Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX, J Series] Example - Importing Routes to and from virtual routers on SRX and J Series

0

0

Article ID: KB19787 KB Last Updated: 05 Mar 2017Version: 7.0
Summary:

This article presents details of configuration needed to import the following types of routes in and out of the routing instances from virtual routers (VR):

  • Interface routes

  • Routes from dynamic protocols

  • Static routes
Symptoms:

How to import routes from various routing instances to other routing instances, including the default routing instance.


Cause:

Solution:

The setup in this article uses a routing instance (type: Virtual Router (VR)) and the default instance for the route import functions. There are three different examples along with reasons to use one or the other:

  1. Interface routes
  2. Dynamic routing protocol (OSPF)
  3. Static routes

Interface Routes:

Steps:
  1. Configure a rib-group for the VRs concerned. The order of the tables referred under the import-rib does not matter for this 'Interface route' configuration. However, the order of the tables for the other configurations (Dynamic Routing Protocol (OSPF) and Static Routes) does matter.

    Rib Group Configuration:
    [edit]
    root@ipd-fw# show routing-options
        rib-groups {
            To-Instance-Inet {
                import-rib [ inet.0 VR-Test1.inet.0 ];
            }
        }
  2. To import the direct and local routes from the VR (VR-Test1) to the default inet.0 table, refer to this VR rib-group under the option interface-routes:
    VR-Test1 {
        instance-type virtual-router;
        interface fe-0/0/4.0;
        routing-options {
            interface-routes {
                rib-group inet To-Instance-Inet; 
            }
        }
    }
    
  3. This imports the direct and local routes from the VR to the inet.0 table. 13.13.13.0/30 is the subnet configured on the interface of the VR which gets imported to the inet.0 as shown in this example. To verify, run the command run show route:
    root@ipd-fw# run show route
    inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    10.10.10.0/30 *[Direct/0] 01:15:06
    > via ge-0/0/1.0
    10.10.10.1/32 *[Local/0] 01:15:06
    Local via ge-0/0/1.0
    13.13.13.0/30 *[Direct/0] 00:00:14 > via fe-0/0/4.0 13.13.13.1/32 *[Local/0] 00:00:14 Local via fe-0/0/4.0
    
    VR-Test1.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    13.13.13.0/30 *[Direct/0] 01:15:06 > via fe-0/0/4.0 13.13.13.1/32 *[Local/0] 01:15:06 Local via fe-0/0/4.0
    
     
  4. To import interface routes from inet.0 to a VR listed in the rib-group, refer to the rib-group under the interface-routes under the routing instance of the default instance. For example:

    root@idp-fw# show routing-options
    interface-routes {
        rib-group inet To-Instance-Inet;
    }

Dynamic Routing Protocols:

Open Shortest Path First (OSPF) is the dynamic routing protocol used in this example. The OSPF routes from the VR (VR-Test1) have been imported to the inet.0 table, and vice versa.
These are the OSPF routes under the VR:
VR-Test1.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
11.11.11.0/30 *[OSPF/10] 01:11:24, metric 2
> to 10.10.10.2 via ge-0/0/1.0
12.12.12.0/30 *[OSPF/10] 01:11:24, metric 2

To import these routes to the table inet.0, two methods can be used:

  1. Using Instance Import.
  2. Using rib-groups.
Using Instance Import:

This method uses the routing policies to import the routes from any routing instance.

  1. Configure a routing policy under the policy-options:
    root@idp-fw# show policy-options
    policy-statement accept-all {
        term 1 {
            from {
                instance VR-Test1;
                protocol ospf;
            }
            then accept;
        }
        term 2 {
            then reject;
        }
    }
    
    
  2. To import the OSPF routes from the VR to the default table inet.0, refer to this policy under the instance-import option of the default routing instance:
    [edit]
    root@ipd-fw# show routing-options
    instance-import accept-all;

    This imports all the OSPF routes from VR (VR-Test1) to the inet.0 table.  To verify, run the command of this example, showing how 11.11.11.0/30 and 12.12.12.0/30, which are OSPF routes, have been imported in the inet.0 table:

    [edit]
    root@ipd-fw# run show route
    inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0 *[Static/5] 00:46:40
    > to 10.10.10.2 via ge-0/0/1.0
    10.10.10.0/30 *[Direct/0] 02:01:32
    > via ge-0/0/1.0
    10.10.10.1/32 *[Local/0] 02:01:32
    Local via ge-0/0/1.0
    11.11.11.0/30 *[OSPF/10] 01:57:50, metric 2 > to 10.10.10.2 via ge-0/0/1.0 12.12.12.0/30 *[OSPF/10] 01:57:50, metric 2 > to 10.10.10.2 via ge-0/0/1.0
    13.13.13.0/30 *[Direct/0] 00:46:40
    > via fe-0/0/4.0
    13.13.13.1/32 *[Local/0] 00:46:40
    Local via fe-0/0/4.0
    224.0.0.5/32 *[OSPF/10] 05:25:17, metric 1
    MultiRecv
    	
    VR-Test1.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    11.11.11.0/30 *[OSPF/10] 01:11:24, metric 2 > to 10.10.10.2 via ge-0/0/1.0 12.12.12.0/30 *[OSPF/10] 01:11:24, metric 2 > to 10.10.10.2 via ge-0/0/1.0
    13.13.13.0/30 *[Direct/0] 01:15:06
    > via fe-0/0/4.0
    13.13.13.1/32 *[Local/0] 01:15:06
    Local via fe-0/0/4.0
    224.0.0.5/32 *[OSPF/10] 04:38:51, metric 1
    MultiRecv
  3. If you want to import to another routing instance, refer to the policy under the instance-import option of that particular VR.
  4. Control and filter the type and prefix list of the routes you want to import using the option under the routing policy.

