[j-nsp] vrf auto-export rib-group

Antti Ristimäki antti.ristimaki at csc.fi
Wed Jun 24 04:23:46 EDT 2020 

Hi,

----- On 23 Jun, 2020, at 14:57, Saku Ytti saku at ytti.fi wrote:

> Hey Mihai,
> 
> 
>> Is the rib-group configured under VRF auto-export supposed to be a
>> 'per-table' (instead of per-protocol) rib-group which can also export
>> routes from VRFs to non-VRF instances, default included?
>> The example on the link below shows the export to another table within
>> the same instance:
>>
>> https://www.juniper.net/documentation/en_US/junos/topics/example/policy-duplicating-routes.html
>>
>> I already tested and confirmed that routes from VRFs can be leaked to
>> inet.0 by just using the rib-group under auto-export but I am not sure
>> whether this is officially supported.
> 
> I'm not sure if auto-export and rib-groups are directly related. The
> common reason why you need auto-export in Junos (but not in other NOS)
> is that if you import RT, and that RT in another local VRF,  you don't
> import it. As import only works on verbatim l3vpn rib. Auto-export
> allows you to RT import routes from other local VRFs.
> 
> rib-group is a set of ribs,which you can attach to multiple places and
> it has different semantics on where you set it. But once a route hitsa
> rib-group, instead of it being installed to one specific RIB, it is
> installed to all of the RIBs in that rib-group.
> 
> There are some significant behavioural differences on route which
> arrived 'natively' to RIB and route which arrived via rib-group,
> namely you might not be able to reflect one in BGP while you are able
> to reflect another. And sadly it's a feature, not a bug.

In addition to the significant behavioural difference between copying routes with rib-groups vs. leaking by RTs that Saku referred above, there are some interesting behaviour when using rib-groups. For example, when a rib-group is attached to a BGP peering, the BGP import policy is effectively applied twice - first when the route is accepted into the "native" table and a second time when the route is copied e.g. to inet.0 or some other table.

Antti

More information about the juniper-nsp mailing list