There are two ways to configure route matching, you have shown both in your original question. You don't need to use both. Either use vrf-target, or use the vrf-import/export policies.
The Route Target is a extended BGP community defined by RFC4360. In Junos, we show it as target:xxxx:xxxx. I believe Cisco IOS shows it a rt:xxxx:xxxx. Both are correct, because the target: and rt: are really just words to represent the underlying bit pattern for route targets (see RFC).
So let's break down your questions.
-------- Part I ---------
When you use the "vrf-target", Junos creates the policy for you. It is hidden, but essentially it imports and exports ALL routes for that local VRF based on the route target you define.
vrf-target target:65512:101;
"vrf-target" is the command, "target:65512:101" is the community. It is defined, in Junos, simply by enter this configuration statement. You don't need to specify any other policy (vrf-import/export) if you use this method.
------- Part II -------
The next part of your question involved defining the VRF import and export policies explicitly. This is different than the configuration above. They accomplish the same thing but use one or the other - not both.
vrf-import import-vpn-A;
vrf-export export-vpn-A;
We need to think about how policy works and what is its purpose. When you create a VRF, you are creating a dedicated routing table for this instance. This route table will look something like vpn-a.inet.0
Now this is where it might get confusing, but bear with me. There is another routing table, bgp.l3vpn.0, that has the "L3VPN MPLS" routes. It is bgp.l3vpn.0 that gets shared with all the other MPLS routers in your network.
vrf-import defines the policy that you use to get routes from the mpls routing table and put them in the local route table. The import policy matches routes in bgp.l3vpn.0 and delivers to the local table vpn-a.inet.0
vrf-export defines the policy that you use to share routes from the local vrf routing table to mpls routing table. So it matches routes from vpn-a.inet.0 and exports it to bgp.l3vpn.0
Now we have defined policy direction, lets look into the policies.
The VRF-IMPORT policy:
policy-statement import-vpn-a {
term 1 {
from {
protocol bgp; (Match routes in bgp.l3vpn.0 - REQUIRED)
community vpn-a; (match routes in bgp.l3vpn.0 that have the route target community target:65512:101)
}
then accept;
}
term 2 {
then reject; (if it doesn't match the term above then don't import)
}
}
community vpn-a member target:65512:101;
The VRF-EXPORT policy:
policy-statement import-vpn-a {
term 1 {
from {
protocol [ direct bgp ospf ]; (Match routes in vpn-a.inet.0 - NOT REQUIRED - omission matches ALL)
}
then {
community add vpn-a; (add the route target to the mpls routes)
accept;
}
}
term 2 {
then reject; (if it doesn't match the term above then don't export)
}
}
community vpn-a member target:65512:101;
Hopefully this makes sense.