[j-nsp] l3vpn BGP advertisements
Harry Reynolds
harry at juniper.net
Tue Jul 18 20:26:02 EDT 2006
Update: I forgot to include direct in the vrf export policy. In this
example both the static and the PE's VRF interface direct route is being
sent:
harry at vpn02> show configuration policy-options policy-statement
test-export
term 1 {
from {
protocol static;
route-filter 10.0.1.0/24 exact;
}
then accept;
}
term 2 {
from protocol direct;
then accept;
}
harry at vpn02> show route advertising-protocol bgp 1.1.0.1 detail
test.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
* 10.0.1.0/24 (1 entry, 1 announced)
BGP group int type Internal
Route Distinguisher: 1:1
VPN Label: 100000
Nexthop: Self
Flags: Nexthop Change
Localpref: 100
AS path: I
* 10.0.1.0/30 (1 entry, 1 announced)
BGP group int type Internal
Route Distinguisher: 1:1
VPN Label: 100000
Nexthop: Self
Flags: Nexthop Change
Localpref: 100
AS path: I
Cheers
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
> Harry Reynolds
> Sent: Tuesday, July 18, 2006 5:15 PM
> To: juniper-nsp at nurk.org; juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] l3vpn BGP advertisements
>
> You could try a static route to the device "on the other end
> of the link" (where the CE would be), and then do a static
> arp entry for the associated /32 next-hop under the vrf
> interface. The static route alone will not work if there is
> no CE to reply to ARP requests, IIRC. Then use policy to
> advertise the static route. Not the same as the direct
> interface, but might work; in this example I am using a /30
> on the vrf interface and advertising a larger /24.
>
> Something like:
>
>
> [edit]
> harry at vpn02# show interfaces ge-7/0/0
> unit 0 {
> family inet {
> address 10.0.1.1/30 {
> arp 10.0.1.2 mac 00:90:69:00:a7:72;
> }
> }
> }
>
> [edit]
> harry at vpn02# show routing-instances
> test {
> instance-type vrf;
> interface ge-7/0/0.0;
> route-distinguisher 1:1;
> vrf-export test-export;
> vrf-target target:1:100;
> routing-options {
> static {
> route 10.0.1.0/24 next-hop 10.0.1.2;
> }
> }
> }
>
> [edit]
> harry at vpn02# show policy-options policy-statement test-export term 1 {
> from {
> protocol static;
> route-filter 10.0.1.0/24 exact;
> }
> then accept;
> }
>
> [edit]
> harry at vpn02# run show arp
> MAC Address Address Name Interface
> Flags
> 00:90:xx:xx:xx:xx 10.0.1.2 10.0.1.2 ge-7/0/0.0
> permanent <<<
>
>
> [edit]
> harry at vpn02# run show route advertising-protocol bgp 1.1.0.1 detail
>
> test.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
> * 10.0.1.0/24 (1 entry, 1 announced)
> BGP group int type Internal
> Route Distinguisher: 1:1
> VPN Label: 100000
> Nexthop: Self
> Flags: Nexthop Change
> Localpref: 100
> AS path: I
>
>
> Regards and HTHs
>
>
>
> > -----Original Message-----
> > From: juniper-nsp-bounces at puck.nether.net
> > [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
> > juniper-nsp at nurk.org
> > Sent: Tuesday, July 18, 2006 4:32 PM
> > To: juniper-nsp at puck.nether.net
> > Subject: [j-nsp] l3vpn BGP advertisements
> >
> >
> > Hello,
> >
> > I've created a VRF between 2 M20's. I currently have a policy that
> > distributes static and direct routes. The issue I'm having is junos
> > doesn't seem to advertise the route directly connected to
> an fe port.
> > If I add a loopback interface to the VRF it will advertise
> it's route
> > though. I've tried adding a static route to the fe interface, but
> > junos complains about it not being a p2p address. Is it possible to
> > have a VRF hang off an interface w/o a CE router on the other end?
> >
> > As you can see below, junos shows the route as "Direct" for both
> > loopback and fe, but does not advertise the fe route...
> >
> >
> > > show configuration policy-options policy-statement mgt-vpn-export
> > term 1 {
> > from protocol [ direct static ];
> > then {
> > community add mgt-vpn;
> > accept;
> > }
> > }
> >
> >
> > > show configuration routing-instances mgt-vpn
> > description "Management VPN";
> > instance-type vrf;
> > interface fe-0/0/1.0;
> > interface lo0.1;
> > route-distinguisher 12345:13;
> > vrf-import mgt-vpn-import;
> > vrf-export mgt-vpn-export;
> >
> >
> > > show route table mgt-vpn 10.4.18.0
> >
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
> > hidden)
> > + = Active Route, - = Last Active, * = Both
> >
> > 10.4.18.0/24 *[Direct/0] 2d 16:58:45
> > > via fe-0/0/1.0
> >
> >
> > > show route table mgt-vpn 10.4.4.1
> >
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
> > hidden)
> > + = Active Route, - = Last Active, * = Both
> >
> > 10.4.4.1/32 *[Direct/0] 1d 21:05:50
> > > via lo0.1
> >
> >
> > > show route advertising-protocol bgp <ip>
> >
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
> > hidden)
> > Prefix Nexthop MED
> > Lclpref AS path
> > * 10.4.4.1/32 Self 100 I
> > * 10.4.18.0/24 Not advertised 100 I
> >
> >
> > Thank you for any information you can provide...
> >
> > --
> > Sean Swallow
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list