Re: [j-nsp] L3VPN/RR/PE on Same router
On 16/Aug/18 17:15, adamv0...@netconsultings.com wrote: > Yes a good practice is to separate internet routes from internal/services > l3vpn routes onto separate BGP control planes (different sessions at least) > so that malformed bgp msg will affect just one part of your overall BGP > infrastructure. I see you've been giving this advice for quite some time now. We've been running all address families on the same RR's (different sessions, obviously, but same hardware) for almost 5 years. The only reason sessions have gone down is due to hardware problems. It didn't disrupt services because there are always 2 RR's, but we haven't seen an outage due to protocol problems in one address family spilling over into other address families. Of course, I see your concern, but from our own experience over several years, I've not seen this issue. I mention this because introducing this kind of separation is onerous. Mark. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] L3VPN/RR/PE on Same router
Hello, Yes there is https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/advertise-from-main-vpn-table-edit-protocols-bgp.html Also, either don't configure "family route-target" on this combined PE/RR at all, or configure "family route-target advertise-default" in order to be able to receive routes from all VRFs in Your network. HTH Thanks Alex On 16/08/2018 15:39, tim tiriche wrote: Hello, I have a MPLS PE (L3VPN) router that is acting as full mesh iBGP within the US. The other routers in the US are not RR and regular iBGP. This router also acts as RR for Europe and takes in full BGP table. Is there some caveats to watch out for? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] L3VPN/RR/PE on Same router
> Of tim tiriche > Sent: Thursday, August 16, 2018 3:40 PM > To: juniper-nsp@puck.nether.net > Subject: [j-nsp] L3VPN/RR/PE on Same router > > Hello, > > I have a MPLS PE (L3VPN) router that is acting as full mesh iBGP within the > US. The other routers in the US are not RR and regular iBGP. This router also > acts as RR for Europe and takes in full BGP table. Is there some caveats to > watch out for? Yes a good practice is to separate internet routes from internal/services l3vpn routes onto separate BGP control planes (different sessions at least) so that malformed bgp msg will affect just one part of your overall BGP infrastructure. adam netconsultings.com ::carrier-class solutions for the telecommunications industry:: ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] L3VPN/RR/PE on Same router
Yes, the PE should do next-hop-self, the RR should not do it
Route reflector can also be EBGP-Border Router,
General use of next-hop self can result in inefficient forwarding
use next-hop self only for EBGP learned routes
policy-statement bgp-export {
term ebgp {
from route-type external;
then {
next-hop self;
accept;
}
}
term ibgp {
from route-type internal;
then accept;
}
}
regards
alexander
-Ursprüngliche Nachricht-
Von: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] Im Auftrag von
tim tiriche
Gesendet: Donnerstag, 16. August 2018 16:40
An: juniper-nsp@puck.nether.net
Betreff: [j-nsp] L3VPN/RR/PE on Same router
Hello,
I have a MPLS PE (L3VPN) router that is acting as full mesh iBGP within the
US. The other routers in the US are not RR and regular iBGP. This router
also acts as RR for Europe and takes in full BGP table. Is there some
caveats to watch out for?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] L3VPN/RR/PE on Same router
Hello, I have a MPLS PE (L3VPN) router that is acting as full mesh iBGP within the US. The other routers in the US are not RR and regular iBGP. This router also acts as RR for Europe and takes in full BGP table. Is there some caveats to watch out for? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
