[j-nsp] Nested subroutine behaviour

[Jason Lixfeld]

Thanks to everyone for the comments.  In certain cases my comprehension was just plain broken.  This has helped clear that up.

> On Feb 27, 2019, at 6:51 AM, Weber, Markus <Markus.Weber at kpn.de> wrote:
> 
> Jason wrote:
>> I’m having a hard time wrapping my head around behaviour with route
>> policies that consist of nested subroutines.
>> policy-options {
>>    policy-statement P-TEST1 {
>>        term SUB1 {
>>            from policy SUB1;
>>            then reject;
>>        }
>>    }
>>    policy-statement SUB1 {
>>        term SUB2 {
>>            from policy SUB2;
>>        }
>>    }
>>    policy-statement SUB2 {
>>        term NOMATCH {
>>            from route-filter 1.1.1.1/32 exact;
>>        }
>>    }
>> }
> 
> To my knowledge:
> 
> Subroutines match if they accept and don't match if they reject. If you
> don't specify an action, the default should be accept and thus results
> in a match.
> Accepts/rejects in subroutines aren't used for accepting/rejecting the
> route, but used as condition for the from.
> 
> As your SUB1 has no explicit action, it will return (default) "accept"
> and thus in P-TEST1 "from policy SUB1" will always match. SUB2 adds
> nothing here.
> 
> It's best if you explicit add reject and accept in sub routines (unless
> you just use the sub routine for route manipulation like adding communities,
> changing local-pref, but even then it doesn't harm).
> 
> https://www.juniper.net/documentation/en_US/junos/topics/usage-guidelines/policy-configuring-subroutines-in-routing-policy-match-conditions.html
> 
> Markus
> 
>