[j-nsp] vRR/L3VPN/Unusable
Misak Khachatryan
m.khachatryan at gnc.am
Thu Sep 13 05:52:01 EDT 2018
OK,
so this seems also perfectly OK in my vRR:
resolution {
rib bgp.l3vpn.0 {
resolution-ribs inet.0;
}
rib bgp.rtarget.0 {
resolution-ribs inet.0;
}
}
Thanks Adam for help!
Best regards,
Misak Khachatryan,
On Thu, Sep 13, 2018 at 1:28 PM Misak Khachatryan <m.khachatryan at gnc.am<mailto:m.khachatryan at gnc.am>> wrote:
Well i think that also a problem of copy/pasting :)
Previously we had RR on a PE router and it seems i did simple copy/paste of relevant config.
Can't remember any other reason to do that.
But Jason has a problem having only
set routing-options resolution rib bgp.l3vpn.0 resolution-ribs inet.0
on his VRR
Best regards,
Misak Khachatryan,
On Thu, Sep 13, 2018 at 1:41 AM adamv0025 at netconsultings.com<mailto:adamv0025 at netconsultings.com><mailto:adamv0025 at netconsultings.com<mailto:adamv0025 at netconsultings.com>> <adamv0025 at netconsultings.com<mailto:adamv0025 at netconsultings.com><mailto:adamv0025 at netconsultings.com<mailto:adamv0025 at netconsultings.com>>> wrote:
Hmm, these things are nasty you set them once and forget how they work :)
Why to define the inet.3 table at all? I mean if you can have bgp.l3vpn.0 resolve directly from inet.0 (which I seem to remember it would do without any help anyways):
set routing-options resolution rib bgp.l3vpn.0 resolution-ribs inet.0
You can then do the same for v6, just need to leak all v4 routes to inet6.0 (well if you're not running v6 in IGP.
Oh and don't forget the FIB filter.
adam
netconsultings.com<http://netconsultings.com><http://netconsultings.com>
::carrier-class solutions for the telecommunications industry::
> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net<mailto:juniper-nsp-bounces at puck.nether.net><mailto:juniper-nsp-bounces at puck.nether.net<mailto:juniper-nsp-bounces at puck.nether.net>>] On Behalf
> Of Misak Khachatryan
> Sent: Wednesday, September 12, 2018 1:02 PM
> To: jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca>>
> Cc: juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>>
> Subject: Re: [j-nsp] vRR/L3VPN/Unusable
>
> Hi,
>
> I run two out of band vRR with all vpn flavors and families, and don't need to
> have family mpls enabled on interfaces. It's version 17.4 but i don't think that
> matters.
>
> This should be enough:
>
> routing-options {
> rib inet.3 {
> static {
> route 0.0.0.0/0<http://0.0.0.0/0><http://0.0.0.0/0><http://0.0.0.0/0> discard;
> }
> }
> rib inet6.3 {
> static {
> route ::/0 discard;
> }
> }
> resolution {
> rib bgp.l3vpn.0 {
> resolution-ribs [ inet.3 inet.0 ];
> }
> }
> }
>
>
> Best regards,
> Misak Khachatryan,
>
> On Wed, Sep 12, 2018 at 3:51 PM Jason Lixfeld <jason-
> jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca><mailto:jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca>><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca>>>> wrote:
> Hi Ivan,
>
> I did not, and that did indeed fix it. I don’t understand why it’s necessary so
> that’ll be my next read.
>
> Thanks!
>
> > On Sep 12, 2018, at 7:22 AM, Ivan Ivanov
> <ivanov.ivan at gmail.com<mailto:ivanov.ivan at gmail.com><mailto:ivanov.ivan at gmail.com<mailto:ivanov.ivan at gmail.com>><mailto:ivanov.ivan at gmail.com<mailto:ivanov.ivan at gmail.com><mailto:ivanov.ivan at gmail.com<mailto:ivanov.ivan at gmail.com>>>> wrote:
> >
> > Hi Jason.
> >
> > Do you have 'family mpls' configured for the vRR interfaces? Although the
> RR is out of band you need that family configured on the RR interface.
