Juniper JNCIA JN0-103 – Routing Policy and Firewall Filters
- Routing Policy Overview
Welcome back to this section on routing policies and Firewall filters. In this lecture, we’ll take a look at routing policy overview. Let’s begin. Alright, so what do we mean by routing policies? Routing policies allow you to control the flow of routing information to and from the routing table. This is information that flows between the routing protocols and the routing tables, and also between routing tables and forwarding tables. So essentially, routing policies allow you to control information between the routing protocols and the routing tables, and also between the routing tables and the forwarding tables.
All routing protocols use the Juno’s routing tables to store the routes that they learn and to determine which routes they should advertise in their protocol packets. Routing policy allows you to control which routes the routing protocols store into the routing table or retrieve from the routing table. We can apply routing policy as information enters the routing table and as information leaves the routing table. You can use routing policy to choose which routes you accept or reject from neighbors that are running dynamic routing protocols.
We know that dynamic routing protocols share routing information with each other, so routing policies can be used to control what gets accepted from the neighbors and what gets shared with the neighbors. Routing policy also allows you to modify attributes on routes as they enter or leave the routing table. Routing policy allows you to control the flow of routing information into the forwarding table. This allows you to control which routes you install into the forwarding table and control some of the attributes associated with those routes.
Routing policies that control how the software imports routes into the routing table are called as import policies. The software applies import policies before placing the routes into the routing table. Thus, an import policy can change the routes that are available in the routing table and can affect the local route selection process. On the other hand, policies that control how the software sends routes from the routing table are named as export policies. The software applies export policies as it exports routes from the routing table to dynamic routing protocols or to the forwarding table. So essentially, when you are moving routes from the routing table to the forwarding table, or when you’re sharing routes with other devices that are running a dynamic protocol, that’s when you apply export policies, only active routes are available for export from the routing table.
We understood the concept of active routes in the previous section. Although an export policy can choose which active routes to export or modify attributes of, it cannot cause the exportation of inactive routes. What this essentially means is export policies can only affect active routes. Inactive routes cannot be exported. The Juno’s operating system applies export policies as it exports routes from the routing table. That means attribute changes do not affect the local routing table, rather, the software applies them to the route while it is being exported. Here are some reasons to create a routing policy.
Number one, you do not want a protocol to import all routes into the routing table. We can control that with import policies. You do not want a routing protocol to export all the active routes it learns.
This can be done with export policies. You want a routing protocol to announce active routes learned from another routing protocol, which is sometimes called as route redistribution. You want to manipulate route characteristics such as the preference value. These are some of the reasons why you may choose to use a routing policy. I can feel what you’re feeling right now. I know you’re thinking, what is all this about? The first time I learned about routing policies, that’s how I felt.
But I can assure you it is not as difficult as it sounds right now. As we learn more about this in the next lecture and the following lectures, you’ll realize that it is actually not so difficult with that assurance like to end this lecture in the next lecture. We’ll start by understanding what are the default routing policies. If you have a question, feel free to let me know in the discussions area. I’d like to thank you for watching, and I’ll catch you in the next lecture. Thank you.
- Default Routing Policies
Welcome back. In this lecture, we’ll talk about default routing policies. What is the default import policy and export policy of different routing protocols look like? That’s what we’ll talk about in this lecture. By now, we know what a routing policy is, right? A routing policy controls the flow of information between routing protocols and the routing table and between the routing table and the forwarding table. And we know there are two types of routing policies export policies and import policies.
A policy which controls the flow of information into the routing table is called as an import policy, and a policy that controls the flow of information from the routing table is called as an export policy, right? So now let’s talk about default routing policies. Default routing policies are applied on incoming and outgoing routes or packets if there is no explicitly configured policy related to the route or the interface upon which the packet arrives. That means if you haven’t configured any explicit policy for incoming routes or incoming packets, the default routing policies will be applied.
A default policy is a rule or a set of rules that determine the following number one, whether the route is placed in or advertised from the routing table. Number two, or whether the packet is accepted into or transmitted from the router interface. The first one applies for incoming routes. The second one applies for incoming packets. So essentially, a default routing policy is applied when you haven’t configured any explicit routing policies. Now let’s look at the routing policy or the default routing policy for BGP or Border Gateway Protocol.
The default import policy says accept all IP version four routes from configured neighbors and import them into inet zero routing table. Also, accept all IP version six routes from configured neighbors and import them into init 60 routing table. The default export policy says re advertise all active BGP routes, which means all the routes configured in the routing table will be shared with the neighbors. Let’s look at the default routing policy for OSPF. The default import policy applies to external routes only. What’s an external route? An external route is a route that is outside the OSPF autonomous system.
We talked about autonomous systems, right? An autonomous system is a collection of devices under a common administrative domain. So the default import policy for OSPF only applies to those routes which do not belong to the autonomous system, also known as external routes. The default import policy is to accept all routes and import them into the Inet zero routing table. The default export policy is to reject everything OSPF does not export the internally learned routes. These are routes which are directly connected on interfaces running OSPF. The system always floods link state advertisements throughout the OSPF area, and the routing policy cannot control this behavior, which means OSPF relies on LSAs or link state advertisements, and these are always sent out. The default export policy has no control over it.
Okay, now, let’s talk about the routing policy for rip or routing information protocol. The default import policy is to accept all rip routes learned from configured neighbors and import them into the init zero routing table. The default export policy is to reject everything, which means nothing gets sent out from the routing table. However, if you wanted to export rip routes, you must configure an export policy for rip. All right, so that’s all about this lecture. I know some of you are still confused.
What is the default routing policy? What is the default import policy, and what is the default export policy right now? Don’t freak out, guys. I know this can be confusing for people who are just starting to learn. Juno’s, all these are new words as we go through the upcoming videos. It’s going to be much clearer to you. What do we mean by export and import policies right now? I don’t want you guys to freak out, all right? So in the next video, we’ll talk about the building blocks of routing policy. I’d like to thank you for watching, and I’ll catch you in the next video. Thank you.