14: Routing Policy

Routing policies control the flow of routing information. Routing policies are classified into import and export policies.

Prefix lists can be referenced in multiple places;

edit policy-options
prefix-list rfc1918 {
    10.0.0.0/8;
    172.16.0.0/12;
    192.168.0.0/16;
}
policy-statement policy-1 {
    term term-1 {
        from {
            prefix-list rfc1918;
        }
        then reject;
    }
}

Reject updates about private IP addresses;

policy-statement policy-1 {
    term reject-rfc1918-prefixes {
        from {
            10.0.0.0/8 orlonger;
            172.16.0.0/12 orlonger;
            192.168.0.0/16 orlonger;
        }
        then reject;
    }
}

Apply a routing policy;

edit protocols ospf
export my-policy;

Routing Policy

A policy is a set of if…then statements that determine whether or not a route received from a routing protocol is imported into or exported from the routing table.

All statements in the ‘from’ statement of a policy must match for the ‘then’ statement to be executed. Execution stops at terminating actions in the ‘then’ statement. Terminating actions are ‘accept’ and ‘reject’.

‘from’ statements select routes based on:

• Prefix
• Protocol
• Routing protocol attributes
• Next hop
• Neighbour

The prefix list can be referenced from policies;

policy-options {
    prefix-list rfc1918 {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }

This policy rejects routes to RFC1918 addresses;

    policy-statement policy-1 {
        term reject-rfc1918-prefixes {
            from {
                route-filter 10.0.0.0/8 orlonger;
                route-filter 172.16.0.0/12 orlonger;
                route-filter 192.168.0.0/16 orlonger;
            }
            then reject;
        }
    }

Prefix Match Types

• exact
• orlonger
• longer
• upto (specify the maximum length, e.g. /24)
• prefix-length-range (specify the minimum and maximum lengths)

Routing Policy Actions

‘accept’ and ‘reject’ are terminating actions. The non-terminating equivalents are ‘default-action accept’ and ‘default-action reject’.

‘next term’ and ‘next policy’ are flow control terms.

Modifying attributes, e.g. ‘bgp community’.

Routing policies can be chained together. The actions ‘next term’ and ‘next policy’ cause Junos to evaluate the next term or next policy.

Routing Policy Use Case

Advertise the default static route into OSPF.

policy-options {
    policy-statement default-static {
        term accept-default-static {
            from {
                protocol static;
                route-filter 0.0.0.0/0 exact;
            }
            then accept;
        }
    }
}

The ‘policy-statement’ name is user defined as ‘default-static’. Similarly, the ‘term’ name is user defined as ‘accept-default-static’. The match criteria is in the ‘from’ field; match only a static route to 0.0.0.0/0. The action is to accept the route.

protocols {
    ospf {
        export default-static;
    }
}

The policy now exports the default-static policy (and hence the default static route) into OSPF.