[j-nsp] JNCIP EBGP Case Study...

Sean Clarke sean at clarke-3.demon.nl
Fri Oct 30 03:57:33 EDT 2009


Yes that's a solution, or workaround - but why do you want to prepend to 
your internal peers ? Surely it only makes sense to prepend out of your 
network, and use local preference to your internal peers ?

cheers
Sean

On 10/29/09 11:29 PM, Hoogen wrote:
> I guess for the solution to work we need to have
>
> autonomous-system 65001 loops 3;
>
> This would make sure we get those routes.
>
> -Hoogen
>
> On Thu, Oct 29, 2009 at 2:56 PM, Hoogen <hoogen82 at gmail.com 
> <mailto:hoogen82 at gmail.com>> wrote:
>
>     Okay.. Earlier task required while accepting routes from peer to
>     tag them with a community and prepend them with as number 65412
>     twice... I notice that when I deactivate that.. It works.. So
>     obviously R3 is considering the routes received from R1 with
>     prepend of 65412 for all P1 routes to be some sort of as loop...
>     So I guess there is something wrong about it..
>
>     Page 568 of the JNCIP books...
>
>     -Hoogen
>
>
>     On Thu, Oct 29, 2009 at 2:05 PM, Hoogen <hoogen82 at gmail.com
>     <mailto:hoogen82 at gmail.com>> wrote:
>
>         R1
>
>         lab at R1> show configuration routing-options
>         static {
>             route 10.0.200.0/24 <http://10.0.200.0/24> {
>                 next-hop 10.0.1.102;
>                 no-readvertise;
>             }
>             route 192.168.10.0/24 <http://192.168.10.0/24> reject;
>             route 192.168.100.0/24 <http://192.168.100.0/24> reject;
>             route 10.0.0.0/8 <http://10.0.0.0/8> {
>                 next-hop 10.0.4.13;
>                 qualified-next-hop 10.0.4.6 {
>                     preference 10;
>                 }
>             }
>         }
>         martians {
>         192.0.2.0/24 <http://192.0.2.0/24> orlonger;
>         }
>         autonomous-system 65000;
>         confederation 65412 members [ 65000 65001 65002 ];
>
>         lab at R1>
>
>         lab at R1> show configuration protocols bgp
>         group 65000 {
>             type internal;
>             local-address 10.0.6.1;
>             export ibgp;
>             neighbor 10.0.3.3;
>         }
>         group p1 {
>             type external;
>             import peer-filter-in;
>             export p1-export;
>             neighbor 10.0.5.254 {
>                 peer-as 1492;
>             }
>         }
>
>         lab at R1>
>
>         lab at R1> show configuration policy-options policy-statement ibgp
>         term 1 {
>             from {
>                 protocol static;
>                 route-filter 192.168.10.0/24 <http://192.168.10.0/24>
>         exact;
>             }
>             then accept;
>         }
>         term 2 {
>             from {
>                 protocol static;
>                 route-filter 192.168.100.0/24
>         <http://192.168.100.0/24> exact;
>             }
>             then {
>                 metric 101;
>                 local-preference 101;
>                 community add no-export;
>                 accept;
>             }
>         }
>
>         lab at R1>
>
>         R3 Configuration
>
>         lab at R3> show configuration routing-options
>         static {
>             route 10.0.200.0/24 <http://10.0.200.0/24> {
>                 next-hop 10.0.1.102;
>                 no-readvertise;
>             }
>             route 192.168.30.0/24 <http://192.168.30.0/24> reject;
>         }
>         martians {
>         192.0.2.0/24 <http://192.0.2.0/24> orlonger;
>         }
>         aggregate {
>             route 10.0.4.0/22 <http://10.0.4.0/22>;
>         }
>         autonomous-system 65000;
>         confederation 65412 members [ 65000 65001 65002 ];
>
>         lab at R3>
>
>         lab at R3> show configuration protocols bgp
>         advertise-inactive;
>         group 65000 {
>             type internal;
>             local-address 10.0.3.3;
>             export ibgp;
>             neighbor 10.0.6.1;
>         }
>         group c-bgp {
>             type external;
>             multihop;
>             local-address 10.0.3.3;
>             export ibgp;
>             neighbor 10.0.3.4 {
>                 hold-time 180;
>                 peer-as 65001;
>             }
>             neighbor 10.0.3.5 {
>                 peer-as 65002;
>             }
>         }
>         group t1-t2 {
>             type external;
>             damping;
>             import [ damp trans-filter-in ];
>             export [ no-192-24s prepend ];
>             remove-private;
>             multipath;
>             neighbor 172.16.0.14 {
>                 peer-as 65222;
>             }
>             neighbor 172.16.0.18 {
>                 peer-as 65222;
>             }
>         }
>
>         lab at R3>
>
>
>         lab at R3> show configuration policy-options policy-statement ibgp
>         term 1 {
>             from {
>                 protocol static;
>                 route-filter 192.168.30.0/24 <http://192.168.30.0/24>
>         exact;
>             }
>             then accept;
>         }
>         term 2 {
>             from community trans-1-2;
>             then {
>                 next-hop self;
>             }
>         }
>
>         lab at R3>
>
>         Thanks for your help guys..
>
>         -Hoogen
>
>         On Thu, Oct 29, 2009 at 3:36 AM, Sean Clarke
>         <sean at clarke-3.demon.nl <mailto:sean at clarke-3.demon.nl>> wrote:
>
>
>             What is in your ibgp export policy from R1 to R3  ? Are
>             you putting something in there to cause an issue ?
>
>
>
>
>
>
>             On 10/29/09 10:43 AM, Hoogen wrote:
>>             Hi Felix,
>>
>>             Thank you for the reply..
>>
>>             I am not sure how that 17 hidden routes came into play...
>>             But its not there now.. I still see the issue..
>>
>>             I had already checked the hidden routes..and those are
>>             not the ones which are hiding
>>
>>             lab at R3# run show route receive-protocol bgp 10.0.6.1
>>             hidden extensive
>>
>>             inet.0: 66 destinations, 85 routes (63 active, 0
>>             holddown, 3 hidden)
>>
>>             __juniper_private1__.inet.0: 2 destinations, 2 routes (2
>>             active, 0 holddown, 0 hidden)
>>
>>             iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0
>>             hidden)
>>
>>             [edit]
>>             lab at R3#
>>
>>             lab at R3# run show route receive-protocol bgp 10.0.6.1
>>
>>             inet.0: 66 destinations, 85 routes (63 active, 0
>>             holddown, 3 hidden)
>>               Prefix                  Nexthop              MED    
>>             Lclpref    AS path
>>             * 192.168.10.0/24 <http://192.168.10.0/24>        
>>             10.0.6.1                     100        I
>>             * 192.168.100.0/24 <http://192.168.100.0/24>      
>>              10.0.6.1             101     101        I
>>
>>             __juniper_private1__.inet.0: 2 destinations, 2 routes (2
>>             active, 0 holddown, 0 hidden)
>>
>>             iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0
>>             hidden)
>>
>>             [edit]
>>             lab at R3#
>>
>>             lab at R3# run show route protocol bgp hidden extensive
>>
>>             inet.0: 66 destinations, 85 routes (63 active, 0
>>             holddown, 3 hidden)
>>             172.17.0.0/16 <http://172.17.0.0/16> (1 entry, 0 announced)
>>                      BGP                 /-101
>>                             Next-hop reference count: 2
>>                             Source: 172.16.0.14
>>                             Next hop: 172.16.0.14 via ge-0/0/0.0,
>>             selected
>>                             State: <Hidden Ext>
>>                             Local AS: 65000 Peer AS: 65222
>>                             Age: 1:27:54
>>                             Task: BGP_65222.172.16.0.14+3227
>>                             AS path: 65222 I
>>                             Localpref: 100
>>                             Router ID: 130.130.0.1
>>
>>             192.0.2.0/24 <http://192.0.2.0/24> (1 entry, 0 announced)
>>                      BGP                 /-101
>>                             Next-hop reference count: 5
>>                             Source: 172.16.0.18
>>                             Next hop: 172.16.0.18 via ge-0/0/3.0,
>>             selected
>>                             State: <Hidden Martian Ext>
>>                             Local AS: 65000 Peer AS: 65222
>>                             Age: 1:28:19
>>                             Task: BGP_65222.172.16.0.18+179
>>                             AS path: 65222 I
>>                             Communities: 65412:102
>>                             Localpref: 100
>>                             Router ID: 130.130.0.2
>>
