[prev in list] [next in list] [prev in thread] [next in thread]
List: juniper-nsp
Subject: Re: [j-nsp] Filtering RIB -> FIB Routes
From: Lawrence Wong <lawrencewong72 () yahoo ! com>
Date: 2010-11-23 17:16:36
Message-ID: 684009.13751.qm () web54205 ! mail ! re2 ! yahoo ! com
[Download RAW message or body]
Thanks Cougar, it works like a charm!
Just thinking out loud, could I do something like all routing-instances
rejecting BGP routes into FIB by default and allow only the global routing
instance to inject BGP routes into FIB?
e.g.
policy-options {
policy-statement reject-default-rib {
term permit { <- to accept BGP->FIB in the default/amin
routing-instance
from {
rib inet.0;
protocol bgp;
}
then accept;
}
term reject { <- to reject BGP->FIB in all other routing-instances
from {
protocol bgp;
}
then reject;
}
then accept; <- to accept all other routes (static, ospf, etc) in each
routing-instance
}
}
Are there any known complications, implications or best practises on filtering
in this manner?
(btw, is inet.0 the correct RIB table that I should reference to? Or should I
indicate default.inet.0?)
Best regards,
----- Original Message ----
From: Cougar <cougar@random.ee>
To: Lawrence Wong <lawrencewong72@yahoo.com>
Cc: juniper-nsp@puck.nether.net
Sent: Mon, November 22, 2010 8:06:05 AM
Subject: Re: [j-nsp] Filtering RIB -> FIB Routes
Hi Lawrence,
Something like this should work
routing-options {
forwarding-table {
export [ reject-instanceA-rib … ];
}
}
policy-options {
policy-statement reject-instanceA-rib {
term Uplink1.inet.0 {
from {
rib A.inet.0;
protocol bgp;
}
then reject;
}
}
}
To move routes from one instance to another you need rib-groups.
--
Cougar
On Sun, 21 Nov 2010, Lawrence Wong wrote:
> Thanks Richard. I've read through the JUNOS docs as well, but couldn't seem to
> figure out how to limit the context of the filtering to the routing-instance
as
> the routing-policy is specified in the global configuration and not
> routing-instance.
>
> i.e. the box has a routing-instance A => BGP routes found in routing-instance
A
> should not go into the FIB for routing-instance A. But BGP routes from
> routing-instance A received by the main box should go into the main FIB.
>
> i've tried this but it does not seem to have any effect at all on the box.
>
>
> policy-statement reject-bgp {
> from {
> protocol bgp;
> instance A;
>
> }
> then {
> reject;
> }
> }
>
>
> Do you happen to know of any examples/samples configuration that I can refer
> to?
>
> Thanks!
>
>
>
> ----- Original Message ----
> From: Richard A Steenbergen <ras@e-gerbil.net>
> To: Lawrence Wong <lawrencewong72@yahoo.com>
> Cc: juniper-nsp@puck.nether.net
> Sent: Mon, November 22, 2010 1:21:17 AM
> Subject: Re: [j-nsp] Filtering RIB -> FIB Routes
>
> On Sun, Nov 21, 2010 at 05:02:58PM -0800, Lawrence Wong wrote:
> > Hi everyone,
> >
> > I'm new to JUNOS and would like to enquire if it's possible to filter
> > routes found in the RIB from going onto the FIB? This is on a J4350
> > box running 10.3R1.9 in Packet Mode (MPLS configured and enabled).
>
> http://www.juniper.net/techpubs/software/junos/junos93/swconfig-policy/applying-routing-policies-to-the-forwarding-table.html
> l
>
>
> --
> Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
> GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic