ON THIS PAGE
Example: Rejecting Known Invalid Routes
This example shows how to create route-based match conditions for a routing policy.
Requirements
Before you begin, be sure your router interfaces and protocols are correctly configured.
Overview
In this example, you create a policy called rejectpolicy1 that rejects routes with a mask of /8 and greater (/8, /9, /10, and so on) that have the first 8 bits set to 0. This policy also accepts routes less than 8 bits in length by creating a mask of 0/0 up to /7.
Topology
Configuration
Procedure
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
set policy-options policy-statement rejectpolicy1 term rejectterm1 from route-filter 0.0.0.0/0 upto /7 accept set policy-options policy-statement rejectpolicy1 term rejectterm1 from route-filter 0.0.0.0/8 orlonger reject set policy-options policy-statement test term 1 from protocol direct
Step-by-Step Procedure
To create a policy that rejects known invalid routes:
Create the routing policy.
[edit] user@host# edit policy-options policy-statement rejectpolicy1
Create the policy term.
[edit policy-options policy-statement rejectpolicy1] user@host# edit term rejectterm1
Create a mask that specifies which routes to accept.
[edit policy-options policy-statement rejectpolicy1 term rejectterm1] user@host# set from route-filter 0/0 upto /7 accept
Create a mask that specifies which routes to reject.
[edit policy-options policy-statement rejectpolicy1 term rejectterm1] user@host# set from route-filter 0/8 orlonger reject
Results
Confirm your configuration by entering the show policy-options command from configuration mode. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.
user@host# show policy-options policy-statement rejectpolicy1 { term rejectterm1 { from { route-filter 0.0.0.0/0 upto /7 accept; route-filter 0.0.0.0/8 orlonger reject; } } }
If you are done configuring the device, enter commit from configuration mode.
Verification
To confirm that the configuration is working properly, perform these tasks: