[j-nsp] Nested route filters (policy-statements)

Mark Tinka mark.tinka at seacom.mu
Mon Jul 2 05:38:45 EDT 2018



On 2/Jul/18 07:32, Andrew Thrift wrote:


> Hello List,
>
> So I have been using nested firewall filters for a long time now in the
> format of:
>
> term v4-accept-bgp {
>   filter v4-accept-bgp;
>   }
>
> from a parent filter statement.  This then calls the "v4-accept-bgp"
> filter.
>
> Recently I thought, I wonder if I can do this with policy-statements to
> group some common functions into classes and then call them from a master
> policy-statement per peer type.  This would reduce double entry, simplify
> the import/export statement per peer, and reduce the chance of human
> error.   I googled around for a bit, and re-read the doc's but I cannot
> find a way to achieve this.
>
> Is this possible, or am I am being too wishful ?

You can call a policy-statement from within another policy-statement. I
do this all the time.

Perhaps you can share an example configuration for thrashing on the list.

Mark.


More information about the juniper-nsp mailing list