[j-nsp] BUG import policy problem across VRFs
Harry Reynolds
harry at juniper.net
Wed Mar 18 14:04:26 EDT 2009
I could not locate any matching prs. I see this behavior in 9.5, and
have opened pr 432430 to track.
Regards
[edit]
regress at eagle# run show version
Hostname: eagle
Model: m10i
JUNOS Base OS boot [9.5I20090318_0432_srik]
. . .
[edit]
regress at eagle# show policy-options policy-statement as-path-vrf
from protocol bgp;
then as-path-prepend "20 20 20";
[edit]
regress at eagle# show policy-options policy-statement as-path-main
from protocol bgp;
then as-path-prepend "10 10 10 10";
[edit]
regress at eagle# show protocols bgp
traceoptions {
file bgp_r0 size 10m;
flag all detail;
}
group int {
type internal;
local-address 10.255.14.216;
import as-path-main;
family inet {
unicast;
}
family inet-vpn {
unicast;
multicast;
}
family inet-mdt {
signaling;
}
neighbor 10.255.14.218;
neighbor 10.255.14.217;
}
[edit]
regress at eagle# show routing-options rib-groups
test {
import-rib [ ce1.inet.0 inet.0 ];
import-policy test;
}
[edit]
regress at eagle# show routing-instances ce1 protocols bgp
import as-path-vrf;
group test {
type external;
import as-path-vrf;
family inet {
unicast {
rib-group test;
}
}
peer-as 69;
neighbor 1.0.3.2;
}
. . . .
<<< Looks like the vrf bgp import is in fact executed two times as the
route goes into inet.0:
[edit]
regress at eagle# run show route 10.255.14.223
inet.0: 35 destinations, 38 routes (34 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.255.14.223/32 *[BGP/170] 00:01:08, localpref 100
AS path: 20 20 20 20 20 20 69 I
> to 1.0.3.2 via fe-0/1/1.0
ce1.inet.0: 16 destinations, 17 routes (16 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.255.14.223/32 *[BGP/170] 00:09:22, localpref 100
AS path: 20 20 20 69 I
> to 1.0.3.2 via fe-0/1/1.0
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Jeff S Wheeler
Sent: Tuesday, March 17, 2009 5:17 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] BUG import policy problem across VRFs
I posted about this back in September of 2008, but I don't think anyone
took interest at that time, perhaps because I was looking at the issue
on nothing more recent than JUNOS 8.5R1.14. I noticed today this is
still happening in JUNOS as recent as 9.3R2.8. I bet if I checked 9.4,
it would be there, too.
Can someone from Juniper indicate if there is a PR# on this, or if more
information is needed to file a bug? The problem has been there since
JUNOS 7.6R1.9 or earlier.
If you import BGP routes from a VRF into the master routing-instance,
the BGP import policy for the group will be evaluated twice for the
routes that are installed into the inet.0 RIB. This means things like
local-preference add/subtract do not have the correct affect on the
routes in inet.0, they have twice the intended affect.
Below is the example CLI output. There is absolutely nothing in the VRF
export/import policy (done via rib-groups) that touches local-pref. Yet
you can see the local-pref is 110 (+10) in ccoi.inet.0, and 120 (+10*2)
in the inet.0 table, changed via local-preference add 10.
9.3R2.8> show route 38.0.0.0/8 exact next-hop A.B.C.D terse
inet.0: 9877 destinations, 12191 routes (9875 active, 0 holddown, 2
hidden)
+ = Active Route, - = Last Active, * = Both
A Destination P Prf Metric 1 Metric 2 Next hop AS
path
* 38.0.0.0/8 B 170 120 19090 >A.B.C.D 174 I
ccoi.inet.0: 276892 destinations, 276920 routes (52 active, 0 holddown,
276866 hidden)
+ = Active Route, - = Last Active, * = Both
A Destination P Prf Metric 1 Metric 2 Next hop AS
path
* 38.0.0.0/8 B 170 110 19090 >A.B.C.D 174 I
--
Jeff S Wheeler <jsw at inconcepts.biz> +1-212-981-0607 Sr Network Operator
/ Innovative Network Concepts
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list