Routing
Highlighted
Routing

Reduce routes from VRF of other routers

‎09-26-2019 08:23 PM

Hi All

 

I have one question. We have three routers - A, B, C, D, E

 

A have a VRF - A1 what established eBGP with our upstreamprovider and got 3k routes.

Now I advertise A1'routes to C, D, E via table bgp.l3vpn.0.

 

The problem is what I wouldn't like B's table bgp.l3.vpn.0 got A1' routes. 

How should I do to prevent it ?

 

Best regards,

Cloud

9 REPLIES 9
Routing

Re: Reduce routes from VRF of other routers

‎09-26-2019 08:34 PM
Routing

Re: Reduce routes from VRF of other routers

[ Edited ]
‎09-26-2019 08:44 PM

Hi 

 

Can I do some policy at A to avoid adverstied A1's routes to B ? Or  reject A1' routes at A to install local bgp.l3vpn.0 ?

 

What I mean is I wouldl like to filter some routes from A.

For example, A have second VRF A2 and I wish B got A2's routes without A1's

 

Best regards,

Cloud

Routing

Re: Reduce routes from VRF of other routers

‎09-26-2019 09:02 PM

yes, you can configure policy and filter(by rib, community or other attributes) unwanted routes, and do not forget add vpn-apply-export knob to bgp group.

Routing

Re: Reduce routes from VRF of other routers

‎09-26-2019 09:40 PM

Hi 

 

I will put a import policy at iBGP session. For this expample, is it correct to reject specific community string to install local bgp.l3vpn.0 ?

 term DENY-bgpl3 {
    from {
        rib bgp.l3vpn.0;
        community target:1103:2203;
    }
then reject;
 }

 

Best regards,

Cloud

Routing

Re: Reduce routes from VRF of other routers

‎09-26-2019 09:51 PM

it should work , add one  accept term at the end of  the policy as well 

Also which junos version are you using ?

Thx

Anish 

Routing

Re: Reduce routes from VRF of other routers

[ Edited ]
‎09-26-2019 10:42 PM

can you check this (route-target-filtering )

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/l3-vpns-route-target-filtering.ht...

 

static route target filtering helps to prevent resources from being consumed in portions of the network where the VPN routes are not needed due to the lack of member PE routers.

 

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/route-tar...

 

Description

Statically configure route target filtering. Route target filtering allows you to distribute VPN routes to only the routers that need them. In VPN networks without route target filtering configured, BGP distributes all static VPN routes to all of the VPN peer routers. You can add static routes to the bgp.rtarget.0 routing table with specific NLRI-imposed constraints.

 

Thx

Anish

 

Routing

Re: Reduce routes from VRF of other routers

‎09-26-2019 11:10 PM

Hi 

 

My JunOS is as follow :

Junos: 16.2R2.8 limited
JUNOS OS Kernel 64-bit [20170607.351421_builder_stable_10]

Routing

Re: Reduce routes from VRF of other routers

‎10-02-2019 09:00 AM

I think best way is to apply on A export policy towards B 


Mengzhe Hu
JNCIE x 3 (SP DC ENT)
Routing

Re: Reduce routes from VRF of other routers

‎10-03-2019 02:47 AM
A have a VRF - A1 what established eBGP with our upstreamprovider and got 3k routes.

Now I advertise A1'routes to C, D, E via table bgp.l3vpn.0.



The problem is what I wouldn't like B's table bgp.l3.vpn.0 got A1' routes. 

How should I do to prevent it ?

On the import policy of the ebgp from A1 add a community value to the routes you learn.

On the export policy from A1 to C, D, E add a first term that matches this community and rejects the route.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home