Hi Alex,
I'm getting there. I have one weird resolution I am trying to cure now and then I think it is resolved. Here is the final issue and current topology:
Dummy node --> Upstream ISP test --> London core (one side)
Dummy node --> Upstream ISP test --> Swindon core (other side)
The two Core systems are connecte via ae0 as shown below:
London-Core (ae0) --> (ae0) Swindon-Core
And then the rest of the topology is shown above that.
I have configured an lo0 interface on each dummy node to simulate the internet IPv4 BGP routing table advertised into the core.
Here is the problem, with both core systems configured the same (remembering I will be receiving the same routing table from different upstream ISPs). The loopback interface pn both systems is configured with 10.10.10.1/32 and advertised into our core.
Here is the output from the "show route 10.10.10.1 from both Core's:
London-Core:
root@london-core-mx# run show route 10.10.10.1
inet.0: 15 destinations, 16 routes (14 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.10.10.0/24 *[BGP/170] 01:25:40, localpref 100, from 192.168.1.246
AS path: 50094 I, validation-state: unverified
> to 192.168.1.30 via ge-0/0/3.0
This is correct. I should only see it available from here and not via the Swindon core.
Now here is the Swindon core:
root@swindon-core-mx# run show route 10.10.10.1
inet.0: 14 destinations, 16 routes (13 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.10.10.0/24 *[IS-IS/160] 01:13:07, metric 20
> to 192.168.1.5 via ae0.0
[BGP/170] 00:48:29, localpref 100, from 192.168.1.242
AS path: 50060 I, validation-state: unverified
> to 192.168.1.58 via ge-0/0/2.0
This is incorrect as I am also seeing 10.10.10.1 via isis through ae0 and to the other ISP.
The config on both systems is very basic and the same, so I cannot tell where the issue is:
London Core:
set security authentication-key-chains key-chain bgp-auth key 0 secret "$9$q.T36/tOIcCtxds4DjCtu0BE"
set security authentication-key-chains key-chain bgp-auth key 0 start-time "2020-3-22.14:00:00 +0000"
set interfaces ge-0/0/0 unit 0 description london-lns-mx
set interfaces ge-0/0/0 unit 0 family inet address 192.168.1.2/30
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/1 description group-ae0
set interfaces ge-0/0/1 gigether-options 802.3ad ae0
set interfaces ge-0/0/2 unit 0 description to-london-srx-ng
set interfaces ge-0/0/2 unit 0 family inet address 192.168.1.22/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/3 unit 0 family inet address 192.168.1.29/30
set interfaces ge-0/0/4 description group-ae0
set interfaces ge-0/0/4 gigether-options 802.3ad ae0
set interfaces ae0 unit 0 description to-swindon-core
set interfaces ae0 unit 0 family inet address 192.168.1.5/30
set interfaces ae0 unit 0 family iso
set interfaces lo0 unit 0 family inet address 192.168.1.252/32
set interfaces lo0 unit 0 family iso address 49.0001.1921.6801.0252.00
set routing-options static route 192.168.1.246/32 next-hop 192.168.1.30
set routing-options static route 0.0.0.0/0 next-hop 192.168.1.6
set routing-options aggregate route 172.16.0.0/16
set routing-options autonomous-system 40099
set protocols bgp group external-peers type external
set protocols bgp group external-peers local-address 192.168.1.252
set protocols bgp group external-peers log-updown
set protocols bgp group external-peers family inet unicast
set protocols bgp group external-peers authentication-key-chain bgp-auth
set protocols bgp group external-peers export export-route
set protocols bgp group external-peers peer-as 50094
set protocols bgp group external-peers neighbor 192.168.1.246 multihop ttl 1
set protocols bgp group internal-peers type internal
set protocols bgp group internal-peers local-address 192.168.1.252
set protocols bgp group internal-peers export ebgp-default-route
set protocols bgp group internal-peers peer-as 40099
set protocols bgp group internal-peers neighbor 192.168.1.253
set protocols isis export isis-default
set protocols isis export bgp-isis
set protocols isis level 1 authentication-key "$9$QzElz/tu0IcrvBIwgJDmPBIEhSe"
set protocols isis level 1 authentication-type md5
set protocols isis level 2 authentication-key "$9$e7ZKLNdVYoZjwYF/tOcSwYg4aU"
set protocols isis level 2 authentication-type md5
set protocols isis interface ge-0/0/0.0
set protocols isis interface ge-0/0/2.0
set protocols isis interface ae0.0
set protocols isis interface lo0.0
set policy-options prefix-list default 0.0.0.0/0
