Routing

Expand all | Collapse all

eBGP Advertising internally it's routes

Jump to Best Answer
  • 1.  eBGP Advertising internally it's routes

     
    Posted 01-19-2018 06:02

    Hi,

     

    Apologies for disturbing you all again with what is, likely to be, a very simple question:

     

    SRX --> Core --> Transit --> Loopbacks configured as external networks

     

    I now have all the policies in place that restrict advertisement of our networks with the "export <policy>" command and also the martian/bogon list with the "import <policy>" command.

     

    So, as I have not completed this before and know that this must be right or we will end up with the whole internet routing table on the internal network, how do we get the route to the BGP interface from another connected device? Or, in other words, the Core directly connected knows the BGP routes but no other system does (because the IGP does not know about the route on the other systems).... it should know how to get to the outside world but can't with no route.

     

    How is this configured please? By the way, I know how to inject our routes into isis but isis does not know about the BGP routes....

     

    Thanks



  • 2.  RE: eBGP Advertising internally it's routes

     
    Posted 01-19-2018 06:18

    Hi Clive,

     

    You can acheive the same using any one of the method.

     

    1. Create export policy  with term "from protocol bgp" and "from route-filter" and apply the same on ISIS.

    2. Create a static route and advertise the same to ISIS.

     

    Regards,

    Rahul



  • 3.  RE: eBGP Advertising internally it's routes

     
    Posted 01-19-2018 06:54

    Hi Rahul,

     

    This may seem like a very basic question and I apologise in advance if it is....

     

    If I create a policy from protocol bgp and apply to isis with export command won't that advertise the complete internet routing table? Not something I wish to do......

     

    If I use the route-filter with this command, how do I filter out every single internet address except the required default bgp route?

     

    Apologies..... I guess I should know this 🙂

     



  • 4.  RE: eBGP Advertising internally it's routes

     
    Posted 01-19-2018 06:58

    Hi Clive,

     

    Is there any challenge in advertise default route?

     

    Regards,
    Rahul



  • 5.  RE: eBGP Advertising internally it's routes

     
    Posted 01-19-2018 07:28

    Hi Rahul,

     

    That would be a yes with regards to BGP....  I'm guessing the config should look something like....

     

    Configure a next-hop-self policy statement along the lines of:

     

    policy-statement next-hop-self from protocol bgp

    policy-statement next-hop-self from neighbor <transit bgp peer> <Customer bgp peer>

    policy-statement next-hop-self then next-hop self

     

    And then some form of 0.0.0.0/0 reject and 0.0.0.0/0 accept....

     

    But in all honesty, I'm not sure how.... 😞

     

     

     

     



  • 6.  RE: eBGP Advertising internally it's routes
    Best Answer

     
    Posted 01-19-2018 08:11
    Hi Clive,

    Can you try the solution provided in below link?

    https://www.juniper.net/documentation/en_US/junos/topics/example/logical-systems-isis-policy-default-route.html


    Regards,
    Rahul N


  • 7.  RE: eBGP Advertising internally it's routes

     
    Posted 01-20-2018 02:40

     Hi Rahul,

     

    Thank you for the response. I will give this a go on Monday. I am not a BGP expert, hence the issue. Thanks again.



  • 8.  RE: eBGP Advertising internally it's routes

     
    Posted 01-22-2018 02:30

    Hi Rahul,

     

    I have configured the following and applied to the Core MX240 which is directly connected to the upstream Cisco where I have configured several loopback interfaces to simulate internet addressing:

     

    set protocols isis export isis-default

    set routing-options static route 50.50.50.1/32 next-hop 50.50.50.2
    set routing-options static route 0.0.0.0/0 discard
    set routing-options static route 0.0.0.0/0 no-install

    set policy-options policy-statement isis-default from protocol static
    set policy-options policy-statement isis-default from route-filter 0.0.0.0/0 exact
    set policy-options policy-statement isis-default then accept

     

    Here is the test route:

     

    LNS (MX240) --> Core (MX240) --> Cisco (Transit) --> Loopback

     

    So, if I ping from the LNS to the loopback without the configuration I get a "no route to host" error. If I commit the configuration and test ping to the loopback it works, and without the routing being in the table, which is great.

     

    So, it worked. Thank you.

     

    As a quick add on question before I close this as resolved, could you let me know if this will work in an ISP environment via the LNS?

     

    Thanks

     

     



  • 9.  RE: eBGP Advertising internally it's routes

     
    Posted 01-22-2018 07:11

    Hi Clive,

     

    Yes it should work.

     

    Regards,

    Rahul