[j-nsp] l3vpn BGP advertisements
Harry Reynolds
harry at juniper.net
Tue Jul 18 20:15:09 EDT 2006
You could try a static route to the device "on the other end of the
link" (where the CE would be), and then do a static arp entry for the
associated /32 next-hop under the vrf interface. The static route alone
will not work if there is no CE to reply to ARP requests, IIRC. Then use
policy to advertise the static route. Not the same as the direct
interface, but might work; in this example I am using a /30 on the vrf
interface and advertising a larger /24.
Something like:
[edit]
harry at vpn02# show interfaces ge-7/0/0
unit 0 {
family inet {
address 10.0.1.1/30 {
arp 10.0.1.2 mac 00:90:69:00:a7:72;
}
}
}
[edit]
harry at vpn02# show routing-instances
test {
instance-type vrf;
interface ge-7/0/0.0;
route-distinguisher 1:1;
vrf-export test-export;
vrf-target target:1:100;
routing-options {
static {
route 10.0.1.0/24 next-hop 10.0.1.2;
}
}
}
[edit]
harry at vpn02# show policy-options policy-statement test-export
term 1 {
from {
protocol static;
route-filter 10.0.1.0/24 exact;
}
then accept;
}
[edit]
harry at vpn02# run show arp
MAC Address Address Name Interface
Flags
00:90:xx:xx:xx:xx 10.0.1.2 10.0.1.2 ge-7/0/0.0
permanent <<<
[edit]
harry at vpn02# run show route advertising-protocol bgp 1.1.0.1 detail
test.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
* 10.0.1.0/24 (1 entry, 1 announced)
BGP group int type Internal
Route Distinguisher: 1:1
VPN Label: 100000
Nexthop: Self
Flags: Nexthop Change
Localpref: 100
AS path: I
Regards and HTHs
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
> juniper-nsp at nurk.org
> Sent: Tuesday, July 18, 2006 4:32 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] l3vpn BGP advertisements
>
>
> Hello,
>
> I've created a VRF between 2 M20's. I currently have a policy
> that distributes static and direct routes. The issue I'm
> having is junos doesn't seem to advertise the route directly
> connected to an fe port. If I add a loopback interface to the
> VRF it will advertise it's route though. I've tried adding a
> static route to the fe interface, but junos complains about
> it not being a p2p address. Is it possible to have a VRF hang
> off an interface w/o a CE router on the other end?
>
> As you can see below, junos shows the route as "Direct" for
> both loopback and fe, but does not advertise the fe route...
>
>
> > show configuration policy-options policy-statement mgt-vpn-export
> term 1 {
> from protocol [ direct static ];
> then {
> community add mgt-vpn;
> accept;
> }
> }
>
>
> > show configuration routing-instances mgt-vpn
> description "Management VPN";
> instance-type vrf;
> interface fe-0/0/1.0;
> interface lo0.1;
> route-distinguisher 12345:13;
> vrf-import mgt-vpn-import;
> vrf-export mgt-vpn-export;
>
>
> > show route table mgt-vpn 10.4.18.0
>
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0
> holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 10.4.18.0/24 *[Direct/0] 2d 16:58:45
> > via fe-0/0/1.0
>
>
> > show route table mgt-vpn 10.4.4.1
>
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0
> holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 10.4.4.1/32 *[Direct/0] 1d 21:05:50
> > via lo0.1
>
>
> > show route advertising-protocol bgp <ip>
>
> mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0
> holddown, 0 hidden)
> Prefix Nexthop MED
> Lclpref AS path
> * 10.4.4.1/32 Self 100 I
> * 10.4.18.0/24 Not advertised 100 I
>
>
> Thank you for any information you can provide...
>
> --
> Sean Swallow
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list