> >
> > Ivan,
> >
> > On Wed, Sep 12, 2018 at 12:10 PM Jason Lixfeld <jason-
> jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca><mailto:jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca>><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca>>> <mailto:jason-<mailto:jason-><mailto:jason-<mailto:jason->>
> jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca><mailto:jnsp at lixfeld.ca<mailto:jnsp at lixfeld.ca>><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca><mailto:jason-jnsp at lixfeld.ca<mailto:jason-jnsp at lixfeld.ca>>>>> wrote:
> > Hi all,
> >
> > Trying to learn more about JunOS, I’m playing around with a vRR instance
> (18.2R1-S1.5), and I haven’t been able to get something sorted.
> >
> > This vRR instance is running as an out-of-band RR for a few LDP enabled
> PEs. vRR is not running LDP so inet.3 is empty, but as far as I understand, any
> one of the two routing-options knobs configured below should be enough to
> provide for the prefixes in bgp.l3vpn.0 to be able to resolve their respective
> next-hops and bring the routes in the table out of hidden to active. However
> that’s not happening.
> >
> > jlixfeld at rr01# show routing-options | display set | match rib set
> > routing-options rib inet.3 static route 0.0.0.0/0<http://0.0.0.0/0><http://0.0.0.0/0><http://0.0.0.0/0>
> > <http://0.0.0.0/0> discard set routing-options resolution rib
> > bgp.l3vpn.0 resolution-ribs inet.0
> >
> > [edit]
> > jlixfeld at rr01# run show route table bgp.l3vpn.0
> > 9.9.9.9/32<http://9.9.9.9/32><http://9.9.9.9/32><http://9.9.9.9/32> <http://9.9.9.9/32> detail hidden
> >
> > bgp.l3vpn.0: 29 destinations, 49 routes (0 active, 0 holddown, 49
> > hidden) 12345:4:9.9.9.9/32<http://9.9.9.9/32><http://9.9.9.9/32><http://9.9.9.9/32> <http://9.9.9.9/32> (1 entry,
> 0 announced)
> > BGP Preference: 170/-391
> > Route Distinguisher: 12345:4
> > Next hop type: Unusable, Next hop index: 0
> > Address: 0x27b17bc
> > Next-hop reference count: 53
> > State: <Hidden Int Ext ProtectionPath ProtectionCand>
> > Local AS: 12345 Peer AS: 12345
> > Age: 1:52:31 Metric: 0
> > Validation State: unverified
> > Task: BGP_12345.10.15.48.11+179
> > AS path: 11670 ?
> > Communities: 12345:2000 12345:2010 target:12345:4
> > Accepted
> > VPN Label: 217
> > Localpref: 390
> > Router ID: 10.15.48.11
> >
> > [edit]
> > jlixfeld at rr01# run show route table inet.0 10.15.48.11
> >
> > inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
> > + = Active Route, - = Last Active, * = Both
> >
> > 10.15.48.11/32<http://10.15.48.11/32><http://10.15.48.11/32><http://10.15.48.11/32> <http://10.15.48.11/32> *[IS-
> IS/18] 01:51:14, metric 30
> > > to 10.15.49.67 via em1.0
> >
> > [edit]
> > jlixfeld at rr01#
> >
> > Is there something less obvious that needs to happen before one of those
> two knobs above will work?
> >
> > FWIW, I haven’t played around with enabling LDP here, or configuring RIB
> groups because I’m not really interested in exploring those as solutions if I
> can help it; they seem a little too heavy handed when the aforementioned
> two knobs should probably work fine?
> >
> > Thanks in advance!
> > _______________________________________________
> > juniper-nsp mailing list
> > juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>>>
> > <mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>><mailto:juniper-<mailto:juniper-><mailto:juniper-<mailto:juniper->>
> nsp at puck.nether.net<mailto:nsp at puck.nether.net><mailto:nsp at puck.nether.net<mailto:nsp at puck.nether.net>>
> > >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> > <https://puck.nether.net/mailman/listinfo/juniper-nsp>
> >
> >
> > --
> > Best Regards!
> >
> > Ivan Ivanov
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>><mailto:juniper-<mailto:juniper-><mailto:juniper-<mailto:juniper->>
> nsp at puck.nether.net<mailto:nsp at puck.nether.net><mailto:nsp at puck.nether.net<mailto:nsp at puck.nether.net>>>
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net><mailto:juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>>
> https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list