[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring a Routing Policy with a Configuration Editor

A routing policy has a major impact on the flow of routing information or packets within and through the device. The match conditions and actions allow you to configure a customized policy to fit your needs.

To configure a routing policy, you must perform the following tasks marked (Required). Perform additional tasks as needed for your router. For information about using the J-Web and CLI configuration editors, see the J-Web Interface User Guide and the JUNOS CLI User Guide.

Configuring the Policy Name (Required)

Each routing policy is identified by a policy name. The name can contain letters, numbers, and hyphens (-) and can be up to 255 characters long. To include spaces in the name, enclose the entire name in double quotation marks.

Each routing policy name must be unique within a configuration.

To configure the policy name:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 212.
  3. Go on to Configuring a Policy Term (Required).

Table 212: Configuring the Policy Name

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Next to Policy statement, click Add new entry.

From the [edit] hierarchy level, enter

edit policy-options

Enter the policy name—for example, policy1.

  1. In the Policy name box, type policy1.
  2. Click OK.

Type the policy-name value:

set policy-statement policy1

Configuring a Policy Term (Required)

Each routing policy term is identified by a term name. The name can contain letters, numbers, and hyphens (-) and can be up to 255 characters long. To include spaces in the name, enclose the entire name in double quotation marks.

To configure a policy term:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 213.
  3. If you are finished configuring the router, commit the configuration.
  4. To configure additional routing policy features, go on to one of the following procedures:

Table 213: Configuring a Policy Term

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Under Policy name, click policy1.

From the [edit] hierarchy level, enter

edit policy-options policy-statement policy1

Create and name a policy term—for example, term1.

  1. In the Term box, click Add new entry.
  2. In the Term name box, type term1.
  3. Click OK.

Create and name a policy term:

set term term1

Rejecting Known Invalid Routes (Optional)

You can specify known invalid (“bad”) routes to ignore by specifying matches on destination prefixes. When specifying a destination prefix, you can specify an exact match with a specific route, or a less precise match by using match types. You can configure either a common reject action that applies to the entire list, or an action associated with each prefix. Table 214 lists route list match types.

Table 214: Route List Match Types

Match Type

Match Conditions

exact

The route shares the same most-significant bits (described by prefix-length), and prefix-length is equal to the route's prefix length.

longer

The route shares the same most-significant bits (described by prefix-length), and prefix-length is greater than the route's prefix length.

orlonger

The route shares the same most-significant bits (described by prefix-length), and prefix-length is equal to or greater than the route's prefix length.

prefix-length-range prefix-length2-prefix-length3

The route shares the same most-significant bits (described by prefix-length), and the route's prefix length falls between prefix-length2 and prefix-length3, inclusive.

through destination-prefix

All the following are true:

  • The route shares the same most-significant bits (described by prefix-length) of the first destination prefix.
  • The route shares the same most-significant bits (described by prefix-length) of the second destination prefix for the number of bits in the prefix length.
  • The number of bits in the route's prefix length is less than or equal to the number of bits in the second prefix.

You do not use the through match type in most routing policy configurations. For more information, see the JUNOS Policy Framework Configuration Guide.

upto prefix-length2

The route shares the same most-significant bits (described by prefix-length) and the route's prefix length falls between prefix-length and prefix-length2.

For example, you can create a policy named rejectpolicy1 to reject routes with a mask of /8 and greater (/8, /9, /10, and so on) that have the first 8 bits set to 0, and to accept routes less than 8 bits in length.

To create rejectpolicy1:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 215.
  3. If you are finished configuring the router, commit the configuration.
  4. To configure additional routing policy features, go on to one of the following procedures:

Table 215: Creating a Policy to Reject Known Invalid Routes

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Next to Policy statement, click Add new entry.

From the [edit] hierarchy level, enter

edit policy-options policy-statement

Create a rejection policy and term—for example, rejectpolicy1 and rejectterm1.

  1. In the Policy name box, type rejectpolicy1.
  2. Next to Term, click Add new entry.
  3. In the Term name box, type rejectterm1.

Enter

set rejectpolicy1 term rejectterm1

Specify the routes to accept—for example, routes with a mask of 0/0 up to /7.

  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Address box, type 0/0.
  4. From the Modifier list, select Upto.
  5. In the Upto box, type /7.
  6. From the Accept reject list, select accept.
  7. Click OK.

Accept routes less than 8 bits in length:

set from route-filter 0/0 up to /7 accept

Specify the routes to reject—for example, routes with a mask of /8 or greater.

