[j-nsp] l3vpn BGP advertisements

Arda Balkanay wolverard at yahoo.com
Wed Jul 19 02:15:09 EDT 2006 

try to use virtual tunnel interfaces 
interfaces vt-x/y/z 
unit 0 {
    description "Mgmt Vrf Lookup Intf";
    family inet;
    family mpls;
}
and insert it to the vrf where /24 directly connected
network is used:
routing-instances Management {
...
interface vt-x/y/z.0;
...
}

I guess that might help.
regards
Arda


--- Harry Reynolds <harry at juniper.net> wrote:

> You could try a static route to the device "on the
> other end of the
> link" (where the CE would be), and then do a static
> arp entry for the
> associated /32 next-hop under the vrf interface. The
> static route alone
> will not work if there is no CE to reply to ARP
> requests, IIRC. Then use
> policy to advertise the static route. Not the same
> as the direct
> interface, but might work; in this example I am
> using a /30 on the vrf
> interface and advertising a larger /24.
> 
> Something like:
> 
> 
> [edit]
> harry at vpn02# show interfaces ge-7/0/0           
> unit 0 {
>     family inet {
>         address 10.0.1.1/30 {
>             arp 10.0.1.2 mac 00:90:69:00:a7:72;
>         }
>     }
> }
> 
> [edit]
> harry at vpn02# show routing-instances 
> test {
>     instance-type vrf;
>     interface ge-7/0/0.0;
>     route-distinguisher 1:1;
>     vrf-export test-export;
>     vrf-target target:1:100;
>     routing-options {
>         static {
>             route 10.0.1.0/24 next-hop 10.0.1.2;
>         }
>     }
> }
> 
> [edit]
> harry at vpn02# show policy-options policy-statement
> test-export 
> term 1 {
>     from {
>         protocol static;
>         route-filter 10.0.1.0/24 exact;
>     }
>     then accept;
> }
> 
> [edit]
> harry at vpn02# run show arp 
> MAC Address       Address         Name              
>       Interface
> Flags
> 00:90:xx:xx:xx:xx 10.0.1.2        10.0.1.2          
>        ge-7/0/0.0
> permanent <<<
> 
> 
> [edit]
> harry at vpn02# run show route advertising-protocol bgp
> 1.1.0.1 detail 
> 
> test.inet.0: 3 destinations, 3 routes (3 active, 0
> holddown, 0 hidden)
> * 10.0.1.0/24 (1 entry, 1 announced)
>  BGP group int type Internal
>      Route Distinguisher: 1:1
>      VPN Label: 100000
>      Nexthop: Self
>      Flags: Nexthop Change
>      Localpref: 100
>      AS path: I
> 
> 
> Regards and HTHs
> 
>  
> 
> > -----Original Message-----
> > From: juniper-nsp-bounces at puck.nether.net 
> > [mailto:juniper-nsp-bounces at puck.nether.net] On
> Behalf Of 
> > juniper-nsp at nurk.org
> > Sent: Tuesday, July 18, 2006 4:32 PM
> > To: juniper-nsp at puck.nether.net
> > Subject: [j-nsp] l3vpn BGP advertisements
> > 
> > 
> > Hello,
> > 
> > I've created a VRF between 2 M20's. I currently
> have a policy 
> > that distributes static and direct routes. The
> issue I'm 
> > having is junos doesn't seem to advertise the
> route directly 
> > connected to an fe port. If I add a loopback
> interface to the 
> > VRF it will advertise it's route though. I've
> tried adding a 
> > static route to the fe interface, but junos
> complains about 
> > it not being a p2p address. Is it possible to have
> a VRF hang 
> > off an interface w/o a CE router on the other end?
> > 
> > As you can see below, junos shows the route as
> "Direct" for 
> > both loopback and fe, but does not advertise the
> fe route...
> > 
> > 
> > > show configuration policy-options
> policy-statement mgt-vpn-export
> > term 1 {
> >      from protocol [ direct static ];
> >      then {
> >          community add mgt-vpn;
> >          accept;
> >      }
> > }
> > 
> > 
> > > show configuration routing-instances mgt-vpn
> > description "Management VPN";
> > instance-type vrf;
> > interface fe-0/0/1.0;
> > interface lo0.1;
> > route-distinguisher 12345:13;
> > vrf-import mgt-vpn-import;
> > vrf-export mgt-vpn-export;
> > 
> > 
> > > show route table mgt-vpn 10.4.18.0
> > 
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4
> active, 0 
> > holddown, 0 hidden)
> > + = Active Route, - = Last Active, * = Both
> > 
> > 10.4.18.0/24       *[Direct/0] 2d 16:58:45
> >                      > via fe-0/0/1.0
> > 
> > 
> > > show route table mgt-vpn 10.4.4.1
> > 
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4
> active, 0 
> > holddown, 0 hidden)
> > + = Active Route, - = Last Active, * = Both
> > 
> > 10.4.4.1/32        *[Direct/0] 1d 21:05:50
> >                      > via lo0.1
> > 
> > 
> > > show route advertising-protocol bgp <ip>
> > 
> > mgt-vpn.inet.0: 4 destinations, 4 routes (4
> active, 0 
> > holddown, 0 hidden)
> >    Prefix                  Nexthop             
> MED     
> > Lclpref    AS path
> > * 10.4.4.1/32             Self                    
>     100        I
> > * 10.4.18.0/24            Not advertised          
>     100        I
> > 
> > 
> > Thank you for any information you can provide...
> > 
> > -- 
> > Sean Swallow
> > _______________________________________________
> > juniper-nsp mailing list
> juniper-nsp at puck.nether.net
> >
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> > 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the juniper-nsp mailing list