[j-nsp] L2VPN (AFI 25) policy-statement
Catalin Petrescu
cpmarvin at gmail.com
Tue May 2 10:55:58 EDT 2017
hi all,
Is there a way i can math l2vpn ( specific signalling , safi 65 vpls ) on
ingress ?
Looks like from family l2vpn is not available:
set term 1 from family ?
Possible completions:
evpn EVPN family
inet IPv4 family
inet-mdt IPv4 MDT Signaling family
inet-mvpn IPv4 Multicast VPN family
inet-vpn IPv4-VPN family
inet6 IPv6 family
inet6-mvpn IPv6 Multicast VPN family
inet6-vpn IPv6-VPN family
iso ISO family
route-target Local route target VPN family
Short overview, we have singe session btw two routers and each family has a
policy with last one being deny
bgp {
group RR {
type internal;
local-address 10.2.2.2;
import [ RR-INET-in RR-INET6-in RR-VPNv4-in BGP-DENY-ALL ];
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
...
each has :
set policy-options policy-statement RR-XX-in term bulkbgp from family
inet/inet6/inet-vpn
set policy-options policy-statement RR-XX-in term bulkbgp from protocol bgp
set policy-options policy-statement RR-XX-in term bulkbgp then accept
set policy-options policy-statement BGP-DENY-ALL then reject
The goal was to add another policy( RR-L2VPN-in ) before BGP-DENY-ALL to
allow l2vpn signalling but this is not possible. The evpn family which is
afi 25 ( same as l2vpn ) will not match l2vpn ( guess there is a match of
safi's as well ).
I can work around this by modify the policy chaining but still strange that
this is not possible, so maybe I’m missing something?
Regards,
Catalin
More information about the juniper-nsp
mailing list