[Xorp-users] Fwd: from and to blocks of policy terms

[Pavlin Radoslavov]

> I've read the XORP user manual and Bittau & Handley's paper on "Decoupling
> Policy from Protocols" and I am still a bit confused as to how the policy
> terms work.
> 
> I understand that policies that do route redistribution, like "from
> {protocol:rip} to {neighbor: 192.168.1.2} then {accept}" make sense as an
> export policy, but it's not clear to me why a policy term has both from and
> to blocks when it is not doing route redistribution. For example, take the
> following policy term:
> 
> from {} to {neighbor: 192.168.1.2} then {accept}
> 
> As an export policy I understand that it would advertise all routes to
> neighbor 192.168.1.2. However, if it were an IMPORT policy, what would it
> mean? More generally, what do any conditions in the to block mean in an
> import policy?
> 
> Similarly, what does "from {neighbor: 192.168.1.2} to {} then {accept}" mean
> as an export policy? What does any condition in the from block of an export
> policy mean?

A small piece of information that might be helpful for you: for
export policy the "from" block must have the "protocol" set. I.e.,
you can't export routes if the protocol is not specified.
Also, all the conditions in the "from" and "to" blocks must be
matched for a term's "them" block to be evaluated.

For example, "from {} to {neighbor: 192.168.1.2} then {accept}"
can't be used as an export policy, but can be used as an import
policy. As an import policy, when the routes reach the outbound
evaluation, only the routes to neighbor 192.168.1.2 will be
accepted (i.e., transmitted).
Similarly, "from {neighbor: 192.168.1.2} to {} then {accept}" also
cannot be used as an export policy. As an import policy it will
accept only the routes coming from neighbor 192.168.1.2.

Hope that helps,
Pavlin