On Fri, Aug 10, 2012 at 11:49 AM, Phil Mayers <p.may...@imperial.ac.uk> wrote: > Unless I'm missing a trick, apply-paths in a prefix list pulls the netmask in > when applied to interface ips. This is ok for lo0 filters, but not those on > transit interfaces.
Good point. I remember seeing something about that but I don't remember the context so I'm not sure whether it was a warning or a workaround... It could use some cleanup, but something like this should work: put the following in /var/db/scripts/commit/local-addresses.slax version 1.0; ns junos = "http://xml.juniper.net/junos/*/junos";; ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";; ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";; import "../import/junos.xsl"; match configuration { var $top = .; for-each (policy-options/prefix-list/apply-macro[name = 'local-addresses']) { var $prefix-list-name = ../name; for-each ($top/interfaces/interface/unit/family/inet/address) { var $address = substring-before(name, "/"); <transient-change> { <policy-options> { <prefix-list> { <name> $prefix-list-name; <prefix-list-item> { <name> $address _ "/32"; } } } } } } } set system scripts commit allow-transients set system scripts commit file local-addresses.slax set policy-options prefix-list local-addresses apply-macro local-addresses HTH :w _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
