Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[M/T] Prefix will not install in the secondary VRF-table via the RIB group when the device is also acting as the RR server

0

0

Article ID: KB21897 KB Last Updated: 23 Jul 2018Version: 2.0
Summary:

Unable to install the prefix in the secondary VRF-table via the RIB group when the device is also acting as the RR server.

Symptoms:

When trying to import CE BGP routes into two different VRF tables, the RIB group is used to accomplish this:

rib-groups {
    csr-rib-group-from-cn-peers {
        import-rib [ csr-vrf-cn.inet.0 csr-vrf-premium_plus_dia.inet.0 inet.0 csr-vrf-gc.inet.0 ];
        import-policy csr-rib-policy-from-cn-peers;
}

routing-instances {
    csr-vrf-cn {
        protocols {
            bgp {
                <snip>
                group PEER-TESTCOM-AS0004 {
                    family inet {
                        unicast {
                            rib-group csr-rib-group-from-cn-peers;
                        }
                        <snip>
                    }
                }
            }
        }
    }
}

csr-vrf-premium_plus_dia {
But when the router is also a RR server, the BGP routes will only show up in the bgp.l3vpn.0 and primary VRF-table:
[edit protocols bgp group anc-csr-vpn-rc]
cluster 0.0.0.200;

<-- only primary vrf-table receives the prefix.
[edit]
lab@m20-2-re1# run show route 10.8/14 logical-router pe-tpe exact

csr-vrf-cn.inet.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.8.0.0/14 *[BGP/170] 00:00:14, MED 100, localpref 250, from 10.12.184.1
AS path: 0004 I
> to 12.12.12.1 via fe-1/2/1.200, label-switched-path to-hkg3
This behavior is by design. The Junos device will only export routes from the VRF-table twice. When the RR is deactivated, the primary VRF-table and the secondary VRF-table will be exported. If the RR is active, only the bgp.l3vpn.0 and primary VRF tables will be exported; so the secondary VRF-table will be missed.
Solution:
When the RR server function is deactivated, the O/T becomes normal:
lab@m20-2-re1# show | compare rollback 1
[edit protocols bgp group anc-csr-vpn-rc]
! inactive: cluster 0.0.0.200;

[edit]
lab@m20-2-re1# run show route advertising-protocol bgp 10.12.184.65

csr-vrf-cn.inet.0: 8 destinations, 11 routes (8 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.12.160.0/20 Self 0 275 I
* 10.12.186.0/23 Self 0 100 I
* 10.12.189.0/24 Self 0 275 I
* 10.8.0.0/14 Self 100 250 0004 I
* 10.8.0.0/18 Self 100 250 0004 I
* 20.7.62.140/30 Self 100 I
* 20.7.16.142/32 Self 100 I

csr-vrf-gc.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.12.188.0/24 Self 0 100 I
* 10.8.0.0/14 Self 100 250 0004 I
* 10.8.0.0/18 Self 100 250 0004 I

csr-vrf-jp.inet.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.12.191.0/24 Self 0 100 I

csr-vrf-premium_plus_dia.inet.0: 6 destinations, 8 routes (6 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 0.0.0.0/0 Self 100 I
* 10.12.160.0/20 Self 0 100 I
* 10.12.189.0/24 Self 0 100 I
* 10.12.190.0/24 Self 0 275 I
* 10.8.0.0/14 Self 100 275 0004 I
* 10.8.0.0/18 Self 100 255 0004 I

csr-vrf-tw.inet.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.12.190.0/24 Self 0 100 I
Also, the 10.8/14 prefix can be received in both of the vrf tables (csr-vrf-cn.inet.0 and csr-vrf-premium_plus_dia.inet.0):
[edit]
lab@m20-2-re1# run show route 10.8/14 logical-router pe-tpe exact

csr-vrf-cn.inet.0: 7 destinations, 10 routes (7 active, 0 holddown, 0 hidden) 
+ = Active Route, - = Last Active, * = Both

10.8.0.0/14 *[BGP/170] 00:01:40, MED 100, localpref 250, from 10.12.184.1
AS path: 0004 I
> to 12.12.12.1 via fe-1/2/1.200, label-switched-path to-hkg3

csr-vrf-gc.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.8.0.0/14 *[BGP/170] 00:01:40, MED 100, localpref 250, from 10.12.184.1
AS path: 0004 I
> to 12.12.12.1 via fe-1/2/1.200, label-switched-path to-hkg3

csr-vrf-premium_plus_dia.inet.0: 6 destinations, 8 routes (6 active, 0 holddown, 0 hidden) 
+ = Active Route, - = Last Active, * = Both

10.8.0.0/14 *[BGP/170] 00:01:40, MED 100, localpref 275, from 10.12.184.1
AS path: 0004 I
> to 12.12.12.1 via fe-1/2/1.200, label-switched-path to-hkg3
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search