Policy Framework Configuration Guide - Juniper Networks

Junos 10.4 Policy Framework Configuration Guide
first policy of a chain sets a route’s metric to 500, this route matches the criterion of
metric 500 defined in the next policy.
For information about how the policy framework software evaluates routing policies and
policy chains, see “Evaluating a Routing Policy” on page 29.
Effect of Omitting Ingress Match Conditions from Export Policies
In export policies, omitting the from statement in a term might lead to unexpected results.
By default, if you omit the from statement, all routes are considered to match. For example,
static and direct routes are not exported by BGP by default. However, if you create a term
with an empty from statement, these routes inadvertently could be exported because
they matched the from statement. For example, the following routing policy is designed
to reject a few route ranges and then export routes learned by BGP (which is the default
export behavior):
[edit]
routing-options {
autonomous-system 56;
}
protocols {
bgp {
group 4 {
export statics-policy;
type external;
peer-as 47;
neighbor 192.168.1.1;
}
}
}
policy-options {
policy-statement statics-policy {
term term1 {
from {
route-filter 192.168.0.0/16 orlonger;
route-filter 172.16.1.1/3 orlonger;
}
then reject; # reject the prefixes in the route list
}
term term2 {
then {
accept; # accept all other routes, including static and direct routes
}
}
}
}
However, this routing policy results in BGP advertising static and direct routes to its peers
because:
• term1 rejects the destination prefixes enumerated in the route list.
• term2, because it has no from statement, matches all other routes, including static
and direct routes, and accepts all these routes (with the accept statement).
58
Copyright © 2010, Juniper Networks, Inc.