Is there a way in JunOS (I'm testing on 11.4R1.14) to see the prefixes filtered out by a policy statement?
I have the following in the lab dropping unwanted prefixes from BGP neighbors;
policy-statement PS-Filter-Prefix-Size {
from {
route-filter 0.0.0.0/0 prefix-length-range /27-/32;
route-filter 0.0.0.0/0 prefix-length-range /0-/5;
}
protocols {
bgp {
group my-peers {
type external;
import [ PS-Filter-Prefix-Size ];
}
}
}
This seems to be working, as show route hidden
reveals some test /32 routes which are not present in the output of show route
or show route forwarding-table
. Other /24 routes are coming in though for example.
Can I displays routes that have been caught by a filter?
Best Answer
This should display routes passing the policy
There isn't direct way to ask the opposite, but you could create policy which calls 'PS-Filter-Prefix-Size' and then rejects and accepts rest.
Testing this policy would yield opposite results, showing routes not passing 'PS-Filter-Prefix-Size'.
As far as I understand your 'PS-Filter-Prefix-Size' does nothing, as there is no action, so existing 'default-action' is honored.
You should have 'then accept' or 'then reject', and preferably after that explicit catch-all rule.
In your situation I'd do something like this