Hi All, I'm much more of a Cisco head; trying to redistribute the connected subnets into an MPLS L3VPN form PE2, up to some RRs then down to PE1, not sure what I've missed here, can anyone help me out?
bensley@PE2> show route table 0089.inet.0 172.31.253.100/31 *[Direct/0] 3w4d 12:42:16 > via fe-1/1/3.89 172.31.253.100/32 *[Local/0] 3w4d 12:42:16 Local via fe-1/1/3.89 172.31.253.102/31 *[Direct/0] 3w4d 12:42:16 > via ge-0/1/0.89 172.31.253.102/32 *[Local/0] 3w4d 12:42:16 Local via ge-0/1/0.89 PE2.Lo0.IP.80/32 *[Direct/0] 3w4d 12:42:16 > via lo0.89 bensley@PE2> show configuration policy-options community 0089_VRF members target:12345:89; bensley@PE2> show configuration routing-instances 0089 instance-type vrf; interface lo0.89; interface ge-0/1/0.89; interface fe-1/1/3.89; route-distinguisher PE2.Lo0.IP.80:89; vrf-import plc-VRF-0089-Import; vrf-export plc-VRF-0089-Export; vrf-table-label; bensley@PE2> show configuration policy-options policy-statement plc-VRF-0089-Export term 10 { from { protocol direct; interface [ ge-0/1/0.89 fe-1/1/3.89 ]; } then accept; } bensley@PE2> show route advertising-protocol bgp RR1.Lo0.IP.165 table bgp.l3vpn.0 | match 89 PE2.Lo0.IP.80:89:172.31.253.100/31 PE2.Lo0.IP.80:89:172.31.253.102/31 So that all looks good to my layman eyes, however over on PE1 we don't receive the routes: bensley@PE1> show route receive-protocol bgp RR1.Lo0.IP.165 table bgp.l3vpn.0 | match 89 PE9.Lo0.IP.9:1067:10.1.89.0/24 PE9.Lo0.IP.9:1067:10.2.89.0/24 RR1.Lo0.IP.165:511:10.89.55.0/28 The RR also doesn't show the routes in "show route receive-protocol bgp..." (it doesn't have the routing instance configured either but I don't believe that should make a difference in Junos? I think I should at least see the routes in the BGP RIB?). PE1 is sending some eBGP learnt routes inside this VRF to PE2 via the RR, and PE2 is successfully receiving them so I'm just trying to get some directly connected return routes back from PE2 via RR to PE1. Many thanks, James. bensley@RR1> show configuration protocols bgp group Core-MX480 type internal; local-address RR1.Lo0.IP.165; family inet { unicast; } family inet-vpn { unicast; } family inet6 { unicast; } family l2vpn { signaling; } export [ export-ibgp-ipv4-default-route export-ibgp-ipv4-client-routes export-ibgp-ipv4-no-transit ]; cluster RR1.Lo0.IP.165; neighbor PE1.Lo0.IP.85 { description "PE1"; } bensley@RR1> show configuration protocols bgp group Core-Others type internal; local-address RR1.Lo0.IP.165; family inet { unicast; } family inet-vpn { unicast; } family inet6 { unicast; } family l2vpn { signaling; } export [ export-ibgp-ipv4-default-route export-ibgp-ipv4-client-routes export-ibgp-ipv4-no-transit ]; cluster RR1.Lo0.IP.165; local-as 12345; neighbor PE2.Lo0.IP.80 { description " PE2"; } # There are no import statements, iBGP should advertise all routes then, so only the export statements could potentially filter the routes but thye *seem* to be allowed bensley@RR1> show configuration policy-options policy-statement export-ibgp-ipv4-client-routes term downstream-transit { from { protocol bgp; community [ downstream-transit lpsn-ipv4-route ]; } then accept; } term vpn-routes { from { protocol bgp; rib bgp.l3vpn.0; } then accept; } term l2vpn-routes { from { protocol bgp; rib bgp.l2vpn.0; } then accept; } bensley@PE1> show configuration protocols bgp group core-mx480-rr type internal; local-address PE1.85; family inet { unicast; } family inet-vpn { unicast; } family inet6 { unicast; } family l2vpn { signaling; } export [ export-bgp-default export-bgp-ipv4-transit export-bgp-ipv4-downstream-routes export-bgp-vrf-all export-bgp-ipv4-deny-all export-bgp-ipv6-deny-all ]; neighbor RR1.Lo0.IP.165 { description "RR1"; } neighbor RR2.Lo0.IP.166 { description "RR2"; } _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp