Hi Arnaud,
My bad, wrong explanation.
> But when using In policy on a peer, I can see no route (0) are Accepted,
> nonetheless they are still visible in the global Rib, and still advertised to
> others peers. Is this intended?
Reproduced here and not intended.
We’ve started policy implementation for route-server client first, and
policy design/implementation for non-route-server client is not fixed yet.
For the meanwhile, please don’t use any per-neighbor policy for
non-route-server clients.
To implement an equivalent per-neighbor policy by using global policy, please
try like this
# policy : reject all routes from neighbor 10.10.0.1
$ gobgp policy neighbor add n0 10.10.0.1 # create
neighbor-list n0 which has 10.10.0.1
$ gobgp policy neighbor # check
NAME ADDRESS
n0 10.10.0.1
$ gobgp policy statement add s0 # create
statement s0
$ gobgp policy statement s0 add condition neighbor n0 # add n0 as a condition
$ gobgp policy statement s0 add action reject # set action as
reject
$ gobgp policy statement s0 # check
StatementName s0:
Conditions:
NeighborSet: ANY n0
Actions:
REJECT
$ gobgp policy add p0 s0 #
create policy p0 and add s0 to it
$ gobgp policy p0 #
check
Name p0:
StatementName s0:
Conditions:
NeighborSet: ANY n0
Actions:
REJECT
$ gobgp global policy import set p0 default accept # assign p0 to
global import policy and set default action as accept
Default: ACCEPT
Name p0:
StatementName s0:
Conditions:
NeighborSet: ANY n0
Actions:
REJECT
Thanks,
Wataru
> On Dec 1, 2015, at 1:18 AM, Arnaud Fenioux <[email protected]> wrote:
>
> Hello Wataru,
>
> Thank you for your answer,
>
>> On 27 Nov 2015, at 08:54, Wataru Ishida <[email protected]> wrote:
>>
>> Since a non-route-server-client neighbor can’t have any import/export policy,
>> ...
>> only in-policy per neighbor and global import/export policy is supported.
>> There are no good document for the global policy yet.
>
> Hmm, ok, as you said, the documentation is not really clear about this =)
> I thought In policy was not applied at all when using non-route-server-client
> setup :
>
> https://github.com/osrg/gobgp/blob/master/docs/sources/policy.md#how-policies-works-with-ribs
> "In polices are defined with respect to a peer in only Route Server setup."
>
> https://github.com/osrg/gobgp/blob/master/docs/sources/policy.md#4-attaching-policy
> "Note: The In policy is applied only when the peer is Route Server client."
>
>
> I tried to edit global policies for Import/Export, and it works fine!
> $ gobgp global policy import set default reject
>
> But when using In policy on a peer, I can see no route (0) are Accepted,
> nonetheless they are still visible in the global Rib, and still advertised to
> others peers. Is this intended?
>
> $ gobgp neighbor 10.10.0.1 policy in set default reject
> $ gobgp neighbor 10.10.0.1 policy
> In policy:
> Default: REJECT
> Import policy:
> Default: ACCEPT
> Export policy:
> Default: ACCEPT
>
> $ gobgp neighbor
> Peer AS Up/Down State |#Advertised Received Accepted
> 10.10.0.1 65001 00:03:26 Establ | 1 1 0
> 10.10.0.2 65002 00:04:34 Establ | 2 0 0
>
> $ gobgp global rib
> Network Next Hop AS_PATH Age Attrs
> *> 10.10.10.0/24 0.0.0.0 00:36:54
> [{Origin: ?}]
> *> 10.11.12.0/24 10.10.0.1 65001 00:00:23
> [{Origin: ?}]
>
>
> Cheers,
> --
> Arnaud Fenioux
> Network Engineer - FranceIX
>
>
>
> ------------------------------------------------------------------------------
> Go from Idea to Many App Stores Faster with Intel(R) XDK
> Give your users amazing mobile app experiences with Intel(R) XDK.
> Use one codebase in this all-in-one HTML5 development environment.
> Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
> http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
> _______________________________________________
> gobgp-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/gobgp-devel
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
gobgp-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/gobgp-devel
