On Friday, July 19, 2013 07:34:32 PM Keith wrote: > We actually do some local-pref on some other upstreams > for outbound but discovered a small wrinkle > in that the new connection uses a different bgp auth key > so I have to create a new bgp group to handle this > connection.
I'd normally use different MD5 passwords for different BGP sessions, even though they are with to the same remote network. There's no hard & fast rule about this, however. Your network. Your rules. > So a new question arises, can I use existing > import/export policy that is used on one bgp group > already on > a new one? > My SRX240 (one of my lab devices) doesn't complain and my > neighbors come up when I configure it on the > lab stuff so I'm guessing our MX wont have a problem > either. Policy elements don't affect session elements. So yes, you can re-use an existing policy on another session, and doing so won't have any impact on the state of your sessions. In fact, making your policies as generic as possible is a scalable way to deploy BGP, because you keep the configuration down to a minimum, reducing/eliminating room for mistakes and clutter. This is a little more common on exchange point peering sessions than with upstream ones, but again, your network, your rules. Cheers, Mark.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
