[j-nsp] OSPF external routes in database but not in routing table

Mohammad Salbad masalbad at gmail.com
Tue Apr 29 05:50:52 EDT 2014 

Thank you Krasi

 

So, setting domain-vpn-tag to 0 on the providers PE will not help… :(

Is that mean there is no solution or workaround for this neither on my MX nor Provider PE…. :(

And the only solution is to revert back the instance type to be VR instead of VRF…..

 

I really hoped there is a workaround for this…

 

However, thank you all for your help

 

BR

M. Salbad

 

From: Krasimir Avramski [mailto:krasi at smartcom.bg] 
Sent: Tuesday, April 29, 2014 1:32 PM
To: Mohammad Salbad
Cc: Juniper-Nsp
Subject: Re: [j-nsp] OSPF external routes in database but not in routing table

 

domain vpn tag(external route tag) is already set to 0 - the problem is that D/N bit is set as per RFC4576 (0x82 from your output lsa options). 

 

Krasi

 

On 29 April 2014 11:05, Mohammad Salbad <masalbad at gmail.com <mailto:masalbad at gmail.com> > wrote:

Thank you all experts for your support and help



Based on what I understood from you:

In order to be able to add the ospf external routes into the routing table I
shall ask the service provider to set the domain-vpn-tag value to 0 on his
PE.

And there nothing to be done on my MX router (CE) to ignore the DN bit set
by the service provider PE.



Thank you again

M. Salbad



From: Ivan Ivanov [mailto:ivanov.ivan at gmail.com <mailto:ivanov.ivan at gmail.com> ]
Sent: Tuesday, April 29, 2014 11:01 AM
To: Amos Rosenboim
Cc: Mohammad Salbad; juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

Subject: Re: [j-nsp] OSPF external routes in database but not in routing
table




Hi,



Try to configure under the OSPF stanza for removing DN bit in Type 5 LSA -
'domain-vpn-tag 0'

If you want to disable DN bit checks for Type 3 LSA add - 'domain-id
disable'

HTH,

Ivan,





On Tue, Apr 29, 2014 at 8:49 AM, Amos Rosenboim <amos at oasis-tech.net <mailto:amos at oasis-tech.net> 

<mailto:amos at oasis-tech.net <mailto:amos at oasis-tech.net> > > wrote:

Hi,

I know Cisco have a configuration knob for this, I believe it's called
vrf-capability.
I am not sure If Juniper have something similar.

Amos

Sent from my iPhone


On 29 Apr 2014, at 02:21, "Mohammad Salbad" <masalbad at gmail.com <mailto:masalbad at gmail.com> 

<mailto:masalbad at gmail.com <mailto:masalbad at gmail.com> > <mailto:masalbad at gmail.com <mailto:masalbad at gmail.com> 

<mailto:masalbad at gmail.com <mailto:masalbad at gmail.com> > >> wrote:

1.1.1.1 is PE router id

so far we believe the issue is due to DN bit is set by the provider and
hence the external routes are not injected in the routing table...as per
Alberto Santos below reply to me:

" as expected in rfc4577, Type 5 LSA must set DN bit, if the router does not
set it, domain tag should be used instead. I believe the PE router is
setting the DN bit and because of the routing instance was config as VRF it
is not installing the route, I think you should change to VR type instead."

So I'm wondering if there is any way to ignore the DN bit for the external
routes received from the provider ospf link? That I don't want to keep the
instance type to be vrf NOT VR...

Regards
M. Salbad

-----Original Message-----

From: Payam Chychi [mailto:pchychi at gmail.com <mailto:pchychi at gmail.com>  <mailto:pchychi at gmail.com <mailto:pchychi at gmail.com> > ]
Sent: Tuesday, April 29, 2014 2:17 AM

To: Mohammad Salbad; juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > <mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > >
Subject: Re: [j-nsp] OSPF external routes in database but not in routing
table

Hi Mohammad,

- Any route-maps preventing the prefix from being installed?
- How are you learning 1.1.1.1?


Payam

On 2014-04-28, 2:13 PM, Mohammad Salbad wrote:
Dear Experts



we have an MX router connected to a service provider network which
provides us with OSPF L3VPN connectivity with remote branches.



at the beginning we used to have our connection with the provider into
a routing instance with type virtual router and we were able to
receive external routes from remote branches from our provider ospf
link.

for special purposes we decided to change the instance type to be vrf
in our MX  router.

once we have changed the instance type to be vrf external routes
received through our provider connection are no longer in the routing
table although they are in the ospf data base????



Below is a sample of ospf database for one of the external routes
which were not injected in routing table



Extern   10.10.10.10   1.1.1.1   0x80003a74   893  0x82 0x347d  36

  mask 255.255.255.252

  Topology default (ID 0)

    Type: 2, Metric: 1, Fwd addr: 0.0.0.0, Tag: 0.0.0.0

  Aging timer 00:45:07

  Installed 00:14:52 ago, expires in 00:45:07

  Last changed 01:03:59 ago, Change count: 1



Any Ideas???



Regards

M. Salbad





_______________________________________________

juniper-nsp mailing list juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > <mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > >
https://puck.nether.net/mailman/listinfo/juniper-nsp


_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > <mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 

<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> > >

https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 
<mailto:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> >
https://puck.nether.net/mailman/listinfo/juniper-nsp





--
Best Regards!

Ivan Ivanov

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list