6 replies to this topic

[need_to_learn]

Hi All,

I am new to Junos. I would like to ask help on how will I configure route-maps in Junos? I just want to know the command below from cisco IOS? I was able to peer with our routers but I am stuck with the below commands.


router bgp 64711
neighbor 10.64.71.254 send-community


ip prefix-list LOOPBACK seq 5 permit 69.173.0.42/32
!
route-map LACL3SWX-OUT permit 5
match ip address prefix-list LOOPBACK
!
route-map LACL3SWX-OUT permit 10
set community 64:711
!

can someone help me convert it to Junos?

Many thanks

[Deda]

I don't have much experience with Juniper, but from what I do know, route map should look like this :

}
policy-options {
    policy-statement LACL3SWX-OUT {
	    term 10 {
		    from {
			    prefix-list-filter 69.173.0.42/32 exact;
		    }
		    then accept;
	    }
	    term 20 {
		    then {
			    community set C1;
		    }
	    }
    }
    community C1 members 64:711;
}

AS Number is being assigned under routing-options hierarchy

[edit]
root@Olive1# set routing-options autonomous-system 64711

And finally, neighbor settings are being applied under protocols bgp hierarchy.

Best of luck ,

Deda.

[ComputerDude]

Deda is almost correct. The problem is that you set it to accept the route in the first term which is a terminating action and it will never be evaluated against the second term and set the community value. You could however complete this with just one term if you wanted such as:

policy-options {
policy-statement LACL3SWX-OUT {
term 10 {
from {
prefix-list-filter 69.173.0.42/32 exact;
}
community set C1;
then accept;
}


}

community C1 members 64:711;
}

[need_to_learn]

Hello Deda and ComputerDude,

Thank you very much for your reply. I configured both of your configs but I am getting errors


root@VEGAS_JUNOS1_VZB# commit
[edit]
'policy-options'
Policy error: 69.173.0.74/32 prefix-list referenced (in term 10) but not defined
error: configuration check-out failed

[edit]
root@VEGAS_JUNOS1_VZB#

Edited by need_to_learn, 15 December 2011 - 12:43 PM.

[need_to_learn]

protocols {
bgp {
family inet {
any;
}
group TO_VZB_PE {
type external;
local-address 152.162.128.54;
export adv_directs;
peer-as 65000;
neighbor 152.162.128.53;
}
group TO_VEGAS_CORE {
type external;
local-address 10.64.77.253;
export adv_directs;
peer-as 64770;
neighbor 10.64.77.254 {
export VEGAS-OUT;
}
}
}
}
policy-options {
policy-statement VEGAS-OUT {
term 10 {
from {
prefix-list-filter 69.173.0.74/32 exact;
}
then accept;
}
term 20 {
then {
community set C1;
}
}
}
policy-statement adv_directs {
term directs {
from {
protocol direct;
route-filter 152.162.128.52/30 orlonger;
route-filter 10.64.77.252/30 orlonger;
route-filter 69.173.0.74/32 exact;
}
then accept;
}
}
community C1 members 64:771;
}

[edit]
root@VEGAS_JUNOS1_VZB# commit
[edit]
'policy-options'
Policy error: 69.173.0.74/32 prefix-list referenced (in term 10) but not defined
error: configuration check-out failed

[edit]
root@VEGAS_JUNOS1_VZB#

[need_to_learn]

policy-statement adv_directs {
term directs {
from {
protocol direct;
route-filter 152.162.128.52/30 orlonger;
route-filter 10.64.77.252/30 orlonger;
route-filter 69.173.0.74/32 exact;
}
then accept;

The above policy statement is for the directly connected interface pointing to the core switch and to VZB mpls cloud. Is that the correct way of advertising the routes like in cisco?

network x.x.x.x
network x.x.x.x
network x.x.x.x

Or is that the reason why I am getting errors?

Many Thanks to you Both...

