[j-nsp] JNCIP EBGP Case Study...

Hoogen hoogen82 at gmail.com
Thu Oct 29 17:05:16 EDT 2009 

R1

lab at R1> show configuration routing-options
static {
    route 10.0.200.0/24 {
        next-hop 10.0.1.102;
        no-readvertise;
    }
    route 192.168.10.0/24 reject;
    route 192.168.100.0/24 reject;
    route 10.0.0.0/8 {
        next-hop 10.0.4.13;
        qualified-next-hop 10.0.4.6 {
            preference 10;
        }
    }
}
martians {
    192.0.2.0/24 orlonger;
}
autonomous-system 65000;
confederation 65412 members [ 65000 65001 65002 ];

lab at R1>

lab at R1> show configuration protocols bgp
group 65000 {
    type internal;
    local-address 10.0.6.1;
    export ibgp;
    neighbor 10.0.3.3;
}
group p1 {
    type external;
    import peer-filter-in;
    export p1-export;
    neighbor 10.0.5.254 {
        peer-as 1492;
    }
}

lab at R1>

lab at R1> show configuration policy-options policy-statement ibgp
term 1 {
    from {
        protocol static;
        route-filter 192.168.10.0/24 exact;
    }
    then accept;
}
term 2 {
    from {
        protocol static;
        route-filter 192.168.100.0/24 exact;
    }
    then {
        metric 101;
        local-preference 101;
        community add no-export;
        accept;
    }
}

lab at R1>

R3 Configuration

lab at R3> show configuration routing-options
static {
    route 10.0.200.0/24 {
        next-hop 10.0.1.102;
        no-readvertise;
    }
    route 192.168.30.0/24 reject;
}
martians {
    192.0.2.0/24 orlonger;
}
aggregate {
    route 10.0.4.0/22;
}
autonomous-system 65000;
confederation 65412 members [ 65000 65001 65002 ];

lab at R3>

lab at R3> show configuration protocols bgp
advertise-inactive;
group 65000 {
    type internal;
    local-address 10.0.3.3;
    export ibgp;
    neighbor 10.0.6.1;
}
group c-bgp {
    type external;
    multihop;
    local-address 10.0.3.3;
    export ibgp;
    neighbor 10.0.3.4 {
        hold-time 180;
        peer-as 65001;
    }
    neighbor 10.0.3.5 {
        peer-as 65002;
    }
}
group t1-t2 {
    type external;
    damping;
    import [ damp trans-filter-in ];
    export [ no-192-24s prepend ];
    remove-private;
    multipath;
    neighbor 172.16.0.14 {
        peer-as 65222;
    }
    neighbor 172.16.0.18 {
        peer-as 65222;
    }
}

lab at R3>


lab at R3> show configuration policy-options policy-statement ibgp
term 1 {
    from {
        protocol static;
        route-filter 192.168.30.0/24 exact;
    }
    then accept;
}
term 2 {
    from community trans-1-2;
    then {
        next-hop self;
    }
}

lab at R3>

Thanks for your help guys..

-Hoogen

On Thu, Oct 29, 2009 at 3:36 AM, Sean Clarke <sean at clarke-3.demon.nl> wrote:

