Routing

Hello All,

I have connected a J2320 Juniper router to a Cisco C2691 router and I am trying to establish a communication between the two via VRF but I don't seem to get them to exchange any routes in their respective VRF. The topology can be seen in the attachment. I need to add more VRFs later and as an initial step, I started with 1 VRF labeled cust-a.

Between the J2320 and C2691 link, I have OSPF, MPLS, and MP-BGP running. All 3 protocols seem to work fine. In C2691, I created Loopback1 (10.10.100.1/24) to mimic the network for Customer-A (vrf cust-a). In J2320, Lo0.1 (10.10.200.2/24) and Em1.0 (192.168.23.2/24) are assigned to routing-instances cust-a representing the other side of the network for Customer-A. 

Please help identify the reason I cannot reach 10.10.200.2 and 192.168.23.2 from C2691. I cannot either ping 10.10.100.1 from J2320.

Running Config of C2691:

R1#show run
Building configuration...

Current configuration : 2681 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
ip vrf cust-a
rd 200:200
route-target export 200:200
route-target import 200:200
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
mpls label protocol ldp
!
ip tcp synwait-time 5
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback1
ip vrf forwarding cust-a
ip address 10.10.100.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.252
duplex auto
speed auto
mpls ip
!
router ospf 1
log-adjacency-changes
network 10.10.10.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.3 area 0
!
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 send-community both
exit-address-family
!
address-family ipv4 vrf cust-a
redistribute connected
redistribute static
no synchronization
exit-address-family
!
ip forward-protocol nd
!
mpls ldp router-id Loopback0
!
control-plane

R1#

Running Config of J2320:

root@Juniper-PE> show configuration
## Last commit: 2014-10-09 18:57:19 UTC by root
version 10.1R1.8;
system {
host-name Juniper-PE;
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
family inet {
address 192.168.1.2/30;
}
family mpls;
}
}
em1 {
unit 0 {
family inet {
address 192.168.23.2/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
routing-options {
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface em0.0;
}
bgp {
group internal-peers {
neighbor 10.10.10.10 {
peer-as 200;
}
}
group external-peers {
type internal;
family inet-vpn {
unicast;
}
}
}
ospf {
area 0.0.0.0 {
interface em0.0;
interface lo0.0;
}
}
ldp {
interface em0.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
routing-instances {
cust-a {
instance-type vrf;
interface em1.0;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}

root@Juniper-PE>

Routing table of VRF cust-a of C2961:

>> No routes to 10.10.200.2/24 and 192.168.23.2/24

R1#show ip route vrf cust-a | beg Gateway
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 2 subnets
C 10.10.100.0 is directly connected, Loopback1
B 10.10.130.0 [200/0] via 30.30.30.30, 14:22:36
R1#

Main Routing table of C2961:

R1#show ip route | beg Gateway
Gateway of last resort is not set

20.0.0.0/32 is subnetted, 1 subnets
O 20.20.20.20 [110/10] via 192.168.1.2, 13:12:53, FastEthernet0/0

10.0.0.0/32 is subnetted, 1 subnets
C 10.10.10.10 is directly connected, Loopback0

192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.0 is directly connected, FastEthernet0/0
R1#

Main Routing table of J2320:

root@Juniper-PE> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.10.10/32 *[OSPF/10] 19:37:53, metric 2
> to 192.168.1.1 via em0.0

20.20.20.20/32 *[Direct/0] 19:38:13
> via lo0.0

192.168.1.0/30 *[Direct/0] 19:38:13
> via em0.0

192.168.1.2/32 *[Local/0] 19:38:13
Local via em0.0

224.0.0.5/32 *[OSPF/10] 19:38:26, metric 1
MultiRecv

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.10.10/32 *[LDP/9] 19:30:51, metric 1
> to 192.168.1.1 via em0.0

cust-a.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.200.0/24 *[Direct/0] 19:38:05
> via lo0.1

10.10.200.2/32 *[Local/0] 19:38:05
Local via lo0.1

192.168.23.0/24 *[Direct/0] 19:30:57
> via em1.0

192.168.23.2/32 *[Local/0] 19:30:57
Local via em1.0

mpls.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0 *[MPLS/0] 19:38:24, metric 1

Receive

1 *[MPLS/0] 19:38:24, metric 1
Receive

2 *[MPLS/0] 19:38:24, metric 1
Receive

16 *[VPN/0] 19:38:13
to table cust-a.inet.0, Pop

299808 *[LDP/9] 19:30:51, metric 1
> to 192.168.1.1 via em0.0, Pop

299808(S=0) *[LDP/9] 19:30:51, metric 1
> to 192.168.1.1 via em0.0, Pop

root@Juniper-PE>

Any help is appreciated.

Thanks.

Hello there,

Your iBGP peering on J2320 side does not have "family inet-vpn unicast" enabled.

Your iBGP peering does not use loopback lo0.0 as src.ip

bgp {
group internal-peers {
neighbor 10.10.10.10 { ## no inet-vpan unicast AFI/SAFI
peer-as 200;  ## source-address 20.20.20.20 missing
}

 HTH

Thanks
Alex

Thank you very much Alex.

Your recommendations work perfectly. All is communicating as expected.

