Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[M/MX] BGP Route Reflector and Confederations interaction

0

0

Article ID: KB29299 KB Last Updated: 17 Dec 2014Version: 2.0
Summary:

This article describes how route reflectors and confederations can work together within the same autonomous system (AS).

Symptoms:

In a large autonomous system (AS), IBGP full-mesh scaling is usually solved through the configuration of Confederations or the configuration of Route Reflectors, but not both. However, IBGP full-mesh scaling in a large AS can also be addressed through a hybrid solution that involves both route reflectors and confederations.

Cause:

Solution:

Example Topology

  • R1, R2, R3, R5, and R7 are members of AS 17.

  • R1, R2 and R3 are part of confederation AS 65000.

  • R3 is RR for R1 and R2.

  • There's a confederation EBGP between R3 and R4.

  • R5 and R7 are members of confederation AS 65001.

  • In the output below, R1 is advertising 102.13.144.0/20 to R3, and R2 is advertising 172.16.24.0/24 to R3.

R3@Router:R3# run show route protocol bgp

inet.0: 26 destinations, 26 routes (26 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both


102.13.144.0/20 *[BGP/170] 00:57:51, localpref 100, from 192.168.1.1
AS path: I, validation-state: unverified
> to 172.16.13.1 via lt-0/0/0.31
172.16.24.0/24 *[BGP/170] 00:57:47, localpref 100, from 192.168.1.2
AS path: I, validation-state: unverified
> to 172.16.23.2 via lt-0/0/0.32

In the output below, R1 and R2 are getting the reflected routes.

edit]
R1@Router:R1# run show route protocol bgp

inet.0: 27 destinations, 27 routes (26 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both


172.16.24.0/24 *[BGP/170] 01:00:42, localpref 100, from 192.168.1.3
AS path: I, validation-state: unverified
> to 172.16.12.2 via lt-0/0/0.12



[edit]
R3@Router:R3# run show route protocol bgp

inet.0: 26 destinations, 26 routes (26 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both


102.13.144.0/20 *[BGP/170] 01:21:04, localpref 100, from 192.168.1.1
AS path: I, validation-state: unverified
> to 172.16.13.1 via lt-0/0/0.31

[edit]
R3@Router:R3#

Note that R1 is advertising 102.13.144.0/20, and R3 is advertising 172.16.24.0/24

In the output below, these prefixes are propagated to R7 in sub-as 65001:

[edit]
R7@Router:R7# run show route protocol bgp


102.13.144.0/20 *[BGP/170] 01:04:31, localpref 100, from 192.168.1.5
AS path: (65000) I, validation-state: unverified
> to 172.16.57.5 via lt-0/0/0.75
172.16.24.0/24 *[BGP/170] 01:04:28, localpref 100, from 192.168.1.5
AS path: (65000) I, validation-state: unverified
> to 172.16.57.5 via lt-0/0/0.75

[edit]
R7@Router:R7#

inet.0: 26 destinations, 26 routes (26 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

102.13.144.0/20 *[BGP/170] 00:57:51, localpref 100, from 192.168.1.1
AS path: I, validation-state: unverified
> to 172.16.13.1 via lt-0/0/0.31
172.16.24.0/24 *[BGP/170] 00:57:47, localpref 100, from 192.168.1.2
AS path: I, validation-state: unverified
> to 172.16.23.2 via lt-0/0/0.32

Configuration

R1 configuration

edit]
R1@Router:R1# show
interfaces {
lt-0/0/0 {

unit 13 {
encapsulation ethernet;
peer-unit 31;
family inet {
address 172.16.13.1/24;
}
family mpls;
}
unit 81 {
encapsulation ethernet;
peer-unit 82;
family inet {
address 102.13.144.81/20;
}
}
}
lo0 {
unit 1 {
family inet {
address 192.168.1.1/32;
}
}
}
}
protocols {

bgp {

group IBGP {
type internal;
local-address 192.168.1.1;
export [ NHS DIRECT ];
peer-as 65000;
neighbor 192.168.1.3;
}
}
ospf {
area 0.0.0.0 {
interface all;
interface lt-0/0/0.81 {
disable;
}
}
}
}
policy-options {
policy-statement DIRECT {
term 1 {
from {
protocol direct;
route-filter 102.0.0.0/8 orlonger;
}
then accept;
}
}
policy-statement NHS {
term 10 {
from protocol bgp;
then {
next-hop self;
}
}
term 20 {
then next policy;
}
}
}
routing-options {
router-id 192.168.1.1;
autonomous-system 65000;
confederation 17 members [ 65000 65001 ];
}

[edit]
R1@Router:R1#

R2 configuration

[edit]
R2@Router:R2# show
interfaces {
lt-0/0/0 {

unit 23 {
encapsulation ethernet;
peer-unit 32;
family inet {
address 172.16.23.2/24;
}
}
unit 24 {
encapsulation ethernet;
peer-unit 42;
family inet {
address 172.16.24.2/24;
}
}

}
lo0 {
unit 22 {
family inet {
address 192.168.1.2/32;
}
}
}
}
protocols {
bgp {

group IBGP {
type internal;
export [ NHS DIRECT ];
peer-as 65000;
neighbor 192.168.1.3;
}
}
ospf {
area 0.0.0.0 {
interface all;

interface lt-0/0/0.24 {
disable;
}
}
}
}
policy-options {
policy-statement DIRECT {
term 1 {
from {
protocol direct;
route-filter 172.16.24.0/24 orlonger;
}
then accept;
}
}
policy-statement NHS {
term 10 {
from protocol bgp;
then {
next-hop self;
}
}
}
}
routing-options {
autonomous-system 65000;
confederation 17 members [ 65000 65001 ];
}

[edit]
R2@Router:R2#

R3 Route Reflector for Sub-AS 65000

[edit]
R3@Router:R3# show
interfaces {
lt-0/0/0 {
unit 31 {
encapsulation ethernet;
peer-unit 13;
family inet {
address 172.16.13.3/24;
}
}
unit 32 {
encapsulation ethernet;
peer-unit 23;
family inet {
address 172.16.23.3/24;
}
}
unit 35 {
encapsulation ethernet;
peer-unit 53;
family inet {
address 172.16.35.3/24;
}
}
}
lo0 {
unit 3 {
family inet {
address 192.168.1.3/32;
}
}
}
}
protocols {
bgp {

cluster 192.168.1.3;
group IBGP {
type internal;
local-address 192.168.1.3;
peer-as 65000;
neighbor 192.168.1.1;
neighbor 192.168.1.2;
inactive: neighbor 192.168.1.4;
inactive: neighbor 192.168.1.6;
}
group SUB-65001 {
type external;
multihop;
local-address 192.168.1.3;
peer-as 65001;
neighbor 192.168.1.5;
}
}
ospf {
area 0.0.0.0 {
interface all;
}
}
}
routing-options {
router-id 192.168.1.3;
autonomous-system 65000;
confederation 17 members [ 65000 65001 ];
}

[edit]
R3@Router:R3#

R5 Confederation EBGP with R3

[edit]
R5@Router:R5# show
interfaces {
lt-0/0/0 {
unit 53 {
encapsulation ethernet;
peer-unit 35;
family inet {
address 172.16.35.5/24;
}
}

unit 100 {
encapsulation ethernet;
peer-unit 75;
family inet {
address 172.16.57.5/24;
}
}

}
lo0 {
unit 55 {
family inet {
address 192.168.1.5/32;
}
}
}
}
protocols {
bgp {


group IBGP {
type internal;
local-address 192.168.1.5;
export NHS;
peer-as 65001;

neighbor 192.168.1.7;
}
group SUB-65000 {
type external;
multihop;
local-address 192.168.1.5;
peer-as 65000;
neighbor 192.168.1.3;
}
}
ospf {
area 0.0.0.0 {
interface all;
}
}
}
policy-options {
policy-statement NHS {
term 10 {
from protocol bgp;
then {
next-hop self;
}
}
}
}
routing-options {
autonomous-system 65001;
confederation 17 members [ 65000 65001 ];
}

[edit]
R5@Router:R5#

R7 configuration

R7@Router:R7# show
interfaces {
lt-0/0/0 {

unit 75 {
description link_to_R5;
encapsulation ethernet;
peer-unit 100;
family inet {
address 172.16.57.7/24;
}
}

}
lo0 {
unit 7 {
family inet {
address 192.168.1.7/32;
}
}
}
}
protocols {
bgp {

group Internal {
type internal;
local-address 192.168.1.7;
export NHS;

neighbor 192.168.1.5 {
peer-as 65001;
}
}
}
ospf {
area 0.0.0.0 {
interface lt-0/0/0.75;

interface lo0.7;
}
}
}
policy-options {
policy-statement NHS {
term 1 {
from protocol bgp;
then {
next-hop self;
}
}
}
}
routing-options {
router-id 192.168.1.7;
autonomous-system 65001;
confederation 17 members [ 65000 65001 ];
}

[edit]
R7@Router:R7#

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search