  1. Next to Route filter, click Add new entry.
  2. In the Address box, type /8.
  3. From the Modifier list, select Orlonger.
  4. From the Accept reject list, select reject.
  5. Click OK.
  1. Specify routes less than 8 bits in length:

    set from route-filter /8 orlonger

  2. Reject these routes:

    set then reject

Injecting OSPF Routes into the BGP Routing Table (Optional)

You can specify a match condition for policies based on protocols by naming a protocol from which the route is learned or to which the route is being advertised. You can specify one of the following protocols: aggregate, BGP, direct, DVMRP, IS-IS, local, OSPF, PIM-dense, PIM-sparse, RIP, or static

For example, you can inject or redistribute OSPF routes into the BGP routing table by creating a routing policy.

To create a routing policy named injectpolicy1 that redistributes OSPF routes from Area 1 only into BGP and does not advertise routes learned by BGP:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 216.
  3. If you are finished configuring the router, commit the configuration.
  4. To configure additional routing policy features, go on to one of the following procedures:

Table 216: Creating a Policy to Inject OSPF Routes into BGP

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Next to Policy statement, click Add new entry.

From the [edit] hierarchy level, enter

edit policy-options policy-statement

Create an injection policy and term—for example, injectpolicy1 and injectterm1.

  1. In the Policy name box, type injectpolicy1.
  2. Next to Term, click Add new entry.
  3. In the Term name box, type injectterm1.

Enter

set injectpolicy1 term injectterm1

Specify the OSPF routes.

  1. In the From option, click Configure.
  2. In the Protocol box, click Add new entry.
  3. In the Value drop box, select ospf.
  4. Click OK.

Specify the OSPF match condition:

set from ospf

Specify the routes from a particular OSPF area—for example, Area 1.

  1. In the Area box, type 1.
  2. Click OK.

Specify Area 1 as a match condition:

set from area 1

Specify that the route is to be accepted if the previous conditions are matched.

Set the default option to reject other OSPF routes.

  1. Next to Then, click Configure.
  2. From the Accept reject list, Select accept.
  3. From the Default action list, Select reject.
  4. Click OK until you return to the main Configuration page.

Specify the action to accept:

set then accept

Navigate to the Bgp level in the configuration hierarchy.

  1. On the main Configuration page next to Protocols, click Configure or Edit.
  2. Next to Bgp, click Configure or Edit.

From the [edit] hierarchy level, enter

edit protocols bgp

Apply the routing policy injectpolicy1 to BGP.

  1. Next to Export, click Add new entry.
  2. In the Value option, type injectpolicy1.
  3. Click OK.

Specify the OSPF match condition:

set export injectpolicy1

Grouping Source and Destination Prefixes in a Forwarding Class (Optional)

Create a forwarding class called forwarding-class1 that includes packets based on both the destination address and the source address in the packet.

To configure and apply the routing policy policy1, which you configured in Table 212 and Table 213, to group source and destination prefixes in a forwarding class:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 217.
  3. If you are finished configuring the router, commit the configuration.
  4. To configure additional routing policy features, go on to one of the following procedures:

Table 217: Creating a Policy to Group Source and Destination Prefixes in a Forwarding Class

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the term1 level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Under Policy name, click policy1.
  4. Under Term name, click term1.

From the [edit] hierarchy level, enter

edit policy-options policy-statement policy1 term term1

Specify the routes to include in the route filter. For example:

  • Source routes greater than or equal to 10.210.0.0/16
  • Destination routes greater than or equal to 10.215.0.0/16
  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Address box, type 10.210.0.0/16.
  4. From the Modifier list, select Orlonger.
  5. Click OK to return to the From page.

Specify the source routes for the route filter:

set from route-filter 10.210.0.0/16 orlonger

  1. Next to Route filter, click Add new entry.
  2. In the Address box, type 10.215.0.0/16.
  3. From the Modifier list, select Orlonger.
  4. Click OK until you return to the Term page.

Specify the destination routes for the route filter:

set from route-filter 10.215.0.0/16 orlonger

Group the source and destination prefixes into a forwarding class—for example, forwarding-class1.

  1. Next to Then, click Configure.
  2. In the Forwarding class box, type forwarding-class1.
  3. Click OK.

Specify the forwarding class name:

set then forwarding class forwarding-class1

Navigate to the Forwarding table level in the configuration hierarchy.

  1. On the main Configuration page next to Routing options, click Configure or Edit.
  2. Next to Forwarding table, click Configure or Edit.

From the [edit] hierarchy level, enter

edit routing-options forwarding-table

Apply the policy1 policy to the forwarding table.