I am pasting the final config of the protocols section in this thread.

protocols {
mpls {
interface em0.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
group external-peers {
type internal;
family inet-vpn {
unicast;
}
}
}
ospf {
area 0.0.0.0 {
interface em0.0;
interface lo0.0;
}
}
ldp {
interface em0.0;
}
}

VRF cust-a routes have been exchanged between the 2 routers:

J2320:

cust-a.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.100.0/24 *[BGP/170] 00:08:56, MED 0, localpref 100, from 10.10.10.10
AS path: ?
> to 192.168.1.1 via em0.0, Push 17

10.10.200.0/24 *[Direct/0] 21:30:36
> via lo0.1

10.10.200.2/32 *[Local/0] 21:30:36
Local via lo0.1

192.168.23.0/24 *[Direct/0] 21:23:28
> via em1.0

192.168.23.2/32 *[Local/0] 21:23:28
Local via em1.0

C2691:

R1#show ip route vrf cust-a | beg Gateway
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 3 subnets
C 10.10.100.0 is directly connected, Loopback1
B 10.10.130.0 [200/0] via 30.30.30.30, 15:35:46
B 10.10.200.0 [200/0] via 20.20.20.20, 00:00:38
B 192.168.23.0/24 [200/0] via 20.20.20.20, 00:00:38
R1#

I am trying a similar configuration with another Juniper - Cisco scenario and the BGP peering is not successful.

Please advise on the steps I am missing.

Juniper ge-0/0/1 is connected to Cisco GigabitEthernet0/1.

Juniper Config:

admin> show configuration
## Last commit: 2014-10-13 16:41:17 UTC by admin
version 10.4R12.4;
system {
host-name stp-j2320-2;
login {
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
filter {
input NTA_jflow;
}
sampling {
input;
output;
}
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.1.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
forwarding-options {
sampling {
input {
rate 100;
run-length 0;
}
family inet {
output {
flow-server 10.140.46.119 {
port 2055;
version9 {
template {
NTA_jflow9;
}
}
}
inline-jflow {
source-address 10.199.6.3;
}
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface ge-0/0/1.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
transport-address router-id;
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
zones {
security-zone Port1 {
host-inbound-traffic {
system-services {
telnet;
ssh;
http;
ping;
}
}
interfaces {
ge-0/0/0.0;
}
}
security-zone Port2 {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
ge-0/0/1.0;
lo0.0;
}
}
}
}
firewall {
family inet {
filter NTA_jflow {
term default {
then {
sample;
accept;
}
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}
services {
flow-monitoring {
version9 {
template NTA_jflow9 {
ipv4-template;
}
}
}
}

admin>

Juniper Routing Table:

admin> show route

inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:29:59
> to 10.199.6.1 via ge-0/0/0.0

10.10.10.10/32 *[OSPF/10] 00:23:20, metric 2
> to 192.168.1.1 via ge-0/0/1.0

10.199.6.0/24 *[Direct/0] 00:29:59
> via ge-0/0/0.0

10.199.6.3/32 *[Local/0] 00:30:04
Local via ge-0/0/0.0

20.20.20.20/32 *[Direct/0] 00:30:26
> via lo0.0

192.168.1.0/30 *[Direct/0] 00:29:59
> via ge-0/0/1.0

192.168.1.2/32 *[Local/0] 00:30:04
Local via ge-0/0/1.0

224.0.0.5/32 *[OSPF/10] 00:23:35, metric 1
MultiRecv

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.10.10.10/32 *[LDP/9] 00:23:17, metric 1

> to 192.168.1.1 via ge-0/0/1.0

cust-a.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.200.0/24 *[Direct/0] 00:13:17
> via lo0.1

10.10.200.2/32 *[Local/0] 00:13:17
Local via lo0.1

mpls.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0 *[MPLS/0] 00:19:29, metric 1
Receive
1 *[MPLS/0] 00:19:29, metric 1
Receive
2 *[MPLS/0] 00:19:29, metric 1
Receive
16 *[VPN/0] 00:14:57
to table cust-a.inet.0, Pop
299792 *[LDP/9] 00:23:17, metric 1
> to 192.168.1.1 via ge-0/0/1.0, Pop
299792(S=0) *[LDP/9] 00:23:17, metric 1
> to 192.168.1.1 via ge-0/0/1.0, Pop

Cisco Config:

lab-vrf-rtr1#show run
Building configuration...

Current configuration : 2436 bytes
!
! Last configuration change at 18:06:56 UTC Mon Oct 13 2014 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname lab-vrf-rtr1
!
boot-start-marker
boot system flash:c2800nm-advipservicesk9-mz.151-4.M9.bin
boot-end-marker
!
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
ip cef
!
ip vrf cust-a
rd 100:100
route-target export 100:100
route-target import 100:100

!

multilink bundle-name authenticated
!
mpls label protocol ldp
!
voice-card 0
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback11
ip vrf forwarding cust-a
ip address 10.10.100.1 255.255.255.0
!
interface GigabitEthernet0/0
ip address 10.199.2.7 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Uplink To Juniper J2320 ge-0/0/1
ip address 192.168.1.1 255.255.255.252
ip ospf network broadcast
duplex auto
speed auto
mpls ip
!
router ospf 1
network 10.10.10.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.3 area 0
!
router bgp 200
no bgp log-neighbor-changes
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source Loopback0
!
address-family vpnv4
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 send-community both
exit-address-family
!
address-family ipv4 vrf cust-a
redistribute connected
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
mpls ldp router-id Loopback0 force
!
control-plane
!
mgcp profile default
end

lab-vrf-rtr1#

Cisco Routing Table:

lab-vrf-rtr1# show ip route | be Gateway
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.10.10.10/32 is directly connected, Loopback0
C 10.199.2.0/24 is directly connected, GigabitEthernet0/0
L 10.199.2.7/32 is directly connected, GigabitEthernet0/0
20.0.0.0/32 is subnetted, 1 subnets
O 20.20.20.20 [110/1] via 192.168.1.2, 01:35:28, GigabitEthernet0/1
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/30 is directly connected, GigabitEthernet0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/1

lab-vrf-rtr1# show ip route vrf cust-a | be Gateway
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.100.0/24 is directly connected, Loopback11
L 10.10.100.1/32 is directly connected, Loopback11
lab-vrf-rtr1#

Thanks.

