Routing

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Policy-routing apply to VRF and forwarding-table!

  • 1.  Policy-routing apply to VRF and forwarding-table!

    Posted 05-23-2021 00:19
    Hi everyone,
    I face with the confuse issue. I want the route learn from remote PE (PE3) will use R4-R5-R3 as next-hop for forwarding:
    +Topology:
    + LSP R4-R5-R3:
    lab@R4# run show mpls lsp ingress name R4-R5-R3 extensive
    May 23 04:05:54
    Ingress LSP: 3 sessions

    3.3.3.3
    From: 4.4.4.4, State: Up, ActiveRoute: 0, LSPname: R4-R5-R3
    ActivePath: R5-loose (primary)
    LSPtype: Static Configured, Penultimate hop popping
    LoadBalance: Random
    Encoding type: Packet, Switching type: Packet, GPID: IPv4
    *Primary R5-loose State: Up
    Priorities: 7 0
    SmartOptimizeTimer: 180
    Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID):
    10.1.45.5 10.1.35.3
    4 May 23 03:42:29.744 Selected as active path
    3 May 23 03:42:29.743 Record Route: 10.1.45.5 10.1.35.3
    2 May 23 03:42:29.743 Up
    1 May 23 03:42:29.662 Originate Call
    Created: Sun May 23 03:42:29 2021
    Total 1 displayed, Up 1, Down 0


    + Create the routing-policy:
    lab@R4# show policy-options policy-statement IMP-VPNA-GOLD
    May 23 03:57:38
    term 1 {
    from community vpna-comm;
    then {
    install-nexthop lsp R4-R5-R3;
    accept;
    }
    }
    term 2 {
    then reject;
    }
    + Apply to VRF:
    lab@R4# show routing-instances
    May 23 03:59:11
    vpn-a {
    instance-type vrf;
    interface ge-0/0/4.24;
    route-distinguisher 4.4.4.4:1;
    vrf-import IMP-VPNA-GOLD;
    vrf-export EXP-VPNA-GOLD;
    protocols {
    bgp {
    group pe-ce {
    neighbor 10.1.24.2 {
    peer-as 65560;
    as-override;
    }
    }
    }
    }
    }

    + Result:
    The "then install-nexthop lsp R4-R5-R3" is not applied.
    lab@R4# run show route forwarding-table destination 1.1.1.1/32 | find vpn-a
    May 23 04:01:57
    Routing table: vpn-a.inet
    Internet:
    Destination Type RtRef Next hop Type Index NhRef Netif
    1.1.1.1/32 user 0 indr 1048576 3
    10.1.34.3 Push 299776 578 1 ge-0/0/1.0 <<< next-hop is another LSP, not expected LSP (R4-R5-R3)

    + I try to create new policy and apply to forwarding-table
    lab@R4# show | compare
    May 23 04:13:17
    [edit routing-options]
    + forwarding-table {
    + export test;
    + }
    [edit policy-options]
    + policy-statement test {
    + term 1 {
    + from community vpna-comm;
    + then {
    + install-nexthop lsp R4-R5-R3;
    + }
    + }
    + term 2 {
    + then accept;
    + }
    + }

    + Result: Now it work perfectly
    lab@R4# run show route 1.1.1.1/32 table vpn-a.inet.0
    May 23 04:14:15

    vpn-a.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    1.1.1.1/32 *[BGP/170] 00:00:31, localpref 100, from 5.5.5.5
    AS path: 65560 I, validation-state: unverified
    to 10.1.45.5 via ge-0/0/4.45, label-switched-path R4-R5-R3

    [edit]
    lab@R4# run show route forwarding-table destination 1.1.1.1/32 | find vpn-a
    May 23 04:14:17
    Routing table: vpn-a.inet
    Internet:
    Destination Type RtRef Next hop Type Index NhRef Netif
    1.1.1.1/32 user 0 indr 1048574 3
    10.1.45.5 Push 299776, Push 301136(top) 577 3 ge-0/0/4.45

    It seems install-nexthop lsp did not work when we apply under VRF.
    Could anyone please explain this behavior, I try to do research but could not find any document about this point.

    Thank you!


  • 2.  RE: Policy-routing apply to VRF and forwarding-table!

    Posted 05-24-2021 10:02

    Hi Tuan!

    Im interested to see other responses as well. A bit ofd but can you clarify why you need to apply the policy under the vrf? I see you are forwarding based on a customer community, and Ive always done it like your test scenario. Im just curious to hear the logic behind it




  • 3.  RE: Policy-routing apply to VRF and forwarding-table!

    Posted 05-25-2021 21:28
    Hi Ali,
    I just do the test on my lab, and I observed this behavior so I wonder why the policy with "install-nexthop lsp" did not work when we apply under VRF. :D


  • 4.  RE: Policy-routing apply to VRF and forwarding-table!

    Posted 06-08-2021 15:31
    The policy action "install-nexthop lsp" takes effect when applied an export policy to the forwarding table.  

    Regards,



    ------------------------------
    YASMIN LARA
    Technical Marketing Engineer
    JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
    JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD
    ------------------------------