Tobias,
When you receive inet-vpn routes from remote PE, they are put into bgp.l3vpn.0 first. This is their primary RIB from the perspective of this PE. Entries in VRF are considered secondary & are already leaked based on vrf-target/vrf-import policy (think of it as automatic leaking between these two tables that happens in the background w/o additional config). When you try to leak routes from VRF into inet.0 via rib-groups, you are only touching the VRF routes local to this instance (import-rib definition has to contain the primary table first - vpn-x.inet.0 in this case) & copying them into inet.0. You cannot copy prefixes coming from remote PEs in this way. Thanks, Adam On Tue, Feb 4, 2014 at 9:47 AM, Tobias Heister <li...@tobias-heister.de>wrote: > Hi, > > Am 04.02.2014 04:25, schrieb Bikram Singh: > >> There might be a couple of alternate solutions coming to mind: > >> 1. move all internet Routes to the CE1 table and use static routes to > point back at the VRF with next-table from inet.0 which will not really > scale beyond a single l3vpn. > >> 2. use a separate VRF for the internet routes and use auto-export, > rib-groups, vrf-import/export policy to move routes around. This would need > a rework of our network and is not really > > feasible right now. > > > > If point 2. is not feasible then you can do below > > > > Since you have already put a static route from VRF pointing to inet.0 > for the traffic going to internet now you need to work for reverse traffic > from internetto CE1 or CE2 . > > > > As you have mentioned that they use Public IP in that case you can put > all VPN routes (from CE1 and CE2 ) or aggregate routes into inet.0 using > rib-goups to attract reverse traffic from > > internet . > > That is actually what i am trying right now. But i am not able to put all > the VPN Routes into inet.0 > I have trouble to move the ones learned from the remote PE, as i have no > clue how and where to match them with a rib-groub as they are from protocol > BGP and are placed there by the l3vpn > itself. If you happen to have an example how to move the BGP routes > received from the remote PE to inet.0 i would be happy if you would share > it. > > I already have a manual aggregate route covering CE1 and CE2 prefixes in > inet.0 which i am exporting into the iBGP to get the internet incoming > Traffic to the PE1. What i am missing are > routes for the remote CE/PE on PE1 inet.0 in order to direct the traffic > to the remote PE (PE2/CE2). > > regards > Tobias > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
