Route-policy with track and local-pref

yannick72 · ‎06-05-2025

Hi,

I've set up this policu but got this error when applying it to by BGP neighbor :

route-policy RP-TRACK-T5-LP-200
if track track-T5 is up then
set local-preference 200
pass
endif
end-policy

router bgp 65532
neighbor 172.31.255.5
use neighbor-group RR-CLIENT
address-family vpnv4 unicast
route-policy RP-TRACK-T5-LP-200 in

show conf failed gives :

Thu Jun 5 21:33:19.486 UTC
!! SEMANTIC ERRORS: This configuration was rejected by
!! the system due to semantic errors. The individual
!! errors with each failed configuration command can be
!! found below.

router bgp 65532
neighbor 172.31.255.5
address-family vpnv4 unicast
route-policy RP-TRACK-T5-LP-200 in
!!% Could not find entry in list: Policy [RP-TRACK-T5-LP-200] uses the 'track' attribute. There is no 'track' attribute at the bgp neighbor-in-dflt attach point.
!
!
!
end

Any idea ??

I have a similar config with IOS XE that works fine.

Cheers.

sidshas03 · ‎06-05-2025

Hey,

This issue occurs because IOS XR does not support using track conditions inside BGP route-policies. Unlike IOS XE, IOS XR has stricter enforcement rules, and track is not a valid condition when applied under the BGP address-family using a route-policy.

Example code that caused error:

route-policy RP-TRACK-T5-LP-200
  if track track-T5 is up then
    set local-preference 200
    pass
  endif
end-policy

router bgp 65532
  neighbor 172.31.255.5
    address-family vpnv4 unicast
      route-policy RP-TRACK-T5-LP-200 in

This gives the error output:

Policy [RP-TRACK-T5-LP-200] uses the 'track' attribute. There is no 'track' attribute at the bgp neighbor-in-dflt attach point.

What I would do:

Remove the track condition and simplify the policy:

route-policy RP-LP-200
  set local-preference 200
  pass
end-policy

Use EEM or external automation (Python, Ansible, etc.) to monitor the status of track-T5 and apply/remove the policy dynamically.

Because the Logic behind:

If track-T5 is up, apply the policy to the neighbor:

router bgp 65532
  neighbor 172.31.255.5
    address-family vpnv4 unicast
      route-policy RP-LP-200 in

If track-T5 is down, remove the policy:

router bgp 65532
  neighbor 172.31.255.5
    address-family vpnv4 unicast
      no route-policy RP-LP-200 in

Since track cannot be used directly in the route-policy in IOS XR, this logic must be handled externally.

Hope this helps you understand!

yannick72 · ‎06-05-2025

Hey Mate,

thank you for your reply,

do you have some example to configure EEM directly under IOS XR to monitor the status of track-T5 and apply/remove the policy dynamically ?

Cheers !

sidshas03 · ‎06-05-2025

Hey,

Glad the explanation helped! Regarding your follow-up—yes, while IOS XR doesn't support the classic EEM applets like IOS XE, you can still achieve similar functionality using Embedded Event Manager (EEM) scripts written in Tcl, or better yet, use external automation tools like Python with NETCONF/gNMI or even CLI-based scripting over SSH. Here’s the concept:

You create a periodic script (whether it's an EEM policy or an external Python script) that checks the state of your tracked object (e.g., track-T5). Based on whether it's up or down, the script would log into the router and dynamically apply or remove the route-policy from the BGP neighbor config.

For example, if track-T5 is up, the script pushes:

router bgp 65532
 neighbor 172.31.255.5
  address-family vpnv4 unicast
   route-policy RP-LP-200 in

If it's down, it pushes:

router bgp 65532
 neighbor 172.31.255.5
  address-family vpnv4 unicast
   no route-policy RP-LP-200 in

If you want to do this on-box, you’d typically use XR’s support for Tcl scripts via EEM, but it requires enabling the appropriate infrastructure and writing a script that can parse CLI command output, which can be quite complex and limited compared to off-box automation.

So for production or clean design, I highly recommend using Python with ncclient or paramiko to run CLI commands remotely. You can poll the show track brief or show track name track-T5 output every X seconds, and trigger config changes accordingly.

Cheers!