Hello there,

---

@Raditops wrote:

I am trying a similar configuration with another Juniper - Cisco scenario and the BGP peering is not successful.

 

Please advise on the steps I am missing.

 

---

It appears You are trying it on flow-mode JUNOS, this is not supported.

You have to configure a fully "packet-mode" JUNOS

set security forwarding-options family mpls mode packet-based

 and then don't forget to reboot, or use "selective packet services"

www.juniper.net/us/en/local/pdf/app-notes/3500192-en.pdf

HTH

Thanks
Alex

Thanks Alex for looking into this one.

In order to switch to packet-based, I had to delete the security policies.

The BGP peering session is not yet successful.

New Juniper Config:

admin@stp-j2320-2> show configuration
## Last commit: 2014-10-13 20:19:43 UTC by admin
version 10.4R12.4;
system {
host-name stp-j2320-2;
login {
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
filter {
input NTA_jflow;
}
sampling {
input;
output;
}
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.1.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
forwarding-options {
sampling {
input {
rate 100;
run-length 0;
}
family inet {
output {
flow-server 10.140.46.119 {
port 2055;
version9 {
template {
NTA_jflow9;
}
}
}
inline-jflow {
source-address 10.199.6.3;
}
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface ge-0/0/1.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
transport-address router-id;
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
firewall {
family inet {
filter NTA_jflow {
term default {
then {
sample;
accept;
}
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}
services {
flow-monitoring {
version9 {
template NTA_jflow9 {
ipv4-template;
}
}
}
}

admin@stp-j2320-2>

Juniper BGP Summary:

admin@stp-j2320-2> show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.10.10.10 200 38 38 0 0 15:20 Establ
bgp.l3vpn.0: 0/0/0/0

admin@stp-j2320-2>

Cisco BGP Summary:

lab-vrf-rtr1#show ip bgp sum
BGP router identifier 10.10.10.10, local AS number 200
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
20.20.20.20 4 200 0 0 1 0 0 never Idle
lab-vrf-rtr1#

Hello Alex & All,

The configuration is now set for packet-based but the BGP peering is still not coming up. Anything I am missing?

Please advise.

Thanks.

Hello,

You have to reboot Your J2320 after configuring packet-based mode.

HTH

Thanks

Alex

Thanks Alex for the follow-up. The router was rebooted.

admin@stp-j2320-2> show system uptime
Current time: 2014-10-15 18:31:34 UTC
System booted: 2014-10-15 18:27:42 UTC (00:03:52 ago)
Protocols started: 2014-10-15 18:28:43 UTC (00:02:51 ago)
Last configured: 2014-10-14 16:42:25 UTC (1d 01:49 ago) by admin
6:31PM up 4 mins, 1 user, load averages: 0.35, 0.57, 0.29

admin@stp-j2320-2>

I was running a debug on the Cisco router and also saw the following:

*Oct 15 19:44:01.318: BGP: 20.20.20.20 active went from Active to OpenSent

*Oct 15 19:44:01.318: BGP: 20.20.20.20 active sending OPEN, version 4, my as: 200, holdtime 180 seconds, ID A0A0A0A
*Oct 15 19:44:01.318: BGP: 20.20.20.20 active KEEPALIVE write request serviced in BGP_IO
*Oct 15 19:44:01.318: BGP: 20.20.20.20 active service 2 read request in BGP_IO
*Oct 15 19:44:01.338: BGP: 20.20.20.20 active KEEPALIVE write request serviced in BGP_IO
*Oct 15 19:44:01.338: BGP: 20.20.20.20 active service 2 read request in BGP_IO
*Oct 15 19:44:01.338: BGP: 20.20.20.20 active service 2 read request in BGP_IO
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcv message type 1, length (excl. header) 40
*Oct 15 19:44:01.342: BGP: ses global 20.20.20.20 (0x4AF80EA8:0) act Receive OPEN
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcv OPEN, version 4, holdtime 90 seconds
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcv OPEN w/ OPTION parameter len: 30
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ optional parameter type 2 (Capability) len 6
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has CAPABILITY code: 1, length 4
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has MP_EXT CAP for afi/safi: 1/128
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ optional parameter type 2 (Capability) len 2
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has CAPABILITY code: 128, length 0
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has ROUTE-REFRESH capability(old) for all address-families
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ optional parameter type 2 (Capability) len 2
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has CAPABILITY code: 2, length 0
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has ROUTE-REFRESH capability(new) for all address-families
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ optional parameter type 2 (Capability) len 4
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has CAPABILITY code: 64, length 2
*Oct 15 19:44:01.342: BGP: ses global 20.20.20.20 (0x4AF80EA8:0) act NSF OPEN has GR cap
*Oct 15 19:44:01.342: BGP: ses global 20.20.20.20 (0x4AF80EA8:0) act NSF Peer has not restarted. Restart Time: 120
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ optional parameter type 2 (Capability) len 6
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has CAPABILITY code: 65, length 4
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active OPEN has 4-byte ASN CAP for: 200
*Oct 15 19:44:01.342: BGP: nbr global 20.20.20.20 neighbor does not have IPv4 MDT topology activated
*Oct 15 19:44:01.342: BGP: 20.20.20.20 active rcvd OPEN w/ remote AS 200, 4-byte remote AS 200
*Oct 15 19:44:01.342: BGP: ses global 20.20.20.20 (0x4AF80EA8:0) act Removed topology IPv4 Unicast:base

Hello,

Please post full sanitozed config for this Cisco device You have posted debug from.

