We have a standard setup where we run BGP with ISP to learn default route and LAN device is directly connected to Juniper SRX with /29. We run /31 with ISP.
A requirement has come through where customer wants to run eBGP with us . So its Juniper SRX - eBGP-> customer firewall to advertise more routes to Juniper and then we will have to update ISP to include these additional routes in their allowed prefix. This looks very easy with OSFP to learn customer routes and then redistribute ospf to BGP and then these routes will be advertised to upstream ISP. I would like to know if SRX alllows multiple AS instances on same router and how to run eBGP with customer when we are already running eBGP with upstream carrier.
Here is our simple BGP config with ISP
show configuration protocols bgp
group ISP {
type external;
family inet {
unicast;
}
export connected-static;
peer-as ABC;
local-as 65500;
neighbor 172.31.255.89;
}
Can some advise if we additional AS config below would work:
show | compare
[edit protocols bgp]
+ group customer {
+ type external;
+ family inet {
+ unicast;
+ }
+ export connected-static;
+ peer-as 65501;
+ local-as 65500;
Also how can we put filters on to only import routes that we only allow from customer?
Any advice would be much appreciated.
Thanks
+ neighbor 192.168.1.30;
+ }