Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
  • 1.  Can't change(renew) a path of eBGP with MED

    Posted 12-06-2022 06:20
    Hi, thank you for reading.
    I have a trouble that it cannot renew a path after MED changed from eBGP peer.
    I added eBGP, iBGP(LAN), and a static route.
    First I doubted the order of selecting best path, so I fixed preference and local-preference for eBGP, iBGP, and static route.

    ■Normal traffic flow
    (Assumption):
     vMX1 -> vMX2 -> vMX4 -> vMX6
    (Actual response):
     vMX1 -> vMX2 -> vMX4 -> vMX6 *works correctly
    ■Abnormal traffic flow/MED change on vMX4
    (Assumption):
     vMX1 -> vMX2 -> vMX3 -> vMX5 -> vMX4 -> vMX6
    (Actual response):
     vMX1 -> vMX2 -> vMX4 -> vMX6 *works incorrectly

    I use vLabs(BGP Multi-AS), because we cannot test on the service site and don't have test site.
    All routings are built on one routing-instance.
    Please see attached file in detail.

    I referred some documents and comments but still I am unclear about it.
    I hope some give some advises.

    Thank you,

    ------------------------------
    Saw Tam
    ------------------------------


  • 2.  RE: Can't change(renew) a path of eBGP with MED
    Best Answer

    Posted 12-07-2022 02:00
    Hi Saw,

    - Does vMX2 have a route towards 192.168.20.2? When vMX3 advertises the eBGP route 192.168.200.0/24 (received from vMX5) to vMX2, the next-hop of that route would be 192.168.20.2, as I do not see a policy to change the next-hop to self in the iBGP configuration. If vMX2 can't resolve the next-hop IP 192.168.20.2 of the route, it will be rejected and hidden.
    - By MED change on vMX4, do you mean that the metric-out towards peer 192.168.10.1 was changed? If yes, to which value?
    - After doing the changes on vMX4, can you please share the output of the below commands from vMX2? 
      a) show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive
      b) show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive
      c) show route receive-protocol bgp 192.168.30.2 192.168.200.0/24  hidden extensive
      d) show route 192.168.200.0/24 exact extensive

    Regards

    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 3.  RE: Can't change(renew) a path of eBGP with MED

    Posted 12-08-2022 10:19
    Hi Sheetanshu,

    Thank you for your comment.
    I fixed vLabs and tried again. Here is the update.
    Would you please check my configuration?

    > - Does vMX2 have a route towards 192.168.20.2? When vMX3 advertises the eBGP route 192.168.200.0/24 (received from vMX5) to vMX2, the next-hop of that route would be 192.168.20.2, as I do not see a policy to change the next-hop to self in the iBGP configuration. If vMX2 can't resolve the next-hop IP 192.168.20.2 of the route, it will be rejected and hidden.
    I cannot see 192.168.20.2 from vMX2 by 'show route terse'.
    However, I found the hidden route from commands below.
    ----- ↓↓ OUTPUTS ↓↓ -----
    jcluser@vMX2> show route 192.168.200.0/24 hidden

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both

    192.168.200.0/24 [BGP/150] 01:57:40, MED 120, localpref 100, from 192.168.30.2
    AS path: 120000 I, validation-state: unverified
    Unusable
    jcluser@vMX2>

    jcluser@vMX2> show route 192.168.200.0/24 detail hidden

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    192.168.200.0/24 (3 entries, 1 announced)
    BGP Preference: 150/-101
    Next hop type: Unusable, Next hop index: 0
    Address: 0xc4b50bc
    Next-hop reference count: 1
    Source: 192.168.30.2
    State: <Hidden Int Ext>
    Inactive reason: Unusable path
    Local AS: 65000 Peer AS: 65000
    Age: 1:57:29 Metric: 120
    Validation State: unverified
    Task: BGP_65000_65000.192.168.30.2
    AS path: 120000 I
    Accepted
    Localpref: 100
    Router ID: 192.168.20.1
    Thread: junos-main

    jcluser@vMX2>
    ----- ↑↑ OUTPUTS ↑↑ -----

    > - By MED change on vMX4, do you mean that the metric-out towards peer 192.168.10.1 was changed? If yes, to which value?
    I have changed 100 to 500 on vMX4. (Of course on eBGP-INSTANCE which connect with 192.168.10.0/24)

    > - After doing the changes on vMX4, can you please share the output of the below commands from vMX2?
    > show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive
    > show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive
    > show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive
    > show route 192.168.200.0/24 exact extensive
    I will share the outputs. From vMX2, I can confirm that the changed MED(100 -> 500).
    But vMX2 did not receive a network 192.168.20.0/24.
    I might add more settings, or delete specific filter or rules to remove the blocking settings?
    ----- ↓↓ OUTPUTS ↓↓ -----
    jcluser@vMX2> show route terse

