[j-nsp] Default-information originate on Juniper JUNOS
Hannes Gredler
hannes at juniper.net
Mon Oct 24 03:19:47 EDT 2005
nice catch - so an additional
[edit routing-options]
+ generate {
+ route 0.0.0.0/0 policy direct-only;
+ }
[edit policy-options]
+ policy-statement direct-only {
+ term direct {
+ from protocol direct;
+ then accept;
+ }
+ term last {
+ then reject;
+ }
+ }
to peter's suggestion will make sure that
RPD does not slip if the entire internet is
a contributing route ....
and alternative solution for advertising teh default would be
also to set a static route to a reject next-hop ....
/hannes
Domiciano Alonso Fernández wrote:
> Hello,
> You'd better take care with that config: it could exacerbate PR 60411
> Regards.
>
> On 10/20/05, Peter Lundqvist <plundqvi at juniper.net> wrote:
>
>>guillaume.chappuit at nextiraone.fr wrote:
>>
>>>Hi,
>>>
>>>I'm looking for the way to do the same thing as the "default-information
>>>
>>>originate always" command on Cisco routers but on Juniper JUNOS v7.0.
>>>This
>>>is for the RIP V2 protocol.
>>>Has anybody an idea?
>>
>>routing-options {
>>rib inet.0 {
>>generate {
>>route 0.0.0.0/0 <http://0.0.0.0/0> {
>>active;
>>}
>>}
>>[…]
>>policy-options {
>>policy-statement default {
>>term conditional {
>>from {
>>protocol aggregate;
>>route-filter 0.0.0.0/0 <http://0.0.0.0/0> exact;
>>}
>>then accept;
>>}
>>term suppress {
>>then reject;
>>}
>>}
>>[…]
>>protocols {
>>rip {
>>send multicast;
>>receive version-2;
>>group unix {
>>export default; <<<<<<<<<<<<<<
>>neighbor fe-0/3/3.0 {
>>[...]
>>
>>
>>
>>The generate route....
>>
>>lunkan at junos_access# run show route protocol aggregate table inet.0
>>detail
>>inet.0: 47 destinations, 49 routes (47 active, 0 holddown, 1 hidden)
>>Restart Complete
>>0.0.0.0/0 <http://0.0.0.0/0> (1 entry, 1 announced)
>>*Aggregate Preference: 130
>>Next-hop reference count: 4
>>Next hop: via e1-0/1/3.2, selected
>>State: <Active Int Ext>
>>Local AS: 1112
>>Age: 6:21
>>Task: Aggregate
>>Announcement bits (4): 0-KRT 3-LDP 8-Resolve tree 2
>>9-Resolve tree 3
>>AS path: I
>>Flags: Generate Depth: 0 Active
>>Contributing Routes (21):
>>1.1.1.80/30 <http://1.1.1.80/30> proto Direct
>>1.1.1.228/30 <http://1.1.1.228/30> proto Direct
>>12.1.1.224/30 <http://12.1.1.224/30> proto Direct
>>1.1.1.5/32 <http://1.1.1.5/32> proto IS-IS
>>1.1.1.8/32 <http://1.1.1.8/32> proto IS-IS
>>1.1.1.9/32 <http://1.1.1.9/32> proto IS-IS
>>1.1.1.10/32 <http://1.1.1.10/32> proto IS-IS
>>1.1.1.24/29 <http://1.1.1.24/29> proto IS-IS
>>1.1.1.60/30 <http://1.1.1.60/30> proto IS-IS
>>1.1.1.72/30 <http://1.1.1.72/30> proto IS-IS
>>1.1.1.99/32 <http://1.1.1.99/32> proto IS-IS
>>1.1.1.100/32 <http://1.1.1.100/32> proto IS-IS
>>1.1.1.110/32 <http://1.1.1.110/32> proto IS-IS
>>1.1.1.208/30 <http://1.1.1.208/30> proto IS-IS
>>12.1.1.111/32 <http://12.1.1.111/32> proto IS-IS
>>12.1.1.184/30 <http://12.1.1.184/30> proto IS-IS
