Hi,
I have BGP Peering as "Established" which is good and I am advertsing the networks from the Cisco to Juniper as should be seen (in other words only the PE router is seeing the Cisco loopback interfaces I created to simulate Internet addressing). I can ping the loopback addresses from the CPE through the Juniper network, so that is awesome. What I am having a problem with is getting, or seeming to get, routes from the Juniper peer to the Cisco BGP peer routing table.
So, my remit is to naturally block the physical ISP Data Network address range (that is used on the Network Interfaces).... I do need to advertise our customer networks and also the DNS server which sits within the "Blocked" network ..... So, I create the following Policy Statements:
set policy-options policy-statement ninegroup1-network term 1 from route-filter 192.168.120.0/22 exact
set policy-options policy-statement ninegroup1-network term 1 from route-filter 172.16.96.0/19 exact
set policy-options policy-statement ninegroup1-network term 1 from route-filter 192.12.16.89/32 exact
set policy-options policy-statement ninegroup1-network term 1 then accept
To deny the internal network from being advertsied I have configured the following:
set policy-options policy-statement internal-block-ng from route-filter 192.12.16.0/24 orlonger
I then apply to the BGP group:
set protocols bgp group External-Peers export internal-block-ng
set protocols bgp group External-Peers export ninegroup1-network
However, I am not seeing any of the networks I am advertsing on the Peer device?
It is important to note that I am peering from the Cisco Loopback to the Juniper Loopback and have routes in place to those addresses. On the Juniper, as I mentioned, the CIsco BGP advertised networks are seen, and I have included the multihop commands.... so it should work...
So, my questions are:
1: Would I see the routes advertised even if there was no traffic on them yet?
2: Am I blocking the 192.12.16.0 network correctly with the "orlonger" statement?
3: If the answer to "2" is "yes" does that also block my DNS address from the other policy noted above?
4: Am I configuring them correctly?