Using rib-groups:

This method is useful when you want to import a route from the default table inet.0. Observe these points when using this method:

  • The order in which the tables are configured under the rib-groups does matter under this method. The first table in the list will be the primary table which will export its routes to the other tables in the list.
  • Note that it is not mandatory to have only two tables. Any number of tables to which you want to import the routing information can be included at the trailing end.

  • If you try to call the rib-group under any instance whose table is not the first one in the list, then there will be a commit error as shown in this example:
    [edit]
    root@ipd-fw# commit
    [edit routing-instances VR-Test1 protocols]
    'ospf'
    rib-group To-Instance-Inet: primary routing table does not match instance VR-Test1
    error: configuration check-out failed
Execute these steps:
  1. Create a rib-group by adding the table that is to be exported as the first table in the list. For example: if VR-Test1.inet.0 is the table to be imported to inet.0, then configure the rib-groups like this:
    routing-options {
        rib-groups {
            To-Instance-Inet {
                import-rib [ VR-Test1.inet.0 inet.0 ];
            }
        }
    }
  2. To import the OSPF routes to the inet.0 table from VR-Test1.inet.0,  refer to this rib-group under the routing-instance VR-Test1 in the ‘protocol ospf ‘ option.
    routing-instance {
        VR-Test1 {
            instance-type virtual-router;
            interface ge-0/0/1.0;
            protocols {
                ospf {
                    rib-group To-Instance-Inet;
                    area 0.0.0.0 {
                        interface ge-0/0/1.0;
                    }
                }
            }
        }
    }
  3. Check the routing table to ensure that the OSPF routes from the VR-Test1.inet.0 are imported into the inet.0 table.
    root@ipd-fw# run show route
    
    inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    11.11.11.0/30 *[OSPF/10] 00:14:15, metric 2
    > to 10.10.10.2 via ge-0/0/1.0
    12.12.12.0/30 *[OSPF/10] 00:14:15, metric 2
    > to 10.10.10.2 via ge-0/0/1.0
    13.13.13.0/30 *[Direct/0] 01:30:05 > via fe-0/0/4.0 13.13.13.1/32 *[Local/0] 01:30:05 Local via fe-0/0/4.0 224.0.0.5/32 *[OSPF/10] 01:30:05, metric 1 MultiRecv VR-Test1.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.10.10.0/30 *[Direct/0] 01:30:19 > via ge-0/0/1.0 10.10.10.1/32 *[Local/0] 01:30:19 Local via ge-0/0/1.0 11.11.11.0/30 *[OSPF/10] 00:14:29, metric 2
    > to 10.10.10.2 via ge-0/0/1.0
    12.12.12.0/30 *[OSPF/10] 00:14:29, metric 2
    > to 10.10.10.2 via ge-0/0/1.0
    224.0.0.5/32 *[OSPF/10] 01:30:19, metric 1 MultiRecv
  4. The OSPF routes from the inet.0 can be imported to any other VR by using a similar configuration. Make sure the order in the rib-group list is correct, and the reference to the rib-group is in the instance from which the routes are to be imported.

Static routes

The static routes from the routing instances, either VR or default instance, can be imported into other VRs. This example imports a static route from the inet.0 table to the VR-Test1.inet.0 table. Here, VR-Test1 is a routing-instance (Type : Virtual-Router).

  1. Configure static routes and the rib group like this:
    [edit]
    root@ipd-fw# show routing-options
    static {
        rib-group To-Instance-Inet;
        route 0.0.0.0/0 next-hop 10.10.10.2;
    }
    rib-groups {
        To-Instance-Inet {
            import-rib [ inet.0 VR-Test1.inet.0 ];
        }
    }
  2. A default static route is configured in the default instance. Also inet.0 is the primary table in the rib-group which is listed first.
  3. Verify by checking the routing table.

    [edit]
    root@ipd-fw# run show route
    
    inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    0.0.0.0/0 *[Static/5] 00:01:29
    > to 10.10.10.2 via ge-0/0/1.0
    10.10.10.0/30 *[Direct/0] 01:00:29 > via ge-0/0/1.0 10.10.10.1/32 *[Local/0] 01:00:29 Local via ge-0/0/1.0 VR-Test1.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:01:42
    > to 10.10.10.2 via ge-0/0/1.0
    11.11.11.0/30 *[OSPF/10] 00:57:00, metric 2 > to 10.10.10.2 via ge-0/0/1.0 12.12.12.0/30 *[OSPF/10] 00:57:00, metric 2 > to 10.10.10.2 via ge-0/0/1.0 13.13.13.0/30 *[Direct/0] 01:00:42 > via fe-0/0/4.0
  4. The importing of routes from any VR to any other VR is possible by configuring the tables under the rib-groups. Note that the primary table must be listed first and any number of tables can be added at the trailing end of the list.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search