How to Match Traffic Based Using Multifield Classifiers in Junos
How to Design a Junos Firewall Filter
VLANs and LAN Switches and Junos OS

How to Configure Routing Policy Match Conditions in Junos

The whole point of routing policies is to take a particular route (and its corresponding attributes) and match it against some anticipated values. In this context, match conditions form the if part of an if-then construct. If a route matches the condition specified, then take some action. The match conditions, therefore, determine what your routing policies can detect.

Okay, so they called it “from-then” rather than “if-then.” However, don’t think of the from as being received, because that makes no sense for a routing information export policy (the export policy determines what routes will be advertised to neighbors).

Think of the policy from as out of all. So, “from protocol ospf” means “out of all the routes that you look at (learned from OSPF, IS-IS, BGP, and so on) match the OSPF protocol routes only.”

There are a number of match conditions, but only a subset is typically used:

Summary Configuration Keyword Description
Route metric metric Corresponds to the metric value associated with the route.
Route preference preference Matches on the route preference.
Interface name interface Identifies the interface through which a route was received.
Neighbor address neighbor Typically the peer from which a route was received.
Protocol protocol Typically the name of the protocol from which a route was learned.
Area ID area For OSPF routes, identifies the area from which a route was learned.
AS Path as-path For BGP routes, identifies the AS path associated with a particular route.

It's not enough to know what the match conditions are — you must also know how they’re oriented. Routes can be evaluated based on where they come from as well as where they're going. For example, you can match on all routes that are learned through a particular neighbor or on all routes being exported to a particular neighbor.

To configure a match condition, you use the from keyword:

[edit policy-options]
policy-statement my-sample-policy {
  term my-first-term {
   from {
     protocol ospf;
   }
   then {
     action;
   }
  term my-second-term {
   from {
     neighbor 10.22.32.1;
   }
   then {
     action;
   }
}

In the preceding configuration, a routing policy skeleton contains a pair of match conditions. Read “from protocol ospf” as “out of all the routes, match the OSPF routes” and “from neighbor 10.22.32.1” as “out of all the routes, match the routes learned from device 10.22.32.1.” If the first condition is met, then some action (yet to be specified) is taken. If it doesn’t match, the second term is evaluated.

If you specify multiple match conditions, the conditions act as a logical AND statement. For a route to be a match against the conditions, that route has to match all the conditions specified. For example, if you want to match on all routes learned through OSPF that had a metric of 20 (“out of all the routes, match those that were learned by OSPF and have a metric of 20”), you can use the following:

[edit policy-options]
policy-statement my-sample-policy {
  term my-first-term {
   from {
     protocol ospf;
     metric 20;
   }
   then {
     action;
   }
}
blog comments powered by Disqus
How to Configure BGP Route Reflection
How to Protect the Junos Routing Engine
How to Link Classifiers to Traffic Flows in Junos
How to Set DSCP Values for Transit on Junos Routers
How to Log and Trace Events with Junos OS
Advertisement

Inside Dummies.com