Routing
Highlighted
Routing

How to accomodate Google PNI traffic and GGC traffic in one Source-class

‎03-23-2020 05:29 AM

Hello All,

We had PNI link with google and have now installed GGC nodes. 

traffic from the PNI link was mapped to source-class using BGP communities and all was well, now google traffic will be served from GGC nodes within our DC. the servers are using our IPs(/27 is assigned to them). 

Need help in adding this traffic from the GGC servers to the source-class. current policy exported to forwading table looks like this: 

 

 

-re0# show policy-options policy-statement CDN-POLICY
term CDN {
    from community CDN;
    then {
        source-class CDN-TRAFFIC;
        next policy;
    }
}

This is currently adding all prefixes with BGP community "CDN" to source-class "CDN-TRAFFIC" . 

the GGC servers are not announcing any prefixes to us and cant attache community but since  i know the IP blocks the GGC nodes are using, i tried to add that block to prefix-list named GGC-PREFIXES and add that prefix to the source-class policy but looks like its affecting traffic, even traffic from the PNI link is no longer added to the source-class. 

below is the setup that we did not work:

 

 

KE-re0# show
term 1 {
    from {
        community CDN;
        prefix-list GGC-PREFIX;
    }
    then {
        source-class CDN-CLASS;
        next policy;
    }
}

-re0# top show policy-options prefix-list GGC-PREFIX
197.231.182.224/27;

This source-class is eventually used on cusotmer facing interfaces to alllow them to access google traffic freely. below is typical filter applied on customer interface:

 

re0# top show firewall family inet filter TOSLINK-FILTER
term CDN-TRAFFIC {
    from {
        source-class CDN-CLASS;
    }
    then {
        policer 30MB-POLICER;
        accept;
    }
}
term INTERNET-TRAFFIC {
    then {
        policer 35MB-POLICER;
        accept;
    }
}

I am kindly requesting for help on best to accomodate this setup.  We want all traffic from either GGC nodes or PNI link to be associted with source-class CDN-CLASS so that cusotmers get extra google traffic.

 

 

 

Regards,
lish. 

 

 

 

 

 

 

2 REPLIES 2
Highlighted
Routing
Solution
Accepted by topic author ahmed-lish
‎03-26-2020 01:45 AM

Re: How to accomodate Google PNI traffic and GGC traffic in one Source-class

[ Edited ]
‎03-23-2020 06:08 AM

Hello,

 


@ahmed-lish wrote:

i tried to add that block to prefix-list named GGC-PREFIXES and add that prefix to the source-class policy but looks like its affecting traffic, even traffic from the PNI link is no longer added to the source-class. 

below is the setup that we did not work:

 

 

KE-re0# show
term 1 {
    from {
        community CDN;
        prefix-list GGC-PREFIX;
    }
    then {
        source-class CDN-CLASS;
        next policy;
    }
}

-re0# top show policy-options prefix-list GGC-PREFIX
197.231.182.224/27;

 

 

This is logical AND that You configured. In plain English - only prefixes that are included into Your prefix-list _AND_ have CDN community attached can match term 1.

You need to configure logical OR:

 

set policy-options policy-statement BLAH term t1 from community CDN
set policy-options policy-statement BLAH term t1 then source-class CDN-CLASS
set policy-options policy-statement BLAH term t1 then <whatever>
set policy-options policy-statement BLAH term t2 from prefix-list GGC-PREFIX
set policy-options policy-statement BLAH term t2 then source-class CDN-CLASS
set policy-options policy-statement BLAH term t2 then <whatever>

HTH

Thx

Alex

 

 

 

 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Routing

Re: How to accomodate Google PNI traffic and GGC traffic in one Source-class

‎03-26-2020 01:45 AM

Thanks Alex, That solved my problem.  

 

Lish, 

Feedback