[Xorp-users] network4 operator - seems to have no effect on bgp import policy.

Santhosh Sundararaman santhosh at ku.edu
Sat Nov 18 19:29:12 PST 2006 

Hi all,
I have been trying to use a policy with the network4 operator to reject 
a particular prefix (192.168.61.0/24), but the prefix keeps showing up 
in the bgp route table.

here is the bgp and policy configuarion.
protocols {
    bgp {
        bgp-id: 10.15.16.4
        local-as: 65000
        import: "policy_dummy1"
        peer 10.10.11.2 { /*Testbed110*/
            local-ip: 10.11.15.3
            as: 65000
            next-hop: 10.11.15.3
            holdtime: 120
            ipv4-unicast: true
          }
}

policy {
    policy-statement "policy_dummy1" {
        term "dummy1-term" {
            from {
                network4: 192.168.61.0/24
            }
            then {
                trace: 1
                reject
            }
        }
    }
}

I added trace to see if the route was getting rejected. The trace 
messages in the xorp_rtrmgr showed that the prefix 192.168.61.0/24 was 
being rejected.

[ 2006/11/18 21:09:18 TRACE xorp_bgp POLICY ] Policy filter result: BGP 
Import route: 192.168.61.0/24: rejected
[ 2006/11/18 21:09:18 TRACE xorp_bgp POLICY ] Policy filter result: BGP 
Import route: 192.168.62.0/24: default action
[ 2006/11/18 21:09:18 TRACE xorp_bgp POLICY ] Policy filter result: BGP 
Import route: 192.168.63.0/24: default action

But when i checked the bgp route table from the xorpsh, the prefix 
192.168.61.0/24 was still showing up, as shown below.

santhosh at testbed115.ittc.ku.edu> show bgp routes
Status Codes: * valid route, > best route
Origin Codes: i IGP, e EGP, ? incomplete
   Prefix                Nexthop                    Peer            AS Path
   ------                -------                    ----            -------
*  192.168.61.0/24       172.16.10.1                172.16.10.3   65002 
65006 e
*> 192.168.62.0/24       172.16.10.1                172.16.10.3   65002 
65006 e
*> 192.168.63.0/24       172.16.10.1                172.16.10.3   65002 
65006 e


It seems to appear that the the route entry for the prefix 
192.168.61.0/24 is not the best route for the prefix, as show by the 
absence of ">" before the prefix. But if the route is rejected during 
import itself, shouldn't it not appear in the bgp route table, instead 
of it appearing and not being chosen. I might be missing something or 
possibly misinterpreting something, could someone help me understand 
whats happening.

Thanks
Santhosh

More information about the Xorp-users mailing list