Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Ian Tomkins 
I'm not sure this is relevant to you but I thought I would mention that there 
is also a trick you can use when running MP-BGP through route reflectors and 
you still need to see all the versions of a particular route not just the ones 
the route reflector chose as best route - which is to use a different 
route-distinguisher on each originating router but the same route-target, this 
causes the route reflector to see the multiple versions of the same route as 
different so the route selection process will take place at the point the 
routes are pushed into your specific VRF.  You can also use this to ensure that 
ECMP works, but it gets more complex because every router that needs to build 
an LSP to one of your destinations needs to be configured to use multiple 
routes in the relevant VRF.

Cheers,

Ian

From: uknof [mailto:uknof-boun...@lists.uknof.org.uk] On Behalf Of Paul Bone
Sent: 28 April 2016 10:31
To: uknof@lists.uknof.org.uk
Subject: [uknof] Juniper SRX as PE Node Problem

I am using some Juniper SRX240 as PE nodes and running the Internet in VRF.

I have two Juniper MX5 MP-BGP route reflectors which also receive the full 
internet table plus default into VRF and export just my local routes (BGP and 
direct) and a default route (BGP) into the VRF.

The problem I have is that the SRX240 is receiving the default route from both 
route reflectors but is actually preferring and forwarding traffic to the route 
reflector with the lowest router ID (show route detail confirms this) and 
ignoring the underlying IGP metrics from the global OSPF table.

This is causing sub-optimal routing of traffic.

Has anyone experienced this before?

Best regards, Paul
Paul Bone | Connectivity Manager
office: 01223 755055 | mobile: +44 7713 393621
email: paul.b...@bridgefibre.co.uk

Thinking of moving services to a Data Centre? Please ask for information on our 
Colocation services

Bridge Fibre Ltd | Registered in England 04250873
Jeffreys Building, St John's Innovation Park, Cowley Road, Cambridge, CB4 0DS
web: www.bridgefibre.co.uk
twitter: @bridgefibre
service desk: 01223 755075

CLARITY * PARTNERSHIP * QUALITY

2015 ISPA Awards Winner - Best Enterprise 
Broadband


DISCLAIMER NOTICE This message and any files transmitted with it contain 
privileged and confidential information intended only for the use of the 
individual or entity to whom they are addressed. If you are not the intended 
recipient of this message you are hereby notified that you must not use, 
disseminate, forward, copy, print or take any action in reliance on it. If you 
have received this message in error, please notify Bridge Fibre Ltd immediately 
and delete this email from your computer. Any views expressed in this message 
are those of the individual sender, except where the sender specifically states 
them to be the views of Bridge Fibre Ltd. Viruses: Although we have taken steps 
to ensure that this e-mail and any attachments are free from any virus, we 
cannot be held responsible for any viruses transmitted with this email and any 
such attachments. Any prices quoted in this email are for indicative purposes 
only and are subject to further technical appraisal. Additional installation 
charges may apply. Unless otherwise specified, prices are in GB Pounds and 
exclude VAT (or equivalent taxes). Pricing valid for 14 days. Acceptance of any 
proposal contained in this email is subject to formal contract.






This communication contains information which is confidential and may also be 
privileged. It is for the exclusive use of the intended recipient(s).

If you are not the intended recipient(s) please note that any distribution, 
copying or use of this communication or the information in it is strictly 
prohibited. If you have received this communication in error please notify us 
by email (supp...@modrus.com) or by telephone +44 (0)203 371 and then 
delete the email from your system together with any copies of it.

All communication sent to and from Modrus Limited is subject to monitoring of 
content. By using this method of communication you give consent to the 
monitoring of such communications. Any views or opinions are solely those of 
the author and do not necessarily represent those of the companies listed below 
unless specifically stated.'

Modrus Limited is registered in England and Wales (no. 5022857). The registered 
office of Modrus Limited is Midland House, 2 Poole Road, Bournemouth, Dorset 
BH2 5QY.

