-to-upstream;
next-hop 198.18.1.1;
}
then reject;
}
term 2 {
from {
protocol bgp;
route-filter 0/0 longer;
next-hop 198.18.1.1;
}
then accept;
}
Disclaimer - I haven't tested this myself.
HTH
Thx
Alex
More information about the juniper-nsp
mailing list