[j-nsp] next-hop self and RR

Daniel Roesen dr at cluenet.de
Thu Nov 8 11:17:29 EST 2012


On Thu, Nov 08, 2012 at 05:45:25PM +0200, Mihai Gabriel wrote:
> Is Juniper's implementation of next-hop self on a RR a violation of
> RFC1966?
> 
> " In some implementations, modification of the BGP path attribute,
>    NEXT_HOP is possible. For example, there could be a need for a RR to
>    modify NEXT_HOP for EBGP learned routes sent to its internal peers.
>    However, it must not be possible for an RR to set on reflected IBGP
>    routes as this breaks the basic principle of Route Reflection and
>    will result in potential black holeing of traffic."

Technically, it's in violation, yes, but there are some use-cases where
even IBGP NEXT_HOP rewriting is required/desired. As such, Juniper's
way is more flexible.

You can get RFC-like behaviour (only rewrite on EBGP-received routes)
like this:

dr at cr1.cgn2> show configuration policy-options policy-statement next-hop-self
from route-type external;
then {
    next-hop self;
}

"from route-type external" matches EBGP-received routes when used in BGP
context. So, this way you can use this next-hop-self policy on RR egress
to your IBGP neighbors without having to match on external peer neighbor
IPs or similar workarounds.

Best regards,
Daniel

-- 
CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0


More information about the juniper-nsp mailing list