>>             220.0.0.0/28 <http://220.0.0.0/28> (1 entry, 0 announced)
>>                      BGP                 /-101
>>                             Next-hop reference count: 5
>>                             Source: 172.16.0.18
>>                             Next hop: 172.16.0.18 via ge-0/0/3.0,
>>             selected
>>                             State: <Hidden Ext>
>>                             Local AS: 65000 Peer AS: 65222
>>                             Age: 1:28:19
>>                             Task: BGP_65222.172.16.0.18+179
>>                             AS path: 65222 I
>>                             Localpref: 100
>>                             Router ID: 130.130.0.2
>>
>>             __juniper_private1__.inet.0: 2 destinations, 2 routes (2
>>             active, 0 holddown, 0 hidden)
>>
>>             iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0
>>             hidden)
>>             [edit]
>>             lab at R3#
>>
>>
>>             The one I am concerned is with group 65000 and I don't
>>             have any import policy to deny anything there..
>>
>>             [edit]
>>             lab at R3# show protocols bgp
>>             advertise-inactive;
>>             group 65000 {
>>                 type internal;
>>                 local-address 10.0.3.3;
>>                 export ibgp;
>>                 neighbor 10.0.6.1;
>>             }
>>             group c-bgp {
>>                 type external;
>>                 multihop;
>>                 local-address 10.0.3.3;
>>                 export ibgp;
>>                 neighbor 10.0.3.4 {
>>                     hold-time 180;
>>                     peer-as 65001;
>>                 }
>>                 neighbor 10.0.3.5 {
>>                     peer-as 65002;
>>                 }
>>             }
>>             group t1-t2 {
>>                 type external;
>>                 damping;
>>                 import [ damp trans-filter-in ];
>>                 export [ no-192-24s prepend ];
>>                 remove-private;
>>                 multipath;
>>                 neighbor 172.16.0.14 {
>>                     peer-as 65222;
>>                 }
>>                 neighbor 172.16.0.18 {
>>                     peer-as 65222;
>>                 }
>>             }
>>
>>             [edit]
>>             lab at R3#
>>
>>             This is really strange.. I compared the solutions, and
>>             there seems nothing wrong..
>>
>>             -Hoogen
>>
>>             On Thu, Oct 29, 2009 at 1:59 AM, Felix Schueren
>>             <felix.schueren at hosteurope.de
>>             <mailto:felix.schueren at hosteurope.de>> wrote:
>>
>>                 Hoogen,
>>
>>                 Hoogen wrote:
>>                 >>> Now R3 only receives
>>                 >>>
>>                 >>> lab at R3# run show route receive-protocol bgp 10.0.6.1
>>                 >>>
>>                 >>> inet.0: 66 destinations, 106 routes (63 active, 0
>>                 holddown, 17 hidden)
>>                 >>>   Prefix                  Nexthop            
>>                  MED     Lclpref    AS path
>>                 >>> * 192.168.10.0/24 <http://192.168.10.0/24>      
>>                   10.0.6.1                     100        I
>>                 >>> * 192.168.100.0/24 <http://192.168.100.0/24>    
>>                    10.0.6.1             101     101        I
>>                 >>>
>>                 please do
>>                 show route receive-protocol bgp 10.0.6.1 hidden extensive
>>
>>                 also paste
>>                 show configuration protocols bgp
>>
>>                 both from R3
>>
>>                 Kind regards,
>>
>>                 Felix
>>
>>                 --
>>                 Felix Schüren
>>                 Head of Network
>>
>>                 -----------------------------------------------------------------------
>>                 Host Europe GmbH - http://www.hosteurope.de
>>                 Welserstraße 14 - 51149 Köln - Germany
>>                 Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
>>                 HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
>>                 Geschäftsführer:
>>                 Uwe Braun - Alex Collins - Mark Joseph - Patrick
>>                 Pulvermüller
>>
>>                 (*) 0,14 EUR/Min. aus dem dt. Festnetz,
>>                 Mobilfunkpreise ggf. abweichend
>>
>>
>
>
>
>
>



More information about the juniper-nsp mailing list