차노 블로그

bgp neighbor 설정에서 neighbor IP만 읽어와 prefiex-list에 적용함

set protocols bgp group test type internal

set protocols bgp group test local-address 1.1.1.2

set protocols bgp group test neighbor 1.1.1.1

set protocols bgp group test neighbor 2.2.2.2

set protocols bgp group test neighbor 3.3.3.3

set policy-options prefix-list configured-bgp-neighbors apply-path "protocols bgp <*> neighbor <*>"

set firewall family inet filter protect-re term BGP-allow from source-prefix-list configured-bgp-neighbors

set firewall family inet filter protect-re term BGP-allow from protocol tcp

set firewall family inet filter protect-re term BGP-allow from port bgp

set firewall family inet filter protect-re term BGP-allow then accept

set firewall family inet filter protect-re term discard-all then discard

set interfaces lo0 unit 0 family inet filter input protect-re

확인

icraft@R2# show policy-options prefix-list configured-bgp-neighbors | display inheritance 

##

## apply-path was expanded to:

##     1.1.1.1/32; 

##     2.2.2.2/32; 

##     3.3.3.3/32; 

##

apply-path "protocols bgp group <*> neighbor <*>";

A metric2 value can be assigned to any route in the routing table. The metric2defaults to zero for all protocols except for BGP and MPLS/RSVP. 

The metric2 for a BGP route defaults to the value of the IGP's metric to the BGP nexthop for that route. 

Metric2 also applies to MPLS LSPs listed in inet.3. When you configure a standby LSP or fast reroute, the standby and/or fast reroute LSPs will appear in the inet.3 routing table along with the primary LSP. All paths for the LSP will have equal values for metric, but differing metric2 values. The active path LSP will have a metric2 of 0, while an inactive primary path will have a value of 1 and an inactive secondary standby path will have a value of 2. Fast reroute LSPs generally will be assigned metric2 values starting at 1,000,000. 

chano@PE_1# run show route 130.130.130.0/24 extensive 

Static_vpn_Customer.inet.0: 5 destinations, 7 routes (5 active, 0 holddown, 0 hidden)

130.130.130.0/24 (2 entries, 1 announced)

TSI:

KRT in-kernel 130.130.130.0/24 -> {indirect(1048578)}

        *BGP    Preference: 200/-151

                Route Distinguisher: 6619:400

                Next hop type: Indirect

                Address: 0x9685fd4

                Next-hop reference count: 5

                Source: 1.1.1.11

                Next hop type: Router, Next hop index: 1048577

                Next hop: 10.10.9.1 via ge-0/0/3.0, selected

                Label operation: Push 299984, Push 299840(top)

                Label TTL action: prop-ttl, prop-ttl(top)

                Load balance label: Label 299984: None; Label 299840: None; 

                Session Id: 0x142

                Next hop: 10.10.3.1 via ge-0/0/4.0

                Label operation: Push 299984, Push 300144(top)

                Label TTL action: prop-ttl, prop-ttl(top)

                Load balance label: Label 299984: None; Label 300144: None; 

                Session Id: 0x141

                Protocol next hop: 1.1.1.7

                Label operation: Push 299984

                Label TTL action: prop-ttl

                Load balance label: Label 299984: None; 

                Indirect next hop: 0x96dc110 1048578 INH Session ID: 0x151

                State: <Secondary Active Int Ext ProtectionCand>

                Local AS:  6619 Peer AS:  6619

                Age: 1:28       Metric2: 30 

                Validation State: unverified 

                Task: BGP_6619.1.1.1.11+179

                Announcement bits (1): 1-KRT 

                AS path: I (Originator)

                Cluster list:  1.1.1.11

                Originator ID: 1.1.1.7

                Communities: target:6619:400

                Import Accepted

                VPN Label: 299984

                Localpref: 150

                Router ID: 1.1.1.11

                Primary Routing Table bgp.l3vpn.0

                Indirect next hops: 1

                        Protocol next hop: 1.1.1.7 Metric: 30

                        Label operation: Push 299984

                        Label TTL action: prop-ttl

                        Load balance label: Label 299984: None; 

