[j-nsp] Fwd: BGP route-target filtering issue
Ivan Ivanov
ivanov.ivan at gmail.com
Tue Jun 6 18:17:56 EDT 2017
Probably the knob from the link below configured towards the r1 will
prevent sending the default
https://www.juniper.net/documentation/en_US/junos/
topics/example/vpn-proxy-bgp-route-target-filtering-configuring.html
Ivan,
On Tue, Jun 6, 2017 at 10:55 PM, Mihai <mihaigabriel at gmail.com> wrote:
> Hi,
>
> Why would a router advertise the default RT on behalf of other router in a
> full mesh IBGP? (The RR case is very clear)
>
> Regards,
> Mihai
>
> On 06/06/2017 09:42 PM, Ivan Ivanov wrote:
>
>> Hi,
>>
>> Check this link -
>> https://www.juniper.net/documentation/en_US/junos/topics/con
>> cept/vpn-proxy-bgp-route-target-filtering-understanding.html
>>
>> If you configure the rest of the routers with family route-target r3 and
>> r4 will stop sending the proxy route you see. Or just use RR.
>>
>> Ivan,
>>
>> On Tue, Jun 6, 2017 at 9:01 PM, Mihai <mihaigabriel at gmail.com
>> <mailto:mihaigabriel at gmail.com>> wrote:
>>
>> Update: using route policies with rtf-prefix-list works, but
>> rtf-prefix-lists are supported from Junos 12.2 and I have devices
>> with older software.
>> I am more interested if this is a 'normal' behavior.
>>
>> Regards,
>> Mihai
>>
>>
>> On 06/06/2017 07:41 PM, Mihai wrote:
>>
>> Hi,
>>
>> I have three routers (r1,r3,r4) and a full mesh IBGP between
>> them.
>> R1 is configured with inet-vpn , R3 and R4 with inet-vpn and
>> route-target.
>>
>> r1# show protocols bgp
>> group IBGP {
>> type internal;
>> local-address 1.1.1.1;
>> family inet-vpn {
>> unicast;
>> }
>> neighbor 3.3.3.3;
>> neighbor 4.4.4.4;
>> }
>>
>> r3# show protocols bgp
>> group IBGP {
>> type internal;
>> local-address 3.3.3.3;
>> family inet-vpn {
>> unicast;
>> }
>> family route-target;
>> neighbor 1.1.1.1;
>> neighbor 4.4.4.4;
>> }
>>
>> r4# show protocols bgp
>> group IBGP {
>> type internal;
>> local-address 4.4.4.4;
>> family inet-vpn {
>> unicast;
>> }
>> family route-target;
>> neighbor 1.1.1.1;
>> neighbor 3.3.3.3;
>> }
>>
>> I don't understand why R3 and R4 are advertising the default rt
>> route
>> (0:0:0/0) in this topology as I am not using route reflectors.
>>
>> r3# run show table bgp.rt
>> Jun 06 18:10:05
>>
>> bgp.rtarget.0: 1 destinations, 2 routes (1 active, 0 holddown, 0
>> hidden)
>>
>> + = Active Route, - = Last Active, * = Both
>>
>> 0:0:0/0
>> *[RTarget/5] 00:10:46
>> Type Default
>> Local
>> [BGP/170] 00:10:42, localpref 100, from
>> 4.4.4.4
>> AS path: I, validation-state: unverified
>> > to 10.0.2.6 via ge-0/0/4.34
>>
>> r4# run show table bgp.rt
>>
>> bgp.rtarget.0: 1 destinations, 2 routes (1 active, 0 holddown, 0
>> hidden)
>> + = Active Route, - = Last Active, * = Both
>>
>> 0:0:0/0
>> *[RTarget/5] 00:11:13
>> Type Default
>> Local
>> [BGP/170] 00:11:09, localpref 100, from
>> 3.3.3.3
>> AS path: I, validation-state: unverified
>> > to 10.0.2.5 via ge-0/0/3.34
>>
>> If I want to create a VRF/L2VPN/VPLS on R3 (first) and R4
>> (later) the
>> service will be down because R3 will not readvertise the
>> VRF/L2VPN/VPLS
>> when is receiving the VPN RT/ROUTE from R4.
>> The only solution to get the R3 VPN route on R4 is by requesting
>> it with
>> a ROUTE REFRESH (clear soft-inbound) from R4.
>>
>> This has been tested on Junos 13.3 and 14.1.
>>
>> PS: I don't want to configure R3/R4 with "keep all" and I can't
>> make any
>> configuration that will reset the BGP sessions.
>>
>> Does this look like a BUG?
>>
>> Regards,
>> Mihai
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> <mailto:juniper-nsp at puck.nether.net>
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>> <https://puck.nether.net/mailman/listinfo/juniper-nsp>
>>
>>
More information about the juniper-nsp
mailing list