>
> What is in your ibgp export policy from R1 to R3  ? Are you putting
> something in there to cause an issue ?
>
>
>
>
>
>
> On 10/29/09 10:43 AM, Hoogen wrote:
>
> Hi Felix,
>
>  Thank you for the reply..
>
>  I am not sure how that 17 hidden routes came into play... But its not
> there now.. I still see the issue..
>
>  I had already checked the hidden routes..and those are not the ones which
> are hiding
>
>   lab at R3# run show route receive-protocol bgp 10.0.6.1 hidden extensive
>
>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>
>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
> holddown, 0 hidden)
>
>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>
>  [edit]
> lab at R3#
>
>  lab at R3# run show route receive-protocol bgp 10.0.6.1
>
>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>   Prefix                  Nexthop              MED     Lclpref    AS path
> * 192.168.10.0/24         10.0.6.1                     100        I
> * 192.168.100.0/24        10.0.6.1             101     101        I
>
>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
> holddown, 0 hidden)
>
>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>
>  [edit]
> lab at R3#
>
>  lab at R3# run show route protocol bgp hidden extensive
>
>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
> 172.17.0.0/16 (1 entry, 0 announced)
>          BGP                 /-101
>                 Next-hop reference count: 2
>                 Source: 172.16.0.14
>                 Next hop: 172.16.0.14 via ge-0/0/0.0, selected
>                 State: <Hidden Ext>
>                 Local AS: 65000 Peer AS: 65222
>                 Age: 1:27:54
>                 Task: BGP_65222.172.16.0.14+3227
>                 AS path: 65222 I
>                 Localpref: 100
>                 Router ID: 130.130.0.1
>
>  192.0.2.0/24 (1 entry, 0 announced)
>          BGP                 /-101
>                 Next-hop reference count: 5
>                 Source: 172.16.0.18
>                 Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>                 State: <Hidden Martian Ext>
>                 Local AS: 65000 Peer AS: 65222
>                 Age: 1:28:19
>                 Task: BGP_65222.172.16.0.18+179
>                 AS path: 65222 I
>                 Communities: 65412:102
>                 Localpref: 100
>                 Router ID: 130.130.0.2
>
>  220.0.0.0/28 (1 entry, 0 announced)
>          BGP                 /-101
>                 Next-hop reference count: 5
>                 Source: 172.16.0.18
>                 Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>                 State: <Hidden Ext>
>                 Local AS: 65000 Peer AS: 65222
>                 Age: 1:28:19
>                 Task: BGP_65222.172.16.0.18+179
>                 AS path: 65222 I
>                 Localpref: 100
>                 Router ID: 130.130.0.2
>
>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
> holddown, 0 hidden)
>
>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>
> [edit]
> lab at R3#
>
>
>  The one I am concerned is with group 65000 and I don't have any import
> policy to deny anything there..
>
>   [edit]
> lab at R3# show protocols bgp
> advertise-inactive;
> group 65000 {
>     type internal;
>     local-address 10.0.3.3;
>     export ibgp;
>     neighbor 10.0.6.1;
> }
> group c-bgp {
>     type external;
>     multihop;
>     local-address 10.0.3.3;
>     export ibgp;
>     neighbor 10.0.3.4 {
>         hold-time 180;
>         peer-as 65001;
>     }
>     neighbor 10.0.3.5 {
>         peer-as 65002;
>     }
> }
> group t1-t2 {
>     type external;
>     damping;
>     import [ damp trans-filter-in ];
>     export [ no-192-24s prepend ];
>     remove-private;
>     multipath;
>     neighbor 172.16.0.14 {
>         peer-as 65222;
>     }
>     neighbor 172.16.0.18 {
>         peer-as 65222;
>     }
> }
>
>  [edit]
> lab at R3#
>
>  This is really strange.. I compared the solutions, and there seems
> nothing wrong..
>
>  -Hoogen
>
>  On Thu, Oct 29, 2009 at 1:59 AM, Felix Schueren <
> felix.schueren at hosteurope.de> wrote:
>
>> Hoogen,
>>
>> Hoogen wrote:
>> >>> Now R3 only receives
>> >>>
>> >>> lab at R3# run show route receive-protocol bgp 10.0.6.1
>> >>>
>> >>> inet.0: 66 destinations, 106 routes (63 active, 0 holddown, 17 hidden)
>> >>>   Prefix                  Nexthop              MED     Lclpref    AS
>> path
>> >>> * 192.168.10.0/24         10.0.6.1                     100        I
>> >>> * 192.168.100.0/24        10.0.6.1             101     101        I
>> >>>
>>  please do
>> show route receive-protocol bgp 10.0.6.1 hidden extensive
>>
>> also paste
>> show configuration protocols bgp
>>
>> both from R3
>>
>> Kind regards,
>>
>> Felix
>>
>> --
>> Felix Schüren
>> Head of Network
>>
>> -----------------------------------------------------------------------
>> Host Europe GmbH - http://www.hosteurope.de
>> Welserstraße 14 - 51149 Köln - Germany
>> Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
>> HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
>> Geschäftsführer:
>> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
>>
>> (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend
>>
>
>
>
>

More information about the juniper-nsp mailing list