[j-nsp] Dynamic route leaking between global routing table and vrf routing table
mark.meijerink at sara.nl
Mon Apr 6 14:26:26 EDT 2009
Thanks for your help. The interface routes did the trick. I forgot those in my previous try with rib-groups.
I do want to mention that when you configure a rib-group for a certain bgp group. The learned routes from neighbors within that bgp group will be
placed in inet.0. Although your rib-policy configured in your your rib-group might reject all routes. I did not expect this to happen but it works for us.
Chris Spears wrote:
> The vrf-import/export policies are only for vpn route distribution.
> AFAIK, you have to use rib-groups to go between a routing-instance
> (vrf/l3vpn/virtual-router) and master. Use one rib-group to put the
> AMS-IX routes into the vrf, and apply another to your routing protocols
> in the VRF (or to auto-export) in order to dump routes back to inet.0.
> Just don't forget interface-routes so you can resolve next-hops.
> Mark Meijerink wrote:
>> Hi there,
>> I have been working on dynamic leaking of routes between the global routing table and the vrf routing table based on communities. But I have failed to
>> make it work. I have already seen multiple examples but those did not work for me. I will give s short description of what we are trying to achieve
>> and I hope you can point me in the right direction.
>> In the global routing table we have our peerings with AMS-IX peers and iBGP peerings with two core routers. The AMS-IX routes are given a certain
>> community. We want to create a vrf with customers which only have AMS-IX connectivity. So we want to dynamically leak routes into the vrf based on the
>> community. In the vrf we have BGP sessions with the customers and the routes we learn from them are tagged with a certain community as well. These
>> routes must be dynamically leaked into the global routing table. We are looking for a way to dynamically leak routes in two directions.
>> I have tried using rib-groups and tried to make it work using the vrf-import and vrf-export policies. Could you please let me know how I can make the
>> setup as explained above work. The difficulty we are introducing is that we want to leak dynamically and not static. Thanks in advance for your reply
>> and advice.
>> Mark Meijerink
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 258 bytes
Desc: OpenPGP digital signature
More information about the juniper-nsp