RIP Import Policy
Understanding RIP Import Policy
The default RIP import policy is to accept all received RIP
routes that pass a sanity check. To filter routes being imported by
the local routing device from its neighbors, include the import statement, and list the names of one or more policies to be evaluated.
If you specify more than one policy, they are evaluated in order (first
to last) and the first matching policy is applied to the route. If
no match is found, the local routing device does not import any routes. Note that the functionality of applying policies
to RIP routes imported from neighbors described in this topic is not
supported in Junos OS Releases 15.1X49, 15.1X49-D30, or 15.1X49-D40.
Example: Applying Policies to RIP Routes Imported from Neighbors
This example shows how to configure an import policy in a RIP network.
Requirements
No special configuration beyond device initialization is required before configuring this example.
Overview
In this example, Device R1 has an import policy that accepts the 10/8 and 192.168/16 RIP routes and rejects all other RIP routes. This means that the 172.16/16 RIP routes are excluded from Device R1’s routing table.
An export policy is also shown because an export policy is required as part of the minimum configuration for RIP.
Figure 1 shows the topology used in this example.
CLI Quick Configuration shows the configuration for all of the devices in Figure 1. The section #d56e56__d56e199 describes the steps on Device R1.
Topology
Configuration
Procedure
CLI Quick Configuration
To quickly configure this
example, copy the following commands, paste them into a text file,
remove any line breaks, change any details necessary to match your
network configuration, copy and paste the commands into the CLI at
the [edit] hierarchy level, and then enter commit from configuration mode.
Device R1
set interfaces fe-1/2/0 unit 1 family inet address 10.0.0.1/30 set interfaces lo0 unit 1 family inet address 172.16.0.1/32 set interfaces lo0 unit 1 family inet address 192.168.1.1/32 set protocols rip import rip-import set protocols rip group rip-group export advertise-routes-through-rip set protocols rip group rip-group neighbor fe-1/2/0.1 set policy-options policy-statement advertise-routes-through-rip term 1 from protocol direct set policy-options policy-statement advertise-routes-through-rip term 1 from protocol rip set policy-options policy-statement advertise-routes-through-rip term 1 then accept set policy-options policy-statement rip-import term 1 from protocol rip set policy-options policy-statement rip-import term 1 from route-filter 10.0.0.0/8 orlonger set policy-options policy-statement rip-import term 1 from route-filter 192.168.0.0/16 orlonger set policy-options policy-statement rip-import term 1 then accept set policy-options policy-statement rip-import term 2 then reject
Device R2
set interfaces fe-1/2/0 unit 2 family inet address 10.0.0.2/30 set interfaces fe-1/2/1 unit 5 family inet address 10.0.0.5/30 set interfaces lo0 unit 2 family inet address 192.168.2.2/32 set interfaces lo0 unit 2 family inet address 172.16.2.2/32 set protocols rip group rip-group export advertise-routes-through-rip set protocols rip group rip-group neighbor fe-1/2/0.2 set protocols rip group rip-group neighbor fe-1/2/1.5 set policy-options policy-statement advertise-routes-through-rip term 1 from protocol direct set policy-options policy-statement advertise-routes-through-rip term 1 from protocol rip set policy-options policy-statement advertise-routes-through-rip term 1 then accept
Device R3
set interfaces fe-1/2/0 unit 6 family inet address 10.0.0.6/30 set interfaces lo0 unit 3 family inet address 192.168.3.3/32 set interfaces lo0 unit 3 family inet address 172.16.3.3/32 set protocols rip group rip-group export advertise-routes-through-rip set protocols rip group rip-group neighbor fe-1/2/0.6 set policy-options policy-statement advertise-routes-through-rip term 1 from protocol direct set policy-options policy-statement advertise-routes-through-rip term 1 from protocol rip set policy-options policy-statement advertise-routes-through-rip term 1 then accept
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
To configure a RIP import policy:
Configure the network interfaces.
This example shows multiple loopback interface addresses to simulate attached networks.
[edit interfaces] user@R1# set fe-1/2/0 unit 1 family inet address 10.0.0.1/30 user@R1# set lo0 unit 1 family inet address 172.16.0.1/32 user@R1# set lo0 unit 1 family inet address 192.168.1.1/32
Create the RIP group and add the interface.
To configure RIP in Junos OS, you must configure a group that contains the interfaces on which RIP is enabled.
You do not need to enable RIP on the loopback interface.
[edit protocols rip group rip-group] user@R1# set neighbor fe-1/2/0.1
Create the routing policy to advertise both direct and RIP-learned routes.
