[j-nsp] next-hop driving me crazy
Richard A Steenbergen
ras at e-gerbil.net
Fri Apr 26 15:04:15 EDT 2013
On Fri, Apr 26, 2013 at 11:14:39AM -0500, Eric Krichbaum wrote:
> Thanks everyone. The policy straight to discard works for me, just annoyed
> me. I really didn't want to apply a knob (similar to the disable connected
> check on cisco) to do it. Trying to make these policies the same has proven
> an interesting exercise and at least now I am aware of the knobs to make it
> do the other.
It's technically a violation of the BGP spec to let the user arbitrarily
rewrite the next-hop of a eBGP non-multihop route to something other
than the directly connected interface, and the "correct" action when you
do it is to reject the route for having an invalid next-hop.
Of course, over here in reality land that's complete nonsense. There are
perfectly legitimate reasons to do so, like the example you cited, but
it took a LONG time to get this past the guys who defend the theory
without regard to practice. You used to have to configure ebgp multihop
everywhere to get it to relax those rules, which carries its own
downsides like lack of "fast external failover" behavior. The commands
like "disable-connected-check" and "accept-remote-nexthop" were the
compromises between following the spec and satisfying the customer. ;)
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list