Thanks for you reply.
First of all I have to note that all is working and I can reach BGP1 router via simple ping, I just do not understand why ;-)
Yes you right I'm just copying routes and from this point of view iBGP peering working a little bit strange from now.
Topology is BGP1 ->(eBGP)-> MX1 ->(iBGP)-> MX2
I mean when we advertise something in iBGP then the next hop IP address doesn't change and we can change this with the next-hop-self command. I do not perform next-hop-self in any policy.As the result MX2 should receive 5.0.0.0/24 route but should not install it in routing table.
I can see Nexthop becomes self and looks like some BGP information is lost after transferring routes between RI's and this breaks iBGP rules.
root@MX1> show route advertising-protocol bgp 10.0.100.1
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 5.0.0.0/24 Self 0 100 1 I
root@MX2> show route receive-protocol bgp 10.0.100.0
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 5.0.0.0/24 10.0.100.0 0 100 1 I
Full routing table on both routers:
root@MX1> show route
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
5.0.0.0/24 *[BGP/170] 00:11:40, MED 0, localpref 100
AS path: 1 I, validation-state: unverified
> to 10.0.0.0 via ge-0/0/0.0
10.0.100.0/31 *[Direct/0] 00:11:44
> via ge-0/0/1.0
10.0.100.0/32 *[Local/0] 00:11:44
Local via ge-0/0/1.0
Ext.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
5.0.0.0/24 *[BGP/170] 00:11:40, MED 0, localpref 100
AS path: 1 I, validation-state: unverified
> to 10.0.0.0 via ge-0/0/0.0
10.0.0.0/31 *[Direct/0] 00:11:44
> via ge-0/0/0.0
10.0.0.1/32 *[Local/0] 00:11:44
Local via ge-0/0/0.0
root@MX2> show route
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
5.0.0.0/24 *[BGP/170] 00:10:27, MED 0, localpref 100
AS path: 1 I, validation-state: unverified
> to 10.0.100.0 via ge-0/0/1.0
10.0.100.0/31 *[Direct/0] 00:10:45
> via ge-0/0/1.0
10.0.100.1/32 *[Local/0] 00:10:45
Local via ge-0/0/1.0
I've only removed inet6.0 default routes
When I use one inet.0 routing table on MX1 eBGP work as expected.
P.S. Without RIs
[edit]
root@MX1# run show route advertising-protocol bgp 10.0.100.1
inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 5.0.0.0/24 10.0.0.0 0 100 1 I
Original Message:
Sent: 12-29-2020 12:08
From: Yasmin Lara
Subject: Does JunOS breaks iBGP rules when using several routing instances?
You are just copying the route from Ext.inet.0 into inet.0 without modifying it. It is the same route. Copying the route to inet.0 is what allows you to send it to the neighbor in inet.0.
But what are you sending to 10.0.100.0 is what you need to look at. Try show route advertising protocols bgp 10.0.100.0. The next hop should not be modified.
Do you also have a rib group to share interface routes?
Regards,
------------------------------
Yasmin Lara
Juniper Ambassador
JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
Original Message:
Sent: 12-29-2020 11:28
From: Unknown User
Subject: Does JunOS breaks iBGP rules when using several routing instances?
I have setup with several routers where 1 is external eBGP router with 2 iBGP routers.
Routes are coming from eBGP peer are landing to Routing-Instance Ext and after that their are moved to inet.0 or master table. Then you can see iBGP peering via inet.0 and external routes that are accepted from eBGP neighbour accepted in eBGP last neighbour without next-hop self policy.
This is simple test lab.
vMX which has several RIs looks like this and no special policies exist on all routers so no next hop self statements exists:
interfaces { ge-0/0/0 { unit 0 { family inet { address 10.0.0.1/31; }}} ge-0/0/1 { unit 0 { family inet { address 10.0.100.0/31; }}}}routing-options { instance-import route_import_master;}protocols { bgp { group iBGP { local-as 2; neighbor 10.0.100.1 { peer-as 2; }}}}policy-options { policy-statement route_import_master { term From_Ext { from { instance Ext; protocol bgp; } then accept; } then reject; }} routing-instances { Ext { instance-type virtual-router; interface ge-0/0/0.0; protocols { bgp { group eBGP { local-as 2; neighbor 10.0.0.0 { peer-as 1; }}}}}}
Here the result routes where we can se route 5.0.0.0/24 exported to master routing table:
>show route inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both5.0.0.0/24 *[BGP/170] 00:02:13, MED 0, localpref 100 AS path: 1 I, validation-state: unverified > to 10.0.0.0 via ge-0/0/0.0Ext.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both5.0.0.0/24 *[BGP/170] 00:02:13, MED 0, localpref 100 AS path: 1 I, validation-state: unverified > to 10.0.0.0 via ge-0/0/0.0
Next my iBGP only router:
interfaces { ge-0/0/1 { unit 0 { family inet { address 10.0.100.1/31; }}}}protocols { bgp { group iBGP { local-as 2; neighbor 10.0.100.0 { peer-as 2; }}}}
Next we can see that 5.0.0.0/24 accepted and installed to routing table
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path* 5.0.0.0/24 10.0.100.0 0 100 1 Iroot> show route 5.0.0.0/24 inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both5.0.0.0/24 *[BGP/170] 00:13:10, MED 0, localpref 100 AS path: 1 I, validation-state: unverified > to 10.0.100.0 via ge-0/0/1.0
Does this breaks essential iBGP rules?
P.S. Maybe someone can point to documentation where I can find explanation/