Juniper Networks M10i manual VPNs

M10i Internet Router Hardware Guide

RIP) export the direct (interface) routes for the interfaces on which the protocol is explicitly configured.

For each routing table, you can affect the routes that a protocol places into the table and the routes from the table that the protocol advertises by defining one or more routing policies and then applying them to the specific routing protocol.

Routing policies applied when the routing protocol places routes into the routing table are called import policies because the routes are being imported into the routing table. Policies applied when the routing protocol is advertising routes that are in the routing table are called export policies because the routes are being exported from the routing table. In other words, the terms import and export are used with respect to the routing table.

Routing policy enables you to control (filter) which routes are imported into the routing table and which routes are exported from the routing table. Routing policy also allows you to set the information associated with a route as it is being imported into or exported from the routing table. Routing policies applied to imported routes control the routes used to determine active routes, whereas policies applied to exported routes control which routes a protocol advertises to its neighbors.

You implement routing policy by defining policies. A policy specifies the conditions to use to match a route and the action to perform on the route when a match occurs. For example, when a routing table imports routing information from a routing protocol, a routing policy might modify the route's preference, mark the route with a color to identify it for later manipulation, or prevent the route from even being installed in a routing table. When a routing table exports routes to a routing protocol, a policy might assign metric values, modify the BGP community information, tag the route with additional information, or prevent the route from being exported altogether. You also can define policies for redistributing the routes learned from one protocol into another protocol.

VPNs

The JUNOS software supports several types of VPNs:

■Layer 2 VPNs—A Layer 2 VPN links a set of sites sharing common routing information, and whose connectivity is controlled by a collection of policies. A Layer 2 VPN is not aware of routes within a customer’s network. It simply provides private links between a customer’s sites over the service provider’s existing public Internet backbone.

■Layer 3 VPNs—A Layer 3 VPN links a set of sites that share common routing information, and whose connectivity is controlled by a collection of policies. A Layer 3 VPN is aware of routes within a customer’s network, requiring more configuration on the part of the service provider than a Layer 2 VPN. The sites that make up a Layer 3 VPN are connected over a service provider’s existing public Internet backbone.

■Interprovider VPNs—An interprovider VPN supplies connectivity between two VPNs in separate autonomous systems (ASs). This functionality could be used

30■ Routing Engine Software Components