Hi, Did you try to configure policy matching those routes and use it for * vrf-export*?
The other option that I am thinking is to use *auto-export.* Because BGP is advertising only the primary route. With *auto-export* the routes will be looking like not coming from BGP process. But this is not the case with OSPF so with OSPF it should work. R4@M7i-2# run show route 8.8.8.8/32 extensive - should show that the route is secondary in Customer.inet.0 HTH, Ivan, On Wed, Jun 5, 2013 at 11:43 AM, Mihai Gabriel <[email protected]>wrote: > I don't have the book with me right now to check, but I tried your setup > without succes:) > A workaround for this would be a generated default route on R4 when > 8.8.8.8 exists in customer.inet.0 > > mihai@mx#run show route table customer.inet.0 0.0.0.0/0 exact > > customer.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) > + = Active Route, - = Last Active, * = Both > > 0.0.0.0/0 *[Aggregate/130] 00:06:26 > Reject > > mihai@mx#show routing-instances customer routing-options generate > route 0.0.0.0/0 policy if-8.8.8.8-exist; > > > mihai@mx#show policy-options policy-statement if-8.8.8.8-exist > term 10 { > from { > protocol bgp; > route-filter 8.8.8.8/32 exact; > } > then accept; > } > term 20 { > then reject; > } > > mihai@mx#run show route advertising-protocol bgp 172.27.255.3 0.0.0.0/0 > > bgp.l3vpn.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) > Prefix Nexthop MED Lclpref AS path > 10:10:0.0.0.0/0 > * Self 100 I > > > On Tue, Jun 4, 2013 at 11:33 PM, Alexey <[email protected]> wrote: > > > Mihai, Olivier, > > thanks for your response, I also suggests that it could be related with > > IBGP rules, but unfortunately making R4 route-reflector for R3 doesn't > > resolve the issue: > > > > R4@M7i-2# show protocols bgp > > ... > > group vpnv4-r3 { > > type internal; > > local-address 172.27.255.4; > > family inet-vpn { > > unicast; > > } > > cluster 0.0.0.1; > > neighbor 172.27.255.3; > > } > > > > [edit] > > R4@M7i-2# > > > > R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3 > > > > bgp.l3vpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden) > > Restart Complete > > Prefix Nexthop MED Lclpref AS path > > 172.27.255.4:100:2.2.2.2/32 > > * Self 100 1 I > > 172.27.255.4:100:172.27.0.4/30 > > * Self 100 I > > > > [edit] > > R4@M7i-2# > > > > Earlier I also try to use rib-group "inet0->vrf" which imports routes to > > inet.0 and Customer.inet.0 tables, ospf routes get into Customer.inet.0 > but > > still don't get advertised to R3: > > > > R4@M7i-2# show protocols ospf > > rib-group inet0->vrf; > > > > R4@M7i-2# show routing-options rib-groups > > inet0->vrf { > > import-rib [ inet.0 Customer.inet.0 ]; > > } > > > > > > The same ospf route in both tables of R4: > > R4@M7i-2# run show route protocol ospf 172.27.0.0/30 > > > > inet.0: 32 destinations, 37 routes (30 active, 0 holddown, 2 hidden) > > Restart Complete > > + = Active Route, - = Last Active, * = Both > > > > 172.27.0.0/30 *[OSPF/10] 00:07:35, metric 100 > > > > > to 172.27.0.10 via ge-1/3/0.41 > > > > inet.3: 7 destinations, 11 routes (2 active, 0 holddown, 7 hidden) > > Restart Complete > > > > Customer.inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 > > hidden) > > + = Active Route, - = Last Active, * = Both > > > > 172.27.0.0/30 *[OSPF/10] 00:07:35, metric 100 > > > > > to 172.27.0.10 via ge-1/3/0.41 > > > > [edit] > > R4@M7i-2# > > > > But still no ospf routes advertised to R3: > > R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3 > > > > bgp.l3vpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden) > > Restart Complete > > Prefix Nexthop MED Lclpref AS path > > 172.27.255.4:100:2.2.2.2/32 > > * Self 100 1 I > > 172.27.255.4:100:172.27.0.4/30 > > * Self 100 I > > > > [edit] > > R4@M7i-2# > > > > > > -- > > Alexey S. > > Leading engineer > > Network solutions team > > CCIE R&S > > > > [email protected] > > > > 04.06.2013, 21:09, "Mihai" <[email protected]>: > > > > > for R3, sorry :) > > > > > > On 06/04/2013 07:56 PM, Mihai wrote: > > >> Hello, > > >> > > >> Maybe I am wrong, but as long as R1,R3,R4 are internal bgp > neighbors, > > R4 > > >> should be route reflector for R4. > > >> > > >> Regards, > > >> Mihai > > >> > > >> On 06/04/2013 06:44 PM, Alexey wrote: > > >>> Hi guys, > > >>> > > >>> Now I'm preparing for JNCIE-SP certification, and faced with > problem > > >>> providing internet-access for VPN users. > > >>> > > >>> I attach my test topology to email. > > >>> R4 and R3 are PE routers which holds vrf table "Customer", R1 > router > > >>> holds ipv4 static route 8.8.8.8/32 to represent Internet routes. > > >>> Between R4 and R3 there is vpnv4 IBGP session and Between R4 and > R1 - > > >>> ipv4 IBGP. > > >>> > > >>> I use rib-group to import IPv4 routes received from R1 also in > table > > >>> Customer.inet.0. Routes are imported as expected and I see > > 8.8.8.8/32 > > >>> in vrf Customer: > > >>> R4# run show route table Customer 8.8.8.8 > > >>> > > >>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 > > >>> hidden) > > >>> + = Active Route, - = Last Active, * = Both > > >>> > > >>> 8.8.8.8/32 *[BGP/170] 00:50:35, localpref 100, from 172.27.255.1 > > >>> AS path: I > > >>>> to 172.27.0.10 via ge-1/3/0.41, label-switched-path r4-to-r1 > > >>> [edit] > > >>> R4@M7i-2# > > >>> > > >>> But the problem is that R4 doesn't pass this route from VRF to R3 > via > > >>> MP-BGP. > > >>> R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3 > > >>> > > >>> Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 > > >>> hidden) > > >>> Prefix Nexthop MED Lclpref AS path > > >>> * 2.2.2.2/32 Self 100 1 I > > >>> * 172.27.0.4/30 Self 100 I > > >>> > > >>> [edit] > > >>> R4@M7i-2# > > >>> > > >>> The same task was in bootcamp lab guide book, and according to it, > > >>> other members of VRF do receive internet routes. I also tried to > use > > >>> VRF export policy;vrf-table-label - nothing helps. > > >>> Please help, may be there is some knob to make it work? > > >>> > > >>> PS:All routers are real equipment (no logical systems). > > >>> PSS:I also attach relevant parts of config. > > >>> > > >>> _______________________________________________ > > >>> juniper-nsp mailing list [email protected] > > >>> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Best Regards! Ivan Ivanov _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
