Routing
policy (Class Map and Policy Map in Cisco) allows you to control the flow of
routing information to and from the routing table (RT). It can be used to
choose which routes to accept or reject from neighbors running dynamic routing
protocols. It can control the flow of routing information into the forwarding
table (FT).
The Junos
OS applies import policies before pacing routes in the routing table while
export policies are applied as it exports routes from the routing table (RT) to
dynamic routing protocols or to the forwarding table. Only active routes are
exported from the routing table.
jadmin@JR-1>
configure
Entering
configuration mode
Users
currently editing the configuration:
jadmin terminal p2 (pid 4022) on since
2020-10-21 01:14:03 SGT, idle 02:46:07
[edit routing-options]
The
configuration has been changed but not committed
[edit]
jadmin@JR-1#
edit policy-options
[edit
policy-options]
jadmin@JR-1#
set policy-statement ?
Possible
completions:
<policy_name> Name to identify a policy filter
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
dynamic-db Object may exist in dynamic database
>
from Conditions to match
the source of a route
>
term Policy term
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term ?
Possible
completions:
<term_name>
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term match-rip-routes ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
from Conditions to match
the source of a route
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term match-rip-routes from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term match-rip-routes from protocol ?
Possible
completions:
[ Open a set of values
access Access server routes
access-internal Internal routes to directly connected
clients
aggregate Aggregate routes
bgp BGP
direct Directly connected routes
dvmrp Distance Vector Multicast
Routing Protocol
esis End System-to-Intermediate
System
isis Intermediate
System-to-Intermediate System
l2circuit Layer 2 circuits
l2vpn Layer 2 MPLS virtual private
networks
ldp Label Distribution Protocol
local Local system addresses
msdp Multicast Source Discovery
Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First
Version 2
ospf3 Open Shortest Path First
Version 3
pim Protocol Independent
Multicast
rip Routing Information Protocol
ripng Routing Information Protocol
next generation
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined addresses
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term match-rip-routes then ?
Possible
completions:
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
[edit
policy-options]
jadmin@JR-1#
set policy-statement export-rip-policy term match-rip-routes then accept
[edit
policy-options]
jadmin@JR-1#
show
policy-statement
export-rip-policy {
term match-rip-routes {
from protocol rip;
then accept;
}
}
[edit
policy-options]
For RIP,
you apply import policies at the protocol level and neighbor level hierarchy,
whereas you configure export policies only at the group level hierarchy.
[edit
policy-options]
jadmin@JR-1#
top edit protocols rip
[edit
protocols rip]
jadmin@JR-1#
set group ?
Possible
completions:
<group_name> Group name
[edit
protocols rip]
jadmin@JR-1#
set group rip-group ?
Possible
completions:
<[Enter]> Execute this command
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
bfd-liveness-detection Bidirectional
Forwarding Detection options
demand-circuit Enable demand circuit on this interface
+
export Export policy
+
import Import policy
max-retrans-time Maximum time to re-transmit a message in
demand-circuit
metric-out Default metric of exported routes
(1..15)
>
neighbor Neighbor
configuration
preference Preference of routes learned by this
group
route-timeout Delay before routes time out (30..360
seconds)
update-interval Interval between regular route updates
(10..60 seconds)
| Pipe through a command
[edit
protocols rip]
jadmin@JR-1#
set group rip-group export ?
Possible
completions:
<value> Export policy
( Open an expression
[ Open a set of values
export-rip-policy
[edit
protocols rip]
jadmin@JR-1#
set group rip-group export export-rip-routes ?
Possible
completions:
<[Enter]> Execute this command
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
bfd-liveness-detection Bidirectional
Forwarding Detection options
demand-circuit Enable demand circuit on this interface
+
export Export policy
+
import Import policy
max-retrans-time Maximum time to re-transmit a message in
demand-circuit
metric-out Default metric of exported routes
(1..15)
>
neighbor Neighbor
configuration
preference Preference of routes learned by this
group
route-timeout Delay before routes time out (30..360
seconds)
update-interval Interval between regular route updates
(10..60 seconds)
| Pipe through a command
[edit
protocols rip]
jadmin@JR-1#
set group rip-group export export-rip-routes neighbor ?