Thanks

Alex

Hello Alex,

Here is the current config for both devices:

Cisco Config:

lab-vrf-rtr1#show run

!

hostname lab-vrf-rtr1

!
no aaa new-model
!
dot11 syslog
ip source-route
!
ip cef
!
ip vrf cust-a
rd 200:200
route-target export 200:200
route-target import 200:200

!

no ipv6 cef
!
multilink bundle-name authenticated
!
mpls label protocol ldp
!
voice-card 0
!
redundancy
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback11
ip vrf forwarding cust-a
ip address 10.10.100.1 255.255.255.0
!
interface GigabitEthernet0/0
ip address 10.199.2.7 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Uplink To Juniper J2320 ge-0/0/1
ip address 192.168.1.1 255.255.255.252
ip ospf network broadcast
duplex auto
speed auto
mpls ip
!
router ospf 1
network 10.10.10.10 0.0.0.0 area 0
network 192.168.1.0 0.0.0.3 area 0
!
router bgp 200
no bgp log-neighbor-changes
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source Loopback0
!
address-family vpnv4
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 send-community both
exit-address-family
!
address-family ipv4 vrf cust-b
redistribute connected
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
mpls ldp router-id Loopback0 force
!
control-plane
!
mgcp profile default

Juniper Config:

admin@stp-j2320-2> show configuration
## Last commit: 2014-10-14 16:42:25 UTC by admin
version 10.4R12.4;
system {
host-name stp-j2320-2;
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
filter {
input NTA_jflow;
}
sampling {
input;
output;
}
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.1.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
forwarding-options {
sampling {
input {
rate 100;
run-length 0;
}
family inet {
output {
flow-server 10.140.46.119 {
port 2055;
version9 {
template {
NTA_jflow9;
}
}
}
inline-jflow {
source-address 10.199.6.3;
}
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface ge-0/0/1.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
transport-address router-id;
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
firewall {
family inet {
filter NTA_jflow {
term default {
then {
sample;
accept;
}
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}
services {
flow-monitoring {
version9 {
template NTA_jflow9 {
ipv4-template;
}
}
}
}

admin@stp-j2320-2>

Hello there,

Inline Jflow is not supported on J-series routers, only on MX/T-series with Trio linecards.

Please remove inline Jflow from J2320.

Apart from that, I don't see any obvious errors in the configs.

The problem may be happening due to interface speed/duplex mismatch - please check what speed/duplex they actually negotiated between themselves, and if it does not match, try manual setting of matching speed/duplex on both sides, then re-test and report back

The debug You posted earlier is related to difference in BGP address families: on CSCO side both "inet unicast" and "inet-vpn unicast" are enabled, on J2320 side only "inet-vpn unicast". This is not a problem as long as there is at least 1 matching BGP address family between peers.

HTH

Thanks

Alex

Hello Alex,

I processed the change and rebooted the Juniper router. The bgp peering is not yet successful.

I will try to factory reset both of them and start with a basic bgp session between the two to see if they will peer at the simplest level.

Let me know if any other suggestion comes to mind.

Thanks.

- Juniper Config:

admin@stp-j2320-2> show configuration
## Last commit: 2014-10-20 15:04:58 UTC by admin
version 10.4R12.4;
system {
host-name stp-j2320-2;
login {
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
sampling {
input;
output;
}
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.1.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface ge-0/0/1.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
transport-address router-id;
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}

admin@stp-j2320-2>

Hello,

Before trying BGP between loopbacks, please check:

1/ if OSPF is up and You can see loopback routes in both CSCO and J2320

2/ if OSPF is not up, t'shoot the speed & duplex on the link between CSCO and J2320, Try another J2320 port for a change.

3/ when OSPF comes up check if You can ping and telnet between loopbacks

On J2330

ping 10.10.10.10 source 20.20.20.20
telnet 10.10.10.10 source 20.20.20.20

 2/ if You cannot ping nor telnet  between loopbacks, on J2320, run "monitor traffic interface <J2320 ge port connected to CSCO> no-resolve size 9999" (which is basically tcpdump in disguise) when pinging and post output here.

HTH

Thanks

Alex

Hello Alex,

I think much progress is being made but I am not sure where the remaining details to be ironed out are. 

- The speed and duplex are ok.

- Pings are successful from both ends:

- From Juniper:

admin@stp-j2320-2> ping 10.10.10.10 source 20.20.20.20
PING 10.10.10.10 (10.10.10.10): 56 data bytes
64 bytes from 10.10.10.10: icmp_seq=0 ttl=255 time=2.929 ms
64 bytes from 10.10.10.10: icmp_seq=1 ttl=255 time=4.071 ms
^C
--- 10.10.10.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.929/3.500/4.071/0.571 ms

admin@stp-j2320-2>

- From Cisco:

lab-vrf-rtr1#ping 20.20.20.20 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.10
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
lab-vrf-rtr1#

- The Juniper cust-a (lo0.1) route is showing in Cisco:

lab-vrf-rtr1#show ip route vrf cust-a | beg Gateway

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.10.100.0/24 is directly connected, Loopback11
L 10.10.100.1/32 is directly connected, Loopback11
B 10.10.200.0/24 [200/0] via 20.20.20.20, 02:16:48
lab-vrf-rtr1#

