[j-nsp] l3vpn BGP advertisements

Harry Reynolds harry at juniper.net
Tue Jul 18 20:15:09 EDT 2006


You could try a static route to the device "on the other end of the
link" (where the CE would be), and then do a static arp entry for the
associated /32 next-hop under the vrf interface. The static route alone
will not work if there is no CE to reply to ARP requests, IIRC. Then use
policy to advertise the static route. Not the same as the direct
interface, but might work; in this example I am using a /30 on the vrf
interface and advertising a larger /24.

Something like:


[edit]
harry at vpn02# show interfaces ge-7/0/0           
unit 0 {
    family inet {
        address 10.0.1.1/30 {
            arp 10.0.1.2 mac 00:90:69:00:a7:72;
        }
    }
}

[edit]
harry at vpn02# show routing-instances 
test {
    instance-type vrf;
    interface ge-7/0/0.0;
    route-distinguisher 1:1;
    vrf-export test-export;
    vrf-target target:1:100;
    routing-options {
        static {
            route 10.0.1.0/24 next-hop 10.0.1.2;
        }
    }
}

[edit]
harry at vpn02# show policy-options policy-statement test-export 
term 1 {
    from {
        protocol static;
        route-filter 10.0.1.0/24 exact;
    }
    then accept;
}

[edit]
harry at vpn02# run show arp 
MAC Address       Address         Name                     Interface
Flags
00:90:xx:xx:xx:xx 10.0.1.2        10.0.1.2                  ge-7/0/0.0
permanent <<<


[edit]
harry at vpn02# run show route advertising-protocol bgp 1.1.0.1 detail 

test.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
* 10.0.1.0/24 (1 entry, 1 announced)
 BGP group int type Internal
     Route Distinguisher: 1:1
     VPN Label: 100000
     Nexthop: Self
     Flags: Nexthop Change
     Localpref: 100
     AS path: I


Regards and HTHs

 

> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of 
> juniper-nsp at nurk.org
> Sent: Tuesday, July 18, 2006 4:32 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] l3vpn BGP advertisements
> 
> 
> Hello,
> 
> I've created a VRF between 2 M20's. I currently have a policy 
> that distributes static and direct routes. The issue I'm 
> having is junos doesn't seem to advertise the route directly 
> connected to an fe port. If I add a loopback interface to the 
> VRF it will advertise it's route though. I've tried adding a 
> static route to the fe interface, but junos complains about 
> it not being a p2p address. Is it possible to have a VRF hang 
> off an interface w/o a CE router on the other end?
> 
> As you can see below, junos shows the route as "Direct" for 
> both loopback and fe, but does not advertise the fe route...
> 
> 
> > show configuration policy-options policy-statement mgt-vpn-export
> term 1 {
>      from protocol [ direct static ];
>      then {
>          community add mgt-vpn;
>          accept;
>      }
> }
> 
> 
> > show configuration routing-instances mgt-vpn
> description "Management VPN";
> instance-type vrf;
> interface fe-0/0/1.0;
> interface lo0.1;
> route-distinguisher 12345:13;
> vrf-import mgt-vpn-import;
> vrf-export mgt-vpn-export;
> 
> 
> > show route table mgt-vpn 10.4.18.0
> 
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 
> holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
> 
> 10.4.18.0/24       *[Direct/0] 2d 16:58:45
>                      > via fe-0/0/1.0
> 
> 
> > show route table mgt-vpn 10.4.4.1
> 
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 
> holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
> 
> 10.4.4.1/32        *[Direct/0] 1d 21:05:50
>                      > via lo0.1
> 
> 
> > show route advertising-protocol bgp <ip>
> 
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 
> holddown, 0 hidden)
>    Prefix                  Nexthop              MED     
> Lclpref    AS path
> * 10.4.4.1/32             Self                         100        I
> * 10.4.18.0/24            Not advertised               100        I
> 
> 
> Thank you for any information you can provide...
> 
> -- 
> Sean Swallow
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 



More information about the juniper-nsp mailing list