[j-nsp] EX4200 and Routing-Instances

[Cristian Frizziero]

Hi guys,

I´m working on a EX4200 (2 switches in virtual-chassis config) which is 
required to be the L3 border edge of a Datacenter. The backbone network 
presents 4 VRFs to the datacenter with a strange requirement: each VRF 
must reach a set of hosts in the datacenter, maintaining theirself 
independent of the other 3 VRFs, and at the same time,each host of the 
datacenter must reach the others in a full mesh of local connectivity.
OSPF is the protocol required to connect VRFs on the PE with the switch.

So, my approach was the following: on the L3 switch, I created 4 routing 
instances (virtual router type) with ospf to the related VRF on the PE.
On the internal side: a rib-group to copy all interface routes to each 
instance, so inet.0 is replied 4 times. To bind every internal phisical 
interface with a particular routing-instances, I use Filtered-Based 
Forwarding to send  the lookup into the right instance (inet.0 is 
completely replied, so it works for local connectivity also).

This approach worked fine in a lab made with an MX480 and logical-systems.

Now: when I copied the configuration to the switch, I found that the 
Filter-Based-Forwarding didn't work as into the MX lab: apparently I 
cannot apply a simple firwall filter with the "routing-instance XXX" 
accion matching for all packets, like that:

firewall {
   family inet {
     filter LookUp-into-InstanceA {
       term 1 {
         then {
           routing-instance InstanceA;
         }
       }
     }
   }
}

In the EX I needed to separate the packets with a filter like that, 
because the packets were not routed with the above filter. So the filter 
is now:

firewall {
   family inet {
     filter LookUp-into-InstanceA {
       term 1 {
         from {
           destination-prefix-list {
              Local-Destinations;
           }
         then accept;
       }
       term 2 {
         then {
           routing-instance InstanceA;
         }
       }
     }
   }
}

and it is working, but the need to filter by destination is very bad: 
Local-Destination is a prefiz-list with all hosts specific IPs.

More than this: I couldn't use inet.0. I had to create a fifth instance, 
in which I put all the interfaces, and use it as a default instance.


This was very strange to me: may be that EX4200 behaviour is so 
different from MX480 one?
Anyone know about issues in EX platforms working with routing-instances 
anf filter-based-forwarding?

Oh, for EX doesn´t exist the next-table options. It should be very 
useful....

Thanks for your help.

-- 


Ing. Cristian Frizziero
Av. Honorio Pueyrredón 1475
                  C.A.B.A. República Argentina
NUEVO TEL +54.11.4855.6041 (Ext. 517)
NUEVO CEL +54.9.11.4811.7562
SKYPE cristian.frizziero
cristian.frizziero at iquall.net <mailto:cristian.frizziero at iquall.net>
www.iquall.net <http://www.iquall.net>