Custom Training

Module 6 Routing Policy

Policy Overview
Routing policy controls routing information transferred

into and out of the routing table

Ignore or change imported learned routes Suppress or change advertised active routes Redistribute routes from one protocol to another protocol

Routing policy consist of match/action pairs Eliminates need for route maps, access lists, distribution lists, network commands etc. to accomplish a single goal

Import and Export Policy

Juniper Networks Technical Certification Program (JNTCP) M/T-Series Routers Track

Routing policy is performed from the perspective of the

routing table
JUNOS applies import policy prior to route selection and inclusion into the routing table JUNOS applies export policy to active routes prior to being sent to neighbor

Neighbor

Juniper Networks Technical Certification Program (JNTCP) Enterprise Routing Track

Import

Routing Table

Export

Neighbor

Default Routing Policy

Every protocol has default policy A default policy is applied implicitly to the end of both the import and export policy chain

IS-IS and OSPF Import: IS-IS and OSPF do not allow import policies and therefore do not require a default import policy. Export: The primary purpose of IS-IS and OSPF export policies are to introduce routes from other protocol.
RIP Import: Accept all routes imported from RIP neighbors Export: Reject all routes advertised to RIP neighbors

BGP Import: Accept all routes imported from BGP neighbors Export: Accept all routes exported to BGP neighbors in accordance with the BGP protocol requirements

Routing Policy Syntax

Generic policy syntax

policy-options { policy-statement policy-name { term term-name { from { match-conditions; } then { match-actions; } } } }

A policy can have multiple terms

Match Conditions
Policies typically contain some form of match condition The absence of a match condition means that all possible routes match
Possible match conditions include: Neighbor address Protocol
The protocol which activated the route in the routing table
10.10.0.0/16 172.16.30.0/24 192.168.5.0/24 *[BGP/170] *[OSPF/10] *[Static/5]

Routing protocol information

BGP attributes OSPF Tag OSPF area ID

Match Actions
The action performed in a term or policy for a given

match condition
Terminating actions
Accept route

Reject route

Flow control actions

Skip to next term Skip to next policy

Modify attribute actions

Cost (metric) Preference Community (Tag) Local-preference

Route Filters
Route Filters are used to match individual routes or

groups of routes
General syntax in the form of:
route-filter prefix/prefix-length match-type action;

Route Filter evaluation depends on the match type Match types dictate the different route sets
exact orlonger longer upto prefix-length-range

Route Filters
192.168/16
192.168/16 192.168/16

exact
192.168/16

orlonger (down to /32)
192.168/16

longer (down to /32)

upto

/x

prefix-length-range /x-/y

/y

Policy Examples
Write a policy to redistribute RIP routes into OSPF

Policies are configured under the policy-options hierarchy

[edit policy-options] lab@Denver# show policy-statement rip-to-ospf term rip-routes { from protocol rip; then accept; }

Apply the policy to OSPF

[edit protocols ospf] lab@Denver# set export rip-to-ospf

Another Policy Example

Juniper Networks Technical Certification Program (JNTCP) M/T-Series Routers Track

Multiple match conditions require that all criteria match

before the action is applied

Create a policy to redistribute only OSPF area 2 routes
[edit] lab@Denver# show policy-options policy-statement isis-level2-routes { term l2-routes { from { protocol ospf; area 2; } then accept; } }

Another Policy Example

Configure a multiple term policy Create a policy to aggregate BGP routes
lab@Denver# show policy-options policy-statement aggregate-routes { term reject-specific-routes { from { protocol bgp; route-filter 172.80.0.0/16 longer; } then reject; } term accept-agg-route { from { protocol aggregate; route-filter 172.80.0.0/16 exact; } then accept; } }

Monitoring Policy Operation

Neighbors Routes Protocol show route receive-protocol bgp neighbor
Show routes before import policy

Route Filters

Import Policy

Export Policy
Routing Table

Neighbors Routes Protocol

show route advertising-protocol bgp neighbor

Shows routes after export policy

The show route receive-protocol and show

route advertising-protocol commands:

Filtered routes are the exception for import policy

Display routing updates received before import and after export policy processing, respectively

Other tools

test policy command

Questions