Hi Alexander, In our network, inet.0 is AS20965 and IAS.inet.0 is AS21320. The IAS routing instance contains all commercial routes - public, private, and upstream peerings.
Between inet.0 and IAS.inet.0 we have logical tunnels with BGP peerings. The routers are all configured with autonomous-system 20965, but to networks external to AS21320, we appear as AS21320, with the following configuration: set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x local-as 21320 set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x local-as private set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x local-as no-prepend-global-as This keeps things tidy, loop-free, and BGP all the way, ie: no RIB groups or 'loops 2' statements, and we benefit from BGP path loop detection, and BGP policy controls between the two ASes. We've been running with 2.6M routes this way for 2.5 years+ and no issues. Happy to share if ever you want to refine your solution. Br, Niall -----Original Message----- From: juniper-nsp [mailto:[email protected]] On Behalf Of Philippe Girard Sent: 29 June 2018 15:15 To: Alexander Arseniev <[email protected]> Cc: [email protected] Subject: Re: [j-nsp] VRF export/import of eBGP learned route Hello everyone Thank you so much for your suggestions. The solution in this case is to remove the autonomous-system statement completely from the routing-instance routing-options and apply the local-as statement under bgp with the private knob. protocols { bgp { local-as 456 loops 2 private This creates an internal table that looks just like it would under regular bgp inet.0. Thanks again! On Fri, Jun 29, 2018 at 4:07 AM Alexander Arseniev via juniper-nsp < [email protected]> wrote: > Hello, > > Does "no-prepend-global-as" help? > > > https://www.juniper.net/documentation/en_US/junos/topics/concept/bgp-l > ocal-as-introduction.html > > HTH > > Thx > > Alex > > > On 29/06/2018 04:58, Aaron Gould wrote: > > Use with caution in live environment as I'm going off of some > > testing I > was > > recently doing in my lab and I'm pretty sure I saw this same issue. > > > > Sounds like something I saw with my internet boundary pe's, would > > add my > AS > > on routes were learned from internet and send as vpnv4 routes into > > my internal ibgp environment and internal pe's were seeing their own > > AS and routes were being hidden as looped... > > > > Try this on PE1 .... > > > > If pe1 ebgp group is called "ebgp-to-ix"... > > If IX ip that you neighbor with is 1.2.3.4... > > If vrf on PE1 and PE2 is called "my-vrf"... > > > > ...do this on PE1... > > set routing-instances my-vrf protocols bgp group ebgp-to-ix neighbor > 1.2.3.4 > > local-as private > > > > ...now see if PE2 is still seeing its own AS as looped > > > > - Aaron > > > > > > _______________________________________________ > > juniper-nsp mailing list [email protected] > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
