[j-nsp] vRR/L3VPN/Unusable
Mark Tinka
mark.tinka at seacom.mu
Sat Sep 15 12:55:59 EDT 2018
So back when I ran RR's on an M120 (anyone remember Junos 10.4), this is
how we did it on out-of-path RR's:
*****
routing-options {
<snip>
...
rib-groups {
IGP-RIB {
import-rib [ inet.0 inet.3 inet6.3 ];
}
}
<snip>
...
}
}
protocols {
<snip>
...
isis {
rib-group inet IGP-RIB;
<snip>
...
}
}
}
}
*****
With the above, no LDP is required on the RR. You also don't need
"family mpls" on the core interfaces.
Mark.
On 13/Sep/18 14:32, adamv0025 at netconsultings.com wrote:
> Yes I thought the FIB filter is a given on a RR,
>
>
>
> But didn’t know about the “no-install” knob so using:
>
> “set routing-options forwarding-table export <policy-name>” –where the policy is just ”from protocol bgp; then reject”
>
>
>
> -so I guess then it’s the FIB filter –that does the trick and allows us to use just the simple:
>
> “resolution rib bgp.rtarget.0 resolution-ribs inet.0”
>
>
>
> -well now just need to recall to search nsp archives when I need this couple years later :)
>
>
>
> adam
>
>
>
> netconsultings.com
>
> ::carrier-class solutions for the telecommunications industry::
>
>
>
> From: Misak Khachatryan [mailto:m.khachatryan at gnc.am]
> Sent: Thursday, September 13, 2018 1:16 PM
> To: adamv0025 at netconsultings.com
> Cc: Ivan Ivanov; juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] vRR/L3VPN/Unusable
>
>
>
> And we played a bit with colleagues and found third way, for me it seems the best - use no-install for protocol families, which effectively disables installing routes to forwarding table and somehow disables nexthop validation. My config is now like this:
>
>
>
>> show configuration protocols bgp
> mtu-discovery;
> family inet-vpn {
> unicast {
> no-install;
> output-queue-priority priority 3;
> }
> }
> family inet6-vpn {
> unicast {
> no-install;
> output-queue-priority priority 3;
> }
> }
> family l2vpn {
> auto-discovery-only {
> no-install;
> output-queue-priority priority 10;
> }
> signaling {
> no-install;
> output-queue-priority priority 10;
> }
> }
> family evpn {
> signaling {
> no-install;
> output-queue-priority priority 10;
> }
> }
> family inet-mvpn {
> signaling {
> no-install;
> output-queue-priority priority 10;
> }
> }
> family inet6-mvpn {
> signaling {
> no-install;
> output-queue-priority priority 9;
> }
> }
> family route-target {
> advertise-default;
> output-queue-priority priority 12;
> }
>
>> show configuration routing-options
> resolution {
> rib bgp.rtarget.0 {
> resolution-ribs inet.0;
> }
> }
>
> The only family that still needs resolution is route-target.
>
>
>
>
>
> Best regards,
> Misak Khachatryan,
>
>
>
> On Thu, Sep 13, 2018 at 4:08 PM adamv0025 at netconsultings.com <mailto:adamv0025 at netconsultings.com> <adamv0025 at netconsultings.com <mailto:adamv0025 at netconsultings.com> > wrote:
>
>> From: Ivan Ivanov [mailto:ivanov.ivan at gmail.com <mailto:ivanov.ivan at gmail.com> ]
>> Sent: Thursday, September 13, 2018 10:58 AM
>>
>> Hi,
>>
>> There are a few different ways to resolve the MP-BGP routes on out of band
>> Juniper RR. Depends on how flexible you want to be, one can use static route
>> in inet.3, change of the resolution or rib-groups copying the routes form
>> inet.0 to inet.3.
>>
>> Using the static route will work even without family mpls enabled on the
>> interfaces. However the other two ways require that family to be enabled on
>> the RR interfaces.
>>
> Hmm that’s interesting, cause on code version 12 and 15 the “set routing-options resolution rib bgp.l3vpn.0 resolution-ribs inet.0” is the only thing that’s needed, i.e. no need for family mpls on RR interfaces.
> So I have a theory that once you enable inet.3 (in any shape or form) then you need "family mpls" on RR interfaces?
>
> adam
>
> netconsultings.com <http://netconsultings.com>
> ::carrier-class solutions for the telecommunications industry::
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list