It sounds like you are using vrf-export for policy. If so, it automatically advertises the direct subnet as soon as the CE next hop is learned via some other router exchange, say OSPF. If you use explicit vrf-export you will return to the default behavior and you will need to match on and accept the type of route you wish to readvertise.
If you have a broadcast vrf interface, and try to export only the direct, when you have learned no other CE routes you will find the route is not advertised with a label, causing it to be hidden at the remote end. This is because when routing to the direct vrf the PE actually pops the label and shunts to the CE, who then returns the pack if its actually addressed to the PE's end of the vrf. If we have not yet learned the CE next hop, there is no way to shunt, so the direct vrf is unlabeled. HTHs -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Jeroen Valcke Sent: Tuesday, January 26, 2010 7:52 AM To: juniper-nsp@puck.nether.net Subject: [j-nsp] L3VPN advertises the directly connected subnet - why? Hi, I'm doing some testing with simple plain L3VPNs and ran into some weird behaviour. At least I think it's weird. Perhaps somebody can enlighten me. A CE router is exchanging routes with the PE through BGP. These routes are correctly advertised 'over' the L3VPN towards other CE routers. However the directly connected subnet between the CE and PE is also advertised to the other CE routers. Why is this? It was my understanding that only the routes learned from the BGP advertisement from the CE router would be advertised to the other CE routers. What's the reasoning behind this behaviour? Can I alter this behaviour? And if yes, is it safe to do so? Weirdly enough I've found a Juniper KB [1] which seems to document the exact opposite behaviour of what I'm experiencing. This KB describes a case where the directly connected subnet is not advertised over the L3VPN and how to 'fix' this. Thanks for any clues. Kind regards, -Jeroen- PS: JunOS version on the PE routers is 9.3R2.8 [1] http://kb.juniper.net/index?page=content&id=KB12430&cat=BGP&actp=LIST -- Jeroen Valcke _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp