[j-nsp] Leaking OSPF routes into ISIS

Phil Shafer phil at juniper.net
Fri Oct 7 08:58:00 EDT 2016

Hugo Slabbert writes:
>I generally create an explicit 'reject-all' policy and stick that at the=20
>end of policy lists, rather than nesting the reject within an existing=20
>policy.  It's a bit clearer.

You can also do this with a config group, since they are added (to lists)
after the foreground config:

Something like:

    groups default-reject policy-options policy-statement <*> then reject;
    protocols apply-groups default-reject;


More information about the juniper-nsp mailing list