- No BGP Peering from Cisco:

lab-vrf-rtr1#show ip bgp sum
BGP router identifier 10.10.10.10, local AS number 200
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
20.20.20.20 4 200 0 0 1 0 0 never Idle
lab-vrf-rtr1#

- Juniper BGP:

admin@stp-j2320-2> show bgp neighbor
Peer: 10.10.10.10+27443 AS 200 Local: 20.20.20.20+179 AS 200
Type: Internal State: Established Flags: <Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: Hold Timer Expired Error
Options: <Preference LocalAddress AddressFamily PeerAS Rib-group Refresh>
Address families configured: inet-vpn-unicast
Local Address: 20.20.20.20 Holdtime: 90 Preference: 170
Number of flaps: 1
Last flap event: HoldTime
Error: 'Hold Timer Expired Error' Sent: 1 Recv: 0
Peer ID: 10.10.10.10 Local ID: 20.20.20.20 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
BFD: disabled, down
NLRI for restart configured on peer: inet-vpn-unicast
NLRI advertised by peer: inet-unicast inet-vpn-unicast
NLRI for this session: inet-vpn-unicast
Peer supports Refresh capability (2)
Restart time configured on the peer: 120
Stale routes from peer are kept for: 300
Peer does not support Restart capability
Peer supports 4 byte AS extension (peer-as 200)
Peer does not support Addpath
Table bgp.l3vpn.0
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: not advertising
Active prefixes: 1
Received prefixes: 1
Accepted prefixes: 1
Suppressed due to damping: 0
Table cust-a.inet.0 Bit: 20000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 1
Received prefixes: 1
Accepted prefixes: 1
Suppressed due to damping: 0
Advertised prefixes: 1
Last traffic (seconds): Received 26 Sent 5 Checked 19
Input messages: Total 326 Updates 3 Refreshes 0 Octets 6388
Output messages: Total 331 Updates 1 Refreshes 0 Octets 6394
Output Queue[0]: 0
Output Queue[1]: 0

- No Cisco cust-a route in Juniper with bgp.l3vpn.0 having a hidden route:

admin@stp-j2320-2> show route

inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 03:38:50
> to 10.199.6.1 via ge-0/0/0.0
10.10.10.10/32 *[OSPF/10] 02:18:52, metric 2
> to 192.168.199.1 via ge-0/0/1.0
10.199.6.0/24 *[Direct/0] 03:38:50
> via ge-0/0/0.0
10.199.6.3/32 *[Local/0] 03:38:54
Local via ge-0/0/0.0
20.20.20.20/32 *[Direct/0] 03:39:17
> via lo0.0
192.168.1.0/30 *[Direct/0] 02:29:50
> via ge-0/0/1.0
192.168.1.2/32 *[Local/0] 02:38:07
Local via ge-0/0/1.0
192.168.199.0/30 *[Direct/0] 02:19:33
> via ge-0/0/1.0
192.168.199.2/32 *[Local/0] 02:19:33
Local via ge-0/0/1.0
224.0.0.5/32 *[OSPF/10] 03:39:18, metric 1
MultiRecv

cust-a.inet.0: 3 destinations, 3 routes (2 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.200.0/24 *[Direct/0] 03:39:14
> via lo0.1
10.10.200.2/32 *[Local/0] 03:39:14
Local via lo0.1

mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0 *[MPLS/0] 03:39:17, metric 1
Receive
1 *[MPLS/0] 03:39:17, metric 1
Receive
2 *[MPLS/0] 03:39:17, metric 1
Receive
16 *[VPN/0] 03:39:17
to table cust-a.inet.0, Pop

bgp.l3vpn.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)

 
admin@stp-j2320-2>

- The Juniper debug option shows some traffic:

