Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Default Routing Policies

    If an incoming or outgoing route or packet arrives and there is no explicitly configured policy related to the route or to the interface upon which the packet arrives, the action specified by the default policy is taken. A default policy is a rule or a set of rules that determine whether the route is placed in or advertised from the routing table, or whether the packet is accepted into or transmitted from the router interface.

    You must be familiar with the default routing policies to know when you need to modify them to suit your needs. Table 1 summarizes the default routing policies for each routing protocol that imports and exports routes. The actions in the default routing policies are taken if you have not explicitly configured a routing policy. This table also shows direct and explicitly configured routes, which for the purposes of this table are considered a pseudoprotocol. Explicitly configured routes include aggregate, generated, and static routes.

    Table 1: Default Import and Export Policies for Protocols

    Importing or Exporting Protocol

    Default Import Policy

    Default Export Policy

    BGP

    Accept all received BGP IPv4 routes learned from configured neighbors and import into the inet.0 routing table. Accept all received BGP IPv6 routes learned from configured neighbors and import into the inet6.0 routing table.

    Readvertise all active BGP routes to all BGP speakers, while following protocol-specific rules that prohibit one IBGP speaker from readvertising routes learned from another IBGP speaker, unless it is functioning as a route reflector.

    DVMRP

    Accept all DVMRP routes and import into the inet.1 routing table.

    Accept and export active DVMRP routes.

    IS-IS

    Accept all IS-IS routes and import into the inet.0 and inet6.0 routing tables. (You cannot override or change this default policy.)

    Reject everything. (The protocol uses flooding to announce local routes and any learned routes.)

    LDP

    Accept all LDP routes and import into the inet.3 routing table.

    Reject everything.

    MPLS

    Accept all MPLS routes and import into the inet.3 routing table.

    Accept and export active MPLS routes.

    OSPF

    Accept all OSPF routes and import into the inet.0 routing table. (You cannot override or change this default policy.)

    Reject everything. (The protocol uses flooding to announce local routes and any learned routes.)

    PIM dense mode

    Accept all PIM dense mode routes and import into the inet.1 routing table.

    Accept active PIM dense mode routes.

    PIM sparse mode

    Accept all PIM sparse mode routes and import into the inet.1 routing table.

    Accept and export active PIM sparse mode routes.

    Pseudoprotocol:

    • Direct routes
    • Explicitly configured routes:
      • Aggregate routes
      • Generated routes
      • Static routes

    Accept all direct and explicitly configured routes and import into the inet.0 routing table.

    The pseudoprotocol cannot export any routes from the routing table because it is not a routing protocol.

    Routing protocols can export these or any routes from the routing table.

    RIP

    Accept all RIP routes learned from configured neighbors and import into the inet.0 routing table.

    Reject everything. To export RIP routes, you must configure an export policy for RIP.

    RIPng

    Accept all RIPng routes learned from configured neighbors and import into the inet6.0 routing table.

    Reject everything. To export RIPng routes, you must configure an export policy for RIPng.

    Test policy

    Accept all routes. For additional information about test policy, see Example: Testing a Routing Policy with Complex Regular Expressions.

    OSPF and IS-IS Import Policies

    You cannot change the default import policy for IS-IS. For OSPF, import policies apply to external routes only. An external route is a route that is outside the OSPF autonomous system (AS). For internal routes (routes learned from OSPF), you cannot change the default import policy for OSPF. As link-state protocols, IS-IS and OSPF exchange routes between systems within an autonomous system (AS). All routers and systems within an AS must share the same link-state database, which includes routes to reachable prefixes and the metrics associated with the prefixes. If an import policy is configured and applied to IS-IS or OSPF, some routes might not be learned or advertised or the metrics for learned routes might be altered, which would make a consistent link-state database impossible.

    The default export policy for IS-IS and OSPF protocols is to reject everything. These protocols do not actually export their internally learned routes (the directly connected routes on interfaces that are running the protocol). Both IS-IS and OSPF protocols use a procedure called flooding to announce local routes and any routes learned by the protocol. The flooding procedure is internal to the protocol, and is unaffected by the policy framework. Exporting can be used only to announce information from other protocols, and the default is not to do so.

    Automatic Export

    For Layer 3 VPNs, the automatic export feature can be configured to overcome the limitation of local prefix leaking and automatically export routes between local VPN routing and forwarding (VRF) routing instances.

    In Layer 3 VPNs, multiple CE routers can belong to a single VRF routing instance on a PE router. A PE router can have multiple VRF routing instances. In some cases, shared services might require routes to be written to multiple VRF routing tables, both at the local and remote PE router. This requires the PE router to share route information among each configured VRF routing instance. This exchange of route information is accomplished with custom vrf-export and vrf-import policies that utilize BGP extended community attributes to create hub-and-spoke topologies. This exchange of routing information, such as route prefixes, is known as prefix leaking.

    The automatic export feature leaks prefixes between VRF routing instances that are locally configured on a given PE router. The automatic export feature is enabled by using the auto-export statement.

    Automatic export is always applied on the local PE router, because it takes care of only local prefix leaking by evaluating the export policy of each VRF and determining which route targets can be leaked locally. The standard VRF import and export policies still affect only the remote PE prefix leaking.

    If the vrf-export policy examined by the automatic export does not have an explicit then accept action, the automatic export essentially ignores the policy and, therefore, does not leak the route targets specified within it.

    For more information, see Technology Overview: Understanding the Auto Export Feature PDF Document.

    Modified: 2016-09-01