Those small prefixes are advertised to the BGP-peers using a policy that contains a prefixlist. The idea was to aggregate the routes to the internet-global so that we can share those routes with our ISP's.
Thanks in advance.
Original Message:
Sent: 07-17-2023 10:02
From: Sheetanshu
Subject: Connecting routing instances using next-table
Ok. That is a problem as discard means that the packets will be dropped. Also, we don't have an option of using rib-groups with aggregate routes.
In the internet-default routing table, are there many prefixes that are being summarized by those 3 /22, /23, /24 prefixes? Also, by which protocol are those smaller prefixes summarized by /22, /23 and /24 summary addresses are being learnt in the internet-default routing-instance?
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 07-17-2023 04:07
From: MOHAMAMD AYASH
Subject: Connecting routing instances using next-table
Hi,
Thank you for your reply. I changed the config just like you said and now I'm seeing the routes in the routing tables, but I still cannot ping. Also I've noticed the routes are advertised as discard, does that mean that they cannot be used? One more thing, on the internet-global routing instance I have the generate routes with discard, do I need to delete those? I will add the new config with the output of the routing tables.
This is the internet-global config (nothing has changed really besides deleting the next-table, notice the generate route)
show routing-instances internet-global description "EDGE VR, Full table, not in MPLS";instance-type virtual-router;interface ae0.10;interface ae0.101;interface ae0.211;interface ae0.4002;interface ae0.4012;interface ae0.4013;interface ae0.4016;interface lo0.1000;routing-options { rib internet-global.inet6.0 { generate { route ::/0 discard; } } generate { route 0.0.0.0/0 discard; } autonomous-system xxxx22;}
This is the internet-default config
show routing-instances internet-default description "Internet VRF - axxxx22 subnets only!";instance-type vrf;interface ae0.11;interface ae0.100;interface ae0.900;interface ae0.901;interface ae0.905;interface ae0.906;interface ae0.911;interface ae0.913;interface ae0.914;interface ae0.915;interface ae0.916;interface ae0.917;interface ae0.920;interface ae0.921;interface ae0.922;interface ae0.924;interface ae0.926;interface ae0.927;interface ae0.998;route-distinguisher xxxx76L:100;vrf-target target:xxxx76L:100;vrf-table-label; routing-options { rib internet-default.inet6.0 { aggregate { defaults { as-path { path 6xxx9; } } route 2xxx:xxc0::/29; route 2xxx:xxx0::/29; } } static { rib-group default-to-global defaults { as-path { path 6xxx9; } } route xxx.xx.32.0/22 discard; route xxx.xxx.56.0/23 discard; route xxx.xxx.58.0/24 discard; route 0.0.0.0/0 next-table internet-global.inet.0 } router-id xxx.xxx.58.252; autonomous-system 6xxx9 loops 2 independent-domain;}
Here is the output of the routing table internet-global
run show route table internet-global.inet internet-global.inet.0: 13 destinations, 14 routes (12 active, 0 holddown, 1 hidden)+ = Active Route, - = Last Active, * = BothXXX.XX.32.0/22 *[Static/5] 00:07:52 DiscardXXX.XXX.56.0/23 *[Static/5] 00:07:52 DiscardXXX.XXX.58.0/24 *[Static/5] 00:07:52 DiscardXXX.XXX.58.252/32 *[Direct/0] 02:49:55 > via ae0.10 [Local/0] 02:49:55 Local via ae0.10XXX.XXX.58.255/32 *[Direct/0] 3d 18:48:18 > via lo0.1000
Here is the output of the internet-default routing table
run show route table internet-default.inet internet-default.inet.0: 76 destinations, 77 routes (76 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both0.0.0.0/0 *[Static/5] 00:09:17 to table internet-global.inet.0
Thanks in advance!
Best regards,
------------------------------
MOHAMAMD AYASH
Original Message:
Sent: 07-17-2023 01:26
From: Sheetanshu
Subject: Connecting routing instances using next-table
Thanks.
So, looking at your requirements: -
a) "What I'm trying to achieve is to advertise the default route (0.0.0.0/0) from the internet-global to the internet-default" - For this, you need to apply the next-table static route in the internet-default routing-instance. In the configuration shared, I see the global static default route is pointed towards the default routing table, which is the other way round.
b) "and the public routes from internet-default to internet-global" - As you have created the static discard routes for the public IPs in the default-routing table, you need to apply the rib-group to the static route and not the interface routes. Something like "set routing-instances int-default routing-options static rib-group default-to-global". In the rib-group configuration, you can have an import policy to control which static routes are imported in the global routing table. There is no need to specify from rib and to rib in the policy-statement, as the rib-group configuration already specifies that.It doesn't work in your case, as the rib-group has been applied on the interface-routes.
I simulated the above scenario in lab and it works fine.
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 07-14-2023 02:50
From: MOHAMAMD AYASH
Subject: Connecting routing instances using next-table
Sure!
