====== BGP on Juniper (JunOS) ======

http://www.juniper.net/techpubs/software/nog/nog-mpls/html/config-mpls12.html
http://www.space.net/~gert/RIPE/ipv6-filters.html

See also:

   * {{juniper:junos-bgp-template.pdf|JunOS Secure BGP Template v1.92}}
   * [[http://www.cymru.com/Documents/secure-bgp-template.html|Cisco Secure BGP Template]]
   * [[http://www.qorbit.net/documents/junos-template.htm|JunOS Secure Template]]
   * [[http://www.juniper.net/techcenter/app_note/350001.html|Minimizing the Effects of DoS Attacks]]

===== Powerful BGP commands =====

What do we advertice to our neighbor
   show route advertising-protocol bgp <IP>

What do we get from our neighbor
  show route receive-protocol bgp <IP>




===== Exporting =====

  policy-statement foobar-export {
     term foobar {
       from {
          route-filter x.x.x.0/24 exact accept;
       }
     }
    term rest {
       then reject;
    }
  }

**Remember, that you need to have something in the routing table**!

  routing-options:
   static {
     route x.x.x.0/24 discard metric 100;
     ...
   }


   protocol {
     bgp {
      group uplink {
        type external;
        description foobar_uplink;
        export foobar-export;
        neighbor x.x.x.x {
            peer-as <ASNUM>;
       }
     }
   }

**Remember to also filter the import or your can be flooded**

===== Redistribute routes =====
Lets say you have set some dynamic routing (RIP,OSPF,BGP,IS-IS..) and you want to redistribute routes into them. 

==== redistribute connected ====
<code>
set policy-options policy-statement Connected
    term connected {
        from protocol direct;
        then accept;
}
</code>
==== redistribute static ====

<code>
set policy-options policy-statement Static
    term static {
        from protocol static;
        then accept;
}
</code>

==== redistribute local ====
<code>
set policy-options policy-statement Local
    term local {
        from protocol local;
        then accept;
}
</code>
reject anything else
<code>
term else {
    then reject
}
</code>
And all the policy will look like:
<code>
policy-statement distribute-routes
    term connected {
        from protocol direct;
        then accept;
    }
    term static {
        from protocol static;
        then accept;
    }
    term local {
        from protocol local;
        then accept;
    }
    term else {
        then reject
    }
</code>

It looks easy I guess..but what if you want to redistribute ospf routes?
==== redistribute ospf routes ====

If you are using OSPF for IGP and BGP as a EGP and you want to export ospf routes to BGP peers then you have to create a policy for that. Something like :
<code>
policy-statement ospf-routes {
    term 1 {
        from {
            protocol ospf;
            area 0.0.0.0;
        }
        then accept;
    }
    term 2 {
        then reject;
    }
}
</code>

==== send default route to bgp peer ====

**Lets assume you want to send to send to a BGP peer 0.0.0.0/0 (default route).**

First you need to have a route for 0.0.0.0/0 before you can export it to a peer. I guess this is the difference between the Juniper and Cisco configs, Cisco provides you a shortcut with the 'default-originate' keyword which does it all in one step. If you don't have a route for 0.0.0.0/0 defined somewhere that is at least part of the problem.
\\

**First we generate the default route (if you dont have one yet) :**
<code>
routing-options {
    generate {
        route 0.0.0.0/0 discard;
    }
} 
</code>

then we create a policy for 0/0 :
<code>
policy-options {
    policy-statement default-originate {
        from {
            route-filter 0.0.0.0/0 exact;
        }
        then accept;
    }
} 
</code>
A simple BGP neighbour will have smthing like:
<code>
neighbor aaa.bbb.ccc.ddd {
    export default-originate;
}
</code>