[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring a Routing Policy for Layer 2 VPNs

If the routing instance uses a policy for accepting and rejecting packets instead of a route target, you must specify the import and export routing policies and the community on each PE Services Router.

To configure a Layer 2 VPN routing policy on a PE Services Router:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 18 and Table 19 on each PE router.
If you are finished configuring the router, commit the configuration.
To verify the configuration, see Verifying a VPN Configuration.

Table 18: Configuring an Import Routing Policy for Layer 2 VPNs

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the top of the configuration hierarchy and configure the import routing policy. (PE Services Router)	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Policy options, click Configure or Edit. Next to Policy statement, click Add new entry. In the Policy name box, type the policy name—for example, import_vpn.	From the [edit] hierarchy level, enter edit policy-options policy-statement import-policy-name
Define the term for accepting packets. (PE Services Router)	Next to Term group, click Add new entry. In the Term name box, type a term name—for example, 10. Next to From, click Configure. Click Add new entry. Click Protocol and select bgp from the Value menu. Click OK. Next to Community, click Add new entry. Type the community-name value in the Community Name box. Click OK. Next to Then, click Configure. From the Accept reject list, select accept. Click OK until you are at the Policy statement page.	Enter set termterm-name-accept from protocol bgp community community-name Enter set termterm-name-accept then accept
Define the term for rejecting packets. (PE Services Router)	Next to the Term group, click Add new entry. In the Term name box, type a term name—for example, 20. Next to Then, click Configure. From the Accept list, select reject. Click OK until you return to the Policy options page.	Enter set term term-name-reject then reject

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the top of the configuration hierarchy and configure the import routing policy.

(PE Services Router)

In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
Next to Policy options, click Configure or Edit.
Next to Policy statement, click Add new entry.
In the Policy name box, type the policy name—for example, import_vpn.

From the [edit] hierarchy level, enter

edit policy-options policy-statement import-policy-name

Define the term for accepting packets.

(PE Services Router)

Next to Term group, click Add new entry.
In the Term name box, type a term name—for example, 10.
Next to From, click Configure.
Click Add new entry.
Click Protocol and select bgp from the Value menu.
Click OK.
Next to Community, click Add new entry.
Type the community-name value in the Community Name box.
Click OK.
Next to Then, click Configure.
From the Accept reject list, select accept.
Click OK until you are at the Policy statement page.

Enter
set termterm-name-accept from protocol bgp community community-name
Enter
set termterm-name-accept then accept

Define the term for rejecting packets.

(PE Services Router)

Next to the Term group, click Add new entry.
In the Term name box, type a term name—for example, 20.
Next to Then, click Configure.
From the Accept list, select reject.
Click OK until you return to the Policy options page.

Enter

set term term-name-reject then reject

After configuring an import routing policy for a Layer 2 VPN, configure an export routing policy for the Layer 2 VPN. The export routing policy defines how routes are exported from the PE Services Router routing table. An export policy is applied to routes sent to other PE Services Routers in the VPN. The export policy must also evaluate all routes received over the routing protocol session with the CE Services Router. The export policy must also contain a second term for rejecting all other routes.

Table 19: Configuring an Export Routing Policy for Layer 2 VPNs

Task	J-Web Configuration Editor	CLI Configuration Editor
Configure the export routing policy. (PE Services Router)	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Policy options, click Configure or Edit. Next to Policy statement, click Add new entry. In the Policy name box, type the policy name—for example, export_vpn.	From the [edit] hierarchy level, enter edit policy-options policy-statement export-policy-name
Define the term for accepting packets. (PE Services Router)	Next to the Term group, click Add new entry. In the Term name box, type a term name—for example, 10. Next to From, click Configure. Next to Community, click Add new entry. Type the community-name value in the Community Name box. Click OK. Next to Then, click Configure. From the Accept reject list, select accept. Click OK twice until you are at the Policy statement page.	Enter set termterm-name-accept from community add community-name Enter set termterm-name-accept then accept
Define the term for rejecting packets. (PE Services Router)	Next to the Term group, click Add new entry. In the Term name box, type a term name—for example, 20. Next to Then, click Configure. From the Accept reject list, select reject. Click OK until you return to the Policy options page.	Enter set termterm-name-reject from community add community-name Enter set termterm-name-reject then reject
Define the community. (PE Services Router)	In the Community group, click Add new entry. In the Community name box, type a community name—for example, VPN. In the Members group, click Add new entry. In the Value box, type target:community-id, where community-id is as-number:number or ip-address:number. Click OK until you return to the Policy options page.	Type the following commands: communitycommunity-nametarget:as-number or ip-address:number

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]