Can you do "show route protocol bgp hidden extensive" > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:juniper-nsp- > [EMAIL PROTECTED] On Behalf Of Phil Mayers > Sent: Tuesday, May 15, 2007 7:15 AM > To: juniper-nsp > Subject: [j-nsp] Cisco-style "allowas-in" OR: Inter-connecting VPNs > (+default VRF) using eBGP > > All, > > I'm running a (slightly more complex) version of the network shown here: > > http://picasaweb.google.co.uk/phil.mayers/NetworkDiagrams/photo#50647429 15 > 858918722 > > Important things to note: there are only 6 physical routers in this > network. rtr-A and rtr-B are 6500s running MPLS L3 VPNs. The cisco > implementation mandates that the BGP process "inside" the VPN be the > same AS# as the other VPNs and the non-VPN. > > The network basically works; as long as I use "allowas-in 1" on the VPN > and non-VPN eBGP peerings it's all good and the routes propagate between > the VRFs and into the non-VRF. > > However, the two Junipers ignore the routes from the VPNs, presumably > because they've got their own AS# in, though there's no logging in the > (oh so awful) traceing. What's slightly odd is that the ciscos seem to > need no special handling in order to accept iBGP routes with their own > as# in - the "allowas-in" command is only needed for the eBGP peerings. > > Can anyone comment on the expected behaviour, any workarounds available > to me (make the junipers accepts the routes) or any possible alternative > techniques? > > Things I've tried: > > * remove-private-as on the firewall->nonVRF eBGP peering does not > appear to work, presumably because we *are using* private as# at both > ends. > > * Ciscos' "local-as" command on the vrf->firewall eBGP peerings does > not appear to do what I expected: instead of masquerading the routes as > e.g. 64582, is appears to *prepend* it. > > Comments appreciated. > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