Here is the routing-options config
show routing-optionsrib-groups { default-to-global { import-rib [ internet-default.inet.0 internet-global.inet.0 ]; import-policy export-flexnet; }}show policy-options policy-statement export-flexnet term 1 { from { rib internet-default.inet.0; route-filter xxx.xx.32.0/22 exact; route-filter xxx.xxx.56.0/23 exact; route-filter xxx.xxx.58.0/24 exact; } to rib internet-global.inet.0; then accept;}term 2 { then reject;}
Here is the config of the internet-global
show routing-instances internet-global description "EDGE VR, Full table, not in MPLS";instance-type virtual-router;interface ae0.10;interface ae0.101;interface ae0.211;interface ae0.4002;interface ae0.4012;interface ae0.4013;interface ae0.4016;interface lo0.1000;routing-options { rib internet-global.inet6.0 { generate { route ::/0 discard; } } static { route 0.0.0.0/0 next-table internet-default.inet.0; } generate { route 0.0.0.0/0 discard; } autonomous-system xxxx22;}
Here is the config of the internet-default
show routing-instances internet-default description "Internet VRF - axxxx22 subnets only!";instance-type vrf;interface ae0.11;interface ae0.100;interface ae0.900;interface ae0.901;interface ae0.905;interface ae0.906;interface ae0.911;interface ae0.913;interface ae0.914;interface ae0.915;interface ae0.916;interface ae0.917;interface ae0.920;interface ae0.921;interface ae0.922;interface ae0.924;interface ae0.926;interface ae0.927;interface ae0.998;route-distinguisher xxxx76L:100;vrf-target target:xxxx76L:100;vrf-table-label; routing-options { interface-routes { rib-group inet default-to-global; } rib internet-default.inet6.0 { aggregate { defaults { as-path { path 6xxx9; } } route 2xxx:xxc0::/29; route 2xxx:xxx0::/29; } } static { defaults { as-path { path 6xxx9; } } route xxx.xx.32.0/22 discard; route xxx.xxx.56.0/23 discard; route xxx.xxx.58.0/24 discard; } router-id xxx.xxx.58.252; autonomous-system 6xxx9 loops 2 independent-domain;}
Here is the internet-global routing table, the only new entry I see is the next-table. No public routes are advertised to the internet-global as far as I can see.
run show route table internet-global.inet internet-global.inet.0: 10 destinations, 12 routes (10 active, 0 holddown, 1 hidden)+ = Active Route, - = Last Active, * = Both0.0.0.0/0 *[Static/5] 00:05:37 to table internet-default.inet.0
The internet-default routing table doesn't show any changes. Thanks in advance!
------------------------------
MOHAMAMD AYASH
Original Message:
Sent: 07-13-2023 11:25
From: Sheetanshu
Subject: Connecting routing instances using next-table
Hi,
Please share the configs that you have created.
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 07-13-2023 08:39
From: MOHAMAMD AYASH
Subject: Connecting routing instances using next-table
Hi,
Thank you for your reply. I did create a static route 0.0.0.0/0 next-table internet-default.inet.0 on the internet-global routing instance. I also created a rib group on the global routing options (here I'm talking about the physical box) by using rib-groups default-to-global import-rib [internet-default.inet.0 internet-global.inet.0]. I've changed the routes to static discard on the internet-default as you said. I also added the interface-routes to the routings instances. Now when I apply this I can see all routes from both routing instances in their own tables. Wherever I apply the policies to the rib-groups the routes disappear.
What I'm trying to achieve is to advertise the default route (0.0.0.0/0) from the internet-global to the internet-default (is this the correct way? Term 1 from route-filter 0.0.0.0/0 exact then accept then reject) and the public routes from internet-default to internet-global (is this the correct way? Term 1 from route-filter xxx.xx.12.0/22 exact then accept then reject).
I've noticed that the routes that are attached or configured on an interface can be imported and exported using the policies, but the routes I want to export aren't.
I appreciate your help and time!
Best regards,
------------------------------
MOHAMAMD AYASH
Original Message:
Sent: 07-12-2023 04:42
From: Sheetanshu Shekhar
Subject: Connecting routing instances using next-table
Hi,
Thanks for sharing the configuration.
The following can possibly be done: -
- Use next-table in the internet-default routing-instance to point the default-route to the global routing-instance.
- Use rib-groups in the default routing-instance to export the required routes from the default instance to the global instance. As default instance is a vrf, instance-import will not work. Also, rib-groups probably won't work with the aggregate routes in the default-routing instance, so you may need to change the aggregate routes in the default routing instance to static discard routes.
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 07-11-2023 03:34
From: MOHAMAMD AYASH
Subject: Connecting routing instances using next-table
Hi,
Thank you for your message. We are currently using a global routing instances (type virtual router) for the internet traffic and for publishing the default-route (0/0) and default routing instances (type VRF) for the clients as intermediate. There are only two global instances running on two physical routers. Each client has a default routing instance. The default instances are connected to each other using L3VPN (we are a tier-3 ISP).
What I'm trying to achieve is to publish the default-route to the default routing instance.
