Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.

  • 1.  Static route to AE interface marked as Reject

    Posted 03-08-2019 06:05

    Hello,

    I'm working on two EX4600's where I have 14 VLANs configured.  The two EX's are connected via a 2x10Gig LACP bundle, which is working perfectly, all my VLANs are passing traffic across that link.  I have another set of EX's with an identical setup at another location.  To pass the traffic between the two physical locations, I have a second bundle that is connected to my customer's router; this bundle is setup as a layer2 connection only.  The problem I'm having is that any static routes I have configured for the local IP subnets are working as expected, however, all routes to the remote subnets are not in the routing table.  When I add the "passive" statement to the static route, I can see it in the table as "rejected".  Question is, do I need to add anything else to the configuration on my end?  Or would this be an issue with the configuration on the customer's router?  My configs for one of the VLANs, and one of the static routes for that VLAN are below.  The bundle to the customer is up.

     

    switch1> show configuration vlans sig_cn_sp
    vlan-id 311;
    l3-interface irb.311;

    {master:0}
    switch1> show configuration interfaces irb.311
    description "Routing Interface for vlan sig_cn_sp";
    family inet {
    address 10.220.36.28/28 {
    vrrp-group 111 {
    virtual-address 10.220.36.30;
    priority 200;
    }
    }
    }

    {master:0}
    switch1> show configuration interfaces ae1
    description "Uplink to Customer MX960, xe-0/0/1, xe-0/0/3";
    vlan-tagging;
    mtu 9022;
    encapsulation flexible-ethernet-services;
    aggregated-ether-options {
    lacp {
    active;
    periodic fast;
    }
    }
    unit 311 {
    encapsulation vlan-ccc;
    vlan-id 311;
    family ccc;
    }

    {master:0}
    switch1> show configuration interfaces ae2
    description "Uplink to switch2 AE2, xe-0/0/5, xe-0/0/7";
    flexible-vlan-tagging;
    mtu 9022;
    encapsulation flexible-ethernet-services;
    aggregated-ether-options {
    lacp {
    active;
    periodic fast;
    }
    }
    unit 0 {
    family ethernet-switching {
    interface-mode trunk;
    vlan {
    members 310-323;
    }
    }
    }

    {master:0}
    switch1> show configuration routing-options static
    route 10.220.12.0/28 next-hop 10.220.36.17;
    route 10.220.140.0/28 {
    qualified-next-hop ae1.311;
    passive;
    }
    {master:0}
    switch1> show route

    inet.0: 39 destinations, 39 routes (38 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both

    10.220.12.0/28 *[Static/5] 22:04:53
    > to 10.220.36.17 via irb.311
    10.220.140.0/28 *[Static/5] 00:38:32
    Reject
    224.0.0.5/32 *[OSPF/10] 1w3d 22:46:06, metric 1
    MultiRecv

    inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    ff02::2/128 *[INET6/0] 2w0d 19:52:05
    MultiRecv

    {master:0}
    switch1>



  • 2.  RE: Static route to AE interface marked as Reject
    Best Answer

    Posted 03-08-2019 20:25

    Hello,

    @ddrew78 wrote:

     

    switch1> show configuration vlans sig_cn_sp
    vlan-id 311;
    l3-interface irb.311;

    {master:0}
    switch1> show configuration interfaces irb.311
    description "Routing Interface for vlan sig_cn_sp";
    family inet {
    address 10.220.36.28/28 {
    vrrp-group 111 {
    virtual-address 10.220.36.30;
    priority 200;
    }
    }
    }

    <skip>

     

    switch1> show configuration routing-options static
    <skip>


    route 10.220.140.0/28 {
    qualified-next-hop ae1.311;
    passive;
    }
    {master:0}
    switch1> show route

    inet.0: 39 destinations, 39 routes (38 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both

    <skip>


    > to 10.220.36.17 via irb.311
    10.220.140.0/28 *[Static/5] 00:38:32
    Reject

    JUNOS does not support CSCO IOS-style "static to multiaccess LAN interface".

    JUNOS supports own style of "static to /32 p2p LAN interface". For this scenario to work, You need:

    1/ GE|XE|AE interface with "family inet unnumbered-address </32 address, usually from loopback>"

    https://www.juniper.net/documentation/en_US/junos/topics/topic-map/interfaces-configuring-an-unnumbered-interface.html

    I haven't tried it with IRB though

    2/ a static /32 route towards the remote peer IP with "qualified-next-hop" - see the link above

    3/ finally, a static route with any netmask , not just /32, with nexthop of the static route added in [2] and possibly a "resolve" knob. It may also work without a "resolve" knob - at least it does on SRX platform.

    Example being:

    set interfaces lo0.0 family inet address 203.0.113.1/32
set interfaces ge-0/0/0.0 family inet unnumbered-address lo0.0
set routing-optons static route 203.0.113.2/32 qualified-next-hop ge-0/0/0.0
set routing-optons static 198.51.100.0/24 next-hop 203.0.113.2 resolve

    HTH

    Thx

    Alex