[j-nsp] L2VPN (AFI 25) policy-statement

Catalin Petrescu cpmarvin at gmail.com
Tue May 2 10:55:58 EDT 2017

hi all,

Is there a way i can math l2vpn ( specific signalling ,  safi 65 vpls ) on
ingress ?

Looks like from family l2vpn is not available:

set term 1 from family ?

Possible completions:

  evpn                 EVPN family

  inet                 IPv4 family

  inet-mdt             IPv4 MDT Signaling family

  inet-mvpn            IPv4 Multicast VPN family

  inet-vpn             IPv4-VPN family

  inet6                IPv6 family

  inet6-mvpn           IPv6 Multicast VPN family

  inet6-vpn            IPv6-VPN family

  iso                  ISO family

  route-target         Local route target VPN family

Short overview, we have singe session btw two routers and each family has a
policy with last one being deny

bgp {

    group RR {

        type internal;


        import [ RR-INET-in RR-INET6-in RR-VPNv4-in BGP-DENY-ALL ];

        family inet {



        family inet-vpn {



        family inet6 {



        family l2vpn {




each has :

set policy-options policy-statement RR-XX-in term bulkbgp from family

set policy-options policy-statement RR-XX-in term bulkbgp from protocol bgp

set policy-options policy-statement RR-XX-in term bulkbgp then accept

set policy-options policy-statement BGP-DENY-ALL then reject

The goal was to add another policy( RR-L2VPN-in ) before BGP-DENY-ALL to
allow l2vpn signalling but this is not possible. The evpn family which is
afi 25 ( same as l2vpn ) will not match l2vpn ( guess there is a match of
safi's as well ).

I can work around this by modify the policy chaining but still strange that
this is not possible, so maybe I’m missing something?



More information about the juniper-nsp mailing list