The routing policy is evaluated when routes are being exported from the routing table into the forwarding table. Only active routes are exported from the routing table.

  1. Next to Export, click Add new entry.
  2. In the Value box, type policy1.
  3. Click OK.

Specify the routing policy to apply:

set export policy1

You can refer to the same routing policy one or more times in the same or a different export statement.

Configuring a Policy to Prepend the AS Path (Optional)

You can prepend or add one or more autonomous system (AS) numbers at the beginning of an AS path. The AS numbers are added after the local AS number has been added to the path. Prepending an AS path makes a shorter AS path look longer and therefore less preferable to the Border Gateway Protocol (BGP).

For example, from AS 1, there are two equal paths (through AS 2 and AS 3) to reach AS 4. You might want packets from certain sources to use the path through AS 2. Therefore, you must make the path through AS 3 look less preferable so that BGP chooses the path through AS 2. In AS 1, you can prepend multiple AS numbers.

To create a routing policy prependpolicy1 that prepends multiple AS numbers:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 218.
  3. If you are finished configuring the router, commit the configuration.
  4. To suppress route information, see Configuring Damping Parameters (Optional).

Table 218: Creating a Policy to Prepend AS Numbers

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Next to Policy statement, click Add new entry.

From the [edit] hierarchy level, enter

edit policy-options policy-statement

Create a prepend policy and term—for example, prependpolicy1 and prependterm1.

  1. In the Policy name box, type prependpolicy1.
  2. Next to Term, click Add new entry.
  3. In the Term name box, type prependterm1.

Enter

set prependpolicy1 term prependterm1

Specify the routes to prepend AS numbers to. For example:

  • Routes greater than or equal to 172.16.0.0/12
  • Routes greater than or equal to 192.168.0.0/16
  • Routes greater than or equal to 10.0.0.0/8
  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Value box, type 172.16.0.0/12.
  4. From the Modifier list, select Orlonger.
  5. Click OK.

Specify the first routes to prepend:

set from route-filter 172.16.0.0/12 orlonger

  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Value box, type 192.168.0.0/16.
  4. From the Modifier list, select Orlonger.
  5. Click OK.

Specify the next routes to prepend:

set from route-filter 192.168.0.0/16 orlonger

  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Value box, type 10.0.0.0/8.
  4. From the Modifier list, select Orlonger.
  5. Click OK until you return to the Term page.

Specify the last routes to prepend:

set from route-filter 10.0.0.0/8 orlonger

Specify the AS numbers to prepend. Separate each AS number with a space—for example, 1 1 1 1.

  1. Next to Then, click Configure.
  2. In the AS path prepend box, type 1 1 1 1.
  3. Click OK.

Specify the AS numbers to prepend, and enclose them inside double quotation marks:

set then as-path-prepend “1 1 1 1”

Navigate to the Bgp level in the configuration hierarchy.

  1. On the main Configuration page next to Protocols, click Configure or Edit.
  2. Next to Bgp, click Configure or Edit.

From the [edit] hierarchy level, enter

edit protocols bgp

Apply the prependpolicy1 policy as an import policy for all BGP routes.

The routing policy is evaluated when routes are being imported to the routing table.

  1. Next to Import, click Add new entry.
  2. In the Value box, type prependpolicy1.
  3. Click OK.

Apply the policy:

set import prependpolicy1

You can refer to the same routing policy one or more times in the same or a different import statement.

Configuring Damping Parameters (Optional)

Flap damping reduces the number of update messages by marking routes as ineligible for selection as the active or preferable route. Marking routes in this way leads to some delay, or suppression, in the propagation of route information, but the result is increased network stability. You typically apply flap damping to external BGP (EBGP) routes (routes in different ASs). You can also apply flap damping within a confederation, between confederation member ASs. Because routing consistency within an AS is important, do not apply flap damping to internal BGP (IBGP) routes. (If you do, it is ignored.)

You can specify one or more of the damping parameters described in Table 219. If you do not specify a damping parameter, the default value of the parameter is used.

Table 219: Damping Parameters

Damping Parameter

Description

Default Value

Possible Values

half-life minutes

Decay half-life—Number of minutes after which an arbitrary value is halved if a route stays stable.

15 (minutes)

1 through 4

max-suppress minutes

Maximum hold-down time for a route, in minutes.

60 (minutes)

1 through 720

reuse

Reuse threshold—Arbitrary value below which a suppressed route can be used again.

750

1 through 20000

suppress

Cutoff (suppression) threshold—Arbitrary value above which a route can no longer be used or included in advertisements.

