Date created: Friday, December 13, 2013 2:04:18 PM. Last modified: Friday, June 3, 2016 4:18:31 PM

Bi/Multi-Lateral Peering Example

Example peering LAN config for private peerings and router sourced multi-lateral peerings;

/* Place local supernets into FIB */

routing-options {
    static {
        route 1.2.3.0/8 {
            discard;
            tag 66666;
        }                              
        route 4.5.6.0/8 {
            discard;
            tag 66666;
        }
    }
    martians {
        0.0.0.0/8 orlonger;
        100.64.0.0/10 orlonger;
        127.0.0.0/8 orlonger;
        169.254.0.0/16 orlonger;
        192.0.0.0/24 orlonger;
        192.0.2.0/24 orlonger;
        192.168.0.0/16 orlonger;
        198.18.0.0/15 orlonger;
        198.51.100.0/24 orlonger;
        203.0.113.0/24 orlonger;
        224.0.0.0/4 orlonger;
        240.0.0.0/4 orlonger;
    }
    autonomous-system 66666;
}

protocols {
    bgp {
        traceoptions {
            file log-bgp size 1m files 5;
            flag state;
            flag normal;
            flag open detail;
        }
        log-updown;
        remove-private;
        group peering-route-servers {
            type external;

            /* Policy statements and can strung together like the import filter, or a large statement created with multiple terms like the export filter */

            export PS-Peering;
            import [ PS-Deny-IXP-Prefixes PS-Deny-Own-Prefixes PS-Filter-Prefix-Size PS-No-Private-ASN PS-AS-Expand-x2 ];
            peer-as 65655;
            neighbor 10.0.58.1;
        }
        group peering-private-peers {
            type external;
            export PS-Peering;
            import [ PS-Deny-IXP-Prefixes PS-Deny-Own-Prefixes PS-Filter-Prefix-Size PS-No-Private-ASN PS-AS-Expand-x2 ];
            neighbor 10.0.0.5 {
                description AS12345;
                peer-as 12345;
            }
            neighbor 10.0.0.6 {
                description AS78910;
                peer-as 78910;
            }
           family inet {
                any {
                    prefix-limit {
                        /* Try to detect full table leaks */
                        maximum 10000;
                        teardown 80 idle-timeout 60;
                    }
                }
            }  
        }
    }
}

policy-options {
    policy-statement PS-Peering {
        term 1 {
            from {
                protocol static;
                tag 66666;
            }
            then {
                as-path-prepend "66666 66666";
                next-hop self;
                accept;
            }
        }
        term 2 {
            from {
                protocol bgp;
                community MATCH-66666-66666;
            }
            then {
                community delete MATCH-66666;
                accept;
            }
        }
        term 10 {
            then {
                trace;
                reject;
            }
        }
    }
    policy-statement PS-AS-Expand-x2 {
        then {
            as-path-expand last-as count 2;
            accept;
        }
    }
    policy-statement PS-Deny-IXP-Prefixes {
        term 1 {
            from {
                route-filter 1.0.0.0/22 orlonger;
                route-filter 2.0.0.0/22 orlonger;
            }
            then {
                trace;
                reject;
            }
        }
    }
    policy-statement PS-Deny-Own-Prefixes {
        term 1 {
            from {
                route-filter 1.2.3.0/8 orlonger;
                route-filter 4.5.6.0/8 orlonger;
            }
            then {
                trace;
                reject;
            }
        }
    }
    policy-statement PS-Filter-Prefix-Size {
        from {
            route-filter 0.0.0.0/0 prefix-length-range /27-/32;
            route-filter 0.0.0.0/0 prefix-length-range /0-/5;
        }
        then {
            trace;
            reject;
        }
    }
    policy-statement PS-No-Private-ASN {
        from as-path private-asn;
        then {
            trace;
            reject;
        }
    }
    community MATCH-66666 members 66666:*;
    community MATCH-66666-66666 members 66666:66666;
    as-path private-asn 64512-65535;
}