Possible
completions:
<neighbor_name> Interface name
[edit
protocols rip]
jadmin@JR-1#
set group rip-group export export-rip-routes neighbor em0.0
[edit
protocols rip]
jadmin@JR-1#
show
group
rip-group {
export export-rip-routes; ##
'export-rip-routes' is not defined
neighbor em0.0;
}
[edit
protocols rip]
Building
Blocks of Routing Policy
A routing
policy contains ordered groups of terms.
A term is the basic building block of a
Junos OS policy, which are essentially a series of if-then statements.
When
evaluating the from statements, the
Junos OS performs the evaluation as a logical OR between arguments to a single
match criterion and a logical AND between different match criteria. For the from statement to be considered true, the item
being evaluated must match at least one of the arguments to each given match
criterion.
If a
route matches all the conditions in the from
statement of a term, the Junos OS
executes all action specified in the then
statement of the term. Provided that one
of those actions is a terminating action, the evaluation of the policy stops.
The accept or reject
of routes are terminating actions. Using these terminating actions results in a
first-match policy evaluation because Junos OS takes the specified action
immediately and performs no further evaluation of the policy.
You can
use the insert command to modify the
order in which terms appear.
You can
select routes based on their prefix, protocol, routing protocol attributes or
next-hop.
Prefix
List
You can
select routes based on their prefix using a prefix-list or a route filter. You
can reference prefix-list in multiple terms in single policy or in different
policies. You can reuse a prefix-list for both routing policy and firewall
filter.
The prefix-list matches the prefix exactly while prefix-list-filter supports match types: exact, longer, orlonger.
jadmin@JR-1>
configure
Entering
configuration mode
Users
currently editing the configuration:
jadmin terminal p2 (pid 4022) on since
2020-10-21 01:14:03 SGT, idle 03:44:45
[edit routing-options]
The
configuration has been changed but not committed
[edit]
jadmin@JR-1#
edit policy-options
[edit
policy-options]
jadmin@JR-1#
set prefix-list ?
Possible
completions:
<name> Prefix list name
[edit
policy-options]
jadmin@JR-1#
set prefix-list rfc-1918 ?
Possible
completions:
<[Enter]> Execute this command
<prefix> Address prefix
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
apply-path Apply IP prefixes from a
configuration statement
dynamic-db Object may exist in dynamic database
| Pipe through a command
[edit
policy-options]
jadmin@JR-1#
set prefix-list rfc-1918 10.0.0.0/8 ?
Possible
completions:
<[Enter]> Execute this command
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
| Pipe through a command
[edit
policy-options]
jadmin@JR-1#
set prefix-list rfc-1918 10.0.0.0/8
[edit
policy-options]
jadmin@JR-1#
set prefix-list rfc-1918 172.16.0.0/12
[edit
policy-options]
jadmin@JR-1#
set prefix-list rfc-1918 192.168.0.0/16
[edit
policy-options]
jadmin@JR-1#
set policy-statement ?
Possible
completions:
<policy_name> Name to identify a policy filter
export-rip-policy Name to identify a policy filter
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
dynamic-db Object may exist in dynamic database
>
from Conditions to match
the source of a route
>
term Policy term
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 from prefix-list ?
Possible
completions:
<prefix-list-name> Name of prefix-list of routes to match
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 from prefix-list rfc-1918
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 then ?
Possible
completions:
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 then reject
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-2 from prefix-list-filter ?
Possible
completions:
<list_name> Name of prefix-list of routes to
match
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-2 from prefix-list-filter rfc-1918 ?
Possible
completions:
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-2 from prefix-list-filter rfc-1918 orlonger ?
Possible
completions:
<[Enter]> Execute this command
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
dynamic-db Object may exist in dynamic database
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
| Pipe through a command
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-2 from prefix-list-filter rfc-1918 orlonger reject
[edit
policy-options]
jadmin@JR-1#
show
prefix-list rfc-1918 {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
}
policy-statement
export-rip-policy {
term match-rip-routes {
from protocol rip;
then accept;
}
}
policy-statement pol-1 {
from {
prefix-list rfc-1918;
}
then
reject;
}
policy-statement pol-2 {
from {
prefix-list-filter rfc-1918 orlonger reject;
}
}
[edit
policy-options]
Route
Filters
Route
filters are list of prefixes configured within a single routing policy term.