set policy-options policy-statement bgp-isis from protocol bgp
set policy-options policy-statement bgp-isis then accept
set policy-options policy-statement deny-all then reject
set policy-options policy-statement ebgp-default-route term 1 from route-filter 0.0.0.0/0 exact
set policy-options policy-statement ebgp-default-route term 1 then next-hop self
set policy-options policy-statement ebgp-default-route term 1 then accept
set policy-options policy-statement ebgp-default-route term reject then reject
set policy-options policy-statement export-route from protocol aggregate
set policy-options policy-statement export-route then accept
set policy-options policy-statement isis-default term ipv4 from protocol static
set policy-options policy-statement isis-default term ipv4 from route-filter 0.0.0.0/0 exact
set policy-options policy-statement isis-default term ipv4 then accept
Swindon Core:
set security authentication-key-chains key-chain bgp-auth key 0 secret "$9$/cVN9u1REyKWxcyoGi.zFcylevL"
set security authentication-key-chains key-chain bgp-auth key 0 start-time "2020-3-22.14:00:00 +0000"
set interfaces ge-0/0/0 unit 0 description to-swindon-lns
set interfaces ge-0/0/0 unit 0 family inet address 192.168.1.9/30
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/1 description group-ae0
set interfaces ge-0/0/1 gigether-options 802.3ad ae0
set interfaces ge-0/0/2 unit 0 description to-internet-cloud-1-mx
set interfaces ge-0/0/2 unit 0 family inet address 192.168.1.57/30
set interfaces ge-0/0/4 description group-ae0
set interfaces ge-0/0/4 gigether-options 802.3ad ae0
set interfaces ae0 unit 0 description to-london-core
set interfaces ae0 unit 0 family inet address 192.168.1.6/30
set interfaces ae0 unit 0 family iso
set interfaces lo0 unit 0 family inet address 192.168.1.253/32
set interfaces lo0 unit 0 family iso address 49.0001.1921.6801.0253.00
set routing-options static route 192.168.1.242/32 next-hop 192.168.1.58
set routing-options static route 0.0.0.0/0 next-hop 192.168.1.5
set routing-options aggregate route 172.16.0.0/16
set routing-options autonomous-system 40099
set protocols bgp group internal-peers type internal
set protocols bgp group internal-peers local-address 192.168.1.253
set protocols bgp group internal-peers export ebgp-default-route
set protocols bgp group internal-peers peer-as 40099
set protocols bgp group internal-peers neighbor 192.168.1.252
set protocols bgp group external-peers type external
set protocols bgp group external-peers local-address 192.168.1.253
set protocols bgp group external-peers log-updown
set protocols bgp group external-peers family inet unicast
set protocols bgp group external-peers authentication-key-chain bgp-auth
set protocols bgp group external-peers export export-route
set protocols bgp group external-peers peer-as 50060
set protocols bgp group external-peers neighbor 192.168.1.242 multihop ttl 1
set protocols isis export isis-default
set protocols isis export bgp-isis
set protocols isis level 1 authentication-key "$9$z0NdF9p0ORSlM1Rs4ZjPf1RhcyK"
set protocols isis level 1 authentication-type md5
set protocols isis level 2 authentication-key "$9$B0b1clKvLNVYWLHmT3tpWLx7-w"
set protocols isis level 2 authentication-type md5
set protocols isis interface ge-0/0/0.0
set protocols isis interface ge-0/0/2.0
set protocols isis interface ae0.0
set protocols isis interface lo0.0
set policy-options prefix-list default 0.0.0.0/0
set policy-options policy-statement bgp-isis from protocol bgp
set policy-options policy-statement bgp-isis then accept
set policy-options policy-statement deny-all then reject
set policy-options policy-statement ebgp-default-route term 1 from route-filter 0.0.0.0/0 exact
set policy-options policy-statement ebgp-default-route term 1 then next-hop self
set policy-options policy-statement ebgp-default-route term 1 then accept
set policy-options policy-statement ebgp-default-route term reject then reject
set policy-options policy-statement export-route from protocol aggregate
set policy-options policy-statement export-route then accept
set policy-options policy-statement isis-default term ipv4 from protocol static
set policy-options policy-statement isis-default term ipv4 from route-filter 0.0.0.0/0 exact
set policy-options policy-statement isis-default term ipv4 then accept
Any ideas why one side works as should and the other does not?
I cannot start the disconnetion of ports to test the failover until I have resolved this issue.
Thanks