Are you certain you don't see this same behavior for an IPv4 BGP
export policy? I believe what you describe is the expected behavior
and is consistent across all (or at least most) applications of
routing policy on JUNOS.
--Stacy
On Apr 14, 2009, at 5:47 PM, Mark Tinka wrote:
Hi all.
We recently experienced a situation where an M7i (JunOS
9.4R1.8), on which we applied an export policy for a v6 BGP
session, was leaking more v6 routes than it should have
been.
We realized that if the final term in the BGP policy was
'accept', not only did the router export the BGP v6 routes,
but it also exported all other v6 routes learned from other
sources, i.e., IS-IS and Direct, to its BGP peers, which
said BGP peers installed in their BGP table.
To resolve this issue, we added a 'from protocol bgp' option
along with the 'accept' in the final term.
Obviously, for policies whose final term is 'reject' (we
have a number of those), this issue does not present.
This seems like odd behaviour as:
a) We don't see this for v4.
b) One would expect that the policy would only affect routes
from which protocol it's been applied to.
Is this a bug or a feature?
Although I think it's a good idea that the final term in a
BGP policy should specify the source of the route, folk that
do not like this should rest in the fact that policies
applied to a specific routing protocol would, by default,
affect routes learned only by that protocol.
Has anyone else seen this? Considering opening a case with
JTAC.
Cheers,
Mark.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