3000

1 through 20000

To change the default BGP flap damping values, you define actions by creating a named set of damping parameters and including it in a routing policy with the damping action. For the damping routing policy to work, you also must enable BGP route flap damping.

To configure damping with a policy named dampenpolicy1, perform these steps:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 220.
  3. If you are finished configuring the router, commit the configuration.

Table 220: Creating a Policy to Accept and Apply Damping on Routes

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Policy statement level in the configuration hierarchy.

  1. In the J-Web interface, select Configure>CLI Tools>Point and Click CLI.
  2. Next to Policy options, click Configure or Edit.
  3. Next to Policy statement, click Add new entry.

From the [edit] hierarchy level, enter

edit policy-options policy-statement

Create a damping policy and term—for example, dampenpolicy1 and dampenterm1.

  1. In the Policy name box, type dampenpolicy1.
  2. Next to Term, click Add new entry.
  3. In the Term name box, type dampenterm1.

Enter

set dampenpolicy1 term dampenterm1

Specify the routes to dampen and associate each group of routes with a group name. For example:

  • group1—Routes greater than or equal to 172.16.0.0/12
  • group2—Routes greater than or equal to 192.168.0.0/16
  • group3—Routes greater than or equal to 10.0.0.0/8
  1. Next to From, click Configure.
  2. Next to Route filter, click Add new entry.
  3. In the Address box, type 172.16.0.0/12.
  4. In the Damping box, type group1.
  5. From the Modifier list, select Orlonger.
  6. Click OK.

Specify the first routes to dampen:

set from route-filter 172.16.0.0/12 orlonger damping group 1

  1. Next to Route filter, click Add new entry.
  2. In the Address box, type 192.168.0.0/16.
  3. In the Damping box, type group2.
  4. From the Modifier list, select Orlonger.
  5. Click OK.

Specify the next routes to dampen:

set from route-filter 192.168.0.0/16 orlonger

  1. Next to Route filter, click Add new entry.
  2. In the Address box, type 10.0.0.0/8.
  3. In the Damping box, type group3.
  4. From the Modifier list, select Orlonger.
  5. Click OK until you return to the Policy options page.

Specify the last routes to dampen:

set from route-filter 10.0.0.0/8 orlonger

Create three damping parameter groups with different damping actions. For example:

  • group1—Increases the half-life to 30 minutes. All other parameters are left at their default values.
  • group2—Increases the half-life to 40 minutes, decreases the maximum hold-down time for a route to 45 minutes, increases the reuse value to 1000, and reduces the cutoff (suppression) threshold to 400.
  • group3—Disables route damping.

For each damping group:

  1. Next to Damping, click Add new entry.
  2. In the Damping object name box, type the name of a damping group—for example, group1.
  3. In the Half life box, type the half-life duration, in minutes:
    • For group130
    • For group240
  4. In the Max suppress box, type the maximum hold-down time, in minutes:
    • For group160 (the default)
    • For group245
  5. In the Reuse box, type the reuse threshold, for this damping group:
    • For group1750 (the default)
    • For group21000
  6. In the Suppress box, type the cutoff threshold, for this damping group:
    • For group13000 (the default)
    • For group2400
  7. To disable damping for the group3 damping group, select the Disable check box.
  8. Click OK when you finish configuring each group.

Create and configure the damping parameter groups:

edit damping group1 half-life 30 max-suppress 60 reuse 750 suppress 3000

edit damping group2 half-life 40 max-suppress 45 reuse 1000 suppress 400

edit damping group3 disable

Navigate to the Bgp level in the configuration hierarchy.

  1. On the main Configuration page next to Protocols, click Configure or Edit.
  2. Next to Bgp, click Configure or Edit.

From the [edit] hierarchy level, enter

edit protocols bgp

Enable damping.

  1. Select the Damping check box.
  2. Click OK.

Enable damping:

set damping

Navigate to the Neighbor level in the configuration hierarchy, for the BGP neighbor to which you want to apply the damping policy—for example, the neighbor at IP address 172.16.15.14.

  1. On the main Configuration page next to Protocols, click Edit.
  2. Next to Bgp, click Edit.
  3. Under Group name, click groupA.
  4. Under Neighbor Address, click 172.16.15.14.

From the [edit] hierarchy level, enter

edit protocols bgp group groupA neighbor 172.16.15.14

Apply the policy as an import policy for the BGP neighbor.

The routing policy is evaluated when routes are imported to the routing table.

  1. Next to Import, click Add new entry.
  2. In the Value box, type the name of the policy.
  3. Click OK.

Apply the policy:

set import dampenpolicy1

You can refer to the same routing policy one or more times in the same or a different import statement.

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]