Unlike prefix-list, they are not reusable but rather specific to the policy
term which they are configured.
They
provide a few more match types for selecting prefixes:
- exact - the match type exact means that only routes that
match the given prefix exactly match the filter statement.
- orlonger - the match type orlonger means that routes with
prefix length greater than or equal to the given prefix length match the
filter statement.
- longer - the match type longer means that routes with
prefix length greater than the
given prefix length match the filter statement.
- upto - the match type upto means that routes with
prefix length greater than or equal to the given prefix length, but less
than or equal to the upto prefix length match the filter statement.
- prefix-length-range - the
match type prefix-length-range means that routes with a prefix length greater than or
equal to the first given prefix length, but less than or equal to the
second prefix length match the filter statement.
jadmin@JR-1>
configure
Entering
configuration mode
The
configuration has been changed but not committed
[edit]
jadmin@JR-1#
edit policy-options
[edit
policy-options]
jadmin@JR-1#
set policy-statement ?
Possible
completions:
<policy_name> Name to identify a policy filter
export-rip-policy Name to identify a policy filter
pol-1 Name to identify a policy
filter
pol-2 Name to identify a policy
filter
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
dynamic-db Object may exist in dynamic database
>
from Conditions to match
the source of a route
>
term Policy term
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term ?
Possible
completions:
<term_name>
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
from Conditions to match
the source of a route
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from route-filter ?
Possible
completions:
<address> IP address or hostname
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from route-filter
172.16.0.0/12 ?
Possible
completions:
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from route-filter
172.16.0.0/12 orlonger
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from route-filter
192.168.0.0/16 longer
jadmin@JR-1#
set policy-statement pol-1 term filter-rfc1918-prefix from route-filter
10.0.0.0/8 exact
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 then ?
Possible
completions:
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol-1 then reject
[edit
policy-options]
jadmin@JR-1#
show
prefix-list
rfc-1918 {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
}
policy-statement
export-rip-policy {
term match-rip-routes {
from protocol rip;
then accept;
}
}
policy-statement pol-1 {
term
filter-rfc1918-prefix {
from {
route-filter 172.16.0.0/12 orlonger;
route-filter 192.168.0.0/16 longer;
route-filter 10.0.0.0/8 exact;
}
}
from {
prefix-list rfc-1918;
}
then
reject;
}
policy-statement
pol-2 {
from {
prefix-list-filter rfc-1918 orlonger
reject;
}
}
[edit
policy-options]
jadmin@JR-1>
test policy ?
Possible
completions:
<policy> Policy name
jadmin@JR-1>
test policy pol-1 ?
Possible
completions:
<prefix> Destination prefix
jadmin@JR-1>
test policy pol-1 192.168.0.0/16 //
YOU CAN ALSO TEST THE EFFECTIVENESS OF THE CONFIGURED POLICY; NOTE THE DEFAULT
IS ACCEPT ALL ROUTES
Common
Actions
The accept and reject
are some common terminating actions since they cause the evaluation of the
policy to stop and accept or reject the route.
The default-action accept and default-action reject do not cause the
evaluation policy to stop, but overrule the default policy's accept or reject
determination.
The next term and next
policy causes the Junos OS to evaluate the next term or next policy,
respectively.
Other
common actions modify routing protocol attributes such as BGP community, route
preference, etc.
Defining
Routing Policy
Two steps
to define a routing policy:
- Define the
routing policy under edit policy-options hierarchy level
- Apply the routing policy
jadmin@JR-1>
configure
Entering
configuration mode
Users
currently editing the configuration:
jadmin terminal v0 (pid 1480) on since
2020-10-21 12:35:46 SGT, idle 00:18:40
[edit]
[edit]
jadmin@JR-1#
edit policy-options
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
dynamic-db Object may exist in dynamic database
>
from Conditions to match
the source of a route
>
term Policy term
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term ?
