[GTER] VRF CISCO+Juniper

Diogo Montagner diogo.montagner at gmail.com
Tue Mar 17 03:43:56 -03 2020 

As configuracoes das routing instances (VRF) estao ok. Voce deve estar com
problema no mpls e/ou mp-ibgp. Soh com os pedaços das configuracoes tu tu
enviou nao dah pra concluir muita coisa.

Mas o show route table no JUNOS indica que tu nao estah recebendo as rotas
da VPN pelo mp-ibgp. Comece o troubleshooting por ai.

On Tue, 17 Mar 2020 at 17:36, Délsio Cabá <delsio at gmail.com> wrote:

> Caros,
>
> Estou enfrentando alguma dificuldade em ter uma vrf entre cisco e juniper
> abaixo partilho a configuracao efectuada
>
> CISCO:
> vrf definition S1-EPC
>  rd 1.1.1.1:1
>  route-target export 1.1.1.1:1
>  route-target import 1.1.1.1:1
>  !
>  address-family ipv4
>   route-target export 1.1.1.1:1
>   route-target import 1.1.1.1:1
>  exit-address-family
>
> interface GigabitEthernet0/0/0.101
>  description S1
>  encapsulation dot1Q 101
>  vrf forwarding S1-EPC
>  ip address 10.10.5.9 255.255.255.248
>
>
>
> JUNIPER:
> routing-instances {
>     S1-EPC {
>         instance-type vrf;
>         interface lo0.2;
>         route-distinguisher 1.1.1.1:1;
>         vrf-target target:1.1.1.1:1;
>         vrf-table-label;
>         routing-options {
>             auto-export;
>         }
>     }
> }
> routing-options {
>     graceful-restart;
>     router-id 10.200.0.40;
>     route-distinguisher-id 10.200.0.40;
>     autonomous-system xxxx
> }
> protocols {
>     mpls {
>         traffic-engineering {
>             mpls-forwarding;
>         }
>         interface ge-1/0/2.0;
>         interface lo0.0;
>         interface xe-1/3/1.0;
>         interface ge-1/0/0.0;
>         interface ge-1/0/1.0;
>     }
>     bgp {
>         local-address 10.200.0.40;
>         no-advertise-peer-as;
>         mtu-discovery;
>         log-updown;
>         export ibgp-export;
>         peer-as xxxx
>         local-as xxxx
>         graceful-restart {
>             restart-time 180;
>             stale-routes-time 500;
>         }
>         group ibgp {
>             type internal;
>             export [ next-hop-self ibgp-export ];
>             neighbor 10.200.0.253 {
>                 family inet-vpn {
>                     unicast;
>                     any;
>                 }
>             }
>
>
>
>
> BGP table version is 70, local router ID is 10.200.0.253
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>               r RIB-failure, S Stale, m multipath, b backup-path, f
> RT-Filter,
>               x best-external, a additional-path, c RIB-compressed,
> Origin codes: i - IGP, e - EGP, ? - incomplete
> RPKI validation codes: V valid, I invalid, N Not found
>
>      Network          Next Hop            Metric LocPrf Weight Path
> Route Distinguisher: 1.1.1.1:1 (default for vrf S1-EPC)
>  *>i 203.0.113.0      10.200.0.40                   100      0 i
>  *>i 203.0.113.2/32   10.200.0.40                   100      0 i
>
>
> CORE-RTR#show ip route vrf S1-EPC
>
> Routing Table: S1-EPC
> Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
>        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>        E1 - OSPF external type 1, E2 - OSPF external type 2
>        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
> level-2
>        ia - IS-IS inter area, * - candidate default, U - per-user static
> route
>        o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
>        a - application route
>        + - replicated route, % - next hop override, p - overrides from PfR
>
> Gateway of last resort is not set
>
>       10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
> C        10.10.5.8/29 is directly connected, GigabitEthernet0/0/0.101
> L        10.10.5.9/32 is directly connected, GigabitEthernet0/0/0.101
> C        10.10.100.1/32 is directly connected, Loopback2
>       203.0.113.0/24 is variably subnetted, 2 subnets, 2 masks
> B        203.0.113.0/24 [200/0] via 10.200.0.40, 00:00:02
> B        203.0.113.2/32 [200/0] via 10.200.0.40, 00:00:02
> CORE-RTR#ping vr
> CORE-RTR#ping vrf S1-EPC 203.0.113.2 sou
> CORE-RTR#ping vrf S1-EPC 203.0.113.2 source  10.10.5.9
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 203.0.113.2, timeout is 2 seconds:
> Packet sent with a source address of 10.10.5.9
> .....
> Success rate is 0 percent (0/5)
>
> delsio at POP-PH1> show route  table S1-EPC
>
> S1-EPC.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 203.0.113.0/24     *[Direct/0] 00:09:44
>                     > via lo0.2
> 203.0.113.2/32     *[Local/0] 00:09:44
>                       Local via lo0.2
>
> S1-EPC.inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> ff02::2/128        *[INET6/0] 00:09:45
>                       MultiRecv
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
>
-- 
./diogo -montagner
JNCIE-SP 0x41A

More information about the gter mailing list