[j-nsp] Internet access from VRF issue

Olivier Benghozi olivier.benghozi at wifirst.fr
Tue Jun 4 12:41:06 EDT 2013 

Hi Alexey,

I understand that you receive an iBGP route, place it in another VRF via rib-group, and expect it to be sent to another iBGP peer.
Well, basically you expect a received iBGP route to be reflected to another iBGP peer ?

regards,
Olivier Benghozi


Le 4 juin 2013 à 18:12, Alexey <alexey.sazhin at yandex.ru> a écrit :

> topology in txt format, since .jpeg hasn't attached:
> 
> (R2)--vrf Customer-(R4)-----(core)-----(R1)-|8.8.8.8/32 static route in inet.0 to emulate Internet routes
> 					  |
> 		         		  |
> 					 (R3)
> 					   |vrf Customer
> 
> -- 
> Alexey S.
> Leading engineer
> Network solutions team
> CCIE R&S
> 
> alexey.sazhin at yandex.ru
> 
> 04.06.2013, 19:51, "Alexey" <alexey.sazhin at yandex.ru>:
>> Hi guys,
>> 
>> Now I'm preparing for JNCIE-SP certification, and faced with problem providing internet-access for VPN users.
>> 
>> I attach my test topology to email.
>> R4 and R3 are PE routers which holds vrf table "Customer", R1 router holds ipv4 static route 8.8.8.8/32 to represent Internet routes. Between R4 and R3 there is vpnv4 IBGP session and Between R4 and R1 - ipv4 IBGP.
>> 
>> I use rib-group to import IPv4 routes received from R1 also in table Customer.inet.0. Routes are imported as expected and I see 8.8.8.8/32 in vrf Customer:
>> R4# run show route table Customer 8.8.8.8
>> 
>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>> + = Active Route, - = Last Active, * = Both
>> 
>> 8.8.8.8/32         *[BGP/170] 00:50:35, localpref 100, from 172.27.255.1
>>                       AS path: I
>> 
>>>  to 172.27.0.10 via ge-1/3/0.41, label-switched-path r4-to-r1
>> 
>> [edit]
>> R4 at M7i-2#
>> 
>> But the problem is that R4 doesn't pass this route from VRF to R3 via MP-BGP.
>> R4 at M7i-2# run show route advertising-protocol bgp 172.27.255.3
>> 
>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>>   Prefix                  Nexthop              MED     Lclpref    AS path
>> * 2.2.2.2/32              Self                         100        1 I
>> * 172.27.0.4/30           Self                         100        I
>> 
>> [edit]
>> R4 at M7i-2#
>> 
>> The same task was in bootcamp lab guide book, and according to it, other members of VRF do receive internet routes. I also tried to use VRF export policy;vrf-table-label - nothing helps.
>> Please help, may be there is some knob to make it work?
>> 
>> PS:All routers are real equipment (no logical systems).
>> PSS:I also attach relevant parts of config.
>> 
>> --
>> Alexey S.
>> Leading engineer
>> Network solutions team
>> CCIE R&S
>> 
>> ,
>> #####Configs:
>> R4 at M7i-2# show protocols bgp
>> group ipv4-r1 {
>>     type internal;
>>     local-address 172.27.255.4;
>>     family inet {
>>         unicast {
>>             rib-group inet0->vrf;
>>         }
>>     }
>>     neighbor 172.27.255.1;
>> }
>> group vpnv4-r3 {
>>     type internal;
>>     local-address 172.27.255.4;
>>     family inet-vpn {
>>         unicast;
>>     }
>>     neighbor 172.27.255.3;
>> }
>> 
>> [edit]
>> R4 at M7i-2# show routing-options rib-groups
>> inet0->vrf {
>>     import-rib [ inet.0 Customer.inet.0 ];
>> }
>> 
>> [edit]
>> R4 at M7i-2#
>> R4 at M7i-2# show routing-instances
>> Customer {
>>     instance-type vrf;
>>     interface ge-1/3/0.42;
>>     route-distinguisher 172.27.255.4:100;
>>     vrf-target target:4:100;
>>     protocols {
>>         bgp {
