[j-nsp] Redistribute Connected in Junos
James Bensley
jwbensley at gmail.com
Tue Nov 17 10:42:23 EST 2015
Hi All,
I'm much more of a Cisco head; trying to redistribute the connected
subnets into an MPLS L3VPN form PE2, up to some RRs then down to PE1,
not sure what I've missed here, can anyone help me out?
bensley at PE2> show route table 0089.inet.0
172.31.253.100/31 *[Direct/0] 3w4d 12:42:16
> via fe-1/1/3.89
172.31.253.100/32 *[Local/0] 3w4d 12:42:16
Local via fe-1/1/3.89
172.31.253.102/31 *[Direct/0] 3w4d 12:42:16
> via ge-0/1/0.89
172.31.253.102/32 *[Local/0] 3w4d 12:42:16
Local via ge-0/1/0.89
PE2.Lo0.IP.80/32 *[Direct/0] 3w4d 12:42:16
> via lo0.89
bensley at PE2> show configuration policy-options community 0089_VRF
members target:12345:89;
bensley at PE2> show configuration routing-instances 0089
instance-type vrf;
interface lo0.89;
interface ge-0/1/0.89;
interface fe-1/1/3.89;
route-distinguisher PE2.Lo0.IP.80:89;
vrf-import plc-VRF-0089-Import;
vrf-export plc-VRF-0089-Export;
vrf-table-label;
bensley at PE2> show configuration policy-options policy-statement
plc-VRF-0089-Export
term 10 {
from {
protocol direct;
interface [ ge-0/1/0.89 fe-1/1/3.89 ];
}
then accept;
}
bensley at PE2> show route advertising-protocol bgp RR1.Lo0.IP.165 table
bgp.l3vpn.0 | match 89
PE2.Lo0.IP.80:89:172.31.253.100/31
PE2.Lo0.IP.80:89:172.31.253.102/31
So that all looks good to my layman eyes, however over on PE1 we don't
receive the routes:
bensley at PE1> show route receive-protocol bgp RR1.Lo0.IP.165 table
bgp.l3vpn.0 | match 89
PE9.Lo0.IP.9:1067:10.1.89.0/24
PE9.Lo0.IP.9:1067:10.2.89.0/24
RR1.Lo0.IP.165:511:10.89.55.0/28
The RR also doesn't show the routes in "show route receive-protocol
bgp..." (it doesn't have the routing instance configured either but I
don't believe that should make a difference in Junos? I think I should
at least see the routes in the BGP RIB?). PE1 is sending some eBGP
learnt routes inside this VRF to PE2 via the RR, and PE2 is
successfully receiving them so I'm just trying to get some directly
connected return routes back from PE2 via RR to PE1.
Many thanks,
James.
bensley at RR1> show configuration protocols bgp group Core-MX480
type internal;
local-address RR1.Lo0.IP.165;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
export [ export-ibgp-ipv4-default-route export-ibgp-ipv4-client-routes
export-ibgp-ipv4-no-transit ];
cluster RR1.Lo0.IP.165;
neighbor PE1.Lo0.IP.85 {
description "PE1";
}
bensley at RR1> show configuration protocols bgp group Core-Others
type internal;
local-address RR1.Lo0.IP.165;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
export [ export-ibgp-ipv4-default-route export-ibgp-ipv4-client-routes
export-ibgp-ipv4-no-transit ];
cluster RR1.Lo0.IP.165;
local-as 12345;
neighbor PE2.Lo0.IP.80 {
description " PE2";
}
# There are no import statements, iBGP should advertise all routes
then, so only the export statements could potentially filter the
routes but thye *seem* to be allowed
bensley at RR1> show configuration policy-options policy-statement
export-ibgp-ipv4-client-routes
term downstream-transit {
from {
protocol bgp;
community [ downstream-transit lpsn-ipv4-route ];
}
then accept;
}
term vpn-routes {
from {
protocol bgp;
rib bgp.l3vpn.0;
}
then accept;
}
term l2vpn-routes {
from {
protocol bgp;
rib bgp.l2vpn.0;
}
then accept;
}
bensley at PE1> show configuration protocols bgp group core-mx480-rr
type internal;
local-address PE1.85;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
export [ export-bgp-default export-bgp-ipv4-transit
export-bgp-ipv4-downstream-routes export-bgp-vrf-all
export-bgp-ipv4-deny-all export-bgp-ipv6-deny-all ];
neighbor RR1.Lo0.IP.165 {
description "RR1";
}
neighbor RR2.Lo0.IP.166 {
description "RR2";
}
More information about the juniper-nsp
mailing list