Configuring Peer Policy on ISP Router 3
On ISP Router 3, a separate policy is in place for each customer. The default route for Customer 1 is being sent by the
customer-1-peerpolicy. This policy finds the0.0.0.0/0default route ininet.0and accepts it. The policy also rejects all other routes, thereby not sending all BGP routes on the ISP Router. Thecustomer-2-peerpolicy is for Customer 2 and contains the same policy terms, which also send the default route and no other transit BGP routes. The additional terms in thecustomer-2-peerpolicy send the ISP customer routes to Customer 2. Because there are local static routes on ISP Router 3 that represent local customers, these routes are sent as well as all other internal (192.168.0/17) routes announced to the local router by the other ISP routers.[edit]routing-options {static { # simulate local customer routesroute 192.168.72.0/22 reject;route 192.168.76.0/22 reject;route 192.168.80.0/22 reject;route 192.168.84.0/22 reject;route 192.168.88.0/22 reject;route 192.168.92.0/22 reject;route 192.168.72.0/21 reject;route 192.168.80.0/21 reject;route 192.168.88.0/21 reject;}generate { # install a default route if certain routes # from the Exchange Peers are advertised using BGProute 0.0.0.0/0 policy if-upstream-routes-exist;}autonomous-system 1000;}protocols {bgp {group Internal-Peers {type internal;local-address 192.168.0.3;export internal-peers;neighbor 192.168.0.1;neighbor 192.168.0.2;}group Customer-2 {type external;export customer-2-peer;peer-as 2468;neighbor 10.222.61.2;}group Customer-1 {type external;export customer-1-peer;peer-as 1234;neighbor 10.222.70.1;}}isis {level 1 disable;interface so-0/0/0.0;interface ge-0/1/0.0;interface lo0.0;}}policy-options {policy-statement internal-peers { # advertise local customer routes to peersterm statics {from protocol static;then accept;}term next-hop-self { # set the BGP next hop to Self for EBGP then { # routes advertised to IBGP peersnext-hop self;}}}policy-statement if-upstream-routes-exist {term only-certain-contributing-routes {from { # allow either the 10.100/17 or the 10.101.0.0/27 route-filter 10.100.0.0/17 exact; #route to activate the generated routeroute-filter 10.101.0.0/17 exact;}then accept;} # do not allow any other route to activate # the generated route in the routing tableterm reject-all-other-routes {then reject;}}policy-statement customer-2-peer { # advertise customer routes to all peersterm statics {from protocol static;then accept;}term isp-and-customer-routes { # advertise internal AS 1000 customerfrom { #to the customerprotocol bgp;route-filter 192.168.0.0/17 orlonger;}then accept;} # advertise just the default route to AS 2468term default-route {from {route-filter 0.0.0.0/0 exact;}then accept;}term reject-all-other-routes { # do not advertise any other routesthen reject;}}policy-statement customer-1-peer {term default-route { # advertise just the default route to AS 1234from {route-filter 0.0.0.0/0 exact;}then accept;}term reject-all-other-routes { # do not advertise any other routesthen reject;}}}