Possible
completions:
<term_name>
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
from Conditions to match
the source of a route
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes from protocol ?
Possible
completions:
[ Open a set of values
access Access server routes
access-internal Internal routes to directly connected
clients
aggregate Aggregate routes
bgp BGP
direct Directly connected routes
dvmrp Distance Vector Multicast
Routing Protocol
esis End System-to-Intermediate
System
isis Intermediate
System-to-Intermediate System
l2circuit Layer 2 circuits
l2vpn Layer 2 MPLS virtual private
networks
ldp Label Distribution Protocol
local Local system addresses
msdp Multicast Source Discovery
Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First
Version 2
ospf3 Open Shortest Path First
Version 3
pim Protocol Independent
Multicast
rip Routing Information Protocol
ripng Routing Information Protocol
next generation
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined addresses
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes from protocol direct
jadmin@JR-1#
set policy-statement pol1 term ?
Possible
completions:
<term_name>
allow-local-routes
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes then ?
Possible
completions:
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-local-routes then accept
jadmin@JR-1#
set policy-statement pol1 term allow-static from protocol static
jadmin@JR-1#
set policy-statement pol1 term allow-static from route-filter ?
Possible
completions:
<address> IP address or hostname
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR-1# set policy-statement pol1 term allow-static from route-filter 172.18.1.0/24 ?
Possible
completions:
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR-1#
set policy-statement pol1 term allow-static from route-filter 172.18.1.0/24
exact
jadmin@JR-1#
set policy-statement pol1 term allow-static from route-filter 172.18.0.0/16
orlonger
jadmin@JR-1#
set policy-statement pol1 term allow-static then accept
jadmin@JR-1#
set policy-statement pol1 term allow-rip from protocol rip
jadmin@JR-1#
set policy-statement pol1 term allow-rip then accept
[edit
policy-options]
jadmin@JR-1#
show
policy-statement
pol1 {
term allow-local-routes {
from protocol direct;
then accept;
}
term allow-static {
from {
protocol static;
route-filter 172.18.1.0/24 exact;
route-filter 172.18.0.0/16
orlonger;
}
then accept;
}
term allow-rip {
from protocol rip;
then accept;
}
}
[edit
policy-options]
Applying
Routing Policy
Depending
on the routing protocol, you can apply import and export policies at multiple
hierarchy levels. Note OSPF only allows protocol-level export and import
policies to maintain a consistent Link State Database (LSDB).
The Junos
OS apply the most specific import and export policy. Import and export policies
at higher configuration hierarchy levels are applied at the lower levels if no
other policy exist. If you configure a policy at a lower hierarchy level, the
system apply that policy.
[edit
policy-options]
jadmin@JR-1#
top edit protocols ospf
[edit
protocols ospf]
jadmin@JR-1#
set ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
area Configure an OSPF
area
>
backup-spf-options Configure options
for backup SPF
>
database-protection Configure database
protection attributes
disable Disable OSPF
+
export Export policy
external-preference Preference of external routes
>
graceful-restart Configure graceful
restart attributes
+
import Import policy (for
external routes or setting priority)
no-nssa-abr Disable full NSSA functionality at
ABR
no-rfc-1583 Disable RFC1583 compatibility
>
overload Set the overload
mode (repel transit traffic)
preference Preference of internal routes
prefix-export-limit Maximum number of prefixes that can be
exported
reference-bandwidth Bandwidth for calculating metric defaults
rib-group Routing table group for importing
OSPF routes
>
spf-options Configure options
for SPF
>
topology Topology parameters
>
traceoptions Trace options for
OSPF
>
traffic-engineering Configure traffic
engineering attributes
[edit
protocols ospf]
jadmin@JR-1#
set export pol1 ?
