Routing Policy
23rd February 2019
Overview
Junos routing policy allows an administrator to alter the default behaviour of a routing protocol. All routing protocols try to determine the best path to a destination based on the protocols definition of the best "metric". The Junos routing policy framework allows an administrator to influence the best path based on their business needs.
Usage Examples
- Alter the best path to a destination
- Modify or ignore routes that are advertised to you
- Modify or ignore routes that are advertised to your neighbours
- Redistribute routes between protocols
Policy Application
There are two places routing policy can be applied.
- Inbound - Import policy
- Outbound - Export policy
The use of a routing policy alters a routers view of the network topology. If you apply a policy inbound it will alter the local routers perception of the network topology. Applying a policy outbound will alter a neighbours perception of the network topology.
BGP policies can be applied at three levels. The below list is order from the most to least preferred.
- Neighbor
- Group
- Global
Less preferred policies are ignored if a more preferred match is also configured.
Policy Processing
- Routing policy is only evaluated against active routes in the routing table.
- Policies are evaluated in a daisy-chain order known as a policy-chain.
- Evaluation is halted once a policy match is found and the policy contains a terminating action.
- If no match is found evaluation will continue to the next policy.
- If no match is found in any policy the default policy will be evaluated.
Terminating Action
Terminating actions define how a route match is utilised. The options are accept and reject. Their usage is as follows.
- Accept - Route will be placed in the routing table and advertised to neighbours
- Reject - Route is ignored and will not be placed in the routing table
Action Modifiers
Prior to a route being accepted or rejected by a terminating action the routes attributes can be modified. Below are some common usage examples of action modifiers.
- local-preference - Set the BGP local-preference attribute
- metric - Set the metric for a route
- next-hop - Set the next-hop interface for a route
- origin - Set the BGP origin attribute
- preference - Set the routes preference (AD)
Flow Control
There are two flow control statements that can be used within routing policy.
- next term - Moves to the next term in the current policy
- next policy - Moves to the next policy in the policy chain
Policy Configuration
There are two methods to define a routing policy. term based and non-term based.
Non-term based policies can only have one set of match/action statements.
policy-options {
policy-statement POLICY-NAME {
from {
MATCH-CONDITIONS;
}
then {
ACTIONS;
}
}
}
Term Based
Term based policies allow for more than one set of match/action statements using a term block.
policy-options {
policy-statement POLICY-NAME {
term TERM-NAME {
from {
MATCH-CONDITIONS;
}
then {
ACTIONS;
}
}
term TERM-NAME {
from {
MATCH-CONDITIONS;
}
then {
ACTIONS;
}
}
}
}
Note
If a term does no contain a terminating action the next-term is evaluated.
Route Filters
Route filters are used to apply routing policy to a specific route (or set of routes). There are a number of methods to match a route(s) which are outlined below.
exact
- The exact prefix
- 192.168.0.0/16
longer
- Prefixes more specific than the defined prefix
- 192.168.0.0/16 longer
orlonger
- Defined prefix plus more specific prefixes
- 192.168.0.0/16 orlonger
upto
- Defined prefix and prefixes up to a defined prefix length
- 192.168.0.0/16 upto /18
prefix-length-range
- Defined prefix and routes between a defined prefix length start and end
- 192.168.0.0/16 prefix-length-range /17-/18
through
- Defined prefixes and any prefixes in between
- 192.168.0.0/16 through 192.168.0.0/19
Radix Tree
A radix tree is used to match prefixes based on the route filter conditions. The below diagram[1] is a sample radix tree.
The below diagram[2] illustrates how route filters affect the selection of prefixes in the radix tree.
Default Routing Policy
The default manner in which Junos handles routing policy is outlined in the table below.
Protocol | Import | Export |
---|---|---|
BGP | Accept all received IPv4/6 routes and place them in the inet.0/6 table. | Re-advertise all IPv4/6 routes to all BGP neighbors apart from iBGP peers unless local router is a route reflector. |
OSPF/v3 | Accept all OSPF received IPv4/6 routes and place them in the inet.0/6 table. | Reject everything. OSPF uses flooding to advertise local and learned routes. |
IS-IS | Accept all IS-IS received IPv4/6 routes and place them in the inet.0/6 table. | Reject everything. IS-IS uses flooding to advertise local and learned routes. |
RIP/ng | Accept all RIP/ng received IPv4/6 routes and place them in the inet.0/6 table. | Reject everything. An export policy is required to export RIP/ng routes. |
References
1 | JNCIA: Juniper Networks Certified Internet Associate Study Guide - Chapter 4: Routing Policy - Page 164 |
2 | JNCIA: Juniper Networks Certified Internet Associate Study Guide - Chapter 4: Routing Policy - Page 167 |
Bibliography
Soricelli, J. Hammond, J. Pildush, G. Van Meter, T. and Warble, T. (2003) JNCIA: Juniper Networks Certified Internet Associate Study Guide. Juniper / Sybex |
Author Unknown (2012) JNCIA-Junos Study Guide-Part 2. Juniper Networks |
Links
https://www.juniper.net/documentation/en_US/junos/topics/concept/policy-routing-policies-overview.html
https://www.juniper.net/documentation/en_US/junos/topics/usage-guidelines/policy-configuring-route-lists-for-use-in-routing-policy-match-conditions.html
https://www.juniper.net/documentation/en_US/junos/topics/concept/policy-routing-policies-actions-defaults.html