Routing

I have this topology. One thing hits me is vMX5 peers with R4 via iBGP. R4 does not have next-hop-self configured. From vMX5, I got the following:

When vMX5 receives the prefixes in yellow, the next hop not changed. But they change in the routing table. I do not know how and why.

appreciate any inputs on this.

this is expected, in yellow you see hexthop of physical interface. But if you add detail to show route command, you will see "Protocol nexthop" which will be same as you receive from iBGP peer

Is this different from Cisco ?

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
22.22.22.0/24 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Indirect
Address: 0x940ef50
Next-hop reference count: 6
Source: 4.4.4.4
Next hop type: Router, Next hop index: 566
Next hop: 10.10.10.4 via ge-0/0/2.0, selected
Session Id: 0x1
Protocol next hop: 10.10.1.2
Indirect next hop: 0x9608000 1048574 INH Session ID: 0x8
State: <Active Int Ext>
Local AS: 64850 Peer AS: 64850
Age: 23:38 Metric: 0 Metric2: 0
Validation State: unverified
Task: BGP_64850.4.4.4.4+21686
Announcement bits (3): 0-KRT 4-BGP_RT_Background 5-Resolve tree 1
AS path: 64870 I
Accepted
Localpref: 100
Router ID: 4.4.4.4

thanks !!

Prefix from vMX5 to Cisco (R4)

root@vMX-5# run show route advertising-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 18.18.18.0/24 10.20.1.6 100 64870 I

On R4

R4#show ip bgp neighbors 5.5.5.5 received-routes | b Network
Network Next Hop Metric LocPrf Weight Path
* i 18.18.18.0/24 10.20.1.6 100 0 64870 i

R4#show ip bgp 18.18.18.0/24
BGP routing table entry for 18.18.18.0/24, version 33
Paths: (1 available, no best path)
Not advertised to any peer
Refresh Epoch 1
64870, (received & used)
10.20.1.6 (inaccessible) from 5.5.5.5 (5.5.5.5)
Origin IGP, localpref 100, valid, internal
rx pathid: 0, tx pathid: 0

Juniper is different from Cisco?  If yes, when next-hop-self is needed ?

thanks a lot !!

Hello,

---

@gongyayu wrote:

Prefix from vMX5 to Cisco (R4)

root@vMX-5# run show route advertising-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix                   Nexthop   MED Lclpref AS path
* 18.18.18.0/24 10.20.1.6 100                 64870 I

 

On R4

R4#show ip bgp neighbors 5.5.5.5 received-routes | b Network
Network Next Hop Metric LocPrf Weight Path
* i 18.18.18.0/24 10.20.1.6 100 0 64870 i

R4#show ip bgp 18.18.18.0/24
BGP routing table entry for 18.18.18.0/24, version 33
Paths: (1 available, no best path)
Not advertised to any peer
Refresh Epoch 1
64870, (received & used)
10.20.1.6 (inaccessible) from 5.5.5.5 (5.5.5.5)
Origin IGP, localpref 100, valid, internal
rx pathid: 0, tx pathid: 0

 

---

I see absolutely no difference between prefix path as advertised by vMX-R5 and received on Cisco R4. Do You?

---

@gongyayu wrote:

 

Juniper is different from Cisco?  

 

 

In Your lab setup - no difference for that specific 18.18.18.0/24 prefix, see above.

But generally speaking - yes, there are quite a few bits and pieces in BGP implementation that JUNOS does differently to Cisco IOS/IOS-XR/XE. 

---

@gongyayu wrote:

when next-hop-self is needed ?

It is needed when BGP NLRI NEXT_HOP IP@ is not present in Your IGP. Obviously, Your link subnet 10.20.1.4/30 or whatever is not redistributed into Your IGP otherwise we won't be having this conversation.

HTH

Thx

Alex

thanks for your comment.

On the Cisco, I understand why 18.18.18.0/24 is not in the routing table, as the next hop is unaccessible.

R4#show ip bgp 18.18.18.0
BGP routing table entry for 18.18.18.0/24, version 33
Paths: (1 available, no best path)
Not advertised to any peer
Refresh Epoch 1
64870, (received & used)
10.20.1.6 (inaccessible) from 5.5.5.5 (5.5.5.5)
Origin IGP, localpref 100, valid, internal
rx pathid: 0, tx pathid: 0

What I do not understand is why Juniper updates the next hop. In my understanding, these two prefixes should not be in the routing table. right ?

root@vMX-5# run show route receive-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 22.22.22.0/24 10.10.1.2 0 100 64870 I
* 111.111.111.0/24 10.10.1.2 0 100 64870 I

[edit]
root@vMX-5# run show route 22.22.22.0/24

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

22.22.22.0/24 *[BGP/170] 06:51:48, MED 0, localpref 100, from 4.4.4.4
AS path: 64870 I, validation-state: unverified
> to 10.10.10.4 via ge-0/0/2.0

Note: R4 and vMX5 peers via iBGP.

