Hello,
Run BGP through MS-MIC and You'd have conditional scenarios covered plus
the following:
1/ Service PIC is misconfigured (i.e. service-set does not exist)
2/ Service PIC has flow-control enabled because i.e. incoming PPS is
above the rated value
Thanks
Alex
On 11/04/2016 10:55, Faizal Rachman wrote:
Hi Aaron,
You should apply dynamic redistribution of default route to your internal
network. First you need to have dynamic 0/0 in your outside domain, it can
be generated (aggregated) from routes contributed by bgp (assuming your
cgnat also running ebgp to your upstream provider), or generated by router
above cgnat, and redistribute this 0/0 to your cgnat.
Secondly, your inside domain will have default static route to your
external domain, and also redistribute this 0/0 to your internal network
based on condition, which is 0/0 exist in your outside domain. Once your
bgp down, your outside domain will lose 0/0, and your inside domain will
stop redistributing 0/0 to your internal network.
Thanks.
Faizal R
On Wed, Apr 6, 2016 at 7:19 AM, Aaron <aar...@gvtc.com> wrote:
My customers are currently in a vrf for internet access. they all have
public ip addresses. I'm running low on IP's and I'm planning a CGNat
deployment.
Call my current vrf "one"
I'm planning on creating a new inside nat domain, and throwing customers
into that new vrf.
Call the new vrf "three"
I'm currently testing a Juniper MX104 with MS-MIC-16G and it seems to be
working nicely thus far. (actually I'm testing redundant cgn nodes, the
other one is a cisco asr9k w/vsm-500)
On the juniper cgn node I have ..
ms-1/0/0.2 - vrf "one" - service-domain outside
ms-1/0/0.1 - vrf "three" - service-domain inside
My current way of getting traffic towards the nat's is via static routes
and
thus being advertised into vrf "three" where remote pe's learn about those
dual default routes and it all works good... but. static routes always
scare
me when not tied to some other logic.
My concerns are that if the wan (nat outside, ms-1/0/0/2, vrf "one") side
of
the nat node dies, then I don't want traffic arriving at that nat node and
being dropped/blackholed.
What are the best ways to conditionally advertise a few routes based on
some
external reachability info ?
I've recently learned about rib-groups and doing inter-vrf route leaking..
I
wonder if I should learn the vrf "one" default route and leak it into vrf
"three" across the control plane of those dual nat nodes.
I've recently learned about conditionally generated routes and wonder if
there's a nice solution there.
I welcome any and all suggestions.
Thanks y'all
Aaron
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