                        Indirect next hop: 0x96dc110 1048578 INH Session ID: 0x151

                        Indirect path forwarding next hops: 2

                                Next hop type: Router

                                Next hop: 10.10.9.1 via ge-0/0/3.0

                                Session Id: 0x142

                                Next hop: 10.10.3.1 via ge-0/0/4.0

                                Session Id: 0x141

                        1.1.1.7/32 Originating RIB: inet.3

                          Metric: 30                      Node path count: 1

                          Forwarding nexthops: 2

                                Nexthop: 10.10.9.1 via ge-0/0/3.0

[edit]

chano@PE_1# run show route 1.1.1.7 

inet.0: 47 destinations, 47 routes (47 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

1.1.1.7/32         *[OSPF/110] 00:01:41, metric 30

                      to 10.10.9.1 via ge-0/0/3.0

                    > to 10.10.3.1 via ge-0/0/4.0

inet.3: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

1.1.1.7/32         *[LDP/9] 1w0d 23:54:04, metric 30, tag 0

                    > to 10.10.9.1 via ge-0/0/3.0, Push 299840

                      to 10.10.3.1 via ge-0/0/4.0, Push 300144

A와 B가 12.12.12.0/24 대역을 CE_1에게 광고함.

    [A]--------------[CE]--------------[B]

    12.12.12.0/24-->          <--12.12.12.0/24

LB 설정

chano@CE_1# show | display set | match ECMP 

set routing-options forwarding-table export ECMP

set policy-options policy-statement ECMP then load-balance per-packet

set policy-options policy-statement ECMP then accept

BGP 설정

chano@CE_1# show protocols bgp | display set 

set protocols bgp group EBGP type external

set protocols bgp group EBGP peer-as 6619

set protocols bgp group EBGP local-as 65001

set protocols bgp group EBGP multipath

set protocols bgp group EBGP neighbor 10.10.1.1

set protocols bgp group EBGP neighbor 10.10.2.2

BGP 네이버 상태

chano@CE_1# run show bgp summary 

Groups: 1 Peers: 2 Down peers: 0

Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending

inet.0               

                       2          1          0          0          0          0

Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...

10.10.1.1              6619        865        864       0       0     1:05:07 1/1/1/0              0/0/0/0

10.10.2.2              6619        881        881       0       0     1:06:23 0/1/1/0              0/0/0/0

A와 B에게서 수신한 루트 확인

chano@CE_1# run show route receive-protocol bgp 10.10.1.1 

inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden)

  Prefix                  Nexthop              MED     Lclpref    AS path

* 12.12.12.0/24           10.10.1.1                               6619 I

[edit]

chano@CE_1# run show route receive-protocol bgp 10.10.2.2    

inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden)

  Prefix                  Nexthop              MED     Lclpref    AS path

  12.12.12.0/24           10.10.2.2                               6619 I

multipath 설정 전 라우팅 테이블 확인

chano@CE_1# run show route 12.12.12.0 

inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

12.12.12.0/24      *[BGP/170] 00:20:35, localpref 100

                      AS path: 6619 I, validation-state: unverified

                    > to 10.10.1.1 via ge-0/0/2.0

                    [BGP/170] 00:19:11, localpref 100

                      AS path: 6619 I, validation-state: unverified

                    > to 10.10.2.2 via ge-0/0/1.0

multipath 설정 전 포워딩 테이블 확인

chano@CE_1# run show route forwarding-table destination 12.12.12.0    

Routing table: default.inet

Internet:

Destination        Type RtRef Next hop           Type Index    NhRef Netif

12.12.12.0/24      user     0 10.10.1.1          ucst      569     4 ge-0/0/2.0

Routing table: __master.anon__.inet

Internet:

Destination        Type RtRef Next hop           Type Index    NhRef Netif

default            perm     0                    rjct      521     1

multipath  설정

[edit]

chano@CE_1# set protocols bgp group EBGP multipath 

[edit]

chano@CE_1# commit 

commit complete

1.1.1.1        1.1.1.2      1.1.1.3

[vMX-1]---[vMX-2]---[vMX-3]