Possible
completions:
<[Enter]> Execute this command
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
area Configure an OSPF
area
>
backup-spf-options Configure options
for backup SPF
>
database-protection Configure database
protection attributes
disable Disable OSPF
+
export Export policy
external-preference Preference of external routes
>
graceful-restart Configure graceful
restart attributes
+
import Import policy (for
external routes or setting priority)
no-nssa-abr Disable full NSSA functionality at
ABR
no-rfc-1583 Disable RFC1583 compatibility
>
overload Set the overload
mode (repel transit traffic)
preference Preference of internal routes
prefix-export-limit Maximum number of prefixes that can be
exported
reference-bandwidth Bandwidth for calculating metric defaults
rib-group Routing table group for importing
OSPF routes
>
spf-options Configure options
for SPF
>
topology Topology parameters
>
traceoptions Trace options for
OSPF
>
traffic-engineering Configure traffic
engineering attributes
| Pipe through a command
[edit
protocols ospf]
jadmin@JR-1#
set export pol1 area 0.0.0.0 ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
area-range Configure area
ranges
>
context-identifier Configure context
identifier in support of edge protection
>
interface Include an interface
in this area
>
label-switched-path Configuration for
advertisement of a label-switched path
+
network-summary-export Export policy for
Type 3 Summary LSAs
+
network-summary-import Import policy for
Type 3 Summary LSAs
no-context-identifier-advertisement Disable context identifier advertisments in
this area
>
peer-interface Configuration for
peer interface
>
virtual-link Configure virtual
links
[edit
protocols ospf]
jadmin@JR-1#
set export pol1 area 0.0.0.0 interface em0.0 passive
[edit
protocols ospf]
jadmin@JR-1#
show
export
pol1;
area
0.0.0.0 {
interface em0.0 {
passive;
}
}
[edit
protocols ospf]
Policy
Chaining
You can
cascade or chain a policy to solve a complex set of route manipulation task in
a modular manner.
The Junos
OS evaluates policies from left to right based on the order in which they are
applied to a routing protocol. It checks the match criteria of each policy and
performs the associated action when a match occurs. If the first policy does
not match or if the match is associated with a nonterminating action, it
evaluates the route against the next policy in the chain. This pattern repeats
itself for all policies in the chain. The Junos OS ultimately applies the
default policy for a given protocol when no terminating actions occur while
evaluating the user-defined policy chain.
Case
Study: Advertise default static route into OSPF routing policy
jadmin@JR1>
configure
Entering
configuration mode
Users
currently editing the configuration:
root terminal v0 (pid 1488) on since
2020-10-25 10:26:47 UTC, idle 00:53:36
[edit system login]
[edit]
jadmin@JR1#
edit routing-options
[edit
routing-options]
jadmin@JR1#
set static route 0.0.0.0/0 next-hop 10.1.1.10
[edit
routing-options]
jadmin@JR1#
top edit policy-options
[edit
policy-options]
jadmin@JR1#
set policy-statement ?
Possible
completions:
<policy_name> Name to identify a policy filter
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
dynamic-db Object may exist in dynamic database
>
from Conditions to match
the source of a route
>
term Policy term
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term ?
Possible
completions:
<term_name>
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static ?
Possible
completions:
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
from Conditions to match
the source of a route
>
then Actions to take if
'from' and 'to' conditions match
>
to Conditions to match
the destination of a route
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static from ?
Possible
completions:
aggregate-contributor Match more specifics of an aggregate
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
area OSPF area identifier
+
as-path Name of AS path
regular expression (BGP only)
+
as-path-group Name of AS path
group (BGP only)
color Color (preference) value
color2 Color (preference) value 2
+
community BGP community
>
community-count Number of BGP
communities
+
condition Condition to match
on
>
external External route
family
instance Routing protocol instance
+
interface Interface name or
address
level IS-IS level
local-preference Local preference associated with a route
metric Metric value
metric2 Metric value 2
metric3 Metric value 3
metric4 Metric value 4
>
multicast-scope Multicast scope to
match
+
neighbor Neighboring router
+
next-hop Next-hop router
next-hop-type Next-hop type
origin BGP origin attribute
+
policy Name of policy to
evaluate
preference Preference value
preference2 Preference value 2
>
prefix-list List of prefix-lists
of routes to match
>
prefix-list-filter List of
prefix-list-filters to match
+
protocol Protocol from which
route was learned
rib Routing table
>
route-filter List of routes to
match
route-type Route type
>
source-address-filter List of source
addresses to match
state Route state
+
tag Tag string
tag2 Tag string 2
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static from protocol ?