22:08:58.857802 Out IP 192.168.199.2 > 224.0.0.2: igmp v2 report 224.0.0.2
22:08:58.862585 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:58.869313 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:08:58.870685 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:58.897313 Out IP 192.168.199.2 > 224.0.0.5: OSPFv2, LS-Update, length 76
22:08:59.033797 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.208632 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.387846 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.573668 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.725682 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.771018 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:08:59.871091 Out IP 20.20.20.20.61624 > 10.10.10.10.646: S 1333133235:1333133235(0) win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 13381566 0,sackOK,eol>
22:08:59.874622 In IP 10.10.10.10.646 > 20.20.20.20.61624: S 3683638879:3683638879(0) ack 1333133236 win 4128 <mss 536>
22:08:59.874711 Out IP 20.20.20.20.61624 > 10.10.10.10.646: . ack 1 win 16384
22:08:59.875114 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 1:53(52) ack 1 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 48
22:08:59.877974 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 53 win 4076
22:08:59.889771 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 1:63(62) ack 53 win 4076: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 58
22:08:59.891852 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 53:71(18) ack 63 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 14
22:08:59.904766 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 63:238(175) ack 71 win 4058: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 171
22:08:59.904915 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 71:137(66) ack 238 win 16209: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 24
22:09:00.112696 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 137 win 3992
22:09:00.112773 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 137:175(38) ack 238 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 34
22:09:00.312763 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 175 win 3954
22:09:01.397557 In IP 192.168.199.1 > 224.0.0.5: OSPFv2, LS-Ack, length 44
22:09:01.601303 In IP 192.168.199.1 > 224.0.0.5: OSPFv2, Hello, length 60
22:09:03.764978 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:04.389970 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:06.442847 Out IP 192.168.199.2 > 224.0.0.5: OSPFv2, Hello, length 48
22:09:06.892729 Out IP 192.168.199.2 > 224.0.0.2: igmp v2 report 224.0.0.2
22:09:08.233572 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:08.476660 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:08.777549 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 238:256(18) ack 175 win 3954: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 14
22:09:08.877620 Out IP 20.20.20.20.61624 > 10.10.10.10.646: . ack 256 win 16384
22:09:09.911569 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 175:193(18) ack 256 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 14
22:09:10.121690 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 193 win 3936
22:09:10.813514 In IP 192.168.199.1 > 224.0.0.5: OSPFv2, Hello, length 60
22:09:12.149483 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:12.417308 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:15.128142 Out IP 192.168.199.2 > 224.0.0.5: OSPFv2, Hello, length 48
22:09:16.381825 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:16.832767 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:17.909641 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 256:274(18) ack 193 win 3936: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 14
22:09:18.009632 Out IP 20.20.20.20.61624 > 10.10.10.10.646: . ack 274 win 16384
22:09:18.565635 In IP 10.10.10.10.27443 > 20.20.20.20.179: P 6161:6180(19) ack 6148 win 16023: BGP, length: 19
22:09:18.665535 Out IP 20.20.20.20.179 > 10.10.10.10.27443: . ack 6180 win 16384
22:09:19.912540 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 193:211(18) ack 274 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 14
22:09:20.113319 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 211 win 3918
22:09:20.285291 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:20.701348 In IP 192.168.199.1 > 224.0.0.5: OSPFv2, Hello, length 60
22:09:21.741166 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:23.001046 Out IP 20.20.20.20.179 > 10.10.10.10.27443: P 6148:6167(19) ack 6180 win 16384: BGP, length: 19
22:09:23.201853 In IP 10.10.10.10.27443 > 20.20.20.20.179: . ack 6167 win 16004
22:09:24.262862 Out IP 192.168.199.2 > 224.0.0.5: OSPFv2, Hello, length 48
22:09:25.229579 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:26.490624 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:26.689516 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 274:292(18) ack 211 win 3918: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 14
22:09:26.789466 Out IP 20.20.20.20.61624 > 10.10.10.10.646: . ack 292 win 16384
22:09:29.914040 Out IP 20.20.20.20.61624 > 10.10.10.10.646: P 211:229(18) ack 292 win 16384: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 14
22:09:29.992916 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:30.112942 In IP 10.10.10.10.646 > 20.20.20.20.61624: . ack 229 win 3900
22:09:30.437872 In IP 192.168.199.1 > 224.0.0.5: OSPFv2, Hello, length 60
22:09:30.573877 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:32.995515 Out IP 192.168.199.2 > 224.0.0.5: OSPFv2, Hello, length 48
22:09:34.383427 Out IP 192.168.199.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 20.20.20.20:0, pdu-length: 38
22:09:34.489336 In IP 192.168.199.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 30
22:09:35.941134 In IP 10.10.10.10.646 > 20.20.20.20.61624: . 292:310(18) ack 229 win 3900: LDP, Label-Space-ID: 10.10.10.10:0, pdu-length: 14
22:09:36.041042 Out IP 20.20.20.20.61624 > 10.10.10.10.646: . ack 310 win 16384
^C

- Junos Config:

admin@stp-j2320-2# show
## Last changed: 2014-10-22 22:08:59 UTC
version 10.4R12.4;
system {
host-name stp-j2320-2;
login {
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
sampling {
input;
output;
}
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.199.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
mpls {
interface ge-0/0/1.0;
}
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
transport-address router-id;
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}

[edit]
admin@stp-j2320-2#

- Cisco Config:

lab-vrf-rtr1#show run

!

hostname lab-vrf-rtr1
!
no aaa new-model
!
ip cef
!
ip vrf cust-a
rd 200:200
route-target export 200:200
route-target import 200:200
!
no ipv6 cef
!
multilink bundle-name authenticated
!
mpls label protocol ldp
!
redundancy
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback11
ip vrf forwarding cust-a
ip address 10.10.100.1 255.255.255.0
!

interface GigabitEthernet0/0
ip address 10.199.2.7 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Uplink To Juniper J2320 ge-0/0/1
ip address 192.168.199.1 255.255.255.252
ip ospf network broadcast
duplex auto
speed auto
mpls ip
!
router ospf 1
network 10.10.10.10 0.0.0.0 area 0
network 192.168.199.0 0.0.0.3 area 0
!
router bgp 200
no bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source Loopback0
!
address-family vpnv4
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 send-community both
exit-address-family
!
address-family ipv4 vrf cust-a
redistribute connected
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
mpls ldp router-id Loopback0 force
!
control-plane
!
mgcp profile default
!
lab-vrf-rtr1#

Thanks.

Hello there,

It seems Your J2320 LDP session is actually not receiving any labels for 10.10.10.10 from CSCO.

From J2303 please:

show ldp session extensive
show ldp database extensive

As for CSCO printout, please use "show ip bgp vpnv4 all summary".

