Routing

Expand all | Collapse all

BGP Advertising of routes

Jump to Best Answer
  • 1.  BGP Advertising of routes

     
    Posted 01-19-2018 01:37

    Hi,

     

    We have two systems that are configured exactly the same. As follows:

     

    SRX --> Core ---> Transit provider

     

    Both systems are separate as they will be when we go live. The only connection is the aggregated link between the Core MX240s.

     

    I am now in the process of configuring the eBGP to the transits. We are using some cisco equipment to simulate the transit sites. 2 switches keep the sites separated completely other than that core link I mentioned above.

     

    So, the normal process for advertsing networks in Cisco is to just use the network statement under router bgp <ASN> (after configuring the neighbor and remote-as).

     

    On the Juniper MX240 with Junos it is a little trickier as we have to write a policy and then apply that policy to the bgp configuration.

     

    Here is where it is weird... please remember that both systems are configured exactly the same...

     

    I have cretaed an exact same policy on both Core MX240's allowing advertisement of 1 network from our internal network. I also created several loopbacks on the transit end to simulate other networks.

    When I look at the bgp routing table on the MX240s everything looks fine. We see the advertised loopback interface addresses as we should. However, when I look on the Transit systems for what we are advertising from the MX240s, on one of the transits we see the loopbacks and the ONE network we are advertising, but on the other transit we are seeing EVERY internal network on our systems, even though they are not being advertised. This is very strange given that both systems are configured identically.

     

    Could someone let me know what the default behaviour for advertising routes in bgp is on Juniper please? Is the default to advertise all routes and then filter out what you don't want advertised? Or is it thte same as Cisco where you have to say what routes should be advertised? I can create a route-filter policy to block the networks but it is strange that one seems to be advertising as I expect and the other not.


    Thanks



  • 2.  RE: BGP Advertising of routes

    Posted 01-19-2018 02:03
    Hi,

    Can you share your policy configuration on both mx and below command output?

    Show route protocol bgp
    Show route advertising-protocol bgp


  • 3.  RE: BGP Advertising of routes

     
    Posted 01-19-2018 02:26

    Hi Kingsman,

     

    Sure. No problem:

     

    MX240-1

    set policy-options policy-statement internal-block-ng from route-filter 195.80.0.0/24 orlonger

    set policy-options policy-statement ninegroup-network term 1 from route-filter 195.80.0.44/30 exact
    set policy-options policy-statement ninegroup-network term 1 then accept

    set protocols bgp damping
    set protocols bgp group external-peers type external
    set protocols bgp group external-peers export internal-block-ng
    set protocols bgp group external-peers export ninegroup-network
    set protocols bgp group external-peers peer-as xxxxx
    set protocols bgp group external-peers neighbor 50.50.50.1

    Output on transit:

    *> 50.50.50.0/30 0.0.0.0 0 32768 i
    *> 192.168.10.1/32 0.0.0.0 0 32768 i
    *> 192.168.11.1/32 0.0.0.0 0 32768 i
    *> 192.168.12.1/32 0.0.0.0 0 32768 i
    *> 192.168.13.1/32 0.0.0.0 0 32768 i
    *> 192.168.14.1/32 0.0.0.0 0 32768 i
    *> 195.80.0.44/30 50.50.50.2 20 0 20099 i

    Output on MX240:

    inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    50.50.50.0/30 [BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0
    192.168.10.1/32 *[BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0
    192.168.11.1/32 *[BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0
    192.168.12.1/32 *[BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0
    192.168.13.1/32 *[BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0
    192.168.14.1/32 *[BGP/170] 17:17:40, MED 0, localpref 100
    AS path: 174 I, validation-state: unverified
    > to 50.50.50.1 via ge-1/0/1.0

    Show route advertising-protocol bgp:

    inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden)
    Prefix Nexthop MED Lclpref AS path
    * 195.80.0.44/30 Self 20 I

    As expected:

     

    MX240-2:

    set policy-options policy-statement internal-block-ng from route-filter 195.80.0.0/24 orlonger

    set policy-options policy-statement ninegroup1-network term 1 from route-filter 195.80.0.44/30 exact
    set policy-options policy-statement ninegroup1-network then accept

    set protocols bgp damping
    set protocols bgp group External-Peers type external
    set protocols bgp group External-Peers export internal-block-ng
    set protocols bgp group External-Peers export ninegroup1-network
    set protocols bgp group External-Peers peer-as 3257
    set protocols bgp group External-Peers neighbor 192.168.100.1

    Output on transit:

    GP table version is 198, local router ID is 192.168.100.1
    Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
    r RIB-failure, S Stale
    Origin codes: i - IGP, e - EGP, ? - incomplete

