Routing

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Static default route with nexthop in routing instance

    Posted 24 days ago
    Hi Everyone,

    I am having an issue with the static default route in vrf routing instance.

    I am using exabgp to send a flow route to MX and want to redirect the global traffic to VRF which has a default route with next-table inet.0 in and all direct routes in global.

    I was thinking that the traffic coming from the interface in global would be redirected to the VRF by flowspec rule and forwarded back to the global table.
    However, the traffic is not forwarded as I thought.

    On the other hand, if we change the next-table to next-hop x.x.x.x, the traffic can be forwarded by the default route in VRF.

    Here is our configuration.

    james@lab1> show configuration policy-options policy-statement acc_all 
    then accept;
    
    james@lab1> show configuration protocols bgp group flowspec 
    neighbor 192.168.11.1 {
        family inet {
            unicast;
            flow {
                no-validate acc_all;
            }
        }
        export drop_all;
        peer-as 131618;
    }
    
    
    show configuration routing-instances test
    instance-type vrf;
    route-distinguisher 100:100;
    vrf-target {
        import target:100:100;
        export target:100:100;
        auto;
    }
    routing-options {
        static {
            defaults {
                resolve;
            }
            route 0.0.0.0/0 next-hop 100.100.100.1;
        }
    }
    ​



    I checked the counter of flowspec when I running mtr.
    Compare to the counter when I set the static default route with next-hop, the counter increases too fast.
    IMBO, I think the traffic is looped.
    There are some discussions about using next-table is possible to cause a loop but the commit is successful.

    james@lab1# set routing-instances test routing-options static route 0.0.0.0/0 next-table inet.0 
    
    [edit]
    james@lab1# commit 
    commit complete
    
    Result of default static route with next-hop.
    
    james@lab1> show firewall filter __flowspec_default_inet__    
    
    Filter: __flowspec_default_inet__                              
    Counters:
    Name                                                Bytes              Packets
    *,192.168.10/24                                       704                   11
    
    
    Result of default static route with next-table.
    
    james@lab1> show firewall filter __flowspec_default_inet__    
    
    Filter: __flowspec_default_inet__                              
    Counters:
    Name                                                Bytes              Packets
    *,192.168.10/24                                 423888192              6623253
    
    james@lab1> show firewall filter __flowspec_default_inet__    
    
    Filter: __flowspec_default_inet__                              
    Counters:
    Name                                                Bytes              Packets
    *,192.168.10/24                                 825261120             12894705
    
    james@lab1> show firewall filter __flowspec_default_inet__    
    
    Filter: __flowspec_default_inet__                              
    Counters:
    Name                                                Bytes              Packets
    *,192.168.10/24                                1427367808             22302622
    ​

    I can do the exact same thing on the Cisco ASR 9K and it's hard to believe it's impossible to do in Juniper.

    Is there some configuration I miss?

    Best regards,
    James

    ------------------------------
    James Tu
    ------------------------------


  • 2.  RE: Static default route with nexthop in routing instance

    Posted 21 days ago
    Maybe need to set one-to-one mapping between an interface and a routing instance.



    ------------------------------
    Tan Yam Meng
    ------------------------------



  • 3.  RE: Static default route with nexthop in routing instance

    Posted 15 days ago
    Hi Tan,

    Thank you for the reply.

    Yes, that works but we only want the traffic to use the VRF routing table when we need it.
    The traffic should use the global routing table(inet.0) to route the traffic most of the time.

    Best regards,
    James

    ------------------------------
    James Tu
    ------------------------------