Thanks

Alex

Hello Alex,

Here is the output:

- Juniper:

admin@stp-j2320-2> show ldp session extensive

Address: 10.10.10.10, State: Operational, Connection: Open, Hold time: 28
Session ID: 20.20.20.20:0--10.10.10.10:0
Next keepalive in 7 seconds
Active, Maximum PDU: 4096, Hold time: 30, Neighbor count: 1
Neighbor types: discovered
Keepalive interval: 10, Connect retry interval: 1
Local address: 20.20.20.20, Remote address: 10.10.10.10
Up for 18:25:39
Capabilities advertised: none
Capabilities received: none
Protection: disabled
Local - Restart: disabled, Helper mode: enabled
Remote - Restart: disabled, Helper mode: disabled
Local maximum neighbor reconnect time: 120000 msec
Local maximum neighbor recovery time: 240000 msec
Nonstop routing state: Not in sync
Next-hop addresses received:
10.10.10.10
10.199.2.7
192.168.199.1
Queue depth: 0
Message type Total Last 5 seconds
Sent Received Sent Received
Initialization 1 1 0 0
Keepalive 6633 7578 1 1
Notification 0 0 0 0
Address 1 1 0 0
Address withdraw 0 0 0 0
Label mapping 2 6 0 0
Label request 0 0 0 0
Label withdraw 0 1 0 0
Label release 1 0 0 0
Label abort 0 0 0 0

admin@stp-j2320-2> show ldp database extensive

Input label database, 20.20.20.20:0--10.10.10.10:0
Label Prefix
3 10.10.10.10/32
State: Active
Age: 18:25:50
19 10.199.1.0/24
State: Active
Age: 1:21:46
3 10.199.2.0/24
State: Active
Age: 18:25:50
16 20.20.20.20/32
State: Active
Age: 18:25:50
3 192.168.199.0/30
State: Active
Age: 18:25:50

Output label database, 20.20.20.20:0--10.10.10.10:0
Label Prefix
299840 10.10.10.10/32
State: Active
Age: 18:25:50
3 20.20.20.20/32
State: Active
Age: 18:25:50

admin@stp-j2320-2>

- Cisco:

lab-vrf-rtr1#show ip bgp vpnv4 all summary

BGP router identifier 10.10.10.10, local AS number 200
BGP table version is 8, main routing table version 8
3 network entries using 480 bytes of memory
3 path entries using 168 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1104 total bytes of memory
BGP activity 3/0 prefixes, 4/1 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
20.20.20.20 4 200 2776 2722 8 0 0 20:46:20 1
lab-vrf-rtr1#

Thanks.

Hello there,

Thanks for posting the outputs.

I trust it's all OK from CSCO side now as established peer 20.20.20.20 is visible in "show ip bgp vpnv4..." printout.

On the J2320 side, I can see that inet.3 table is not created (and 10.10.10.10/32 prefix is not installed there) and therefore VPNv4 routes from CSCO cannot be resolved by J2320. At this point I have no idea why this happened with Your J2320. I have used almost same config many times on J-series and SRX, it just works.

You may want to remove following lines to strip config to bare minimum:

[edit protocols ldp]
transport-address router-id ## this is default

[edit interfaces ge-0/0/0 unit 0 family inet]
sampling ## not needed for MPLS

[edit protocols]
mpls  ## LDP does not need "protocols mpls"

 - and then do "restart routing" on J2320.

You may also want to try using JTAC-recommended release Junos 12.1X44-D40.2 for J2320

http://kb.juniper.net/InfoCenter/index?page=content&id=KB21476

HTH

Thanks
Alex

Hello Alex,

Your recommendations worked! Thank you very much!

All is good now. Here are the final Juniper config and tests:

- Pings from Cisco to Juniper:

 lab-vrf-rtr1#ping vrf cust-a 10.10.200.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.200.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
lab-vrf-rtr1#

- Pings from Juniper to Cisco:

admin@stp-j2320-2> ping routing-instance cust-a 10.10.100.1
PING 10.10.100.1 (10.10.100.1): 56 data bytes
64 bytes from 10.10.100.1: icmp_seq=0 ttl=255 time=3.311 ms
64 bytes from 10.10.100.1: icmp_seq=1 ttl=255 time=2.963 ms
^C
--- 10.10.100.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.963/3.137/3.311/0.174 ms

admin@stp-j2320-2>

- Juniper Routing Table:

admin@stp-j2320-2> show route

inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 01:48:57
> to 10.199.6.1 via ge-0/0/0.0
10.10.10.10/32 *[OSPF/10] 01:48:11, metric 2
> to 192.168.199.1 via ge-0/0/1.0
10.199.6.0/24 *[Direct/0] 01:48:57
> via ge-0/0/0.0
10.199.6.3/32 *[Local/0] 01:49:01
Local via ge-0/0/0.0
20.20.20.20/32 *[Direct/0] 01:49:29
> via lo0.0
192.168.199.0/30 *[Direct/0] 01:48:57
> via ge-0/0/1.0
192.168.199.2/32 *[Local/0] 01:49:01
Local via ge-0/0/1.0
224.0.0.5/32 *[OSPF/10] 01:49:30, metric 1
MultiRecv

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.10.10/32 *[LDP/9] 01:47:53, metric 1
> to 192.168.199.1 via ge-0/0/1.0

cust-a.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.10.100.0/24 *[BGP/170] 01:47:53, MED 0, localpref 100, from 10.10.10.10
AS path: ?
> to 192.168.199.1 via ge-0/0/1.0, Push 18
10.10.200.0/24 *[Direct/0] 01:49:28
> via lo0.1
10.10.200.2/32 *[Local/0] 01:49:28
Local via lo0.1

mpls.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

16 *[VPN/0] 01:49:29
to table cust-a.inet.0, Pop
299776 *[LDP/9] 01:47:53, metric 1
> to 192.168.199.1 via ge-0/0/1.0, Pop
299776(S=0) *[LDP/9] 01:47:53, metric 1
> to 192.168.199.1 via ge-0/0/1.0, Pop

bgp.l3vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

200:200:10.10.100.0/24
*[BGP/170] 01:47:54, MED 0, localpref 100, from 10.10.10.10
AS path: ?
> to 192.168.199.1 via ge-0/0/1.0, Push 18

admin@stp-j2320-2>

admin@stp-j2320-2> show ldp database extensive
Input label database, 20.20.20.20:0--10.10.10.10:0
Label Prefix
3 10.10.10.10/32
State: Active
Age: 1:29:05
16 10.199.1.0/24
State: Active
Age: 1:29:05
3 10.199.2.0/24
State: Active
Age: 1:29:05
17 20.20.20.20/32
State: Active
Age: 1:29:05
3 192.168.199.0/30
State: Active
Age: 1:29:05

