Home page logo
/

nanog logo nanog mailing list archives

Re: Optimal IPv6 router
From: Rafael Rodriguez <packetjockey () gmail com>
Date: Mon, 6 Feb 2012 20:23:20 -0800

You can do the same with Junos (calling a 'generic' policy as a sub-routine).

Sent from my iPhone

On Feb 6, 2012, at 6:18, Leo Bicknell <bicknell () ufp org> wrote:

In a message written on Mon, Feb 06, 2012 at 08:34:26AM +0100, Daniel Roesen wrote:
itself is completely AFI-agnostic - see e.g. IOS/IOS-XE [can't comment
on XR]).

IOS-XR is fully AFI-agnostic, as far as I can tell.  It also updated
the CLI to be consistently "ipv4 ..." or "ipv6 ..." with similar
syntax.  I think also that all of the platforms on which IOS-XR
runs (GSR, CRS-1/3, ASR9000) can all run full line rate IPv6 in
hardware, with features.

While much of the IOS-XR vrs JunOS is personal preference, IOS-XR has
one very cool feature.  You can pass parameters in route policy.  Many
networks maintain slightly different versions of policies like
"peer-in/peer-out" due to various load balancing or preference needs,
with a 5-15 stanza policy repeated over and over.  When you have to
update one of the stanzas in all policies it becomes a big mess.
In IOS-XR, you can write a generic policy and then call with with
parameters:

route-policy generic-out($routeCommunity)
 ... ! Do all the common things
 if community matches-any $routeCommunity then
   accept
 endif
 drop
end-policy

community-set send-to-private-peers
 1234:5678
end-set

route-policy private-peer-out
 apply generic-out(send-to-private-peers)
end-policy

community-set send-to-public-peers
 1234:4321
end-set

route-policy public-peer-out
 apply generic-out(send-to-public-peers)
end-policy

With a little bit of careful thought you can really collapse down the
policy to be much shorter, easier to understand, and have almost no
cut-and-paste in it, which should reduce errors when updating in the
future.

-- 
      Leo Bicknell - bicknell () ufp org - CCIE 3440
       PGP keys at http://www.ufp.org/~bicknell/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]