[j-nsp] routing problem

Rafal Szarecki (WA/EPO) rafal.szarecki at ericsson.com
Mon Mar 6 14:34:19 EST 2006


Erol,

I understand that you want to configure you routers in way which use R2 to access NET_B and NET_A via R1.
This can be simply done by adjusting local preference (other possibilities also exist).
So, on R2 write policy whicsh match NET_B and set local preference to 150 (higher is better). Then apply this policy on external group as import.
On R1 write policy whicsh match NET_A and set local preference to 150 (higher is better). Then apply this policy on external group as import.

Please Note that traffic from MYNET to NET_B will go via R1 (because of VRRP mastership), then R2 because of routing. (ICMP redirects can opimize this forwarding for subsequent packets, but ICMP redirects are also potential security holes, so it can be turn off on hosts and servers[http://www.tweakxp.com/article37152.aspx]) 

Your routing table should looks like:

 Routes from R1;
 
 (NET_B)/23   *[BGP/170] 00:01:49, localpref 150, from R2
                       AS path: 851 167 I
                     > to (IP2) via e1-0/3/1.0
                     [BGP/170] 2d 20:38:41, localpref 100
                       AS path: 121 851 167 I
                     > to (IP1) via e1-0/3/1.0
 
 Routes from R2;
 
 (NET_A)/23  *[BGP/170] 00:11:10, localpref 150, from R1
                       AS path: 121 12978 I
                     > to (IP1) via e1-0/3/0.0
                     [BGP/170] 06:07:33, localpref 100
                       AS path: 851 121 12978 I
                     > to (IP2) via e1-0/3/0.0

Rafał Jan Szarecki JNCIE #136
Senior Consultant - Datacom Networks
Ericsson Poland EPO/S/D
Office: +48 22 6916635
ECN:    837 6635
Mobile: +48 602418971
Skype: callto://Rafal_Szarecki <callto://Rafal_Szarecki/> 



> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of 
> Erol KAHRAMAN
> Sent: Monday, March 06, 2006 1:34 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] routing problem
> 
> Hi everybody,
> 
> I have two m7i boxes. And my topology is as follows. I have 
> external and internal BGP groups. My router1 is master in 
> VRRP group.  When i am trying to go to NET_B the connection 
> is established from R1. Is it possible to go to NET_A from R1 
> and go to NET_B from R2.
> When i look at my routing table on R1 i see that, both routes 
> point the R1.
> What could be the wrong.
> 
>                             |---------Router1 ------(IP1) WAN 
> Cloud---NET_A
>                             |
> MYNET---Switch---|(VRRP)
>                             |
>                             |---------Router2 ------(IP2) WAN 
> Cloud---NET_B
> 
> Routes from R1;
> 
> (NET_B)/23   *[BGP/170] 00:01:49, localpref 100, from R2
>                       AS path: 851 167 I
>                     > to (IP1) via e1-0/3/1.0
>                     [BGP/170] 2d 20:38:41, localpref 100
>                       AS path: 121 851 167 I
>                     > to (IP1) via e1-0/3/1.0
> 
> Routes from R2;
> 
> (NET_A)/23  *[BGP/170] 00:11:10, localpref 100, from R1
>                       AS path: 121 12978 I
>                     > to (IP2) via e1-0/3/0.0
>                     [BGP/170] 06:07:33, localpref 100
>                       AS path: 851 121 12978 I
>                     > to (IP2) via e1-0/3/0.0
> 
> --
> Erol KAHRAMAN
> System Network Administrator
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> http://puck.nether.net/mailman/listinfo/juniper-nsp
> 



More information about the juniper-nsp mailing list