Hi all.
I am new to the Juniper devices, and am having some trouble with hidden routes. I am hopeing some of the forum members can lend me a helping hand to resolve my issues.
Please bear in mind that I have limited Juniper device exposure, with the vast majority of my time spent on the Cisco devices, so I might not know the Juniper terminology as well as a Juniper veteran 🙂
Any help is most aperciated.
My requirement is to get all those 744 hidden routes into the backend routing instance, that is explained below and outlined below.
The cisco side reports that they are receiving the prefixes I have advertised out to them perfectly.
==================
-1st my topology:
One Juniper EX-4550 virtual chassis switch, with two aggregated interfaces to two Cisco devices.
Link1:
-------
Juniper EX-4550
interface ae1.901
vlan-id 901
inet address 172.31.106.11/31
-----------to----------->
Cisco1
ip address 172.31.106.10/31
Link 2:
--------
Juniper EX-4550
interface ae2.903
inet address 172.31.106.13/31
vlan-id 903
-----------to----------->
Cisco2
ip address 172.31.106.12/31
==============
I am running a backend routing instance configured as follows:
==============
>show configuration routing-instances
backend {
instance-type virtual-router;
interface ae1.901;
interface ae2.903;
interface vlan.0;
interface vlan.1;
interface vlan.2;
routing-options {
interface-routes {
rib-group inet backend;
}
}
protocols {
bgp {
log-updown;
family inet {
unicast;
}
local-as 65514;
group AS65514 {
type external;
description "eBGP to cisco for Backend;";
import BACKEND-IMPORT;
export BACKEND-EXPORT;
peer-as 4802;
neighbor 172.31.106.10 {
description "eBGP link to cisco1";
authentication-key "xxxx"; ## SECRET-DATA
}
neighbor 172.31.106.12 {
description "eBGP link to cisco2";
authentication-key "xxxx"; ## SECRET-DATA
}
}
}
}
}
>show route instance backend detail backend:
Router ID: 10.8.252.254
Type: virtual-router State: Active
Interfaces:
vlan.2
vlan.1
vlan.0
ae2.903
ae1.901
Tables:
backend.inet.0 : 754 routes (10 active, 0 holddown, 744 hidden)
{master:0}
==================
My policy-statements are configured as follows:
===================
policy-statement BACKEND-EXPORT {
term 10 {
from {
route-filter 10.8.254.0/24 exact;
route-filter 10.8.253.0/24 exact;
route-filter 10.8.252.0/24 exact;
}
then {
metric 50;
community add POP-CBR;
next-hop self;
accept;
}
}
term default-reject {
then reject;
}
}
policy-statement BACKEND-IMPORT {
term 10 {
from {
route-filter 10.5.0.0/16 orlonger;
route-filter 10.23.0.0/16 orlonger;
}
then {
preference 20;
accept;
}
}
term default-reject {
then reject;
}
}
========================
BGP is up and running:
========================
> show bgp neighbor 172.31.106.10 instance backend
Peer: 172.31.106.10+179 AS 4802 Local: 172.31.106.11+57352 AS 65514
Description: eBGP link cisco1
Type: External State: Established Flags: <Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Export: [ BACKEND-EXPORT ] Import: [ BACKEND-IMPORT ]
Options: <Preference AuthKey LogUpDown AddressFamily PeerAS LocalAS Refresh>
Authentication key is configured
Address families configured: inet-unicast
Holdtime: 90 Preference: 170 Local AS: 65514 Local System AS: 0
Number of flaps: 0
Peer ID: 203.215.20.250 Local ID: 172.31.106.11 Active Holdtime: 90
Keepalive Interval: 30 Group index: 0 Peer index: 0
BFD: disabled, down
Local Interface: ae1.901
NLRI for restart configured on peer: inet-unicast
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Stale routes from peer are kept for: 300
Restart time requested by this peer: 120
NLRI that peer supports restart for: inet-unicast
NLRI peer can save forwarding state: inet-unicast
NLRI that restart is negotiated for: inet-unicast
NLRI of received end-of-rib markers: inet-unicast
NLRI of all end-of-rib markers sent: inet-unicast
Peer does not support 4 byte AS extension
Peer does not support Addpath
Table backend.inet.0 Bit: 10000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 0
Received prefixes: 372
Accepted prefixes: 0
Suppressed due to damping: 0
Advertised prefixes: 3
Last traffic (seconds): Received 20 Sent 4 Checked 42
Input messages: Total 9561 Updates 114 Refreshes 1 Octets 186307
Output messages: Total 9565 Updates 4 Refreshes 0 Octets 181951
Output Queue[0]: 0
{master:0}
>ping routing-instance backend 172.31.106.10 detail
PING 172.31.106.10 (172.31.106.10): 56 data bytes
64 bytes from 172.31.106.10 via ae1.901: icmp_seq=0 ttl=255 time=1.219 ms
64 bytes from 172.31.106.10 via ae1.901: icmp_seq=1 ttl=255 time=0.992 ms
64 bytes from 172.31.106.10 via ae1.901: icmp_seq=2 ttl=255 time=1.319 ms
64 bytes from 172.31.106.10 via ae1.901: icmp_seq=3 ttl=255 time=1.073 ms
^C
--- 172.31.106.10 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.992/1.151/1.319/0.127 ms
> show route receive protocol bgp 172.31.106.10 all detail table backend.inet.0
backend.inet.0: 380 destinations, 754 routes (10 active, 0 holddown, 744 hidden)
10.0.13.4/31 (2 entries, 0 announced)
Nexthop: 172.31.106.10
AS path: 4802 65513 ? (Looped: 4802)
etc... for 744 hidden routes
> show route table backend.inet.0 hidden extensive
backend.inet.0: 380 destinations, 754 routes (10 active, 0 holddown, 744 hidden)
10.0.13.4/31 (2 entries, 0 announced)
BGP /-101
Next hop type: Router
Address: 0x28d8fcc
Next-hop reference count: 372
Source: 172.31.106.12
Next hop: 172.31.106.12 via ae2.903, selected
Session Id: 0x7
State: <Hidden Ext>
Peer AS: 4802
Age: 1d 22:13:05
Validation State: unverified
Task: BGP_4802_65514.172.31.106.12+179
AS path: 4802 65513 ? (Looped: 4802)
Localpref: 100
Router ID: 203.215.20.249
BGP /-101
Next hop type: Router
Address: 0x28d8d20
Next-hop reference count: 372
Source: 172.31.106.10
Next hop: 172.31.106.10 via ae1.901, selected
Session Id: 0x4
State: <Hidden Ext>
Peer AS: 4802
Age: 3d 0:15:34
Validation State: unverified
Task: BGP_4802_65514.172.31.106.10+179
AS path: 4802 65513 ? (Looped: 4802)
Localpref: 100
Router ID: 203.215.20.250
etc... for 744 hidden routes
=======================================
Once again, many thanks for any help and guidance.
Conlan