Possible
completions:
[ Open a set of values
access Access server routes
access-internal Internal routes to directly connected
clients
aggregate Aggregate routes
bgp BGP
direct Directly connected routes
dvmrp Distance Vector Multicast
Routing Protocol
esis End System-to-Intermediate
System
isis Intermediate
System-to-Intermediate System
l2circuit Layer 2 circuits
l2vpn Layer 2 MPLS virtual private
networks
ldp Label Distribution Protocol
local Local system addresses
msdp Multicast Source Discovery
Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First
Version 2
ospf3 Open Shortest Path First
Version 3
pim Protocol Independent
Multicast
rip Routing Information Protocol
ripng Routing Information Protocol
next generation
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined addresses
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static from protocol
static
jadmin@JR1#
set policy-statement default-route-ospf term default-static from route-filter ?
Possible
completions:
<address> IP address or hostname
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR1# set policy-statement default-route-ospf term default-static from route-filter 0.0.0.0/0 ?
Possible
completions:
address-mask Mask applied to prefix address
exact Exactly match the prefix length
longer Mask is greater than the prefix
length
orlonger Mask is greater than or equal to
the prefix length
prefix-length-range Mask falls between two prefix lengths
through Route falls between two prefixes
upto Mask falls between two prefix
lengths
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static from route-filter
0.0.0.0/0 exact
jadmin@JR1#
set policy-statement default-route-ospf term default-static then ?
Possible
completions:
accept Accept a route
>
aigp-originate Originate a BGP AIGP
attribute
+
apply-groups Groups from which to
inherit configuration data
+
apply-groups-except Don't inherit
configuration data from these groups
>
as-path-expand Prepend AS numbers
prior to adding local-as (BGP only)
as-path-prepend Prepend AS numbers to an AS path (BGP
only)
class Set class-of-service parameters
>
color Color (preference)
value
>
color2 Color (preference)
value 2
>
community BGP community
properties associated with a route
cos-next-hop-map Set CoS-based next-hop map in forwarding
table
damping Define BGP route flap damping
parameters
default-action Set default policy action
destination-class Set destination class in forwarding table
>
external External route
forwarding-class Set source or destination class in
forwarding table
>
install-nexthop Choose the next hop
to be used for forwarding
label-allocation Set label allocation mode
>
load-balance Type of load
balancing in forwarding table
>
local-preference Local preference
associated with a route
>
map-to-interface Set output logical
interface
>
metric Metric value
>
metric2 Metric value 2
>
metric3 Metric value 3
>
metric4 Metric value 4
next Skip to next policy or term
>
next-hop Set the address of
the next-hop router
origin BGP path origin
>
preference Preference value
>
preference2 Preference value 2
priority Set priority for route
installation
reject Reject a route
source-class Set source class in forwarding table
+
ssm-source List of Sources for
SSM mapping
>
tag Tag string
>
tag2 Tag string 2
trace Log matches to a trace file
[edit
policy-options]
jadmin@JR1#
set policy-statement default-route-ospf term default-static then accept
[edit
policy-options]
jadmin@JR1#
show
policy-statement
default-route-ospf {
term default-static {
from {
protocol static;
route-filter 0.0.0.0/0 exact;
}
then accept;
}
}
[edit
policy-options]
jadmin@JR1#
top edit protocols ospf
[edit
protocols ospf]
jadmin@JR1#
set export ?
Possible
completions:
<value> Export policy
( Open an expression
[ Open a set of values
default-route-ospf
[edit
protocols ospf]
jadmin@JR1#
set export default-route-ospf
[edit
protocols ospf]
jadmin@JR1#
show
export default-route-ospf; // EXPORT (INJECT) DEFAULT STATIC ROUTE
FROM ROUTING TABLE INTO OSPF
area
0.0.0.0 {
interface em0.0 {
passive;
}
interface em1.0;
interface lo0.0;
}
[edit
protocols ospf]
jadmin@JR1#
commit and-quit
commit
complete
Exiting
configuration mode
jadmin@JR2>
show route protocol ospf
inet.0: 7
destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ =
Active Route, - = Last Active, * = Both
0.0.0.0/0
*[OSPF/150] 00:01:51, metric 0, tag 0 // JR2 INSTALLS EXTERNAL OSPF ROUTE
(PREFERENCE 150)
> to 172.25.1.1 via em0.0
10.1.1.0/24 *[OSPF/10] 00:33:51, metric 2
> to 172.25.1.1 via
em0.0
172.20.1.1/32 *[OSPF/10] 00:33:51, metric 1
> to 172.25.1.1 via
em0.0
224.0.0.5/32 *[OSPF/10] 00:38:09, metric 1
MultiRecv
jadmin@JR2>
show route protocol ospf ?
