Juniper® JNCIA Exam Cram Notes : Default Routing Policies

7. Routing Policy and Firewall Filters

7.1 Default Routing Policies

Routing policy Allows you to control the routing information between the routing protocols and the routing tables and between the routing tables and the forwarding table. All routing protocols use the Junos OS routing tables to store the routes that they learn and to determine which routes they should advertise in their protocol packets. Routing policy allows you to control which routes the routing protocols store in and retrieve from the routing table.

In Junos device, the policy is written first then only a policy is applied. We can define security zones on our junos devices. Considering those security zones, policy is written and applied. Policing uses two different types of values to rate-limit user traffic. The first is the bandwidth - limit value, which is the average number of bits per second permitted in the range of 32Kbps to 32Gbps. The second is burst-size-limit, which is the amount of data allowed to exceed the given bandwidth constraints.

Reasons to Create a Routing Policy

The following are typical circumstances under which you might want to preempt the default routing policies in the routing policy framework by creating your own routing policies:

  • You do not want a protocol to import all routes into the routing table. If the routing table does not learn about certain routes, they can never be used to forward packets and they can never be redistributed into other routing protocols.
  • You do not want a routing protocol to export all the active routes it learns.
  • You want a routing protocol to announce active routes learned from another routing protocol, which is sometimes called route redistribution.
  • You want to manipulate route characteristics, such as the preference value, AS path, or community. You can manipulate the route characteristics to control which route is selected as the active route to reach a destination. In general, the active route is also advertised to a router's neighbors.
  • You want to change the default BGP route flap-damping parameters.
  • You want to perform per-packet load balancing.
  • You want to enable class of service (CoS).

Policy Components

All policies are composed of the following components that you configure:

  • Match conditions - Criteria against which a route or packets are compared. You can configure one or more criteria. If all criteria match, one or more actions are applied.
  • Actions - What happens if all criteria match. You can configure one or more actions.
  • Terms - Named structures in which match conditions and actions are defined. You can define one or more terms.

The policy framework software evaluates each incoming and outgoing route or packet against the match conditions in a term. If the criteria in the match conditions are met, the defined action is taken.

In general, the policy framework software compares the route or packet against the match conditions in the first term in the policy, then goes on to the next term, and so on. Therefore, the order in which you arrange terms in a policy is relevant.

The order of match conditions within a term is not relevant because a route or packet must match all match conditions in a term for an action to be taken.

Import and export policies: Import and export policies controls the view of the local router and the neighbor router. We configure an import and an export policy under [edit protocols] hierarchy. There is no default import policy for OSPF. But the default export policy for OSPF is to reject all routes.

There are three such possible results that each policy contains. Both accept and reject are considered terminating actions and they have a special meaning-they stop the policy evaluation. The next policy clarifies that the route should be evaluated by the next position in the policy chain.

Policy-Options Hierarchy

policy-options {
 policy-statement policy-name {
 term term-name {
        from {
             match-conditions;
           }
       to {
          match-conditions;
          }
     then actions;
     }
   }
}

Previous   Contents   Next


JNCIA Junos Cram Notes Contents certexams.com ad