Juniper implicit deny after accept rules
How Juniper using implicit deny after accept rules
Router2
root> show route protocol bgp
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
100.0.20.1/32 *[BGP/170] 00:33:51, localpref 100, from 192.168.1.1
AS path: I, validation-state: unverified
> to 10.0.0.1 via ge-0/0/0.0
root>
Router1
routing-options {
static {
route 100.0.0.1/32 discard;
route 100.0.20.1/32 discard;
}
router-id 192.168.1.1;
autonomous-system 17;
}
protocols {
bgp {
local-address 192.168.1.1;
export send-direct;
group internal-peers {
type internal;
export send-static-100.0.0;
neighbor 192.168.1.2 {
export send-static-100.0.20;
}
neighbor 192.168.1.3;
}
}
ospf {
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
}
}
policy-options {
policy-statement send-direct {
term 1 {
from protocol direct;
then accept;
}
}
policy-statement send-static-100.0.0 {
term 1 {
from {
protocol static;
route-filter 100.0.0.0/24 orlonger;
}
then accept;
}
}
policy-statement send-static-100.0.20 {
term 1 {
from {
protocol static;
route-filter 100.0.20.0/24 orlonger;
}
then accept;
}
}
}