Routing

I have following configuration for OSPF export policy.

[edit logical-routers r7 protocols ospf]

root@Napoleons_Retreat# show

export [stat rip-ospf ];

area 0.0.0.1

policy-statement stat {

        term 1 {

            from {

                protocol static;

                route-filter 200.0.0.0/24 exact;

            }

            then accept;

        }

policy-statement rip-ospf {

        term 1 {

            from protocol rip;

            then accept;

        }

    }

According to Juniper website

“The route is evaluated against the first term in the first routing policy. If it matches, the specified action is taken. If the action is to accept or reject the route, that action is taken and the evaluation of the route ends.”

If so according to my first policy, it should match static route 200.0.0/24 & policy evaluation should end.

But after applying this policy, I cam also see route from RIP.

show ospf database external logical-router r7

    OSPF AS SCOPE link state database

 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len

Extern   10.0.5.0         10.0.3.4         0x80000025   438  0x22 0xea99  36

Extern   172.16.0.20      10.0.9.6         0x8000001c  1122  0x22 0xac04  36

Extern   172.16.40.0      10.0.9.6         0x8000001c  1122  0x22 0xbbe0  36

Extern  *172.16.40.0      10.0.9.7         0x8000000a  1329  0x22 0xedbd  36

Extern   172.16.40.4      10.0.9.6         0x8000001c   822  0x22 0xa7ee  36

Extern   192.168.0.1      10.0.9.6         0x8000001c   552  0x22 0x65ac  36

Extern  *192.168.0.1      10.0.9.7         0x8000000a  1326  0x22 0x839f  36

Extern   192.168.1.1      10.0.9.6         0x8000001c   522  0x22 0x5ab6  36

Extern  *192.168.1.1      10.0.9.7         0x8000000a  1026  0x22 0x78a9  36

Extern   192.168.2.1      10.0.9.6         0x8000001c   225  0x22 0x4fc0  36

Extern  *192.168.2.1      10.0.9.7         0x8000000a  1026  0x22 0x6db3  36

Extern   192.168.3.1      10.0.9.6         0x8000001b   222  0x22 0x46c9  36

Extern  *192.168.3.1      10.0.9.7         0x8000000a   726  0x22 0x62bd  36

Extern   192.168.4.1      10.0.9.6         0x8000001a  1722  0x22 0x3dd2  36

Extern  *192.168.4.1      10.0.9.7         0x8000000a   726  0x22 0x57c7  36

Extern  *200.0.0.0        10.0.9.7         0x8000000a   426  0x22 0xf8cd  36

Regards

Sach

Hello Sach,

This is expected: the policy-evaluation rules apply to each route individually.

So, let's examine what happens for a couple of routes that are active in inet.0:

- 200.0.0/24 is accepted by "stat" and so not even examined by "rip-ospf"

- 192.168.0.1 does not match "stat" and appears to be accepted by "rip-ospf"

HTH

/david

Hi David,

If I modify policy "stat" as follows,

policy-statement stat {
    term 1 {
        from {
            protocol static;
            route-filter 200.0.0.0/24 exact;
        }
        then accept;
    }
    term 2 {
        then reject;
    }
}

Then I only see 200.0.0/24 route . All Rip routes disappeared.

Regards

Sach

Indeed, but is that a question or a statement ? 

You now have a "match-all" condition in the "stat" policy which means that "rip-ospf" will never be evaluated...

As your config currently stands, the export [ stat rip-ospf ] does not make sense.

What do you wish to achieve ?