[j-nsp] bgp routes from inet.0 to virtual router instance
Truman Boyes
truman at suspicious.org
Tue Nov 24 06:58:50 EST 2009
Yes, make a RIB group for BGP and you can move routes between instances. You can define a RIB group for a specific family. This is done at the protocols bgp stanza. When using rib groups you don't use instance-import.
Truman
On 24/11/2009, at 1:04 PM, aayan sulehri wrote:
> On Tue, Nov 24, 2009 at 4:45 AM, aayan sulehri <aayansb at gmail.com> wrote:
>
>> Hi Stefen
>> Thanks for writing.
>> its mean that i have to create one more Instance called master-import for
>> bgp ? isnot it right.
>> I have done this and its working, but let me tell u what happen in this
>> case.
>> creating separate virtual router mean have to
>>
> move all bgp config into that virtual router as well as i have to create
>> default route on R1 pointing nex-hop of R4
>>
> Is there any way to achieve without creating second virtual instance for
> BGP.
>
>>
>> please have a look on attach topo as well and advise .
>> Thanks for writing .
>>
>> BR
>>
>>
>> On Tue, Nov 24, 2009 at 2:52 AM, Stefan Fouant <
>> sfouant at shortestpathfirst.net> wrote:
>>
>>> It doesn’t look like you’re making the BGP routes available to the
>>> routing-instance, therefore your OSPF export policy is not working
>>> correctly. You should be able to see the 200.200/16 route in the udp
>>> routing instance when running ‘show route table udp 200.200/16’.
>>>
>>>
>>>
>>> Try something along the lines of the following and see if you can get the
>>> 200.200/16 route to appear in your routing instance. It should then be
>>> available for your OSPF export policy:
>>>
>>>
>>>
>>> routing-instances {
>>>
>>> udp {
>>>
>>> routing-options {
>>>
>>> instance-import master-import;
>>>
>>> }
>>>
>>> }
>>>
>>> }
>>>
>>> policy-options {
>>>
>>> policy-statement master-import {
>>>
>>> from instance master;
>>>
>>> then accept;
>>>
>>> }
>>>
>>> }
>>>
>>>
>>>
>>> Go ahead and get rid of the rib groups while you are at it as well...
>>>
>>>
>>>
>>> *Stefan Fouant***
>>>
>>> www.shortestpathfirst.net
>>>
>>> GPG Key ID: 0xB5E3803D
>>>
>>>
>>>
>>> *From:* aayan sulehri [mailto:aayansb at gmail.com]
>>> *Sent:* Monday, November 23, 2009 4:41 AM
>>> *To:* Stefan Fouant
>>> *Cc:* juniper-nsp at puck.nether.net
>>> *Subject:* Re: [j-nsp] bgp routes from inet.0 to virtual router instance
>>>
>>>
>>>
>>> Hi Stefan.
>>> if u please provide me some sample , i will thanks ful.
>>> let me try to show my config as well and what i want to achieve. find
>>> attach is my topology,
>>> and my concerns to force udp traffic initiate from
>>> R1---R4----R5---R3----T1 and return from same path back. However all other
>>> traffic should go like http, icmp from R1---R4---R3----T1. I have tried
>>> instance type forwarding and it do work, but I want to achieve with instance
>>> type virtual router and with ospf neigbour ship. R4 and R5 are connected
>>> across the switch and want to run ospf in between in order to detect link
>>> failure . for testing purpose I have one link only.
>>> 1- Router 4 having firewall filter on interface connected to R1 to
>>> redirecting all udp traffic , like trace route to R5.
>>> 2- on R4 virtual-router instance configured with ospf , as well export
>>> polcy of bgp active routes present in inet.0. R4 should advertise active bgp
>>> route to R5 for return traffic.
>>> 3- R5 has one default route pointing to R3 ,however should receive bgp
>>> routes from R4 for return traffic.
>>> for return traffic , R3 has almost same thing , R3 having firewall filter
>>> on interface connected to T1 to redirecting all udp traffic , like trace
>>> route to R5.
