[j-nsp] vpn-apply-export
Blaz Zupan
blaz at inlimbo.org
Mon Nov 10 12:20:03 EST 2003
> I think I need to see the complete config to get a better handle. It sounds
> like you are saying:
>
> term limited-routes {
> from {
> protocol [ bgp aggregate static ];
> as-path limited-routes;
> }
> then accept;
> }
>
>
> Is part of your unicast PE-PE BGP routing policy. I assumed this was part of
> your VRF related policies.
Below is the relevant part of the configuration. This is the configuration
that worked with 5.5. With 5.7, I need to add "static" to the "limited-routes"
term of the "to-ibgp-amis-routes" policy, otherwise the static default route
does not propagate to the Cisco PE. I believe this is supposed to be needed
only when I configure vpn-apply-export, but I did not configure it.
protocols {
mpls {
interface e3-0/0/2.0;
interface fe-0/1/0.308;
}
bgp {
group ibgp {
type internal;
local-address 212.18.32.166;
peer-as 8591;
neighbor 212.18.32.175 {
family inet {
unicast;
}
family inet-vpn {
unicast;
}
export to-ibgp-amis-routes;
cluster 212.18.32.166;
}
}
}
ldp {
interface e3-0/0/2.0;
}
}
policy-options {
policy-statement to-ibgp-amis-routes {
term as8591 {
from community [ from-customer from-lix from-six ];
then accept;
}
term limited-routes {
from {
protocol [ bgp aggregate ];
as-path limited-routes;
}
then accept;
}
term everything-else {
then reject;
}
}
policy-statement vpn-telemach-import {
term a {
from {
protocol bgp;
community vpn-telemach;
}
then accept;
}
term b {
then reject;
}
}
policy-statement vpn-telemach-export {
term a {
then {
community add vpn-telemach;
accept;
}
}
term b {
then reject;
}
}
community from-customer members 8591:1000;
community from-lix members 8591:1002;
community from-six members 8591:1001;
community vpn-telemach members target:12644:1;
as-path limited-routes "[0-65535]{0,2}";
}
routing-instances {
telemach {
instance-type vrf;
interface fe-0/1/0.308;
route-distinguisher 12644:1;
vrf-import vpn-telemach-import;
vrf-export vpn-telemach-export;
routing-options {
static {
route 0.0.0.0/0 next-hop 213.143.77.41;
}
}
}
}
More information about the juniper-nsp
mailing list