"Internet-global config"instance-type virtual-router;interface lt-0/0/0.10;interface ae0.101;interface ae0.210;interface ae0.4002;interface ae0.4012;interface ae0.4014;interface ae0.4015;interface lo0.1000;routing-options { rib internet-global.inet6.0 { generate { route ::/0 discard; } } generate { route 0.0.0.0/0 discard; } autonomous-system XXXX22;}protocols { bgp { group customers { type external; description "default route to internet-default VRF"; advertise-peer-as; peer-as 64999; neighbor 111.222.58.251 { description "internet-default VRF"; local-address 111.222.58.250; import [ set-lpref-customer accept-own-prefixes-aggregated-v4 reject-all ]; family inet { unicast { prefix-limit { maximum 10; } } } export [ accept-default reject-all ]; } }}
"Internet-default config"description "Internet VRF - asXXXX22 subnets only!";instance-type vrf;interface lt-0/0/0.11;interface ae0.100;interface ae0.900;interface ae0.901;interface ae0.905;interface ae0.906;interface ae0.911;interface ae0.913;interface ae0.914;interface ae0.915;interface ae0.916;interface ae0.917;interface ae0.920;interface ae0.921;interface ae0.922;interface ae0.924;interface ae0.926;interface ae0.927;interface ae0.998;route-distinguisher XXXXXL:100;vrf-target target:XXXXXL:100;vrf-table-label; routing-options { rib internet-default.inet6.0 { aggregate { defaults { as-path { path 6XXX9; } } route XX04:dXX0::/29; route XX07:bXX0::/29; } } aggregate { defaults { as-path { path 6XXX9; } } route 111.22.32.0/22; route 111.222.56.0/23; route 111.22.58.0/24; } router-id 111.222.58.250; autonomous-system 6XXX9 loops 2 independent-domain;}protocols { bgp { group internet-global { type external; description "default route to internet-global"; import [ accept-default reject-all ]; export [ accept-own-prefixes-aggregated-v4 reject-all ]; remove-private; neighbor 111.222.58.250 { local-address 111.222.58.251; peer-as XXXX22; } }}
Here you can find the advertised and learned routes using the lt-interfaces:
run show route table internet-global.inet internet-global.inet.0: 14 destinations, 15 routes (14 active, 1 holddown, 0 hidden)@ = Routing Use Only, # = Forwarding Use Only+ = Active Route, - = Last Active, * = Both0.0.0.0/0 *[Aggregate/130] 00:20:07 Discard111.22.32.0/22 *[BGP/170] 00:19:39, localpref 120 AS path: 6XXX9 I, validation-state: unverified > to 111.222.58.251 via lt-0/0/0.10111.222.56.0/23 *[BGP/170] 00:19:39, localpref 120 AS path: 6XXX9 I, validation-state: unverified > to 111.222.58.251 via lt-0/0/0.10111.222.58.0/24 *[BGP/170] 00:19:39, localpref 120 AS path: 6XXX9 I, validation-state: unverified > to 111.222.58.251 via lt-0/0/0.10111.222.58.250/31 *[Direct/0] 00:20:20 > via lt-0/0/0.10 111.222.58.250/32 *[Local/0] 00:20:20 Local via lt-0/0/0.10111.222.58.254/32 *[Direct/0] 00:20:20 > via lo0.1000111.222.58.255/32 @[OSPF/10] 00:20:07, metric 1 > to 111.222.58.255 via ae0.4002 #[Direct/0] 00:20:11, metric 1 > to 111.222.58.255 via ae0.4002
run show route table internet-default.inet internet-default.inet.0: 77 destinations, 77 routes (77 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both0.0.0.0/0 *[BGP/170] 00:55:55, localpref 100 AS path: XXXX22 I, validation-state: unverified > to 111.222.58.250 via lt-0/0/0.11111.22.32.0/22 *[Aggregate/130] 00:56:31 Reject111.222.56.0/23 *[Aggregate/130] 00:56:31 Reject111.222.58.0/24 *[Aggregate/130] 00:56:36 Reject111.222.58.250/31 *[Direct/0] 00:56:36 > via lt-0/0/0.11111.222.58.251/32 *[Local/0] 00:56:36 Local via lt-0/0/0.11
Best regards,
Mohammad Ayash
------------------------------
MOHAMAMD AYASH
Original Message:
Sent: 07-11-2023 01:36
From: Sheetanshu
Subject: Connecting routing instances using next-table
Hi,
Between the two routing instances, do you selectively import prefixes? There are several options using instance-imports, rib-groups and next-table. Is it possible to share the configuration of routing-instances and the routes advertised/learned between the two using the lt interfaces?
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 07-10-2023 03:47
From: MOHAMAMD AYASH
Subject: Connecting routing instances using next-table
Dear Juniper community,
We have a network setup consisting of two physical routers. There are many routing instances running on those routers, the most important ones are the global routing instances (where the internet traffic enters) and the default routing instances. We are currently using logical tunnels between the global and the default to connect them to each other. We would like to replace the lt-interfaces with something like next-table, mainly because of the speed limitation. Any suggestions on how to do this? What would the impact be upon implementing this? I appreciate every reply of you guys.
Best regards,
Mohammad Ayash
------------------------------
MOHAMAMD AYASH
------------------------------