Output label database, 20.20.20.20:0--10.10.10.10:0
Label Prefix
299776 10.10.10.10/32
State: Active
Age: 1:29:05
3 20.20.20.20/32
State: Active
Age: 1:29:05

admin@stp-j2320-2> show ldp session extensive
Address: 10.10.10.10, State: Operational, Connection: Open, Hold time: 28
Session ID: 20.20.20.20:0--10.10.10.10:0
Next keepalive in 9 seconds
Active, Maximum PDU: 4096, Hold time: 30, Neighbor count: 1
Neighbor types: discovered
Keepalive interval: 10, Connect retry interval: 1
Local address: 20.20.20.20, Remote address: 10.10.10.10
Up for 01:29:20
Last down 01:29:21 ago; Reason: connect time expired
Capabilities advertised: none
Capabilities received: none
Protection: disabled
Local - Restart: disabled, Helper mode: enabled
Remote - Restart: disabled, Helper mode: disabled
Local maximum neighbor reconnect time: 120000 msec
Local maximum neighbor recovery time: 240000 msec
Nonstop routing state: Not in sync
Next-hop addresses received:
10.199.2.7
10.10.10.10
192.168.199.1
Queue depth: 0
Message type Total Last 5 seconds
Sent Received Sent Received
Initialization 1 1 0 0
Keepalive 537 613 0 0
Notification 0 0 0 0
Address 1 1 0 0
Address withdraw 0 0 0 0
Label mapping 2 5 0 0
Label request 0 0 0 0
Label withdraw 0 0 0 0
Label release 0 0 0 0
Label abort 0 0 0 0

admin@stp-j2320-2>

- Juniper version:

admin@stp-j2320-2> show version
Hostname: stp-j2320-2
Model: j2320
JUNOS Software Release [12.1X44-D40.2]

admin@stp-j2320-2>

- Juniper Config:

admin@stp-j2320-2> show configuration
## Last commit: 2014-10-29 19:56:18 UTC by root
version 12.1X44-D40.2;
system {
host-name stp-j2320-2;
login {
user admin {
full-name admin;
uid 2007;
class super-user;
}
}
services {
ssh;
telnet;
web-management {
http;
}
}
ntp {
server 10.199.1.150;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.199.6.3/24;
}
}
}
ge-0/0/1 {
description "VRF environment";
unit 0 {
family inet {
address 192.168.199.2/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 20.20.20.20/32;
}
}
unit 1 {
family inet {
address 10.10.200.2/24;
}
}
}
}
snmp {
description "jFlow Device";
location "Pet";
contact "Ops";
community public {
authorization read-only;
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.199.6.1;
}
router-id 20.20.20.20;
autonomous-system 200;
}
protocols {
bgp {
group internal-peers {
type internal;
local-address 20.20.20.20;
family inet-vpn {
unicast;
}
neighbor 10.10.10.10 {
peer-as 200;
}
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
interface ge-0/0/1.0;
}
}
policy-options {
policy-statement cust-a-export {
term 1 {
from protocol [ static direct ];
then {
community add cust-a;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement cust-a-import {
term 1 {
from {
protocol bgp;
community cust-a;
}
then accept;
}
term 2 {
then reject;
}
}
community cust-a members target:200:200;
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
routing-instances {
cust-a {
instance-type vrf;
interface lo0.1;
route-distinguisher 200:200;
vrf-import cust-a-import;
vrf-export cust-a-export;
vrf-target target:200:200;
vrf-table-label;
}
}

admin@stp-j2320-2>

- Cisco Routing table:

lab-vrf-rtr1#show ip route vrf cust-a

Routing Table: cust-a
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.10.100.0/24 is directly connected, Loopback11
L 10.10.100.1/32 is directly connected, Loopback11
B 10.10.200.0/24 [200/0] via 20.20.20.20, 01:50:01
lab-vrf-rtr1#

- Cisco Config:

lab-vrf-rtr1#show run
Building configuration...

!
hostname lab-vrf-rtr1
!
no aaa new-model
!
dot11 syslog
ip source-route
!
ip cef
!
ip vrf cust-a
rd 200:200
route-target export 200:200
route-target import 200:200
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
mpls label protocol ldp
!
!
voice-card 0
!
redundancy
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Loopback11
ip vrf forwarding cust-a
ip address 10.10.100.1 255.255.255.0
!
interface GigabitEthernet0/0
ip address 10.199.2.7 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Uplink To Juniper J2320 ge-0/0/1
ip address 192.168.199.1 255.255.255.252
ip ospf network broadcast
duplex auto
speed auto
mpls ip
!
router ospf 1
network 10.10.10.10 0.0.0.0 area 0
network 192.168.199.0 0.0.0.3 area 0
!
router bgp 200
no bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source Loopback0
!
address-family vpnv4
neighbor 20.20.20.20 activate
neighbor 20.20.20.20 send-community both
exit-address-family
!
address-family ipv4 vrf cust-a
redistribute connected
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip route 10.199.1.0 255.255.255.0 10.199.2.1
!
mpls ldp router-id Loopback0 force
!
control-plane
!
mgcp profile default
end

lab-vrf-rtr1#

Again, Thanks a milllion Alex.