1.lowest route preference

chano@vMX-2_PE1# show protocols bgp | display set 

set protocols bgp group TEST type internal

set protocols bgp group TEST local-address 1.1.1.2

set protocols bgp group TEST cluster 1.1.1.2

set protocols bgp group TEST neighbor 1.1.1.3

set protocols bgp group TEST_2 type internal

set protocols bgp group TEST_2 preference 200

set protocols bgp group TEST_2 local-address 1.1.1.2

set protocols bgp group TEST_2 cluster 1.1.1.2

set protocols bgp group TEST_2 neighbor 1.1.1.1

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0                               

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:00:37, localpref 100, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/200] 00:00:46, localpref 100, from 1.1.1.1

                      AS path: I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive                 

                Inactive reason: Route Preference

2. highest local preference 

[edit]

chano@vMX-1_CE1# set policy-options policy-statement export-bgp-static term 10 then local-preference 50 

[edit]

chano@vMX-3# set policy-options policy-statement export-bgp-static term 10 then local-preference 200

chano@vMX-2_PE1# run show route 100.100.0.0 

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:00:07, localpref 200, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:00:21, localpref 50, from 1.1.1.1

                      AS path: I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 | match inactive 

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive 

                Inactive reason: Local Preference

3. AS path

[edit]

chano@vMX-1_CE1# set policy-options policy-statement export-bgp-static term 10 then as-path-prepend 2345    

[edit]

chano@vMX-1_CE1# run show route advertising-protocol bgp 1.1.1.2                                            

inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden)

  Prefix                  Nexthop              MED     Lclpref    AS path

* 100.100.0.0/24          Self                         100        2345 [1234] I

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0                               

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:05:47, localpref 100, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:01:10, localpref 100, from 1.1.1.1

                      AS path: 2345 I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive    

                Inactive reason: AS path

4. lowest origin value

IGP (I) > EGP (E) > incomplete (?)

[edit]

chano@vMX-1_CE1# set policy-options policy-statement export-bgp-static term 10 then origin egp 

[edit]

chano@vMX-3# set policy-options policy-statement export-bgp-static term 10 then origin igp 

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0                               

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:10:04, localpref 100, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:00:15, localpref 100, from 1.1.1.1

                      AS path: E, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive    

                Inactive reason: Origin

5. lowest MED

[edit]

chano@vMX-1_CE1# set routing-options static route 100.100.0.0/24 metric 200 

[edit]

chano@vMX-3# set routing-options static route 100.100.0.0/24 metric 100  

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0                               

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:07:03, MED 100, localpref 100, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:00:22, MED 300, localpref 100, from 1.1.1.1

                      AS path: I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive    

                Inactive reason: Not Best in its group - Route Metric or MED comparison

6.route type

[edit]

chano@vMX-2_PE1# show protocols bgp | display set 

set protocols bgp group TEST type external

set protocols bgp group TEST peer-as 2345

set protocols bgp group TEST neighbor 10.0.0.3

set protocols bgp group TEST_2 type internal

set protocols bgp group TEST_2 local-address 1.1.1.2

set protocols bgp group TEST_2 cluster 1.1.1.2

set protocols bgp group TEST_2 neighbor 1.1.1.1

[edit]

chano@vMX-1_CE1# set policy-options policy-statement export-bgp-static term 10 then as-path-prepend 1111  AS path

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0                               

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:01:15, MED 100, localpref 100

                      AS path: 2345 I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:00:08, localpref 100, from 1.1.1.1

                      AS path: 1111 I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive    

                Inactive reason: Interior > Exterior > Exterior via Interior

7. lowest IGP cost 

[edit]

chano@vMX-2_PE1# set protocols ospf area 0 interface ge-0/0/1 metric 100 

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 

inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

100.100.0.0/24     *[BGP/170] 00:02:44, localpref 100, from 1.1.1.3

                      AS path: I, validation-state: unverified

                    > to 10.0.0.3 via ge-0/0/4.0

                    [BGP/170] 00:08:32, localpref 100, from 1.1.1.1

                      AS path: I, validation-state: unverified

                    > to 10.1.0.0 via ge-0/0/1.0

[edit]

chano@vMX-2_PE1# run show route 100.100.0.0 extensive | match inactive 

                Inactive reason: Not Best in its group - IGP metric