>>> *** here is my config on R4 .
>>>
>>> routing-instances {
>>> udp {
>>> instance-type virtual-router;
>>> interface ge-0/0/0;
>>> routing-options {
>>> static {
>>> route 0.0.0.0/0 next-hop 10.0.2.9;
>>> }
>>> }
>>> protocols {
>>> ospf {
>>> export bgp-route;
>>> area 0.0.0.0 {
>>> interface ge-0/0/0;
>>> }
>>> }
>>> }
>>> }
>>> }
>>> routing-options {
>>> interface-routes {
>>> rib-group inet REDIRECT;
>>> }
>>> rib-groups {
>>> REDIRECT {
>>> import-rib [ inet.0 udp.inet.0 ];
>>>
>>> policy-options {
>>> policy-statement bgp-route {
>>> term 1 {
>>> from {
>>> protocol bgp;
>>> route-filter 200.200.0.0/16 exact;
>>> }
>>> then accept;
>>> }
>>>
>>> **** my active bgp routes on R4 that I want to advertise to R5 are
>>> run show route 200.200/16
>>>
>>> inet.0: 27 destinations, 29 routes (27 active, 0 holddown, 0 hidden)
>>> + = Active Route, - = Last Active, * = Both
>>>
>>> 200.200.0.0/16 *[BGP/170] 00:00:06, localpref 100
>>> AS path: 65010 I
>>>> to 172.16.0.6 via ge-0/0/1.0
>>> **** R4 and R5 having neighbor, but R5 not receiving routes from R4.
>>> [edit]
>>> root at R4# run show ospf neighbor instance IN
>>> Address Interface State ID Pri
>>> Dead
>>> 10.0.2.9 ge-0/0/0.0 Full 10.0.3.5
>>> 128 39
>>>
>>> [edit]
>>> root at R5# run show ospf neighbor
>>> Address Interface State ID Pri
>>> Dead
>>> 10.0.2.10 ge-0/0/0.0 Full 10.0.2.10
>>> 128 33
>>>
>>> [edit]
>>> root at R5# run show route protocol ospf
>>>
>>> inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)
>>> Restart Complete
>>> + = Active Route, - = Last Active, * = Both
>>>
>>> 224.0.0.5/32 *[OSPF/10] 00:04:20, metric 1
>>> MultiRecv
>>>
>>> iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>> Restart Complete
>>>
>>> Regards.
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Nov 23, 2009 at 12:35 AM, Stefan Fouant <
>>> sfouant at shortestpathfirst.net> wrote:
>>>
>>>> -----Original Message-----
>>>> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
>>>> bounces at puck.nether.net] On Behalf Of aayan sulehri
>>>>
>>>
>>>> Hi Experts
>>>> usually PBR routing can achieve by instance type forwarding. However I
>>>> am
>>>> trying to create PBR using virtual router instance, My concern to
>>>> create PBR
>>>> as well as OSPF neigbour ship with attached router.
>>>> I have large number of bgp routes in inet.0 table, my concern to
>>>> redistribute active bgp route in virtual instance and advertise to
>>>> neigbour
>>>> router.
>>>> Please help and briefy explain how i can achieve this.
>>>
>>> I have some configs around here which I can dig up, but as a point of
>>> reference you are going to want to use rib-groups to copy routes from
>>> inet.0
>>> into your Virtual Router routing instance. You can also use a rib-group
>>> to
>>> copy routes from your Virtual Router routing instance back into inet.0, or
>>> simply use a static default route in your Virtual Router routing instance
>>> with a next-table of inet.0. You can also use a policy to constrain the
>>> routes you want to leak between inet.0 and your routing-instance and
>>> vice-versa. There are a lot of different ways you can skin this cat. Let
>>> me see if I can dig up my configs...
>>>
>>> Stefan Fouant
>>> www.shortestpathfirst.net
>>> GPG Key ID: 0xB5E3803D
>>>
>>>
>>>
>>
>>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list