Hi, thanks for adding to this. I've just removed the loops statement in there to see what would happen. It seems to me like the AS number in routing-options is pretty much the source of the looping trigger that occurs (the addition of a second internal AS to the path).
Everything works well and loop free without the loops statement, seems I won't have to go the tunnel way. Thanks again! On Fri, Jun 29, 2018 at 5:39 PM Niall Donaghy <[email protected]> wrote: > Hi Alexander, > > In our network, inet.0 is AS20965 and IAS.inet.0 is AS21320. > The IAS routing instance contains all commercial routes - public, private, > and upstream peerings. > > Between inet.0 and IAS.inet.0 we have logical tunnels with BGP peerings. > > The routers are all configured with autonomous-system 20965, but to > networks > external to AS21320, we appear as AS21320, with the following > configuration: > > set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x > local-as 21320 > set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x > local-as private > set routing-instances IAS protocols bgp group SOMEGROUP neighbor x.x.x.x > local-as no-prepend-global-as > > This keeps things tidy, loop-free, and BGP all the way, ie: no RIB groups > or > 'loops 2' statements, and we benefit from BGP path loop detection, and BGP > policy controls between the two ASes. > > We've been running with 2.6M routes this way for 2.5 years+ and no issues. > > Happy to share if ever you want to refine your solution. > > Br, > Niall > > -----Original Message----- > From: juniper-nsp [mailto:[email protected]] On Behalf > Of > Philippe Girard > Sent: 29 June 2018 15:15 > To: Alexander Arseniev <[email protected]> > Cc: [email protected] > Subject: Re: [j-nsp] VRF export/import of eBGP learned route > > Hello everyone > > Thank you so much for your suggestions. The solution in this case is to > remove the autonomous-system statement completely from the routing-instance > routing-options and apply the local-as statement under bgp with the private > knob. > > protocols { > bgp { > local-as 456 loops 2 private > > This creates an internal table that looks just like it would under regular > bgp inet.0. > > Thanks again! > > On Fri, Jun 29, 2018 at 4:07 AM Alexander Arseniev via juniper-nsp < > [email protected]> wrote: > > > Hello, > > > > Does "no-prepend-global-as" help? > > > > > > https://www.juniper.net/documentation/en_US/junos/topics/concept/bgp-l > > ocal-as-introduction.html > > > > HTH > > > > Thx > > > > Alex > > > > > > On 29/06/2018 04:58, Aaron Gould wrote: > > > Use with caution in live environment as I'm going off of some > > > testing I > > was > > > recently doing in my lab and I'm pretty sure I saw this same issue. > > > > > > Sounds like something I saw with my internet boundary pe's, would > > > add my > > AS > > > on routes were learned from internet and send as vpnv4 routes into > > > my internal ibgp environment and internal pe's were seeing their own > > > AS and routes were being hidden as looped... > > > > > > Try this on PE1 .... > > > > > > If pe1 ebgp group is called "ebgp-to-ix"... > > > If IX ip that you neighbor with is 1.2.3.4... > > > If vrf on PE1 and PE2 is called "my-vrf"... > > > > > > ...do this on PE1... > > > set routing-instances my-vrf protocols bgp group ebgp-to-ix neighbor > > 1.2.3.4 > > > local-as private > > > > > > ...now see if PE2 is still seeing its own AS as looped > > > > > > - Aaron > > > > > > > > > _______________________________________________ > > > juniper-nsp mailing list [email protected] > > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > _______________________________________________ > > juniper-nsp mailing list [email protected] > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
