BGP policy-options
Hello,
I have a little misunderstending about policy-options in bgp. I have 2 bgp neighbors and this config:
mihai@juniper8.5# show protocols bgp
local-address 2.2.2.2;
group mihai {
type internal;
import deny;
neighbor 1.1.1.1 {
import r1intor2;
peer-as 1;
}
}
mihai@juniper8.5# show policy-options
policy-statement deny {
then reject;
}
policy-statement r1intor2 {
from next-hop 1.1.1.1;
then {
local-preference 300;
}
}
Accordance with Default Routing Policies and Actions - JUNOS 10.0 Policy Framework Configuration Guide , if the policy does not specify an accept, reject, next term, or next policy action , then the next policy should be evaluated (in my case deny policy).
I dont have an action defined in the r1intor2 policy, but the prefix announced by R1 is in the routing table of R2.
mihai@juniper8.5# run show route protocol bgp logical-router R2
inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.0.0/24 *[BGP/170] 00:40:59, localpref 300, from 1.1.1.1
AS path: I
> to 10.10.10.1 via fxp0.10
It is the normal behavior ? Thanks
I have a little misunderstending about policy-options in bgp. I have 2 bgp neighbors and this config:
mihai@juniper8.5# show protocols bgp
local-address 2.2.2.2;
group mihai {
type internal;
import deny;
neighbor 1.1.1.1 {
import r1intor2;
peer-as 1;
}
}
mihai@juniper8.5# show policy-options
policy-statement deny {
then reject;
}
policy-statement r1intor2 {
from next-hop 1.1.1.1;
then {
local-preference 300;
}
}
Accordance with Default Routing Policies and Actions - JUNOS 10.0 Policy Framework Configuration Guide , if the policy does not specify an accept, reject, next term, or next policy action , then the next policy should be evaluated (in my case deny policy).
I dont have an action defined in the r1intor2 policy, but the prefix announced by R1 is in the routing table of R2.
mihai@juniper8.5# run show route protocol bgp logical-router R2
inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.0.0/24 *[BGP/170] 00:40:59, localpref 300, from 1.1.1.1
AS path: I
> to 10.10.10.1 via fxp0.10
It is the normal behavior ? Thanks
Comments
-
mumulox
Member Posts: 31 ■■□□□□□□□□
This means that the default-policy (accept for import and export) is applied independently for neighbor,group,global? -
Aldur
Member Posts: 1,460
Keep in mind that the deny policy is never evaluated since you have an import policy under the neighbor statement. Junos only processes the statement which is more specific and doesn't inherit the more general statement. So yes this is expected behavior."Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."
-Bender
.Topic closed