BGP policy-options

mumuloxmumulox Member Posts: 31 ■■□□□□□□□□
Hello,

I have a little misunderstending about policy-options in bgp. I have 2 bgp neighbors and this config:

[email protected]# show protocols bgp
local-address 2.2.2.2;
group mihai {
type internal;
import deny;
neighbor 1.1.1.1 {
import r1intor2;
peer-as 1;
}
}


[email protected]# show policy-options
policy-statement deny {
then reject;
}
policy-statement r1intor2 {
from next-hop 1.1.1.1;
then {
local-preference 300;
}
}

Accordance with Default Routing Policies and Actions - JUNOS 10.0 Policy Framework Configuration Guide , if the policy does not specify an accept, reject, next term, or next policy action , then the next policy should be evaluated (in my case deny policy).
I dont have an action defined in the r1intor2 policy, but the prefix announced by R1 is in the routing table of R2.

[email protected]# run show route protocol bgp logical-router R2

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

172.16.0.0/24 *[BGP/170] 00:40:59, localpref 300, from 1.1.1.1
AS path: I
> to 10.10.10.1 via fxp0.10

It is the normal behavior ? Thanks

Comments

  • mumuloxmumulox Member Posts: 31 ■■□□□□□□□□
    This means that the default-policy (accept for import and export) is applied independently for neighbor,group,global?
  • mumuloxmumulox Member Posts: 31 ■■□□□□□□□□
    The answer is yes :).Topic closed
  • AldurAldur Juniper Moderator Member Posts: 1,460
    Keep in mind that the deny policy is never evaluated since you have an import policy under the neighbor statement. Junos only processes the statement which is more specific and doesn't inherit the more general statement. So yes this is expected behavior.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
Sign In or Register to comment.