[j-nsp] BGP Communities and exports

Wed Oct 18 14:22:10 EDT 2006

Agreed, however, I'd rather the route get into BGP with the community
aside from setting it on EVERY individual neighbor.

In cisco land, doing a network 10.59.235.0 mask 255.255.255.0 route-map
BGP-Origination, would do the trick. Is their a similar functionality
here?

Thanks

On Wed, 18 Oct 2006, Eric Van Tol wrote:

| Juniper is correct.  The neighbor-specific export overrides the
| group-level export configuration.  What you're looking for is something
| like this:
|
|
| protocols {
|  bgp {
|     group ATT {
|        import ATT-IN;
|        peer-as 7018;
|        export ATT-OUT;
|        neighbor 12.x.x.x;
|     }
|  }
| }
|   policy-statement ATT-OUT {
|     term 1 {
|        from {
|          policy BGP-Origination;
|        }
|        then accept;
|     }
|   }
|   policy-statement BGP-Origination {
|     term 1 {
|        from {
|          route-filter 10.59.235.0/24 exact;
|        }
|        then {
|          community set BGP-ORIG;
|          local-preference 120;  <<< This isn't going to set
|          accept;                   localpref in the provider's network.
|        }
|     }
|
| The above will allow you to modify the prefix properties, while also
| allowing you to call that same policy from other provider-specific
| policies.
|
| -evt
|
| -----Original Message-----
| From: juniper-nsp-bounces at puck.nether.net
| [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of James Cornman
| Sent: Wednesday, October 18, 2006 2:01 PM
| To: juniper-nsp at puck.nether.net
| Subject: [j-nsp] BGP Communities and exports
|
| Hello.
|
| I'm working on a project for which I prefer to have as granular as
| possible, for controlling outbound routing announcements. The problem
| I'm
| running into is a 'Direct' route overriding a 'Static' (as it should)
| and
| Junipers protocols bgp export command not functioning properly (or me
| not
| having it configured properly).
|
| Here is a snippet of the config. This has been significantly trimmed
| down
| for space. In addition to what is listed here, their are many other
| routes to announce, hence me wanting it to be as granular as possible,
| to
| save cycles from modifying configs any time a new route is added.
|
| routing-options {
|   static {
|     route 10.59.235.0/24 {
|         preference 240;
|         discard;
|     }
|   }
|   autonomous-system 65000;
| }
| interface {
|    ge-1/0/0 {
|      unit 0 {
|        family inet {
|           address 10.59.235.0/24
|        }
|      }
|    }
| }
| protocols {
|  bgp {
|     export BGP-Origination;
|     group ATT {
|        import ATT-IN;
|        peer-as 7018;
|        export ATT-OUT;
|        neighbor 12.x.x.x;
|     }
|  }
| }
| policy-options {
|   policy-statement ATT-IN {
|     term 1 {
|        from {
|           route-filter 0.0.0.0/0 upto /24;
|        }
|        then {
|           community set TRANSIT;
|           community add ATT;
|           local-preference 40;
|           accept;
|        }
|     }
|   }
|   policy-statement ATT-OUT {
|     term 1 {
|        from {
|          community BGP-ORIG;
|        }
|        then accept;
|     }
|   }
|   policy-statement BGP-Origination {
|     term 1 {
|        from {
|          route-filter 10.59.235.0/24 exact;
|        }
|        then {
|          community set BGP-ORIG;
|          local-preference 120;
|          accept;
|        }
|     }
|   }
| }
|
|
|
| Problem: The route 10.59.235.0/24 never gets into BGP and never gets
| exported to ATT. I've found it working if I move the BGP-Origination
| policy-statement to the export command within the individual BGP peer
| group. I shouldn't have to do that.
|
| I'm really aiming at getting this route into the table with the proper
| community and local-pref so the community can be advertised to peers,
| and
| be used to control outbound announcements (policy-statement ATT-OUT),
| aswell as transitting the local-pref to any iBGP peers.
|
| I've spoke to Juniper, and they claim that the export at the 'protocols
| bgp' level is being overridden, so i've attempted to have some 'next
| policy' type things at the end of BGP-Origination, but that hasn't
| helped.
|
| It appears the real problem here may be the fact that the route in
| question is learned via 'Direct', as opposed to the hold-down static
| I've
| got listed. I've also tested within BGp-Origination to have 'protocol
| direct', 'protocol [ static direct ]', and various other combinations.
|
| Let me know of any questions.
|
| Thank You
|
| --
| James Cornman <james at crnc.net>
| CRNC - http://www.crnc.net/
| (v) 973-842-2300
| (f) 973-842-2299
|
| _______________________________________________
| juniper-nsp mailing list juniper-nsp at puck.nether.net
| https://puck.nether.net/mailman/listinfo/juniper-nsp
|
|
|