The following is configuration

R4

router bgp 64850
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 64850
neighbor 5.5.5.5 update-source Loopback0
neighbor 10.10.1.2 remote-as 64870
neighbor 10.10.2.3 remote-as 64870
!
address-family ipv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 soft-reconfiguration inbound
neighbor 10.10.1.2 activate
neighbor 10.10.1.2 as-override
neighbor 10.10.2.3 activate
neighbor 10.10.2.3 as-override
exit-address-family

vMX5

set protocols bgp group TovMX6 type external
set protocols bgp group TovMX6 peer-as 64870
set protocols bgp group TovMX6 neighbor 10.20.1.6 as-override
set protocols bgp group TovMX7 type external
set protocols bgp group TovMX7 local-address 192.168.4.5
set protocols bgp group TovMX7 peer-as 64870
set protocols bgp group TovMX7 neighbor 192.168.4.7
set protocols bgp group ToCisco4 type internal
set protocols bgp group ToCisco4 local-address 5.5.5.5
set protocols bgp group ToCisco4 peer-as 64850
set protocols bgp group ToCisco4 neighbor 4.4.4.4

Hello,

---

@gongyayu wrote:

 

 

What I do not understand is why Juniper updates the next hop. In my understanding, these two prefixes should not be in the routing table. right ?

root@vMX-5# run show route receive-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 22.22.22.0/24 10.10.1.2 0 100 64870 I
* 111.111.111.0/24 10.10.1.2 0 100 64870 I

[edit]
root@vMX-5# run show route 22.22.22.0/24

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

22.22.22.0/24 *[BGP/170] 06:51:48, MED 0, localpref 100, from 4.4.4.4
AS path: 64870 I, validation-state: unverified
> to 10.10.10.4 via ge-0/0/2.0

 

Well, obviously, if VMX-R5 has these 2 routes in inet.0 table then VMX-R5 is able to resolve the BGP NEXT_HOP 10.10.1.2.for these 2 prefixes.

Based on Your previous submissions, Your CSCO R4 is NOT able to resolve the BGP NEXT_HOP 10.10.1.6 for 18.18.18.0/24.

I just looked at Your diagram one more time, and 10.10.1.6 nor 10.10.1.2 are nowhere to be found.

Please supply a true correct diagram and all configs including IGP and then we can revisit Your issue with JUNOS again.

HTH

Thx

Alex

thanks so much for taking a look!

I updated the diagram. Sorry for having posted the old diagram.

root@vMX-5> show route receive-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 22.22.22.0/24 10.10.1.2 0 100 64870 I
* 111.111.111.0/24 10.10.1.2 0 100 64870 I

ping failed. the next-hop is not reachable

root@vMX-5> ping 10.10.1.2
PING 10.10.1.2 (10.10.1.2): 56 data bytes

^C
--- 10.10.1.2 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

But the routing table displays the route with updated next-hop address.

root@vMX-5> show route 22.22.22.0

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

22.22.22.0/24 *[BGP/170] 09:52:44, MED 0, localpref 100, from 4.4.4.4
AS path: 64870 I, validation-state: unverified
> to 10.10.10.4 via ge-0/0/2.0

Do you think this might be vMX bug ?

thanks again !!

Hello,

---

@gongyayu wrote:

thanks so much for taking a look!

I updated the diagram. Sorry for having posted the old diagram.

root@vMX-5> show route receive-protocol bgp 4.4.4.4

inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 22.22.22.0/24 10.10.1.2 0 100 64870 I
* 111.111.111.0/24 10.10.1.2 0 100 64870 I

 

ping failed. the next-hop is not reachable

In JUNOS, the BGP NEXT_HOP does not need to be pingable. It must be resolvable, if only via a default route.

In other words, if the best route towards 10.10.1.2 is the 0/0 route but pinging 10.10.1.2 fails, 10.10.1.2 is still a valid BGP NEXT_HOP.

---

@gongyayu wrote:

 

Do you think this might be vMX bug ?

 

 

---

No I don't.

I asked You to provide complete configs including IGP. Without full configs, there is not enough information to explain You why You are seeing what You are seeing.

HTH

Thx

Alex

thanks a million!

I checked and did find I have a default route configured pointing to R4. After I removed it, the bgp route disappears.