>>12.1.1.222/32 <http://12.1.1.222/32> proto IS-IS
>>192.168.2.0/24 <http://192.168.2.0/24> proto IS-IS
>>1.1.0.0/16 <http://1.1.0.0/16> proto BGP
>>8.0.0.0/16 <http://8.0.0.0/16> proto BGP
>>98.98.98.0/24 <http://98.98.98.0/24> proto BGP
>>
>>
>>
>>But the "always" thing is such a bad one if have multihomed setup and
>>you bust the link to the core from this router that generate the
>>default... In that case i do it conditionally, based on example: receive
>>IGP (OSPF/ISIS) or BGP from the core. That eliminate possible blackholes
>>if this router looses its path to the core. Below are the change to
>>aboves setup
>>
>>}
>>rib inet.0 {
>>generate {
>>route 0.0.0.0/0 <http://0.0.0.0/0> {
>>policy conditional; <<<<
>>}
>>}
>>}
>>policy-options {
>>policy-statement conditional {
>>term 1 {
>>from protocol isis;
>>then accept;
>>}
>>term last {
>>then reject;
>>}
>>
>>And the change... only ISIS are contribution routes. This avoids
>>blackholes if link are down to core with result lost ISIS...
>>
>>lunkan at junos_access# run show route protocol aggregate table inet.0
>>detail
>>inet.0: 47 destinations, 49 routes (47 active, 0 holddown, 1 hidden)
>>Restart Complete
>>0.0.0.0/0 <http://0.0.0.0/0> (1 entry, 1 announced)
>>*Aggregate Preference: 130
>>Next-hop reference count: 52
>>Next hop: 1.1.1.230 <http://1.1.1.230> via so-0/0/3.0, selected
>>State: <Active Int Ext>
>>Local AS: 1112
>>Age: 58
>>Task: Aggregate
>>Announcement bits (4): 0-KRT 3-LDP 8-Resolve tree 2
>>9-Resolve tree 3
>>AS path: I
>>Flags: Generate Depth: 0 Active
>>Contributing Routes (15):
>>1.1.1.5/32 <http://1.1.1.5/32> proto IS-IS
>>1.1.1.8/32 <http://1.1.1.8/32> proto IS-IS
>>1.1.1.9/32 <http://1.1.1.9/32> proto IS-IS
>>1.1.1.10/32 <http://1.1.1.10/32> proto IS-IS
>>1.1.1.24/29 <http://1.1.1.24/29> proto IS-IS
>>1.1.1.60/30 <http://1.1.1.60/30> proto IS-IS
>>1.1.1.72/30 <http://1.1.1.72/30> proto IS-IS
>>1.1.1.99/32 <http://1.1.1.99/32> proto IS-IS
>>1.1.1.100/32 <http://1.1.1.100/32> proto IS-IS
>>1.1.1.110/32 <http://1.1.1.110/32> proto IS-IS
>>1.1.1.208/30 <http://1.1.1.208/30> proto IS-IS
>>12.1.1.111/32 <http://12.1.1.111/32> proto IS-IS
>>12.1.1.184/30 <http://12.1.1.184/30> proto IS-IS
>>12.1.1.222/32 <http://12.1.1.222/32> proto IS-IS
>>192.168.2.0/24 <http://192.168.2.0/24> proto IS-IS
>>
>>
>>
>>
>>
>>Not sure if i shoot over the target here...
>>
>>/Peter
>>
>>
>>
>>
>>
>>
>>
>>>Thanx in advance
>>>
>>>Guillaume
>>>_______________________________________________
>>>juniper-nsp mailing list juniper-nsp at puck.nether.net
>>>http://puck.nether.net/mailman/listinfo/juniper-nsp
>>>
>>
>>
>>--
>>Peter Lundqvist - Beta Engineering
>>Juniper Networks
>>Mobile: +46702060472
>>URL : http://www.juniper.net
>>_______________________________________________
>>juniper-nsp mailing list juniper-nsp at puck.nether.net
>>http://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list