[j-nsp] BGP export policy, group vs neighbor level

Andrey Kostin ankost at podolsk.ru
Fri Feb 4 14:15:25 EST 2022 

Hi,
this KB article just came in:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB12008&actp=SUBSCRIPTION
Symptoms:
Why does modifying a policy on a BGP neighbor in a group cause that 
particular peer to be reset, when another policy is applied for the 
whole peer group?
Solution:
Changing the export policy on a member (peer) in a group will cause that 
member to be reset, as there is no graceful way to modify a group 
parameter for a particular peer. Junos can gracefully change the export 
policy, only when it is applied to the complete group.

It's not much helpful but just provides a confirmation.

Kind regards,
Andrey

Raph Tello via juniper-nsp писал(а) 2022-02-04 09:33:
> I would also like to hear opinions about having ipv4 and ipv6 ebgp peer
> sessions in the same group and using the same policy instead of having 
> two
> separate groups and two policies (I saw this kind policy at
> https://bgpfilterguide.nlnog.net/guides/small_prefixes/#junos).
> 
> It would nicely pack things together. Could that be considered kind of 
> new
> best practice?
> 
> On Thu 3. Feb 2022 at 16:12, Raph Tello <telloraph at gmail.com> wrote:
> 
>> Hi list,
>> 
>> I wonder what kind of bgp group configuration would allow me to change 
>> the
>> import/export policy of a single neighbor without resetting the 
>> session of
>> this neighbor nor any other session of other neighbors. Similar to
>> enabling/disabling features on a single session without resetting the
>> sessions of others.
>> 
>> Let‘s say I have a bgp group IX-peers and each peer in that group has 
>> its
>> own import/export policy statement but all reference the same 
>> policies. Now
>> a single IX-peer needs a different policy which is going to change
>> local-pref, so I would replace the policy chain of that peer with a
>> different one.
>> 
>> Would this cause a session reset because the peer would be moved out 
>> of
>> the update group?
>> 
>> (I wonder mainly about group>peer>policy vs. group>policy vs. each 
>> peer
>> it‘s own group)
>> 
>> - Tello
>> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list