Routing

 View Only
last person joined: yesterday 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
Expand all | Collapse all

Connecting routing instances using next-table

  • 1.  Connecting routing instances using next-table

    Posted 07-10-2023 07:05

    Dear Juniper community,

    We have a network setup consisting of two physical routers. There are many routing instances running on those routers, the most important ones are the global routing instances (where the internet traffic enters) and the default routing instances. We are currently using logical tunnels between the global and the default to connect them to each other. We would like to replace the lt-interfaces with something like next-table, mainly because of the speed limitation. Any suggestions on how to do this? What would the impact be upon implementing this? I appreciate every reply of you guys.

    Best regards,

    Mohammad Ayash 



    ------------------------------
    MOHAMAMD AYASH
    ------------------------------


  • 2.  RE: Connecting routing instances using next-table

    Posted 07-11-2023 01:37

    Hi,

    Between the two routing instances, do you selectively import prefixes? There are several options using instance-imports, rib-groups and next-table. Is it possible to share the configuration of routing-instances and the routes advertised/learned between the two using the lt interfaces?

    Regards



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 3.  RE: Connecting routing instances using next-table

    Posted 07-11-2023 03:35

    Hi,

    Thank you for your message. We are currently using a global routing instances (type virtual router) for the internet traffic and for publishing the default-route (0/0) and default routing instances (type VRF) for the clients as intermediate. There are only two global instances running on two physical routers. Each client has a default routing instance. The default instances are connected to each other using L3VPN (we are a tier-3 ISP).

    What I'm trying to achieve is to publish the default-route to the default routing instance.

    "Internet-global config"
    instance-type virtual-router;
    interface lt-0/0/0.10;
    interface ae0.101;
    interface ae0.210;
    interface ae0.4002;
    interface ae0.4012;
    interface ae0.4014;
    interface ae0.4015;
    interface lo0.1000;
    routing-options {
        rib internet-global.inet6.0 {
            generate {
                route ::/0 discard;
            }
        }
        generate {
            route 0.0.0.0/0 discard;
        }
        autonomous-system XXXX22;
    }
    protocols {
        bgp {
    	group customers {
                type external;
                description "default route to internet-default VRF";
                advertise-peer-as;
                peer-as 64999;
                neighbor 111.222.58.251 {
                    description "internet-default VRF";
                    local-address 111.222.58.250;
                    import [ set-lpref-customer accept-own-prefixes-aggregated-v4 reject-all ];
                    family inet {
                        unicast {
                            prefix-limit {
                                maximum 10;
                            }
                        }
                    }
                    export [ accept-default reject-all ];
                }
            }
    }

    "Internet-default config"
    description "Internet VRF - asXXXX22 subnets only!";
    instance-type vrf;
    interface lt-0/0/0.11;
    interface ae0.100;
    interface ae0.900;
    interface ae0.901;
    interface ae0.905;
    interface ae0.906;
    interface ae0.911;
    interface ae0.913;
    interface ae0.914;
    interface ae0.915;
    interface ae0.916;
    interface ae0.917;
    interface ae0.920;
    interface ae0.921;
    interface ae0.922;
    interface ae0.924;
    interface ae0.926;
    interface ae0.927;
    interface ae0.998;
    route-distinguisher XXXXXL:100;
    vrf-target target:XXXXXL:100;
    vrf-table-label;                        
    routing-options {
        rib internet-default.inet6.0 {
            aggregate {
                defaults {
                    as-path {
                        path 6XXX9;
                    }
                }
                route XX04:dXX0::/29;
                route XX07:bXX0::/29;
            }
        }
        aggregate {
            defaults {
                as-path {
                    path 6XXX9;
                }
            }
            route 111.22.32.0/22;
            route 111.222.56.0/23;
            route 111.22.58.0/24;
        }
        router-id 111.222.58.250;           
        autonomous-system 6XXX9 loops 2 independent-domain;
    }
    protocols {
        bgp {
    	 group internet-global {         
                type external;
                description "default route to internet-global";
                import [ accept-default reject-all ];
                export [ accept-own-prefixes-aggregated-v4 reject-all ];
                remove-private;
                neighbor 111.222.58.250 {
                    local-address 111.222.58.251;
                    peer-as XXXX22;
                }
            }
    }

    Here you can find the advertised and learned routes using the lt-interfaces:

    run show route table internet-global.inet                      
    
    internet-global.inet.0: 14 destinations, 15 routes (14 active, 1 holddown, 0 hidden)
    @ = Routing Use Only, # = Forwarding Use Only
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0          *[Aggregate/130] 00:20:07
                          Discard
    111.22.32.0/22     *[BGP/170] 00:19:39, localpref 120
                          AS path: 6XXX9 I, validation-state: unverified
                        > to 111.222.58.251 via lt-0/0/0.10
    111.222.56.0/23    *[BGP/170] 00:19:39, localpref 120
                          AS path: 6XXX9 I, validation-state: unverified
                        > to 111.222.58.251 via lt-0/0/0.10
    111.222.58.0/24    *[BGP/170] 00:19:39, localpref 120
                          AS path: 6XXX9 I, validation-state: unverified
                        > to 111.222.58.251 via lt-0/0/0.10
    111.222.58.250/31  *[Direct/0] 00:20:20
                        > via lt-0/0/0.10   
    111.222.58.250/32  *[Local/0] 00:20:20
                          Local via lt-0/0/0.10
    111.222.58.254/32  *[Direct/0] 00:20:20
                        > via lo0.1000
    111.222.58.255/32  @[OSPF/10] 00:20:07, metric 1
                        > to 111.222.58.255 via ae0.4002
                       #[Direct/0] 00:20:11, metric 1
                        > to 111.222.58.255 via ae0.4002

    run show route table internet-default.inet                          
    
    internet-default.inet.0: 77 destinations, 77 routes (77 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0          *[BGP/170] 00:55:55, localpref 100
                          AS path: XXXX22 I, validation-state: unverified
                        > to 111.222.58.250 via lt-0/0/0.11
    111.22.32.0/22     *[Aggregate/130] 00:56:31
                          Reject
    111.222.56.0/23    *[Aggregate/130] 00:56:31
                          Reject
    111.222.58.0/24    *[Aggregate/130] 00:56:36
                          Reject
    111.222.58.250/31  *[Direct/0] 00:56:36
                        > via lt-0/0/0.11
    111.222.58.251/32  *[Local/0] 00:56:36
                          Local via lt-0/0/0.11

    Best regards,

    Mohammad Ayash



    ------------------------------
    MOHAMAMD AYASH
    ------------------------------



  • 4.  RE: Connecting routing instances using next-table

    Posted 07-12-2023 10:18

    Hi,

    Thanks for sharing the configuration.

    The following can possibly be done: -

    • Use next-table in the internet-default routing-instance to point the default-route to the global routing-instance.
    • Use rib-groups in the default routing-instance to export the required routes from the default instance to the global instance. As default instance is a vrf, instance-import will not work. Also, rib-groups probably won't work with the aggregate routes in the default-routing instance, so you may need to change the aggregate routes in the default routing instance to static discard routes.

    Regards



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 5.  RE: Connecting routing instances using next-table

    Posted 07-13-2023 11:07

    Hi,

    Thank you for your reply. I did create a static route 0.0.0.0/0 next-table internet-default.inet.0 on the internet-global routing instance. I also created a rib group on the global routing options (here I'm talking about the physical box) by using rib-groups default-to-global import-rib [internet-default.inet.0 internet-global.inet.0]. I've changed the routes to static discard on the internet-default as you said. I also added the interface-routes to the routings instances. Now when I apply this I can see all routes from both routing instances in their own tables. Wherever I apply the policies to the rib-groups the routes disappear.

    What I'm trying to achieve is to advertise the default route (0.0.0.0/0) from the internet-global to the internet-default (is this the correct way? Term 1 from route-filter 0.0.0.0/0 exact then accept then reject) and the public routes from internet-default to internet-global (is this the correct way? Term 1 from route-filter xxx.xx.12.0/22 exact then accept then reject).

