[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring LDP Outbound-Label Filtering

You can configure export policies to filter LDP outbound labels. You can filter outbound label bindings by applying routing policies to block bindings from being advertised to neighboring routers. To configure outbound label filtering, include the export statement:

export [policy-name];

For a list of hierarchy levels at which you can include this statement, see the statement summary section for this statement.

The named export policy (configured at the [edit policy-options] hierarchy level) is applied to all label bindings transmitted to all LDP neighbors. The only from operator that applies to LDP outbound label filtering is route-filter, which matches bindings with the specified prefix. The only to operators that apply to outbound label filtering are the operators in Table 12.

Table 12: to Operators for LDP Outbound-Label Filtering

to Operator

Description

interface

Matches on bindings sent to a neighbor that is adjacent over the specified interface

neighbor

Matches on bindings sent to the specified LDP router ID

next-hop

Matches on bindings sent to a neighbor advertising the specified interface address

If a binding is filtered, the binding is not advertised to the neighboring router, but it can be installed as part of an LSP on the local router. You can apply policies in LDP to block the establishment of LSPs, but not to control their routing. The path an LSP follows is determined by unicast routing, not by LDP.

LDP sessions are not bound to interfaces or interface addresses. LDP advertises only per-router (not per-interface) labels. If multiple parallel links exist between two routers, only one LDP session is established, and it is not bound to a single interface.

Do not use the next-hop and interface operators when a router has multiple adjacencies to the same neighbor.

Filtered labels are marked in the database:


user@host> show ldp database 
Input label database, 10.10.255.1:0-10.10.255.3:0 
Label Prefix 
100007 10.10.255.2/32 
3 10.10.255.3/32
Output label database, 10.10.255.1:0-10.10.255.3:0 
Label Prefix 
3 10.10.255.1/32 
100001 10.10.255.6/32 (Filtered)

For more information about how to configure policies for LDP, see the JUNOS Policy Framework Configuration Guide.

Examples: Configuring Outbound-Label Filtering

Block transmission of 10.10.255.6/32 to all neighbors:

[edit protocols]
ldp {
export block-one;
}
policy-options {
policy-statement block-one {
term first {
from {
route-filter 10.10.255.6/32 exact;
}
then reject;
}
then accept;
}
}

Send only 131.108/16 or longer to router ID 10.10.255.2, and send all prefixes to all other routers:

[edit protocols]
ldp {
export limit-lsps;
}
policy-options {
policy-statement limit-lsps {
term allow-one {
from {
route-filter 131.108.0.0/16 orlonger;
}
to {
neighbor 10.10.255.2;
}
then accept;
}
term block-the-rest {
to {
neighbor 10.10.255.2;
}
then reject;
}
then accept;
}
}
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.