[j-nsp] Hidden IPv4 iBGP routes

Harry Reynolds harry at juniper.net
Wed Mar 14 12:07:43 EDT 2012


That was my initial recollection as well. Seems we used to need keep-all to even see such a hidden route.

I guess it changes at some point.

Regards





From: Ivan Ivanov [mailto:ivanov.ivan at gmail.com]
Sent: Wednesday, March 14, 2012 2:51 AM
To: John Neiberger
Cc: Harry Reynolds; juniper-nsp at puck.nether.net; Mohammad
Subject: Re: [j-nsp] Hidden IPv4 iBGP routes

Hi,

Harry, in JNCIP study guide is written that if route is discarded because of AS loop it's not stored in RIB. So it should not be visible with 'hidden' switch.

Or I am wrong and the case here is different.

Thanks!
On Wed, Mar 14, 2012 at 01:29, John Neiberger <jneiberger at gmail.com<mailto:jneiberger at gmail.com>> wrote:
Thanks! I just heard from another one of our engineers who is much
more familiar with Juniper than I am. He already knew about this, so I
was just a little slow on the uptake.  lol

Thanks to all for the help.

On Tue, Mar 13, 2012 at 6:05 PM, Harry Reynolds <harry at juniper.net<mailto:harry at juniper.net>> wrote:
> Yes, I believe that is enough to cause your issue.
>
> I believe that independent domain might help with the global as loop check, but it too is global and needs to be carefully tested.
>
> Else use as loops, which should also be tested. ;) Adding will flap bgp IIRC.
>
> Regards
>
>
>
>
>
>
>
> -----Original Message-----
> From: John Neiberger [mailto:jneiberger at gmail.com<mailto:jneiberger at gmail.com>]
> Sent: Tuesday, March 13, 2012 4:55 PM
> To: Harry Reynolds
> Cc: Mohammad; juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
> Subject: Re: [j-nsp] Hidden IPv4 iBGP routes
>
> We do have the following configured under bgp:
>
> group SomeGroupName {
>    type external;
>    traceoptions {
>        file ipv4-ebgp-customer-logs size 10m files 10;
>        flag state;
>    }
>    description "SomeGroup";
>    family inet {
>        unicast;
>    }
>    remove-private;
>    local-as XXXXX private;
> }
>
> I wish I could post that stuff without editing.  hehe  Is that enough
> to break things? And if so, what is the fix?
>
> Thanks!
>
>
> On Tue, Mar 13, 2012 at 5:21 PM, Harry Reynolds <harry at juniper.net<mailto:harry at juniper.net>> wrote:
>> Are there any vrfs on this box using AS XXXX?
>>
>> In JUNOS AS loop check is global, so also applies to any vrfs and their configured asns.
>>
>> HTHs
>>
>>
>>
>> -----Original Message-----
>> From: juniper-nsp-bounces at puck.nether.net<mailto:juniper-nsp-bounces at puck.nether.net> [mailto:juniper-nsp-bounces at puck.nether.net<mailto:juniper-nsp-bounces at puck.nether.net>] On Behalf Of John Neiberger
>> Sent: Tuesday, March 13, 2012 4:17 PM
>> To: Mohammad
>> Cc: juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
>> Subject: Re: [j-nsp] Hidden IPv4 iBGP routes
>>
>> Okay, there is no local AS configured under protocols bgp, and the AS
>> configured under routing options is correct.
>>
>> On Tue, Mar 13, 2012 at 5:11 PM, John Neiberger <jneiberger at gmail.com<mailto:jneiberger at gmail.com>> wrote:
>>> I'll do that right now. I checked the AS under routing-options, but
>>> didn't check for a local-as. Thanks! I'm very new to Juniper, so I'm
>>> still pretty lost.
>>>
>>> On Tue, Mar 13, 2012 at 4:29 PM, Mohammad <masalbad at gmail.com<mailto:masalbad at gmail.com>> wrote:
>>>> I think you need to check the autonomous-system under the routing-options
>>>> hierarchy; and the local-as under protocols bgp group hierarchy;
>>>>
>>>>
>>>>
>>>> Mohammad Salbad
>>>>
>>>> _______________________________________________
>>>> juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
>>>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
>> https://puck.nether.net/mailman/listinfo/juniper-nsp

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp



--
Best Regards!

Ivan Ivanov


More information about the juniper-nsp mailing list