>>             group R2-peer {
>>                 neighbor 172.27.0.5 {
>>                     peer-as 1;
>>                 }
>>             }
>>         }
>>     }
>> }
>> 
>> [edit]
>> R4 at M7i-2#
>> 
>> R1 at M7i-1# show protocols bgp
>> group ipv4-r4 {
>>     type internal;
>>     local-address 172.27.255.1;
>>     family inet {
>>         unicast;
>>     }
>>     export export-bgp-inet;
>>     neighbor 172.27.255.4;
>> }
>> 
>> [edit]
>> R1 at M7i-1# show routing-options static
>> route 8.8.8.8/32 discard;
>> 
>> [edit]
>> R1 at M7i-1#
>> 
>> R3 at M7i-3# show protocols bgp
>> group vpnv4-r1 {
>>     type internal;
>>     local-address 172.27.255.3;
>>     family inet-vpn {
>>         unicast;
>>     }
>>     neighbor 172.27.255.4;
>> }
>> 
>> [edit]
>> R3 at M7i-3# show routing-instances
>> Customer {
>>     instance-type vrf;
>>     route-distinguisher 172.27.255.3:100;
>>     vrf-target target:4:100;
>> }
>> 
>> [edit]
>> R3 at M7i-3#
>> 
>> ###Show results:
>> R4 at M7i-2# run show bgp summary
>> Groups: 3 Peers: 3 Down peers: 0
>> Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
>> inet.0                 1          1          0          0          0          0
>> bgp.l3vpn.0            0          0          0          0          0          0
>> Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
>> 172.27.0.5                1        157        155       0       2     1:09:09 Establ
>>   Customer.inet.0: 1/1/1/0
>> 172.27.255.1              3        142        139       0       0     1:02:15 Establ
>>   inet.0: 1/1/1/0
>> 172.27.255.3              3        165        175       0       0     1:12:52 Establ
>>   bgp.l3vpn.0: 0/0/0/0
>> 
>> [edit]
>> R4 at M7i-2# run show route receive-protocol bgp 172.27.255.1
>> 
>> inet.0: 32 destinations, 37 routes (30 active, 0 holddown, 2 hidden)
>> Restart Complete
>>   Prefix                  Nexthop              MED     Lclpref    AS path
>> * 8.8.8.8/32              172.27.255.1                 100        I
>> 
>> inet.3: 7 destinations, 11 routes (2 active, 0 holddown, 7 hidden)
>> Restart Complete
>> 
>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>>   Prefix                  Nexthop              MED     Lclpref    AS path
>> * 8.8.8.8/32              172.27.255.1                 100        I
>> 
>> [edit]
>> R4 at M7i-2# run show route 8.8.8.8/32
>> 
>> inet.0: 32 destinations, 37 routes (30 active, 0 holddown, 2 hidden)
>> Restart Complete
>> + = Active Route, - = Last Active, * = Both
>> 
>> 8.8.8.8/32         *[BGP/170] 01:02:45, localpref 100, from 172.27.255.1
>>                       AS path: I
>> 
>>>  to 172.27.0.10 via ge-1/3/0.41, label-switched-path r4-to-r1
>> 
>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>> + = Active Route, - = Last Active, * = Both
>> 
>> 8.8.8.8/32         *[BGP/170] 01:01:00, localpref 100, from 172.27.255.1
>>                       AS path: I
>> 
>>>  to 172.27.0.10 via ge-1/3/0.41, label-switched-path r4-to-r1
>> 
>> [edit]
>> R4 at M7i-2#
>> R4 at M7i-2# run show route advertising-protocol bgp 172.27.255.3
>> 
>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
>>   Prefix                  Nexthop              MED     Lclpref    AS path
>> * 2.2.2.2/32              Self                         100        1 I
>> * 172.27.0.4/30           Self                         100        I
>> 
>> [edit]
>> R4 at M7i-2#
>> 
>> R3 at M7i-3# run show route 8.8.8.8
>> 
>> [edit]
>> R3 at M7i-3#
>> 
>> ,
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list