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Nick Hilliard 
Paul Bone wrote:
> We are quite a small service provider and have just expanded our MPLS
> and the issue was not seen before - is it common to use an anycast
> address as default route destination then?

No idea how common it is in the wider context, but I've used it
routinely for some years and with a small number of exceptions (e.g.
Miktotik ipv6 and other systems which don't support recursive route
resolution), it works extremely well.

> Interestingly, the ME3600 PE nodes I have are actually picking the
> nearest RR for default so there appears to be a difference between
> IOS and Junos.

yeah, junos handles mpls route resolution differently to ios.

Saku Ytti's advice is still good though: if you don't advertise default
routes, you can avoid an entire category of problems.

Nick

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Paul Bone 
Juniper docs suggesting it causes a reset of LDP session - time for some 
planned out of hours maintenance!

Best regards, Paul


-Original Message-
From: Dan Peachey [mailto:d...@peachey.co] 
Sent: 28 April 2016 15:11
To: Paul Bone 
Cc: uknof@lists.uknof.org.uk
Subject: Re: [uknof] Juniper SRX as PE Node Problem

On 28 April 2016 at 14:52, Paul Bone  wrote:
> Hi Dan,
>
> We are using LDP and that looks like it will solve my problem.
>
> Will enabling this cause any network outage?
>
> Best regards, Paul
>

I've never tried configuring it with sessions already established. I'd be 
surprised if it caused them to reset, but you never know... :)

Dan

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Dan Peachey 
On 28 April 2016 at 14:52, Paul Bone  wrote:
> Hi Dan,
>
> We are using LDP and that looks like it will solve my problem.
>
> Will enabling this cause any network outage?
>
> Best regards, Paul
>

I've never tried configuring it with sessions already established. I'd
be surprised if it caused them to reset, but you never know... :)

Dan

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Paul Bone 
Hi Dan,

We are using LDP and that looks like it will solve my problem.

Will enabling this cause any network outage?

Best regards, Paul


-Original Message-
From: Dan Peachey [mailto:d...@peachey.co] 
Sent: 28 April 2016 14:44
To: Paul Bone 
Cc: uknof@lists.uknof.org.uk
Subject: Re: [uknof] Juniper SRX as PE Node Problem

On 28 April 2016 at 10:31, Paul Bone  wrote:
>
> I am using some Juniper SRX240 as PE nodes and running the Internet in VRF.
>
>
>
> I have two Juniper MX5 MP-BGP route reflectors which also receive the full 
> internet table plus default into VRF and export just my local routes (BGP and 
> direct) and a default route (BGP) into the VRF.
>
>
>
> The problem I have is that the SRX240 is receiving the default route from 
> both route reflectors but is actually preferring and forwarding traffic to 
> the route reflector with the lowest router ID (show route detail confirms 
> this) and ignoring the underlying IGP metrics from the global OSPF table.
>
>
>
> This is causing sub-optimal routing of traffic.
>
>
>
> Has anyone experienced this before?
>
>
>
> Best regards, Paul
>
>


Hi Paul,

Are you using LDP? If so, make sure you have 'track-igp-metric' set under 
'protocols ldp'.

Cheers,

Dan

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Paul Bone 
Thanks Nick,

We are quite a small service provider and have just expanded our MPLS and the 
issue was not seen before - is it common to use an anycast address as default 
route destination then?

Interestingly, the ME3600 PE nodes I have are actually picking the nearest RR 
for default so there appears to be a difference between IOS and Junos.

Paul


-Original Message-
From: Nick Hilliard [mailto:n...@foobar.org] 
Sent: 28 April 2016 13:55
To: Paul Bone 
Cc: uknof@lists.uknof.org.uk
Subject: Re: [uknof] Juniper SRX as PE Node Problem

Paul Bone wrote:
> The problem I have is that the SRX240 is receiving the default route 
> from both route reflectors but is actually preferring and forwarding 
> traffic to the route reflector with the lowest router ID (show route 
> detail confirms this) and ignoring the underlying IGP metrics from the 
> global OSPF table.
> 
> This is causing sub-optimal routing of traffic.