[edit policy-options policy-statement advertise-routes-through-rip term 1] user@R1# set from protocol direct user@R1# set from protocol rip user@R1# set then accept
Apply the routing policy.
In Junos OS, you can only apply RIP export policies at the group level.
[edit protocols rip group rip-group] user@R1# set export advertise-routes-through-rip
Configure the import policy.
[edit policy-options policy-statement rip-import] user@R1# set term 1 from protocol rip user@R1# set term 1 from route-filter 10.0.0.0/8 orlonger user@R1# set term 1 from route-filter 192.168.0.0/16 orlonger user@R1# set term 1 then accept user@R1# set term 2 then reject
Apply the import policy.
[edit protocols rip] user@R1# set import rip-import
Results
From configuration mode, confirm your configuration
by entering the show interfaces, show protocols, and show policy-options commands. If the output does
not display the intended configuration, repeat the configuration instructions
in this example to correct it.
user@R1# show interfaces
fe-1/2/0 {
unit 1 {
family inet {
address 10.0.0.1/30;
}
}
}
lo0 {
unit 1 {
family inet {
address 172.16.0.1/32;
address 192.168.1.1/32;
}
}
}
user@R1# show protocols
rip {
import rip-import;
group rip-group {
export advertise-routes-through-rip;
neighbor fe-1/2/0.1;
}
}
user@R1# show policy-options
policy-statement advertise-routes-through-rip {
term 1 {
from protocol [ direct rip ];
then accept;
}
}
policy-statement rip-import {
term 1 {
from {
protocol rip;
route-filter 10.0.0.0/8 orlonger;
route-filter 192.168.0.0/16 orlonger;
}
then accept;
}
term 2 {
then reject;
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
- Looking at the Routes That Device R2 Is Advertising to Device R1
- Looking at the Routes That Device R1 Is Receiving from Device R2
- Checking the Routing Table
- Testing the Import Policy
Looking at the Routes That Device R2 Is Advertising to Device R1
Purpose
Verify that Device R2 is sending the expected routes.
Action
From operational mode, enter the show route advertising-protocol
rip command.
user@R2> show route advertising-protocol rip 10.0.0.2
inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.4/30 *[Direct/0] 2d 01:17:44
> via fe-1/2/0.5
172.16.2.2/32 *[Direct/0] 2d 04:09:52
> via lo0.2
172.16.3.3/32 *[RIP/100] 23:40:02, metric 2, tag 0
> to 10.0.0.6 via fe-1/2/0.5
192.168.2.2/32 *[Direct/0] 2d 04:09:52
> via lo0.2
192.168.3.3/32 *[RIP/100] 23:40:02, metric 2, tag 0
> to 10.0.0.6 via fe-1/2/0.5Meaning
Device R2 is sending 172.16/16 routes to Device R1.
Looking at the Routes That Device R1 Is Receiving from Device R2
Purpose
Verify that Device R1 is receiving the expected routes.
Action
From operational mode, enter the show route receive-protocol
rip command.
user@R1> show route receive-protocol rip 10.0.0.2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.4/30 *[RIP/100] 01:06:03, metric 2, tag 0
> to 10.0.0.2 via fe-1/2/0.1
192.168.2.2/32 *[RIP/100] 01:06:03, metric 2, tag 0
> to 10.0.0.2 via fe-1/2/0.1
192.168.3.3/32 *[RIP/100] 01:06:03, metric 3, tag 0
> to 10.0.0.2 via fe-1/2/0.1Meaning
The output shows that the 172.16/16 routes are excluded.
Checking the Routing Table
Purpose
Verify that the routing table is populated with the expected routes.
Action
From operational mode, enter the show route protocol
rip command.
user@R1> show route protocol rip
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.4/30 *[RIP/100] 00:54:34, metric 2, tag 0
> to 10.0.0.2 via fe-1/2/0.1
192.168.2.2/32 *[RIP/100] 00:54:34, metric 2, tag 0
> to 10.0.0.2 via fe-1/2/0.1
192.168.3.3/32 *[RIP/100] 00:54:34, metric 3, tag 0
> to 10.0.0.2 via fe-1/2/0.1
224.0.0.9/32 *[RIP/100] 00:49:00, metric 1
MultiRecvMeaning
The output shows that the routes have been learned from Device R2 and Device R3.
If you delete or deactivate the import policy, the routing table contains the 172.16/16 routes.
Testing the Import Policy
Purpose
By using the test policy command, monitor
the number of rejected prefixes.
Action
From operational mode, enter the test policy rip-import
172.16/16 command.
user@R1> test policy rip-import 172.16/16 Policy rip-import: 0 prefix accepted, 1 prefix rejected
Meaning
The output shows that the policy rejected one prefix.
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.