Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] Aggregate routes coming as unusable/hidden through BGP

0

0

Article ID: KB23983 KB Last Updated: 04 Mar 2017Version: 2.0
Summary:
This article describes the issue of aggregate routes coming in as unusable or hidden via BGP.
Symptoms:
Assume that IBGP is running between two sites, US-SRX and UK-SRX, and you are aggregating routes on US SRX (192.168.0.0/16) to send it to UK SRX; so that the routing table on UK SRX does not get full.

The routes on the US-SRX were learnt from another router, so the next hop for the routes points to the router, from which routes have been received. In such cases, the aggregate route learnt on the UK SRX are hidden, as show below:


root@UK># run show route receive-protocol bgp 192.168.1.1
inet.0: 16 destinations, 16 routes (15 active, 0 holddown, 1 hidden
Cause:
This issue occurs when the route received by UK-SRX has the IP as next-hop, for which UK-SRX dose not have a route.

Solution:
The solution is to have a route for the next-hop IP. However, this is not a feasible option, as the dynamic routing protocol is being run. The ideal solution would be to change the next-hop to the router, from which aggregate routes are received; that is, the device sending the aggregate route should change the next hop to self.

In this example, US-SRX should change the next-hop for the aggregate routes. The following configuration needs to be implemented on US-SRX:

 
root@US# show policy-options policy-statement next-hop-self
term next-hop-self {
    then {
        next-hop self;
    }
}

This is applicable for all routers and not just SRX. The configuration will differ for each vendor. This issue also occurs if BGP is enabled on the loopback interface.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search