This approach works well:

http://blog.ip.fi/2011/08/when-should-you-advertise-default-route.html

Nick

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Nick Hilliard 
Paul Bone wrote:
> The problem I have is that the SRX240 is receiving the default route
> from both route reflectors but is actually preferring and forwarding
> traffic to the route reflector with the lowest router ID (show route
> detail confirms this) and ignoring the underlying IGP metrics from the
> global OSPF table.
> 
> This is causing sub-optimal routing of traffic.

This approach works well:

http://blog.ip.fi/2011/08/when-should-you-advertise-default-route.html

Nick

Re: [uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Mark Tinka 


On 28/Apr/16 11:31, Paul Bone wrote:

> I am using some Juniper SRX240 as PE nodes and running the Internet in
> VRF.
>
>  
>
> I have two Juniper MX5 MP-BGP route reflectors which also receive the
> full internet table plus default into VRF and export just my local
> routes (BGP and direct) and a default route (BGP) into the VRF.
>
>  
>
> The problem I have is that the SRX240 is receiving the default route
> from both route reflectors but is actually preferring and forwarding
> traffic to the route reflector with the lowest router ID (show route
> detail confirms this) and ignoring the underlying IGP metrics from the
> global OSPF table.
>
>  
>
> This is causing sub-optimal routing of traffic.
>
>  
>
> Has anyone experienced this before?
>

I'd typically not announce default routes in my iBGP if I'm carrying a
full BGP table (except under special circumstances which your topology
does not qualify for).

Sounds like your RR's are overwriting the NEXT_HOP attribute for the
default routes. Is this the case?

Mark.

[uknof] Juniper SRX as PE Node Problem

2016-04-28 Thread Paul Bone 
I am using some Juniper SRX240 as PE nodes and running the Internet in VRF.

I have two Juniper MX5 MP-BGP route reflectors which also receive the full 
internet table plus default into VRF and export just my local routes (BGP and 
direct) and a default route (BGP) into the VRF.

The problem I have is that the SRX240 is receiving the default route from both 
route reflectors but is actually preferring and forwarding traffic to the route 
reflector with the lowest router ID (show route detail confirms this) and 
ignoring the underlying IGP metrics from the global OSPF table.

This is causing sub-optimal routing of traffic.

Has anyone experienced this before?

Best regards, Paul
Paul Bone | Connectivity Manager
office: 01223 755055 | mobile: +44 7713 393621
email: paul.b...@bridgefibre.co.uk

Thinking of moving services to a Data Centre? Please ask for information on our 
Colocation services

Bridge Fibre Ltd | Registered in England 04250873
Jeffreys Building, St John's Innovation Park, Cowley Road, Cambridge, CB4 0DS
web: www.bridgefibre.co.uk
twitter: @bridgefibre
service desk: 01223 755075

CLARITY * PARTNERSHIP * QUALITY

2015 ISPA Awards Winner - Best Enterprise 
Broadband


DISCLAIMER NOTICE This message and any files transmitted with it contain 
privileged and confidential information intended only for the use of the 
individual or entity to whom they are addressed. If you are not the intended 
recipient of this message you are hereby notified that you must not use, 
disseminate, forward, copy, print or take any action in reliance on it. If you 
have received this message in error, please notify Bridge Fibre Ltd immediately 
and delete this email from your computer. Any views expressed in this message 
are those of the individual sender, except where the sender specifically states 
them to be the views of Bridge Fibre Ltd. Viruses: Although we have taken steps 
to ensure that this e-mail and any attachments are free from any virus, we 
cannot be held responsible for any viruses transmitted with this email and any 
such attachments. Any prices quoted in this email are for indicative purposes 
only and are subject to further technical appraisal. Additional installation 
charges may apply. Unless otherwise specified, prices are in GB Pounds and 
exclude VAT (or equivalent taxes). Pricing valid for 14 days. Acceptance of any 
proposal contained in this email is subject to formal contract.