[j-nsp] JNCIP EBGP Case Study...
Hoogen
hoogen82 at gmail.com
Thu Oct 29 17:56:29 EDT 2009
Okay.. Earlier task required while accepting routes from peer to tag them
with a community and prepend them with as number 65412 twice... I notice
that when I deactivate that.. It works.. So obviously R3 is considering the
routes received from R1 with prepend of 65412 for all P1 routes to be some
sort of as loop... So I guess there is something wrong about it..
Page 568 of the JNCIP books...
-Hoogen
On Thu, Oct 29, 2009 at 2:05 PM, Hoogen <hoogen82 at gmail.com> wrote:
> R1
>
> lab at R1> show configuration routing-options
> static {
> route 10.0.200.0/24 {
> next-hop 10.0.1.102;
> no-readvertise;
> }
> route 192.168.10.0/24 reject;
> route 192.168.100.0/24 reject;
> route 10.0.0.0/8 {
> next-hop 10.0.4.13;
> qualified-next-hop 10.0.4.6 {
> preference 10;
> }
> }
> }
> martians {
> 192.0.2.0/24 orlonger;
> }
> autonomous-system 65000;
> confederation 65412 members [ 65000 65001 65002 ];
>
> lab at R1>
>
> lab at R1> show configuration protocols bgp
> group 65000 {
> type internal;
> local-address 10.0.6.1;
> export ibgp;
> neighbor 10.0.3.3;
> }
> group p1 {
> type external;
> import peer-filter-in;
> export p1-export;
> neighbor 10.0.5.254 {
> peer-as 1492;
> }
> }
>
> lab at R1>
>
> lab at R1> show configuration policy-options policy-statement ibgp
> term 1 {
> from {
> protocol static;
> route-filter 192.168.10.0/24 exact;
> }
> then accept;
> }
> term 2 {
> from {
> protocol static;
> route-filter 192.168.100.0/24 exact;
> }
> then {
> metric 101;
> local-preference 101;
> community add no-export;
> accept;
> }
> }
>
> lab at R1>
>
> R3 Configuration
>
> lab at R3> show configuration routing-options
> static {
> route 10.0.200.0/24 {
> next-hop 10.0.1.102;
> no-readvertise;
> }
> route 192.168.30.0/24 reject;
> }
> martians {
> 192.0.2.0/24 orlonger;
> }
> aggregate {
> route 10.0.4.0/22;
> }
> autonomous-system 65000;
> confederation 65412 members [ 65000 65001 65002 ];
>
> lab at R3>
>
> lab at R3> show configuration protocols bgp
> advertise-inactive;
> group 65000 {
> type internal;
> local-address 10.0.3.3;
> export ibgp;
> neighbor 10.0.6.1;
> }
> group c-bgp {
> type external;
> multihop;
> local-address 10.0.3.3;
> export ibgp;
> neighbor 10.0.3.4 {
> hold-time 180;
> peer-as 65001;
> }
> neighbor 10.0.3.5 {
> peer-as 65002;
> }
> }
> group t1-t2 {
> type external;
> damping;
> import [ damp trans-filter-in ];
> export [ no-192-24s prepend ];
> remove-private;
> multipath;
> neighbor 172.16.0.14 {
> peer-as 65222;
> }
> neighbor 172.16.0.18 {
> peer-as 65222;
> }
> }
>
> lab at R3>
>
>
> lab at R3> show configuration policy-options policy-statement ibgp
> term 1 {
> from {
> protocol static;
> route-filter 192.168.30.0/24 exact;
> }
> then accept;
> }
> term 2 {
> from community trans-1-2;
> then {
> next-hop self;
> }
> }
>
> lab at R3>
>
> Thanks for your help guys..
>
> -Hoogen
>
> On Thu, Oct 29, 2009 at 3:36 AM, Sean Clarke <sean at clarke-3.demon.nl>wrote:
>
>>
>> What is in your ibgp export policy from R1 to R3 ? Are you putting
>> something in there to cause an issue ?
>>
>>
>>
>>
>>
>>
>> On 10/29/09 10:43 AM, Hoogen wrote:
>>
>> Hi Felix,
>>
>> Thank you for the reply..
>>
>> I am not sure how that 17 hidden routes came into play... But its not
>> there now.. I still see the issue..