Possible
completions:
<[Enter]> Execute this command
<destination> IP address and optional prefix length
of destination
active-path Show active paths
advertising-protocol Show information in format intended for
particular routing protocol
all Show all entries, including
hidden entries
aspath-regex BGP AS path regular expression for
entries to match
best Show longest matching route
brief Display brief output
ccc Name of entry in MPLS table
with a circuit cross-connect interface
+
community Identifier for
community (can include wildcards)
community-name Name of configured community policy to
match
damping Show entries subjected to
particular kind of route damping
detail Display detailed output
exact Show routes that match exactly
extensive Display extensive output
hidden Show hidden entries
inactive-path Show inactive paths
inactive-prefix Show inactive route destinations
label Label of entry in MPLS routing
table
label-switched-path Name of LSP tunnel associated with entries
logical-system Name of logical system, or 'all'
match-prefix Regular expression to match formatted
prefix
next-hop IP address of next hop that is
destination for entries
no-community Show entries with no associated
community
output Show entries sent out a
particular interface
private Show private table routes
range Show all entries in prefix
range
rd-prefix Route distinguisher with ip prefix
(rd:prefix)
receive-protocol Show information in format received from
particular routing protocol
source-gateway IP address of source router for entries
static-label-switched-path Name of static LSP tunnel associated with
entries
table Name of routing table
terse Display terse output
| Pipe through a command
jadmin@JR2>
show route protocol ospf exact ?
Possible
completions:
<[Enter]> Execute this command
<destination> IP address and optional prefix length
of destination
active-path Show active paths
advertising-protocol Show information in format intended for
particular routi
ng
protocol
all Show all entries, including
hidden entries
aspath-regex BGP AS path regular expression for
entries to match
brief Display brief output
ccc Name of entry in MPLS table
with a circuit cross-connect
interface
+
community Identifier for
community (can include wildcards)
community-name Name of configured community policy to
match
damping Show entries subjected to
particular kind of route damping
detail Display detailed output
extensive Display extensive output
hidden Show hidden entries
inactive-path Show inactive paths
inactive-prefix Show inactive route destinations
label Label of entry in MPLS routing
table
label-switched-path Name of LSP tunnel associated with entries
logical-system Name of logical system, or 'all'
match-prefix Regular expression to match formatted
prefix
next-hop IP address of next hop that is
destination for entries
no-community Show entries with no associated
community
output Show entries sent out a
particular interface
private Show private table routes
rd-prefix Route distinguisher with ip prefix
(rd:prefix)
receive-protocol Show information in format received from
particular routing protocol
source-gateway IP address of source router for entries
static-label-switched-path Name of static LSP tunnel associated with
entries
table Name of routing table
terse Display terse output
| Pipe through a command
jadmin@JR2>
show route protocol ospf exact 0/0
inet.0: 7
destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ =
Active Route, - = Last Active, * = Both
0.0.0.0/0
*[OSPF/150] 00:02:11, metric 0, tag 0
> to 172.25.1.1 via em0.0
Below are the configurations for JR1 and JR2, respectively.
JR1
edit routing-options
set static route 0.0.0.0/0 next-hop 10.1.1.10
top edit policy-options
set policy-statement default-route-ospf term
default-static from protocol static
set policy-statement default-route-ospf term
default-static from route-filter 0.0.0.0/0 exact
set policy-statement default-route-ospf term
default-static then accept
show
top edit protocols ospf
set export default-route-ospf
show
commit and-quit
JR2
show route protocol ospf
show route protocol ospf exact 0/0
