Dear community, just to add some additional comments/questions about this topic.
We have 2 PE (logical systems) with 2 VRF belonging to same VPN (working with AFI IPv4 and SAFI VPNv4). - VRF-A in PE1 has only 1 CE1 facing interface and a PE-CE eBGP session is established throught it. - VRF-A within PE2 has 2 interfaces to CE2. There are 2 eBGP sessiones between both devices, one per interface. - VRFs in both ends are using the vrf-target option, which should result in a default VRF policy that advertise all active routes in the VRF, including the directly connected routes from the PE-CE VRF interfaces. Based on the mentioned scenario we see the following behavior. 1- When vrf-table-label is not configured, the only direct routes we receive on the remote end are those having an active eBGP route (in other words, the next hop of the eBGP active route, pointing to the attached CE, belongs to /30 of the direct route being received). 2- When vrf-table-label is configured, every direct route is received on the remote, even those not having an active eBGP route. I would like to have a better understanding about the reasons for the described behavior. Any help would be much appreciated. -----Mensaje original----- De: [email protected] [mailto:[email protected]] En nombre de David Lockuan Enviado el: Sábado, 16 de Octubre de 2010 07:16 p.m. Para: Cristian Frizziero CC: [email protected] Asunto: Re: [j-nsp] Problem of Forwarding on VPN using vrf-table-label. Hi Cristian, It is correct, I had 2 PE with 2 VPN. Sorry I don't send the configuration of both PE's. Just now I send you the both configurations. I noted that when I used the command "vrf-table-label" the next-hop after the label lookup is to next-table of the VPN and when I don't used it the next-hop is the IP address or interface to face the CE router. Other things that I noted is the vpn-label on both PE is the same for each VPN and when I don't use the command the vpn-label is different for each VPN. I send the output of my review. In this case I put only into VPN-A the command and the VPN-B is without the command. Visite http://www.cablevision.com.ar Visite http://www.fibertel.com.ar ___________________________________________________________________________ Este mensaje es confidencial. Puede contener informacion amparada por el secreto comercial. Si usted ha recibido este e-mail por error, debera eliminarlo de su sistema. No debera copiar el mensaje ni divulgar su contenido a ninguna persona. Muchas gracias. This message is confidential. It may also contain information that is privileged or not authorized to be disclosed. If you have received it by mistake, delete it from your system. You should not copy the messsage nor disclose its contents to anyone. Many thanks. ___________________________________________________________________________ _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
