[j-nsp] flow-routes "then routing-instance" action

Krasimir Avramski krasi at smartcom.bg
Wed Oct 15 09:40:26 EDT 2008 

Hi Felix,

I loaded your setup and it works for me.
First if you expect icmp (destination unreachable) replies you should change the the 10.10.5.7/32 host route to "reject"  - otherwise although redirected to RI testFlow they are silently discarded.

How you decided the traffic is not passing VRF?
Which junos version?

Regards,
Krasi


> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> bounces at puck.nether.net] On Behalf Of Felix Schueren
> Sent: Wednesday, October 15, 2008 2:44 PM
> To: j-nsp
> Subject: [j-nsp] flow-routes "then routing-instance" action
> 
> I can't wrap my head around how the routing-instance config on Junos
> should look like for me to be able to use a flow route to put traffic
> into the routing instance, maybe one of you can help.
> 
> I have a flow route like this:
> 
> show configuration routing-options flow
> route flow-test {
>     match {
>         destination 10.5.6.7/32;
>         source 192.168.9.8/32;
>     }
>     then routing-instance target:20773:5656;
> }
> 
> which is propagated through the core. The whole flow distribution stuff
> works, I can discard or rate-limit by flow-routes just fine.
> 
> anyhow, from inetflow.0:
> 
> 10.5.6.7,192.168.9.8/96 (1 entry, 1 announced)
>         *BGP    Preference: 170/-101
>                 Next hop type: Fictitious
>                 Next-hop reference count: 11
>                 State: <Active Int Ext>
>                 Local AS: 20773 Peer AS: 20773
>                 Age: 19:28:54
>                 Task: BGP_20773.10.30.255.225+58095
>                 Announcement bits (1): 0-Flow
>                 AS path: I ()
>                 Communities: 20773:667 no-advertise redirect:20773:5656
>                 Localpref: 100
> 
> 
> I have a routing instance like this:
> 
> [edit routing-instances testFlow]
> fs at lab3# show
> instance-type vrf;
> route-distinguisher 20773:5656;
> vrf-target target:20773:5656;
> routing-options {
>     static {
>         defaults {
>             resolve;
>         }
>         route 10.5.6.7/32 discard;
>         route 0.0.0.0/0 next-table inet.0;
>     }
> }
> 
> (yeah, it's moot that way, I could just as well filter etc, it's just a
> test setup, get the basics right before I start the interesting stuff).
> 
> My problem is: traffic does not seem to get directed into the instance.
> Do I need to use a different instance-type? Any other ideas?
> 
> Kind regards,
> 
> Felix
> 
> --
> Felix Schueren, Head of NOC
> 
> Host Europe GmbH - http://www.hosteurope.de
> Welserstraße 14 - D-51149 Köln - Germany
> Telefon: (0800) 4 67 83 87 - Telefax: (01805) 66 32 33
> HRB 28495 Amtsgericht Köln - UST ID DE187370678
> Geschäftsführer: Uwe Braun - Patrick Pulvermüller - Stewart Porter
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list