Hello there,
Below regex works too:
community inbound-xxxx members "(11666:2000)|(11666:2002)"
Saves a line of code :-)
Rgds
Alex
----- Original Message -----
From: "Smith W. Stacy" <st...@acm.org>
To: "Paul Stewart" <p...@paulstewart.org>
Cc: "'jnsp'" <juniper-nsp@puck.nether.net>
Sent: Wednesday, May 05, 2010 3:41 PM
Subject: Re: [j-nsp] BGP Communities
Hi Paul,
Your current outbound policy will only match routes that have BOTH
11666:4000 AND 11666:5000.
These statements:
from community outbound-xxxxxx;
community outbound-xxxx members [ 11666:4000 11666:5000 ];
result in a logical AND.
Instead, you probably want something like this:
policy-statement outbound-xxxxxx {
term ottix1 {
from community our_nets;
then {
metric 110;
accept;
}
}
term ottix2 {
from community customer_nets;
then {
metric 110;
accept;
}
}
term ottix3 {
then reject;
}
}
community customer_nets members 11666:4000;
community our_nets members 11666:5000;
--Stacy
On May 5, 2010, at 8:05 AM, Paul Stewart wrote:
Good morning.. I hope I'm not being a "pain" to folks on the list.. J
So we have our first MX480 up and running now - things are progressing
along
nicely thanks to all the help from this list. OSPF, IPv4/IPv6, iBGP up
and
running.
Having a small issue around eBGP peering. When I bring up a session we
are
receiving routes from a peer just fine and assigning a community to it.
The
community is visible across our other Cisco boxes as well confirming that
part if working.
Our BGP import/export to peers/transit/customers is driven by
communities..
My problem is that we are not advertising any prefixes out to eBGP peers
for
some reason and I'm trying to diagnose why..
When I do "show route community 11666:5000" I get a list of the proper
prefixes as expected. 11666:5000 is our own network routes. The same
occurs when I list 11666:4000 which is customer network routes - displays
the list correctly. This confirms in my mind that the MX480 is receiving
correct communities from neighboring iBGP boxes..
protocols {
bgp {
group peering-xyz {
type external;
description xxxxx;
import inbound-xxxx;
export outbound-xxx;
neighbor xxx.xx.235.33 {
description xxxxxxxx;
family inet {
unicast {
prefix-limit {
maximum 10;
}
}
}
peer-as 12345;
}
policy-options {
policy-statement inbound-xxxxx {
term ottix1 {
then {
metric 110;
local-preference 200;
community add inbound-xxxx;
accept;
}
}
}
policy-statement outbound-xxxxxx {
term ottix1 {
from community outbound-xxxxxx;
then {
metric 110;
accept;
}
}
term ottix2 {
then reject;
}
}
community inbound-xxxx members [ 11666:2000 11666:2002 ];
community outbound-xxxx members [ 11666:4000 11666:5000 ];
The inbound section is working as expected and getting assigned
communities
11666:2000 and 11666:2002
The outbound section isn't sending anything from communities 11666:4000
or
11666:5000
In the Cisco world, we had to define network statements of our own
subnets
and route those blocks to Null0 in order to advertise. I'm thinking
something similar here in JunOS?
Thanks for any insight.
Paul
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp