Training and Certification

Hi, 

I'm currently studdy for my first Junos certification exam.  I would like to know deep knowledge required for the exam.  Actually I'm trying to do some retribution of routes between these VRFs and it's not working as expected.  I would like to know if that kind of topic is part of the first Junos exam.  Personnally I find knowlege of VRF concept a little complicated for a first level of exam but it is listed as an exam topic.  For me understand VRF include to be able to leak some routes between these VRFs/virtual-router, but I could be wrong.

Here my lab setup see: (I used Juniper vLab IS-IS -l1_L2 Multi-area topologie)  I have erased all routers configuration and applied the attached router configuration to this case.

On Router vmx4 I have my 2 virtual-router working fine.  I'm able to leak connected route from inet0 to ri-TEACHER VRF.  But I would like to have the, I also able to filter the only 10.0.0.0/8 to be leak from the default routing table to ri-TEACHER virtual-router.

Now I'm trying to have route leaking from ri-TEACHER to default rounting instance inet0.

In vritual-router ri-TEAChER I define Lo0.1 and configure 192.168.1.1/24 IP address.

In the default routing instance the network the interface  Ge-0/0/2 is configured with 10.1.0.1/24.  I also defined static route to 10.0.0.0/8 next-hop 10.1.0.2.

Form up this everything is fine, my 2 virtual-router are completely isolated from each other.

Now I'm trying to make ri-TEACHER can communicated with the rest of the network, to do this I have to make some route leaking between the 2 virtuals ribs ri-TEARCHER.inet.0 and inet.0.

Using rib-group I succefully imported 10.0.0.0/8 next-hop 10.1.0.2 into ri-TEACHER rib.  (I'm not sure this is correct, since the 10.1.02 is in fact not reachable from ri-TEACHER.inet.0 but from inet.0 only)
When I tri to do the same thing on the reverse side I don't have any next hop to specified, so I understand that I can't makes route leaking this way.

I found the command "set routing-option static route 192.168.0.0/26 next-table ri-TEACHER.inet.0"  to make sense I should do the same on the other side ""set routing-instance ri-TEACHER routing-option static route 10.0.0.0/8 next-table inet.0"

But the router refuse to commit due of the possibility of routing loop.  What I should do to accomplished my gold ?
 

------------------------------
Xine
------------------------------

Looking over the JNCIA exam topics I don't see any certification path that would ask you to know about route leaking at the first Associate level so you would be good there.

For your scenario you would need to have an interface term in the policy for the connection of the Virtual Router to the inet.0 table instead of a route policy for the loopback to be learned.  You can see the two types of terms and examples in this kb article.

https://supportportal.juniper.net/s/article/Junos-What-is-the-use-of-RIB-groups-and-how-are-they-used?language=en_US

Junos will prevent you from creating route loops as they are not permitted.  What that error is telling you is your routing policy creations are attempting to send the same ip subnet back and forth between two nodes.  This creates the loop and is not valid.

------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
http://puluka.com/home
------------------------------

Original Message:
Sent: 10-16-2023 21:17
From: xine32
Subject: Route leaking between vritual routers

Hi, 

I'm currently studdy for my first Junos certification exam.  I would like to know deep knowledge required for the exam.  Actually I'm trying to do some retribution of routes between these VRFs and it's not working as expected.  I would like to know if that kind of topic is part of the first Junos exam.  Personnally I find knowlege of VRF concept a little complicated for a first level of exam but it is listed as an exam topic.  For me understand VRF include to be able to leak some routes between these VRFs/virtual-router, but I could be wrong.

Here my lab setup see: (I used Juniper vLab IS-IS -l1_L2 Multi-area topologie)  I have erased all routers configuration and applied the attached router configuration to this case.

On Router vmx4 I have my 2 virtual-router working fine.  I'm able to leak connected route from inet0 to ri-TEACHER VRF.  But I would like to have the, I also able to filter the only 10.0.0.0/8 to be leak from the default routing table to ri-TEACHER virtual-router.

Now I'm trying to have route leaking from ri-TEACHER to default rounting instance inet0.

In vritual-router ri-TEAChER I define Lo0.1 and configure 192.168.1.1/24 IP address.

In the default routing instance the network the interface  Ge-0/0/2 is configured with 10.1.0.1/24.  I also defined static route to 10.0.0.0/8 next-hop 10.1.0.2.

Form up this everything is fine, my 2 virtual-router are completely isolated from each other.

Now I'm trying to make ri-TEACHER can communicated with the rest of the network, to do this I have to make some route leaking between the 2 virtuals ribs ri-TEARCHER.inet.0 and inet.0.

Using rib-group I succefully imported 10.0.0.0/8 next-hop 10.1.0.2 into ri-TEACHER rib.  (I'm not sure this is correct, since the 10.1.02 is in fact not reachable from ri-TEACHER.inet.0 but from inet.0 only)
When I tri to do the same thing on the reverse side I don't have any next hop to specified, so I understand that I can't makes route leaking this way.

I found the command "set routing-option static route 192.168.0.0/26 next-table ri-TEACHER.inet.0"  to make sense I should do the same on the other side ""set routing-instance ri-TEACHER routing-option static route 10.0.0.0/8 next-table inet.0"

But the router refuse to commit due of the possibility of routing loop.  What I should do to accomplished my gold ?
 

------------------------------
Xine
------------------------------