[j-nsp] BGP session to self over loopback interface?
Chuck Anderson
cra at WPI.EDU
Wed Feb 7 01:07:14 EST 2007
> On Feb 6, 2007, at 6:22 PM, Chuck Anderson wrote:
> >Can I create a BGP session from/to a loopback interface on the same
> >router? I want to originate routes into my local BGP table so that I
> >can apply the same export policies locally that I apply on the other
> >routers in my I-BGP mesh.
On Tue, Feb 06, 2007 at 08:18:57PM -0500, Pete Crocker wrote:
> I'm not sure that makes much sense. Can you give us an example of
> what the goal is? Unlike a cisco, your routes you export to your iBGP
> peers aren't BGP routes on the origination router. They're
> aggregates, statics, ospf routes, connected, etc. It's a different
> way of thinking about it, but I can only assume you're trying to
> apply Cisco redistribution concepts to the Juniper model. An example
> would be great to help you out.
For example, I would like to originate my BGP advertisements from a
single router, applying communities to control which E-BGP peers will
get the routes, and whether they will have my AS prepended on a
per-neighbor basis:
/* Originating Router */
protocols bgp {
group CORE {
type internal;
export [ NEXT-HOP-SELF ORIGINATE ];
neighbor ...
}
group UPSTREAM1 {
type external;
import [ FROM-UPSTREAM1 REJECT ];
export [ TO-UPSTREAM1 REJECT ];
neighbor ...
}
}
policy-options {
policy-statement NEXT-HOP-SELF {
term NEXT-HOP-SELF {
then {
next-hop self;
}
}
}
policy-statement ORIGINATE {
term NET1 {
from {
protocol [ aggregate static ];
route-filter NET1/MASK1 exact;
}
then {
community add TO-UPSTREAM1;
community add TO-UPSTREAM2-PREPEND1;
accept;
}
}
...
}
policy-statement TO-UPSTREAM1 {
term NO-PREPEND {
from {
protocol bgp;
community TO-UPSTREAM1;
}
then {
community delete ALL;
accept;
}
}
term ONE-PREPEND {
from {
protocol bgp;
community TO-UPSTREAM1-PREPEND1;
}
then {
community delete ALL;
as-path-prepend ASN;
accept;
}
}
}
}
}
Then on each of the other routers in the network, I can use the
communities to apply the appropriate export policy actions to each
E-BGP neighbor:
/* Other Router */
protocols bgp {
group CORE {
type internal;
export NEXT-HOP-SELF;
neighbor ...
}
group UPSTREAM2 {
type external;
import [ FROM-UPSTREAM2 REJECT ];
export [ TO-UPSTREAM2 REJECT ];
neighbor ...
}
}
policy-options {
policy-statement NEXT-HOP-SELF {
term NEXT-HOP-SELF {
then {
next-hop self;
}
}
}
policy-statement TO-UPSTREAM2 {
term NO-PREPEND {
from {
protocol bgp;
community TO-UPSTREAM2;
}
then {
community delete ALL;
accept;
}
}
term ONE-PREPEND {
from {
protocol bgp;
community TO-UPSTREAM2-PREPEND1;
}
then {
community delete ALL;
as-path-prepend ASN;
accept;
}
}
}
}
In this example, UPSTREAM2's policy works just fine since it is on
another router that receives the community tagged routes via I-BGP.
However, UPSTREAM1, since it lives on the originating router, cannot
use this method of applying policy as shown above, because the
originating router doesn't have the BGP routes with the communities
applied. Hence I had the idea to get the originating router to behave
like the others by creating a BGP session with itself to get the
routes into inet.0 as type BGP with communities applied.
Unfortunately, I couldn't get the loopback BGP session to work.
Is there another way to accomplish this?
Thanks.
More information about the juniper-nsp
mailing list