[j-nsp] Hidden L3VPN Routes
Peter Lundqvist
plundqvi at juniper.net
Wed Jun 8 12:35:46 EDT 2005
Do you have a working outerlabel path to the NEXT_HOP ? A working LDP
path or RSVP LSP ?
/Peter
Chris Staudt wrote:
> Hello together,
> I am facing a problem with a Juniper M40 and hope to find some help here.
> In general my network consists of cisco only equipment running ISIS, BGP
> and MPLS.
> I am trying to include some Juniper boxes now. It first ran very good but
> now I am stuck.
>
> I have ISIS, BGP and L3VPN running, but the M40 won't accept any VPN
> Prefixes announced to it saying:"next hop unusable" even thoug the next
> hop can pefectly be reached and ist lerned via ISIS.
> For further information I am posting some show outputs below. Any help is
> appreciated!
> regards
> chris
>
>
> -----
> chris at juni> ...ocol bgp 217.24.235.15 hidden extensive
>
> inet.0: 162642 destinations, 162649 routes (162642 active, 0 holddown, 0
> hidden)
>
> VRF_COMATEC.inet.0: 10 destinations, 10 routes (4 active, 0 holddown, 6
> hidden)
> 0.0.0.0/0 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 56
> Nexthop: 217.24.235.14
> MED: 0
> Localpref: 100
> AS path: I (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.14
> Communities: target:9063:1
>
> 150.100.0.0/16 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 198
> Nexthop: 217.24.235.14
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.14
> Communities: target:9063:1
>
> 192.168.8.0/24 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 65
> Nexthop: 217.24.235.7
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.7
> Communities: target:9063:1
>
> 192.168.99.0/28 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 161
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> 192.168.199.0/24 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 74
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> 192.168.199.1/32 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 155
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>
> mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>
> bgp.l3vpn.0: 6 destinations, 6 routes (0 active, 0 holddown, 6 hidden)
>
> 9063:1:0.0.0.0/0 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 56
> Nexthop: 217.24.235.14
> MED: 0
> Localpref: 100
> AS path: I (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.14
> Communities: target:9063:1
>
> 9063:1:150.100.0.0/16 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 198
> Nexthop: 217.24.235.14
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.14
> Communities: target:9063:1
>
> 9063:1:192.168.8.0/24 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 65
> Nexthop: 217.24.235.7
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.7
> Communities: target:9063:1
>
> 9063:1:192.168.99.0/28 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 161
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> 9063:1:192.168.199.0/24 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 74
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> 9063:1:192.168.199.1/32 (1 entry, 0 announced)
> Route Distinguisher: 9063:1
> VPN Label: 155
> Nexthop: 217.24.235.22
> MED: 0
> Localpref: 100
> AS path: ? (Originator) Cluster list: 0.0.35.103
> AS path: Originator ID: 217.24.235.22
> Communities: target:9063:1
>
> __juniper_private1__.inet6.0: 1 destinations, 1 routes (1 active, 0
> holddown, 0 hidden)
>
> chris at juni>
>
> -----
> show route to one of the next hops that is said to be unusable:
>
> chris at juni> show route 217.24.235.22
>
> inet.0: 162624 destinations, 162631 routes (162624 active, 0 holddown, 0
> hidden)
> + = Active Route, - = Last Active, * = Both
>
> 217.24.235.22/32 *[IS-IS/18] 1w0d 01:11:18, metric 1000
> > to 217.24.235.166 via fe-3/0/0.0
>
>
>
> ------------
>
> partial "show conf"
> routing-options {
> static {
> route 0.0.0.0/0 next-hop 217.24.235.15;
> }
> router-id 217.24.235.28;
> autonomous-system 9063;
> }
> protocols {
> mpls {
> interface fe-3/0/0.0;
> interface lo0.1;
> }
> bgp {
> traceoptions {
> file bgp size 500000;
> flag route detail;
> }
> group PG_TORR {
> type internal;
> local-address 217.24.235.28;
> family inet {
> unicast;
> }
> family inet-vpn {
> unicast;
> }
> peer-as 9063;
> neighbor 217.24.235.15 {
> authentication-key "xxxxxxxxx"; ## SECRET-DATA
> }
> }
> }
> isis {
> traceoptions {
> file isis size 500000;
> flag state detail;
> flag all detail;
> }
> lsp-lifetime 65535;
> level 2 {
> authentication-key "xxxxxxx"; ## SECRET-DATA
> authentication-type xxxx; ## SECRET-DATA
> no-hello-authentication;
> wide-metrics-only;
> }
> interface fe-3/0/0.0 {
> level 2 metric 1000;
> }
> interface all {
> level 1 disable;
> }
> }
> ldp {
> interface all;
> }
> }
> policy-options {
> policy-statement RP_DENY_ALL {
> term deny_all {
> from as-path AP_DENY_ALL;
> }
> then reject;
> }
> policy-statement XXXX-export {
> term a {
> from protocol static;
> then {
> community add XXXX;
> accept;
> }
> }
> term b {
> then reject;
> }
> }
> policy-statement XXXX-import {
> term a {
> from {
> protocol bgp;
> community XXXX;
> }
> then accept;
> }
> term b {
> then reject;
> }
> }
> community XXXX members target:9063:1;
> as-path AP_DENY_ALL .*;
> }
> routing-instances {
> VRF_XXXX {
> instance-type vrf;
> interface lo0.1;
> interface fe-3/0/1.0;
> route-distinguisher 9063:1;
> vrf-import XXXX-import;
> vrf-export XXXX-export;
> routing-options {
> static {
> route 10.10.10.0/24 next-hop 192.168.187.1;
> }
> }
> }
> }
>
>
>
>
> i.V.
>
> --
> Christoph Staudt, Leiter Netze und Systeme / CTO
> Cisco Certified Network Associate
>
> teresto media Aktiengesellschaft - RWE Group
> Trierer Strasse 223-225 - 66663 Merzig / Germany
> Tel. +49-(0)6861-9312-234 - Fax +49-(0)6861-9312-199
> mailto: christoph.staudt at teresto.net - http://www.teresto.net
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Peter Lundqvist - Beta Engineering
Juniper Networks
Mobile: +46702060472
URL : http://www.juniper.net
More information about the juniper-nsp
mailing list