Juniper Routing Policy

published: 23rd of February 2019

Overview

Junos routing policy allows an administrator to alter the default behaviour of a routing protocol. All routing protocols try to determine the best path to a destination based on the protocols definition of the best "metric". The Junos routing policy framework allows an administrator to influence the best path based on their business needs.

Usage Examples

Alter the best path to a destination
Modify or ignore routes that are advertised to you
Modify or ignore routes that are advertised to your neighbours
Redistribute routes between protocols

Policy Application

There are two places routing policy can be applied.

Inbound - Import policy
Outbound - Export policy

The use of a routing policy alters a routers view of the network topology. If you apply a policy inbound it will alter the local routers perception of the network topology. Applying a policy outbound will alter a neighbours perception of the network topology.

BGP policies can be applied at three levels. The below list is order from the most to least preferred.

Neighbor
Group
Global

Less preferred policies are ignored if a more preferred match is also configured.

Policy Processing

Routing policy is only evaluated against active routes in the routing table.
Policies are evaluated in a daisy-chain order known as a policy-chain .
Evaluation is halted once a policy match is found and the policy contains a terminating action .
If no match is found evaluation will continue to the next policy .
If no match is found in any policy the default policy will be evaluated.

Terminating Action

Terminating actions define how a route match is utilised. The options are accept and reject . Their usage is as follows.

Accept - Route will be placed in the routing table and advertised to neighbours
Reject - Route is ignored and will not be placed in the routing table

Action Modifiers

Prior to a route being accepted or rejected by a terminating action the routes attributes can be modified. Below are some common usage examples of action modifiers.

local-preference - Set the BGP local-preference attribute
metric - Set the metric for a route
next-hop - Set the next-hop interface for a route
origin - Set the BGP origin attribute
preference - Set the routes preference (AD)

Flow Control

There are two flow control statements that can be used within routing policy.

next term - Moves to the next term in the current policy
next policy - Moves to the next policy in the policy chain

Policy Configuration

There are two methods to define a routing policy. term based and non-term based .

Non-term based policies can only have one set of match/action statements.

    config
  

    policy-options {
    policy-statement POLICY-NAME {
        from {
            MATCH-CONDITIONS;
        }
        then {
            ACTIONS;
        }
    }
}
  

Term Based

Term based policies allow for more than one set of match/action statements using a term block.

    config
  

    policy-options {
    policy-statement POLICY-NAME {
        term TERM-NAME {
            from {
                MATCH-CONDITIONS;
            }
            then {
                ACTIONS;
            }
        }
        term TERM-NAME {
            from {
                MATCH-CONDITIONS;
            }
            then {
                ACTIONS;
            }
        }
    }
}
  

Note

If a term does not contain a term the next-term is evaluated.

Route Filters

Route filters are used to apply routing policy to a specific route (or set of routes). There are a number of methods to match a route(s) which are outlined below.

exact

The exact prefix
192.168.0.0/16

longer

Prefixes more specific than the defined prefix
192.168.0.0/16 longer

orlonger

Defined prefix plus more specific prefixes
192.168.0.0/16 orlonger

upto

Defined prefix and prefixes up to a defined prefix length
192.168.0.0/16 upto /18

prefix-length-range

Defined prefix and routes between a defined prefix length start and end
192.168.0.0/16 prefix-length-range /17-/18

through

Defined prefixes and any prefixes in between
192.168.0.0/16 through 192.168.0.0/19

Radix Tree

A radix tree is used to match prefixes based on the route filter conditions. The below diagram^[1] is a sample radix tree.

The below diagram^[2] illustrates how route filters affect the selection of prefixes in the radix tree.

blog/juniper-routing-policy/radix-tree-2.png

Default Routing Policy

The default manner in which Junos handles routing policy is outlined in the table below.

Protocol	Import	Export
BGP	Accept all received IPv4/6 routes and place them in the inet.0/6 table.	Re-advertise all IPv4/6 routes to all BGP neighbors apart from iBGP peers unless local router is a route reflector.
OSPF/v3	Accept all OSPF received IPv4/6 routes and place them in the inet.0/6 table.	Reject everything. OSPF uses flooding to advertise local and learned routes.
IS-IS	Accept all IS-IS received IPv4/6 routes and place them in the inet.0/6 table.	Reject everything. IS-IS uses flooding to advertise local and learned routes.
RIP/ng	Accept all RIP/ng received IPv4/6 routes and place them in the inet.0/6 table.	Reject everything. An export policy is required to export RIP/ng routes.

References

1. JNCIA: Juniper Networks Certified Internet Associate Study Guide - Chapter 4: Routing Policy - Page 164
2. JNCIA: Juniper Networks Certified Internet Associate Study Guide - Chapter 4: Routing Policy - Page 167

Bibliography

1. Soricelli, J. Hammond, J. Pildush, G. Van Meter, T. and Warble, T. (2003) JNCIA: Juniper Networks Certified Internet Associate Study Guide. Juniper / Sybex
2. Author Unknown (2012) JNCIA-Junos Study Guide-Part 2. Juniper Networks