    I've noticed that the routes that are attached or configured on an interface can be imported and exported using the policies, but the routes I want to export aren't.

    I appreciate your help and time!

    Best regards,



    ------------------------------
    MOHAMAMD AYASH
    ------------------------------



  • 6.  RE: Connecting routing instances using next-table

    Posted 07-13-2023 11:25

    Hi,

    Please share the configs that you have created.

    Regards



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 7.  RE: Connecting routing instances using next-table

    Posted 07-16-2023 12:45

    Sure!

    Here is the routing-options config

    show routing-options
    
    rib-groups {
        default-to-global {
            import-rib [ internet-default.inet.0 internet-global.inet.0 ];
            import-policy export-flexnet;
        }
    }
    
    
    show policy-options policy-statement export-flexnet 
    term 1 {
        from {
            rib internet-default.inet.0;
            route-filter xxx.xx.32.0/22 exact;
            route-filter xxx.xxx.56.0/23 exact;
            route-filter xxx.xxx.58.0/24 exact;
        }
        to rib internet-global.inet.0;
        then accept;
    }
    term 2 {
        then reject;
    }

    Here is the config of the internet-global

    show routing-instances internet-global     
    description "EDGE VR, Full table, not in MPLS";
    instance-type virtual-router;
    interface ae0.10;
    interface ae0.101;
    interface ae0.211;
    interface ae0.4002;
    interface ae0.4012;
    interface ae0.4013;
    interface ae0.4016;
    interface lo0.1000;
    routing-options {
        rib internet-global.inet6.0 {
            generate {
                route ::/0 discard;
            }
        }
        static {
            route 0.0.0.0/0 next-table internet-default.inet.0;
        }
        generate {
            route 0.0.0.0/0 discard;
        }
        autonomous-system xxxx22;
    } 

    Here is the config of the internet-default

    show routing-instances internet-default   
    description "Internet VRF - axxxx22 subnets only!";
    instance-type vrf;
    interface ae0.11;
    interface ae0.100;
    interface ae0.900;
    interface ae0.901;
    interface ae0.905;
    interface ae0.906;
    interface ae0.911;
    interface ae0.913;
    interface ae0.914;
    interface ae0.915;
    interface ae0.916;
    interface ae0.917;
    interface ae0.920;
    interface ae0.921;
    interface ae0.922;
    interface ae0.924;
    interface ae0.926;
    interface ae0.927;
    interface ae0.998;
    route-distinguisher xxxx76L:100;
    vrf-target target:xxxx76L:100;
    vrf-table-label;                        
    routing-options {
        interface-routes {
            rib-group inet default-to-global;
        }
        rib internet-default.inet6.0 {
            aggregate {
                defaults {
                    as-path {
                        path 6xxx9;
                    }
                }
                route 2xxx:xxc0::/29;
                route 2xxx:xxx0::/29;
            }
        }
        static {
            defaults {
                as-path {
                    path 6xxx9;
                }
            }
            route xxx.xx.32.0/22 discard;
            route xxx.xxx.56.0/23 discard;  
            route xxx.xxx.58.0/24 discard;
        }
        router-id xxx.xxx.58.252;
        autonomous-system 6xxx9 loops 2 independent-domain;
    }

    Here is the internet-global routing table, the only new entry I see is the next-table. No public routes are advertised to the internet-global as far as I can see.

    run show route table internet-global.inet   
    
    internet-global.inet.0: 10 destinations, 12 routes (10 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0          *[Static/5] 00:05:37
                          to table internet-default.inet.0
    
    

    The internet-default routing table doesn't show any changes. Thanks in advance!



    ------------------------------
    MOHAMAMD AYASH
    ------------------------------



  • 8.  RE: Connecting routing instances using next-table

    Posted 07-17-2023 01:27

    Thanks.