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    + = Active Route, - = Last Active, * = Both

    A V Destination P Prf Metric 1 Metric 2 Next hop AS path
    * ? 192.168.10.0/24 D 0 >ge-0/0/0.0
    * ? 192.168.10.1/32 L 0 Local
    * ? 192.168.30.0/24 D 0 >ge-0/0/2.0
    * ? 192.168.30.1/32 L 0 Local
    * ? 192.168.100.0/24 D 0 >ge-0/0/3.0
    * ? 192.168.100.2/32 L 0 Local
    * ? 192.168.200.0/24 B 170 100 500 120000 I
    unverified >192.168.10.2
    ? S 170 >192.168.30.2

    jcluser@vMX2>

    jcluser@vMX2> show route receive-protocol bgp 192.168.10.2 192.168.200.0/24 extensive

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    * 192.168.200.0/24 (3 entries, 1 announced)
    Accepted
    Nexthop: 192.168.10.2
    MED: 500
    AS path: 120000 I

    jcluser@vMX2>

    jcluser@vMX2> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 extensive

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)

    jcluser@vMX2>

    jcluser@vMX2> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    192.168.200.0/24 (3 entries, 1 announced)
    Accepted
    Nexthop: 192.168.20.2
    MED: 120
    Localpref: 100
    AS path: 120000 I

    jcluser@vMX2>

    jcluser@vMX2> show route 192.168.200.0/24 exact extensive

    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    192.168.200.0/24 (3 entries, 1 announced)
    TSI:
    KRT in-kernel 192.168.200.0/24 -> {192.168.10.2}
    Page 0 idx 1, (group iBGP-INSTANCE type Internal) Type 1 val 0xd3cf708 (adv_entry)
    Advertised metrics:
    Nexthop: 192.168.10.2
    MED: 120
    Localpref: 100
    AS path: [65000] 120000 I
    Communities:
    Advertise: 00000001
    Path 192.168.200.0
    from 192.168.10.2
    Vector len 4. Val: 1
    *BGP Preference: 170/-101
    Next hop type: Router, Next hop index: 611
    Address: 0xc4b5c1c
    Next-hop reference count: 2
    Source: 192.168.10.2
    Next hop: 192.168.10.2 via ge-0/0/0.0, selected
    Session Id: 0x141
    State: <Active Ext>
    Local AS: 65000 Peer AS: 120000
    Age: 2:20 Metric: 500
    Validation State: unverified
    Task: BGP_120000_65000.192.168.10.2
    Announcement bits (3): 1-KRT 2-BGP_RT_Background 3-Resolve tree 1
    AS path: 120000 I
    Accepted
    Localpref: 100
    Router ID: 192.168.10.2
    Thread: junos-main
    Static Preference: 170
    Next hop type: Router, Next hop index: 610
    Address: 0xc4b5ae4
    Next-hop reference count: 2
    Next hop: 192.168.30.2 via ge-0/0/2.0, selected
    Session Id: 0x140
    State: <Int Ext>
    Inactive reason: Route Metric, BGP vs. non-BGP
    Local AS: 65000
    Age: 10:12
    Validation State: unverified
    Task: RT
    AS path: I
    Thread: junos-main

    jcluser@vMX2>
    ----- ↑↑ OUTPUTS ↑↑ -----

    Thank you,

    ------------------------------
    Saw Tam
    ------------------------------



  • 4.  RE: Can't change(renew) a path of eBGP with MED

    Posted 12-08-2022 13:02
    Hi Saw,

    Here is the problem.
    jcluser@vMX2> show route receive-protocol bgp 192.168.30.2 192.168.200.0/24 hidden extensive
    
    INSTANCE.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 1 hidden)
    192.168.200.0/24 (3 entries, 1 announced)
    Accepted
    Nexthop: 192.168.20.2 <<<<<<<----------------------
    MED: 120
    Localpref: 100
    AS path: 120000 I​

    The next hop of the route advertised by 192.168.30.2 is 192.168.20.2. vMX2 doesn't have a route to 192.168.20.2, as you have already confirmed. Thus, vMX2 discards this route as it doesn't know how to reach the next-hop.

    In the BGP-OUT filter on vMX3 add "then next-hop self" (do this on any iBGP peering in your topology). vMX3 will then change the next-hop in the route advertized to vMX2 to it's own IP.  vMX2 will then accept the route and install in the BGP and routing-table. Please check.



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------



  • 5.  RE: Can't change(renew) a path of eBGP with MED

    Posted 12-11-2022 23:50
    Hi Sheetanshu,

    Thank you for your comment again.
    I have comprehended the problem.

    After added 'then next-hop self' to each peer and mended prefix-lists and other BGP options,
    the host got to work as I expected finally.

    Thank you for your advises and tips.

    Regards,

    ------------------------------
    Saw
    ------------------------------