Hi, ----- On 23 Jun, 2020, at 14:57, Saku Ytti s...@ytti.fi wrote:
> Hey Mihai, > > >> Is the rib-group configured under VRF auto-export supposed to be a >> 'per-table' (instead of per-protocol) rib-group which can also export >> routes from VRFs to non-VRF instances, default included? >> The example on the link below shows the export to another table within >> the same instance: >> >> https://www.juniper.net/documentation/en_US/junos/topics/example/policy-duplicating-routes.html >> >> I already tested and confirmed that routes from VRFs can be leaked to >> inet.0 by just using the rib-group under auto-export but I am not sure >> whether this is officially supported. > > I'm not sure if auto-export and rib-groups are directly related. The > common reason why you need auto-export in Junos (but not in other NOS) > is that if you import RT, and that RT in another local VRF, you don't > import it. As import only works on verbatim l3vpn rib. Auto-export > allows you to RT import routes from other local VRFs. > > rib-group is a set of ribs,which you can attach to multiple places and > it has different semantics on where you set it. But once a route hitsa > rib-group, instead of it being installed to one specific RIB, it is > installed to all of the RIBs in that rib-group. > > There are some significant behavioural differences on route which > arrived 'natively' to RIB and route which arrived via rib-group, > namely you might not be able to reflect one in BGP while you are able > to reflect another. And sadly it's a feature, not a bug. In addition to the significant behavioural difference between copying routes with rib-groups vs. leaking by RTs that Saku referred above, there are some interesting behaviour when using rib-groups. For example, when a rib-group is attached to a BGP peering, the BGP import policy is effectively applied twice - first when the route is accepted into the "native" table and a second time when the route is copied e.g. to inet.0 or some other table. Antti _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp