From: Scott Morris (swm@emanon.com)
Date: Wed May 18 2005 - 21:30:24 GMT-3
I think the definitions you are creating there are like as-path-group names.
You can simple name something in the policy:
Policy-options {
null-as "()";
policy-statement my-routes {
term just-me {
from {
protocol bgp;
as-path null-as;
then accept;
}
term no-more {
then reject;
}
}
Protocol {
bgp {
neighbor x.x.x.x {
export my-routes;
}
}
}
(Obviously you can make up your own term matches however you need to)
Otherwise, the deny-all isn't really necessary since you logically reject
them in the next stanza anyway. Policy routing on the Junos is quite
entertaining to think through how things are or are not matched!
http://www.juniper.net/techpubs/software/junos/junos70/swconfig70-policy/htm
l/policy-extend-match-config3.html#1094490
It may simply be semantic differences in newer versions of Junos. Like you
said, you had older configs around!
Cheers,
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Steve Ohnmacht
Sent: Wednesday, May 18, 2005 7:17 PM
To: nenad pudar
Cc: ccielab@groupstudy.com
Subject: Re: Question for Juniper Config Expert
It's been awhile since I've touched a juniper, but I'll take a crack at this
one... For junipers you would create a policy under the policy-options
section of the config, with your config below, a juniper example would
something like this:
Take this for what it's worth no guarantees.... :) Also, with junipers any
route manipualtion is done via "JUNOS policies". I had to look at some old
configs i have saved for reference... HTH...
policy-options {
as-path xxx-permit "^[0-9]+$"; <--- you may be able to represent your
regex with just an atom "."
as-path xxx-deny ".*";
policy-statement xxxx {
term permit {
from as-path xxx-permit;
then accept;
}
term deny {
from as-path xxx-deny;
then reject;
}
term deny-everything-else {
then reject;
}
}
}
On 5/18/05, nenad pudar <nenad.pudar@gmail.com> wrote:
> Hi
> I need to create generic filter list using regexp that will allow only
> routes from neighboring AS (+ eventually prepend from that AS)
>
> I am not looking for as-path from one specific AS but rather the
> generic filter list that can be applied for all existing and new bgp
> neighbors
>
> One of the way to configure this on Cisco router is ip as-path
> access-list xxx permit ^[0-9]+$ deny .*
>
>
> thanks
>
> nenad
>
> nenad
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:59 GMT-3