Junos
Junos

LDP Policies

‎11-02-2019 12:49 AM

Hi folks,

Now I'm implementing LDP in my LAB and I noticed there are 3 types of policy (import, export, egress, ) in order to control the label mapping. 

Please, someone used before egress policy? I'm a bit confused with egress policy.

As far as I know the egress control the IP prefixes being advertised by local router itself, and import/export control transit ip prefixes.

 

Cheers, 

2 REPLIES 2
Junos

Re: LDP Policies

‎11-02-2019 11:03 AM

Hi Alfredo,

 

egress policy controls the prefixes which are advertised into LDP by the local router, by default only the router's primary loopback IP address is advertised to other neighboring routers.

If you want the router to act as an egress router for any other prefix (secondary loopback IP, direct route to another node, prefix of neighboring router which is not running LDP etc.) you can do so with the egress policy - note that you have to include the current primary loopback IP as well otherwise it wouldn't be advertised anymore (if you want of course).

Simple example with two IPs on router's loopback below - 

 

without egress policy:

 

root@R1# show interfaces lo0.0
family inet {
address 1.1.1.1/32 {
primary;
preferred;
}
address 11.11.11.11/32;
}


root@R2> show route table inet.3

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.1/32 *[LDP/9] 00:44:32, metric 100
> to 172.30.0.5 via ge-0/0/4.114, Push 0

root@R2>

 

with egress policy


root@R1> show configuration protocols ldp
egress-policy leak.to.ldp;

 

root@R1> show configuration policy-options policy-statement leak.to.ldp
term permit {
from {
route-filter 1.1.1.1/32 exact;
route-filter 11.11.11.11/32 exact;
}
then accept;
}

root@R2> show route table inet.3

inet.3: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.1/32 *[LDP/9] 00:47:48, metric 100
> to 172.30.0.5 via ge-0/0/4.114, Push 0
11.11.11.11/32 *[LDP/9] 00:18:11, metric 150
> to 172.30.0.5 via ge-0/0/4.114, Push 299808

 

If you like I'd suggest you have a read of an article from David Roy - https://www.inetzero.com/no-more-doubt-about-ldp/

which covers all of the policies that can be used and much more about LDP.

 

Cheers,

 

Radek

Junos

Re: LDP Policies

‎11-03-2019 03:46 PM

By default, a Junos box only binds a label to its own loopback interface and advertises it to its neighbors. Basically, from its own routing table, the only prefix that it advertises with a label is the address of the loopback interface. If you want the router to advertise labels for any other prefix from its own routing table, you need an egress-policy. You can also see it this way: when you apply an egress policy the router becomes the egress point for that prefix.

 

Now, if your router receives a prefix with a label from a neighbor (maybe the neighbor is advertising its loopback) your router binds a label for that prefix and passes that information to other neighbors. This happens by default (as long as there is also a route in the routing table – IGP).  In this case, your router becomes a transit point to reach that prefix.  You can control with prefixes your router binds labels to (from the received ones), using an export-policy

 

Imagine a topology like this:   R1---R2---R3.

 

R1 advertises its loopback interface (192.168.1.1/32) with a label of 100 to R2. 

R2 binds label 200 to 192.168.1.1/32 and passes that information down to R3.

 

R2 will have an entry in inet.3 that says 192.168.1.1/32 push 100, and an entry in mpls.0 that says label 200 swapped to label 100.

R3 will have an entry in inet.3 that says 192.168.1.1/32 push 200

 

You can control what prefixes are initially advertised by R1 with an egress policy (maybe you also want to advertise the address of xe-0/0/0).

 

You can then control which prefixes R2 passes along to R3 from the ones received from R1, with an export-policy.  Maybe you only want to advertise the loopback, even though R1 is advertising its loopback and interface xe-0/0/0.

 

Another way to see this:

 

  • Prefixes advertised by an egress-policy are in inet.0, and don’t have a label yet. 
  • Prefixes advertised by an export-policy are already in the LDP database, learned from someone else. 
Yasmin Lara - Juniper Ambassador #QuadE - JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCIS-CLOUD, JNCDS-DC, JNCIA-DevOps