[j-nsp] Dynamic route leaking between global routing table and vrf routing table

Mark Meijerink mark.meijerink at sara.nl
Mon Apr 6 14:26:26 EDT 2009


Thanks for your help. The interface routes did the trick. I forgot those in my previous try with rib-groups.

I do want to mention that when you configure a rib-group for a certain bgp group. The learned routes from neighbors within that bgp group will be
placed in inet.0. Although your rib-policy configured in your your rib-group might reject all routes. I did not expect this to happen but it works for us.

 Mark Meijerink

Chris Spears wrote:
> The vrf-import/export policies are only for vpn route distribution. 
> AFAIK, you have to use rib-groups to go between a routing-instance 
> (vrf/l3vpn/virtual-router) and master.  Use one rib-group to put the 
> AMS-IX routes into the vrf, and apply another to your routing protocols 
> in the VRF (or to auto-export) in order to dump routes back to inet.0. 
>   Just don't forget interface-routes so you can resolve next-hops.
> --
> Chris
> Mark Meijerink wrote:
>> Hi there,
>> I have been working on dynamic leaking of routes between the global routing table and the vrf routing table based on communities. But I have failed to
>> make it work. I have already seen multiple examples but those did not work for me. I will give s short description of what we are trying to achieve
>> and I hope you can point me in the right direction.
>> In the global routing table we have our peerings with AMS-IX peers and iBGP peerings with two core routers. The AMS-IX routes are given a certain
>> community. We want to create a vrf with customers which only have AMS-IX connectivity. So we want to dynamically leak routes into the vrf based on the
>> community. In the vrf we have BGP sessions with the customers and the routes we learn from them are tagged with a certain community as well. These
>> routes must be dynamically leaked into the global routing table. We are looking for a way to dynamically leak routes in two directions.
>> I have tried using rib-groups and tried to make it work using the vrf-import and vrf-export policies. Could you please let me know how I can make the
>> setup as explained above work. The difficulty we are introducing is that we want to leak dynamically and not static. Thanks in advance for your reply
>> and advice.
>> Regards,
>>  Mark Meijerink
>>  SARA
>> ------------------------------------------------------------------------
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20090406/5dc0e54b/attachment.bin>

More information about the juniper-nsp mailing list