[need_to_learn]

Hi ComputerDude,

I followed the commands you showed but did minor change on the term 10 and I don't see the route attached to the community when I do sho ip bgp from the CORE Switch. see below.


routing-options {
autonomous-system 64771;

--

group TO_VEGAS_CORE {
type external;
local-address 10.64.77.253;
export adv_directs;
peer-as 64770;
neighbor 10.64.77.254 {
export LVNCORESWX-OUT;
}
}


policy-options {
policy-statement LVNCORESWX-OUT {
term 10 {
from {
protocol direct;
route-filter 69.173.0.74/32 exact;
}
then {
community set C1;
accept;
}
}
community C1 members 64:771;


CORE SWITCH

BGP routing table entry for 69.173.0.41/32, version 8
Paths: (4 available, best #3, table Default-IP-Routing-Table)
Advertised to update-groups:
2
64772 13979 64712 64710
10.64.77.249 from 10.64.77.249 (69.173.0.75)
Origin incomplete, localpref 100, weight 40000, valid, external
64772 13979 64712 64710, (received-only)
10.64.77.249 from 10.64.77.249 (69.173.0.75)
Origin incomplete, localpref 100, valid, external
64771 65000 64711 64710
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin incomplete, localpref 100, weight 50000, valid, external, best
64771 65000 64711 64710, (received-only)
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin incomplete, localpref 100, valid, external
VEGAS_CORE#


I followed also the commands showed by Deda and I do see the routes attached to the community


policy-options {
policy-statement LVNCORESWX-OUT {
term 10 {
from {
protocol direct;
route-filter 69.173.0.74/32 exact;
}
}
term 20 {
then {
community set C1;
accept;
}
}

}
}
community C1 members 64:771;
}



VEGAS_CORE#sho ip bgp 69.173.0.41 ---> this route is from remote site
BGP routing table entry for 69.173.0.41/32, version 62
Paths: (4 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
64771 65000 64711 64710
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin incomplete, localpref 100, weight 50000, valid, external, best
Community: 64:771
64771 65000 64711 64710, (received-only)
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin incomplete, localpref 100, valid, external
Community: 64:771
64772 13979 64712 64710
10.64.77.249 from 10.64.77.249 (69.173.0.75)
Origin incomplete, localpref 100, weight 40000, valid, external
Community: 64:772
64772 13979 64712 64710, (received-only)
10.64.77.249 from 10.64.77.249 (69.173.0.75)
Origin incomplete, localpref 100, valid, external
Community: 64:772
VEGAS_CORE#


What I want to happen is that this route 69.173.0.74/32 which is local to junos1 router(loopback), when I go to LVNCORESWX when I do show ip bgp 69.173.0.74 (cisco switch) I don't want to see that route attached to the community

See this.


VEGAS_CORE#sho ip bgp 69.173.0.74
BGP routing table entry for 69.173.0.74/32, version 60
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
64771
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin IGP, localpref 100, weight 50000, valid, external, best
Community: 64:771 -----> still shows the community
64771, (received-only)
10.64.77.253 from 10.64.77.253 (69.173.0.74)
Origin IGP, localpref 100, valid, external
Community: 64:771
VEGAS_CORE

I want to see something like the following......................


sho ip bgp 69.173.0.74
BGP routing table entry for 69.173.0.42/32, version 154
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
64711
10.64.71.253 from 10.64.71.253 (69.173.0.42)
Origin incomplete, metric 0, localpref 100, weight 50000, valid, external, best
64711, (received-only)
10.64.71.253 from 10.64.71.253 (69.173.0.42)
Origin incomplete, metric 0, localpref 100, valid, external
CALI_CORE



So the set up is like this

remote ----- VZB Cloud ---- Junos1 ----cisco switch CORE ----- Junos2 ------- ATT cloud ---- remote


From what I post at the very first


ip prefix-list LOOPBACK seq 5 permit 69.173.0.74/32
!
route-map LACL3SWX-OUT permit 5
match ip address prefix-list LOOPBACK
!
route-map LACL3SWX-OUT permit 10
set community 64:711


That means the 2nd route-map permit 10, The rest of the routes will have a community of 64:711 except the first route-map permit 5 which is the loopback. So that means when I do a sho ip bgp on the loopback I should not be seeing community attached to it.

Sorry its kind of confusing but I appreciate your help once again. Thanks a lot!