    So, looking at your requirements: -

    a) "What I'm trying to achieve is to advertise the default route (0.0.0.0/0) from the internet-global to the internet-default" - For this, you need to apply the next-table static route in the internet-default routing-instance. In the configuration shared,  I see the global static default route is pointed towards the default routing table, which is the other way round.

    b) "and the public routes from internet-default to internet-global" - As you have created the static discard routes for the public IPs in the default-routing table, you need to apply the rib-group to the static route and not the interface routes. Something like "set routing-instances int-default routing-options static rib-group default-to-global". In the rib-group configuration, you can have an import policy to control which static routes are imported in the global routing table. There is no need to specify from rib and to rib in the policy-statement, as the rib-group configuration already specifies that.It doesn't work in your case, as the rib-group has been applied on the interface-routes.

    I simulated the above scenario in lab and it works fine.

    Regards



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 9.  RE: Connecting routing instances using next-table

    Posted 07-17-2023 05:45

    Hi,

    Thank you for your reply. I changed the config just like you said and now I'm seeing the routes in the routing tables, but I still cannot ping. Also I've noticed the routes are advertised as discard, does that mean that they cannot be used? One more thing, on the internet-global routing instance I have the generate routes with discard, do I need to delete those? I will add the new config with the output of the routing tables.

    This is the internet-global config (nothing has changed really besides deleting the next-table, notice the generate route)

    show routing-instances internet-global     
    description "EDGE VR, Full table, not in MPLS";
    instance-type virtual-router;
    interface ae0.10;
    interface ae0.101;
    interface ae0.211;
    interface ae0.4002;
    interface ae0.4012;
    interface ae0.4013;
    interface ae0.4016;
    interface lo0.1000;
    routing-options {
        rib internet-global.inet6.0 {
            generate {
                route ::/0 discard;
            }
        }
        generate {
            route 0.0.0.0/0 discard;
        }
        autonomous-system xxxx22;
    } 

    This is the internet-default config

    show routing-instances internet-default   
    description "Internet VRF - axxxx22 subnets only!";
    instance-type vrf;
    interface ae0.11;
    interface ae0.100;
    interface ae0.900;
    interface ae0.901;
    interface ae0.905;
    interface ae0.906;
    interface ae0.911;
    interface ae0.913;
    interface ae0.914;
    interface ae0.915;
    interface ae0.916;
    interface ae0.917;
    interface ae0.920;
    interface ae0.921;
    interface ae0.922;
    interface ae0.924;
    interface ae0.926;
    interface ae0.927;
    interface ae0.998;
    route-distinguisher xxxx76L:100;
    vrf-target target:xxxx76L:100;
    vrf-table-label;                        
    routing-options {
        rib internet-default.inet6.0 {
            aggregate {
                defaults {
                    as-path {
                        path 6xxx9;
                    }
                }
                route 2xxx:xxc0::/29;
                route 2xxx:xxx0::/29;
            }
        }
        static {
            rib-group default-to-global
            defaults {
                as-path {
                    path 6xxx9;
                }
            }
            route xxx.xx.32.0/22 discard;
            route xxx.xxx.56.0/23 discard;  
            route xxx.xxx.58.0/24 discard;
            route 0.0.0.0/0 next-table internet-global.inet.0
        }
        router-id xxx.xxx.58.252;
        autonomous-system 6xxx9 loops 2 independent-domain;
    }

    Here is the output of the routing table internet-global

    run show route table internet-global.inet   
    
    internet-global.inet.0: 13 destinations, 14 routes (12 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both
    
    XXX.XX.32.0/22     *[Static/5] 00:07:52
                          Discard
    XXX.XXX.56.0/23    *[Static/5] 00:07:52
                          Discard
    XXX.XXX.58.0/24    *[Static/5] 00:07:52
                          Discard
    XXX.XXX.58.252/32  *[Direct/0] 02:49:55
                        > via ae0.10
                        [Local/0] 02:49:55
                          Local via ae0.10
    XXX.XXX.58.255/32  *[Direct/0] 3d 18:48:18
                        > via lo0.1000      

    Here is the output of the internet-default routing table

    run show route table internet-default.inet              
    
    internet-default.inet.0: 76 destinations, 77 routes (76 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0          *[Static/5] 00:09:17
                          to table internet-global.inet.0

    Thanks in advance!

    Best regards,



    ------------------------------
    MOHAMAMD AYASH
    ------------------------------