    Network Next Hop Metric LocPrf Weight Path
    *> 192.168.85.0 192.168.100.2 10 0 20099 i
    * 192.168.100.0/30 192.168.100.2 0 20099 i
    *> 0.0.0.0 0 32768 i
    *> 192.168.150.1/32 0.0.0.0 0 32768 i
    *> 192.168.151.1/32 0.0.0.0 0 32768 i
    *> 192.168.152.1/32 0.0.0.0 0 32768 i
    *> 192.168.153.1/32 0.0.0.0 0 32768 i
    *> 195.80.0.1/32 192.168.100.2 20 0 20099 i
    *> 195.80.0.2/32 192.168.100.2 10 0 20099 i
    *> 195.80.0.4/32 192.168.100.2 10 0 20099 i
    *> 195.80.0.5/32 192.168.100.2 0 20099 i
    *> 195.80.0.12/30 192.168.100.2 20 0 20099 i
    *> 195.80.0.16/30 192.168.100.2 20 0 20099 i
    *> 195.80.0.20/30 192.168.100.2 0 20099 i
    *> 195.80.0.32/30 192.168.100.2 0 20099 i
    *> 195.80.0.36/30 192.168.100.2 40 0 20099 i
    *> 195.80.0.44/30 192.168.100.2 0 20099 i
    Network Next Hop Metric LocPrf Weight Path
    *> 195.80.0.52/30 192.168.100.2 30 0 20099 i
    *> 195.80.0.68/30 192.168.100.2 40 0 20099 i
    *> 195.80.0.72/30 192.168.100.2 30 0 20099 i

    Output on MX240-2:

    inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    192.168.100.0/30 [BGP/170] 17:41:37, MED 0, localpref 100
    AS path: 3257 I, validation-state: unverified
    > to 192.168.100.1 via ge-1/0/1.0
    192.168.150.1/32 *[BGP/170] 17:41:37, MED 0, localpref 100
    AS path: 3257 I, validation-state: unverified
    > to 192.168.100.1 via ge-1/0/1.0
    192.168.151.1/32 *[BGP/170] 17:41:37, MED 0, localpref 100
    AS path: 3257 I, validation-state: unverified
    > to 192.168.100.1 via ge-1/0/1.0
    192.168.152.1/32 *[BGP/170] 17:41:37, MED 0, localpref 100
    AS path: 3257 I, validation-state: unverified
    > to 192.168.100.1 via ge-1/0/1.0
    192.168.153.1/32 *[BGP/170] 17:41:37, MED 0, localpref 100
    AS path: 3257 I, validation-state: unverified
    > to 192.168.100.1 via ge-1/0/1.0

    Show route advertising-protocol bgp:

    inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden)
    Prefix Nexthop MED Lclpref AS path
    * 192.168.85.0/24 Self 10 I
    * 192.168.100.0/30 Self I
    * 195.80.0.1/32 Self 20 I
    * 195.80.0.2/32 Self 10 I
    * 195.80.0.4/32 Self 10 I
    * 195.80.0.5/32 Self I
    * 195.80.0.12/30 Self 20 I
    * 195.80.0.16/30 Self 20 I
    * 195.80.0.20/30 Self I
    * 195.80.0.32/30 Self I
    * 195.80.0.36/30 Self 40 I
    * 195.80.0.44/30 Self I
    * 195.80.0.52/30 Self 30 I
    * 195.80.0.68/30 Self 40 I
    * 195.80.0.72/30 Self 30 I

     

    So, as you can see, the routes on one transit look good and the routes on the second look completely different.

     



  • 4.  RE: BGP Advertising of routes
    Best Answer

    Posted 01-19-2018 02:42
    Can you change you policy on MX240-2 and check?

    set policy-options policy-statement ninegroup1-network term 1 from route-filter 195.80.0.44/30 exact
    set policy-options policy-statement ninegroup1-network then accept. <<<<<< change this statement as below

    set policy-options policy-statement ninegroup1-network term 1 then accept.


  • 5.  RE: BGP Advertising of routes

    Posted 01-19-2018 03:02
    It’s this wrong policy which is causing the issue.

    It should work as expected when you change the statement as suggested in previous post.

    HTH


  • 6.  RE: BGP Advertising of routes

     
    Posted 01-19-2018 03:07

    Hi Kingsman,

     

    Sometime, as I've said before, you can't see the wood for the trees.... I cannot believe I missed that. i went through these configs over and over and missed that simple part of "term 1".

     

    Thank you, they are both now behaving the same....

     

    Very much appreciated. Now I can continue configuring and testing. 

     

    Thank you again