SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  dual stack IP/IPv6 eBGP config

    Posted 05-15-2012 08:40

    Hey all,

     

    Just after some advice over an error msg that I getting on the SRX when I commit the changes. The background here is that I'm implementing IPv6 on my network, all interfaces have both IP & IPv6 address and trying to peer BGP to two different neighbour (IP & IPv6) to the same box. One side is Cisco the other is Juniper. I'm happy with the Cisco side just need some direction on the juniper side. *PS IP's addresses changed to random address

     

    Error Message:

    mark@fffriwhilfffffsrx240# commit
    [edit protocols]
    'bgp'
    Error in neighbor 2001:aa0:20f:5003::1 of group eBGP-LAB-IPv6:
    only IPv6 NLRI are allowed with an IPv6 neighbor
    error: configuration check-out failed

     

    Juniper Config:

    ge-0/0/2 {
    description LAB;
    speed 1g;
    unit 0 {
    family inet {
    address 103.58.128.150/30;
    }
    family inet6 {
    address 2001:AA0:20F:5003::2/64;

     

    bgp {
    traceoptions {
    file LOG-BGP size 1m files 5;
    flag state;
    flag normal;
    }
    description BGP;
    mtu-discovery;
    log-updown;
    damping;
    family inet {
    any;
    }
    family inet6 {
    any;

    }
    group eBGP-LAB {
    type external;
    description "eBGP to xx AS 64515";
    local-address 103.58.128.150;
    authentication-key "xxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
    export ANNOUNCE;
    peer-as 64515;
    neighbor 103.58.128.149;
    }
    group eBGP-LAB-IPv6 {
    peer-as 64515;
    neighbor 2001:AA0:20F:5003::1;

     

    Cisco  Config:

    interface GigabitEthernet0/28
    description Connection to xx ge-0/0/2
    no switchport
    ip address 103.58.128.149 255.255.255.252
    load-interval 30
    history BPS all
    ipv6 address 2001:AA0:20F:5003::1/64
    ipv6 enable
    end

     

    router bgp 64515
    bgp log-neighbor-changes
    neighbor 2001:AA0:20F:5003::2 remote-as 64512
    neighbor 2001:AA0:20F:5003::2 description eBGP to xx AS 64512
    neighbor 2001:AA0:20F:5003::2 password 7 xxxxxxxxxxxxxxx
    neighbor 103.58.128.150 remote-as 64512
    neighbor 103.58.128.150 description eBGP to xx AS 64512
    neighbor 103.58.128.150 password 7 xxxxxxxxxxxxxxxxxxxx
    !
    address-family ipv4
    redistribute eigrp 64515 route-map EIGRP-to-BGP
    neighbor 103.58.128.150 activate
    neighbor 103.58.128.150 soft-reconfiguration inbound
    neighbor 103.58.128.150 prefix-list ALLOW-OUT out
    no auto-summary
    exit-address-family
    !
    address-family ipv6
    redistribute eigrp 64515 route-map IPV6-EIGRP-to-BGP include-connected
    neighbor 2001:AA0:20F:5003::2 activate
    neighbor 2001:AA0:20F:5003::2 send-community
    neighbor 2001:AA0:20F:5003::2 soft-reconfiguration inbound
    neighbor 2001:AA0:20F:5003::2 prefix-list IPV6-ALLOW-OUT out
    exit-address-family

     

    What do you think, Can you help out with this anyone? *PS First post to juniper forum



  • 2.  RE: dual stack IP/IPv6 eBGP config
    Best Answer

     
    Posted 05-15-2012 09:06

    Hi, the error is displayed because the IPv6 bgp group is inheriting the "family inet any" statement from the global bgp hierarchy. To avoid this behavior you should configure the family statement at the group level for each group, so that the group eBGP-LAB will have the "family inet any" statement, while the group eBGP-LAB-IPv6 will have the "family inet6 any" statement.

     



  • 3.  RE: dual stack IP/IPv6 eBGP config

    Posted 05-15-2012 19:51

    Great!! that fixed it, thankyou so much