>>
>> I had already checked the hidden routes..and those are not the ones
>> which are hiding
>>
>> lab at R3# run show route receive-protocol bgp 10.0.6.1 hidden extensive
>>
>> inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>>
>> __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>> holddown, 0 hidden)
>>
>> iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>
>> [edit]
>> lab at R3#
>>
>> lab at R3# run show route receive-protocol bgp 10.0.6.1
>>
>>
>> inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>> Prefix Nexthop MED Lclpref AS path
>> * 192.168.10.0/24 10.0.6.1 100 I
>> * 192.168.100.0/24 10.0.6.1 101 101 I
>>
>> __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>> holddown, 0 hidden)
>>
>> iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>
>> [edit]
>> lab at R3#
>>
>> lab at R3# run show route protocol bgp hidden extensive
>>
>> inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>> 172.17.0.0/16 (1 entry, 0 announced)
>> BGP /-101
>> Next-hop reference count: 2
>> Source: 172.16.0.14
>> Next hop: 172.16.0.14 via ge-0/0/0.0, selected
>> State: <Hidden Ext>
>> Local AS: 65000 Peer AS: 65222
>> Age: 1:27:54
>> Task: BGP_65222.172.16.0.14+3227
>> AS path: 65222 I
>> Localpref: 100
>> Router ID: 130.130.0.1
>>
>> 192.0.2.0/24 (1 entry, 0 announced)
>> BGP /-101
>> Next-hop reference count: 5
>> Source: 172.16.0.18
>> Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>> State: <Hidden Martian Ext>
>> Local AS: 65000 Peer AS: 65222
>> Age: 1:28:19
>> Task: BGP_65222.172.16.0.18+179
>> AS path: 65222 I
>> Communities: 65412:102
>> Localpref: 100
>> Router ID: 130.130.0.2
>>
>> 220.0.0.0/28 (1 entry, 0 announced)
>> BGP /-101
>> Next-hop reference count: 5
>> Source: 172.16.0.18
>> Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>> State: <Hidden Ext>
>> Local AS: 65000 Peer AS: 65222
>> Age: 1:28:19
>> Task: BGP_65222.172.16.0.18+179
>> AS path: 65222 I
>> Localpref: 100
>> Router ID: 130.130.0.2
>>
>> __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>> holddown, 0 hidden)
>>
>> iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>
>> [edit]
>> lab at R3#
>>
>>
>> The one I am concerned is with group 65000 and I don't have any import
>> policy to deny anything there..
>>
>> [edit]
>> lab at R3# show protocols bgp
>> advertise-inactive;
>> group 65000 {
>> type internal;
>> local-address 10.0.3.3;
>> export ibgp;
>> neighbor 10.0.6.1;
>> }
>> group c-bgp {
>> type external;
>> multihop;
>> local-address 10.0.3.3;
>> export ibgp;
>> neighbor 10.0.3.4 {
>> hold-time 180;
>> peer-as 65001;
>> }
>> neighbor 10.0.3.5 {
>> peer-as 65002;
>> }
>> }
>> group t1-t2 {
>> type external;
>> damping;
>> import [ damp trans-filter-in ];
>> export [ no-192-24s prepend ];
>> remove-private;
>> multipath;
>> neighbor 172.16.0.14 {
>> peer-as 65222;
>> }
>> neighbor 172.16.0.18 {
>> peer-as 65222;
>> }
>> }
>>
>> [edit]
>> lab at R3#
>>
>> This is really strange.. I compared the solutions, and there seems
>> nothing wrong..
>>
>> -Hoogen
>>
>> On Thu, Oct 29, 2009 at 1:59 AM, Felix Schueren <
>> felix.schueren at hosteurope.de> wrote:
>>
>>> Hoogen,
>>>
>>> Hoogen wrote:
>>> >>> Now R3 only receives
>>> >>>
>>> >>> lab at R3# run show route receive-protocol bgp 10.0.6.1
>>> >>>
>>> >>> inet.0: 66 destinations, 106 routes (63 active, 0 holddown, 17
>>> hidden)
>>> >>> Prefix Nexthop MED Lclpref AS
>>> path
>>> >>> * 192.168.10.0/24 10.0.6.1 100 I
>>> >>> * 192.168.100.0/24 10.0.6.1 101 101 I
>>> >>>
>>> please do
>>> show route receive-protocol bgp 10.0.6.1 hidden extensive
>>>
>>> also paste
>>> show configuration protocols bgp
>>>
>>> both from R3
>>>
>>> Kind regards,
>>>
>>> Felix
>>>
>>> --
>>> Felix Schüren
>>> Head of Network
>>>
>>> -----------------------------------------------------------------------
>>> Host Europe GmbH - http://www.hosteurope.de
>>> Welserstraße 14 - 51149 Köln - Germany
>>> Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
>>> HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
>>> Geschäftsführer:
>>> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
>>>
>>> (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend
>>>
>>
>>
>>
>>
>
More information about the juniper-nsp
mailing list