Hi, On Wed, Mar 30, 2016 at 10:41 PM, Aaron <aar...@gvtc.com> wrote: > what are these routes (access-internal) ? i'm seeing them actually being > sent over my MPLS L3VPN into my other pe's as /32 routes. very interesting. > and seemingly very inefficient and busy. not sure that I like the idea of > host routes for 10's of thousands of hosts being injected into my mpls vpn > all over my network. i'm thinking this is happening possible from dhcp > relay on my acx5048. how do I turn off the /32 route injection at the > acx5048 ?
what does your VRF export policy look like? Sounds like you're permitting all routes from all protocols and tagging them with RT community. Try changing your VRF export policy to reject the access-internal routes prior to accepting&tagging all the rest (or permit&tag e.g. only bgp and connected and reject everything else). BR, Daniel. _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
