Hi Sheetanshu,
Thank you for your comment.
I fixed vLabs and tried again. Here is the update.
Would you please check my configuration?
> - Does vMX2 have a route towards 192.168.20.2? When vMX3 advertises the eBGP route 192.168.200.0/24 (received from vMX5) to vMX2, the next-hop of that route would be 192.168.20.2, as I do not see a policy to change the next-hop to self in the iBGP configuration. If vMX2 can't resolve the next-hop IP 192.168.20.2 of the route, it will be rejected and hidden.I cannot see 192.168.20.2 from vMX2 by 'show route terse'.
However, I found the hidden route from commands below.
----- ↓↓ OUTPUTS ↓↓ -----
jcluser@vMX2> show route 192.168.200.0/24 hidden
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.200.0/24 [BGP/150] 01:57:40, MED 120, localpref 100, from 192.168.30.2
AS path: 120000 I, validation-state: unverified
Unusable
jcluser@vMX2>
jcluser@vMX2> show route 192.168.200.0/24 detail hidden
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
192.168.200.0/24 (3 entries, 1 announced)
BGP Preference: 150/-101
Next hop type: Unusable, Next hop index: 0
Address: 0xc4b50bc
Next-hop reference count: 1
Source: 192.168.30.2
State: <Hidden Int Ext>
Inactive reason: Unusable path
Local AS: 65000 Peer AS: 65000
Age: 1:57:29 Metric: 120
Validation State: unverified
Task: BGP_65000_65000.192.168.30.2
AS path: 120000 I
Accepted
Localpref: 100
Router ID: 192.168.20.1
Thread: junos-main
jcluser@vMX2>
----- ↑↑ OUTPUTS ↑↑ -----
> - By MED change on vMX4, do you mean that the metric-out towards peer 192.168.10.1 was changed? If yes, to which value?I have changed 100 to 500 on vMX4. (Of course on eBGP-INSTANCE which connect with 192.168.10.0/24)
> - After doing the changes on vMX4, can you please share the output of the below commands from vMX2? > show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive> show route 192.168.200.0/24 exact extensiveI will share the outputs. From vMX2, I can confirm that the changed MED(100 -> 500).
But vMX2 did not receive a network 192.168.20.0/24.
I might add more settings, or delete specific filter or rules to remove the blocking settings?
----- ↓↓ OUTPUTS ↓↓ -----
jcluser@vMX2> show route terse
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
A V Destination P Prf Metric 1 Metric 2 Next hop AS path
* ? 192.168.10.0/24 D 0 >ge-0/0/0.0
* ? 192.168.10.1/32 L 0 Local
* ? 192.168.30.0/24 D 0 >ge-0/0/2.0
* ? 192.168.30.1/32 L 0 Local
* ? 192.168.100.0/24 D 0 >ge-0/0/3.0
* ? 192.168.100.2/32 L 0 Local
* ? 192.168.200.0/24 B 170 100 500 120000 I
unverified >192.168.10.2
? S 170 >192.168.30.2
jcluser@vMX2>
jcluser@vMX2> show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
* 192.168.200.0/24 (3 entries, 1 announced)
Accepted
Nexthop: 192.168.10.2
MED: 500
AS path: 120000 I
jcluser@vMX2>
jcluser@vMX2> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
jcluser@vMX2>
jcluser@vMX2> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
192.168.200.0/24 (3 entries, 1 announced)
Accepted
Nexthop: 192.168.20.2
MED: 120
Localpref: 100
AS path: 120000 I
jcluser@vMX2>
jcluser@vMX2> show route 192.168.200.0/24 exact extensive
INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
192.168.200.0/24 (3 entries, 1 announced)
TSI:
KRT in-kernel 192.168.200.0/24 -> {192.168.10.2}
Page 0 idx 1, (group iBGP-INSTANCE type Internal) Type 1 val 0xd3cf708 (adv_entry)
Advertised metrics:
Nexthop: 192.168.10.2
MED: 120
Localpref: 100
AS path: [65000] 120000 I
Communities:
Advertise: 00000001
Path 192.168.200.0
from 192.168.10.2
Vector len 4. Val: 1
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 611
Address: 0xc4b5c1c
Next-hop reference count: 2
Source: 192.168.10.2
Next hop: 192.168.10.2 via ge-0/0/0.0, selected
Session Id: 0x141
State: <Active Ext>
Local AS: 65000 Peer AS: 120000
Age: 2:20 Metric: 500
Validation State: unverified
Task: BGP_120000_65000.192.168.10.2
Announcement bits (3): 1-KRT 2-BGP_RT_Background 3-Resolve tree 1
AS path: 120000 I
Accepted
Localpref: 100
Router ID: 192.168.10.2
Thread: junos-main
Static Preference: 170
Next hop type: Router, Next hop index: 610
Address: 0xc4b5ae4
Next-hop reference count: 2
Next hop: 192.168.30.2 via ge-0/0/2.0, selected
Session Id: 0x140
State: <Int Ext>
Inactive reason: Route Metric, BGP vs. non-BGP
Local AS: 65000
Age: 10:12
Validation State: unverified
Task: RT
AS path: I
Thread: junos-main
jcluser@vMX2>
----- ↑↑ OUTPUTS ↑↑ -----
Thank you,
------------------------------
Saw Tam
------------------------------
Original Message:
Sent: 12-07-2022 02:00
From: Sheetanshu Shekhar
Subject: Can't change(renew) a path of eBGP with MED
Hi Saw,
- Does vMX2 have a route towards 192.168.20.2? When vMX3 advertises the eBGP route 192.168.200.0/24 (received from vMX5) to vMX2, the next-hop of that route would be 192.168.20.2, as I do not see a policy to change the next-hop to self in the iBGP configuration. If vMX2 can't resolve the next-hop IP 192.168.20.2 of the route, it will be rejected and hidden.
- By MED change on vMX4, do you mean that the metric-out towards peer 192.168.10.1 was changed? If yes, to which value?
- After doing the changes on vMX4, can you please share the output of the below commands from vMX2?
a) show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive
b) show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive
c) show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive
d) show route 192.168.200.0/24 exact extensive
Regards
------------------------------
Sheetanshu Shekhar
Original Message:
Sent: 12-06-2022 00:19
From: Saw Tam
Subject: Can't change(renew) a path of eBGP with MED
Hi, thank you for reading.
I have a trouble that it cannot renew a path after MED changed from eBGP peer.
I added eBGP, iBGP(LAN), and a static route.
First I doubted the order of selecting best path, so I fixed preference and local-preference for eBGP, iBGP, and static route.
■Normal traffic flow
(Assumption):
vMX1 -> vMX2 -> vMX4 -> vMX6
(Actual response):
vMX1 -> vMX2 -> vMX4 -> vMX6 *works correctly
■Abnormal traffic flow/MED change on vMX4
(Assumption):
vMX1 -> vMX2 -> vMX3 -> vMX5 -> vMX4 -> vMX6
(Actual response):
vMX1 -> vMX2 -> vMX4 -> vMX6 *works incorrectly
I use vLabs(BGP Multi-AS), because we cannot test on the service site and don't have test site.
All routings are built on one routing-instance.
Please see attached file in detail.
I referred some documents and comments but still I am unclear about it.
I hope some give some advises.
Thank you,
------------------------------
Saw Tam
------------------------------