[j-nsp] Help: Learning routes from same ASN, cisco vs juniper

OBrien, Will ObrienH at missouri.edu
Wed Sep 11 10:41:55 EDT 2013


I was too busy yesterday working on this to say thanks.

The loops threshold was exactly what I needed although my upstream was ALSO filtering.
I have to admit that it did take me a few minutes to realize that the loops limit also applies to external routes learned by an ibgp neighbor!

the internal neighbor adds an additional AS hop to it, so I had to raise my threshold one more than I initially assessed.



Thanks again all.


On Sep 10, 2013, at 12:46 PM, Andrew Tutten wrote:

I believe the command you're looking for is:

set routing-options autonomous-system loops <#>

where # is the acceptable number of times your AS# shows up in an eBGP as-path


On Tue, Sep 10, 2013 at 12:28 PM, OBrien, Will <ObrienH at missouri.edu<mailto:ObrienH at missouri.edu>> wrote:
I've found an interesting issue and I wanted to get some thoughts before talking to JTAC about it.


I have a few of MX480s.  In the past, I've advertised a dedicated /24 from my lab to my providers upstream.
That /24 was never learned by my primary MX.

The issue comes down to either the MX or the Cisco filtering routes that are from the same ASN.  It's been a couple of years since I ran across this and I can't remember who was at fault.


This behavior is biting my with regard to my DR site.


At my DR, I have a SRX with say ASN 1234. It's advertising a /24.

At my primary site, I also use ASN1234. I do not receive the /24 via BGP.

So, either the Cisco (7600 I think) isn't advertising the route to me because it's from my ASN - OR - The MX is filtering it because it's from my ASN and coming in on a eBGP link.


If it's the MX, I'm certain I can write an import filter, but I'm having an issue hunting down syntax on that.
If it's the Cisco, then I can yell at the provider to have them open a TAC case.



Like I said, I ran across this a few years ago, but can't remember who was at fault. I could build a multi-hop neighbor relationship to get around this, but surely there's a simpler solution...
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp



--
Andrew Tutten
Senior Network Engineer
API Digital Communications Group
[http://www.api-digital.com/mkt/email_logo_200x60.png]



More information about the juniper-nsp mailing list