Hi everybody! I'm configuring a VPN on 4 Juniper M-10 routers but seems that i have some problems.
My testbed is made by 2 CE routers and 2 PE routers.
In the ingress PE VPN seems to be up,but if i do "show route table VPN1.inet.0" and "show route table bgp.l3vpn.0", those tables r empty or contain only the other PE router's loopback interface.
I'm not sure where my mistake is: on the bgp configuration, on the routing-instance configuration or both.
Please, someone can help me and tell me what is my mistake??
The ingress PE configuration ( BGP and routing instance) is:
[edit protocols bgp]
admin@lab1# show
family inet {
any;
}
group IBGP_PE1->PE2 {
type internal;
multihop;
local-address 10.10.10.10;
family inet-vpn {
any;
}
neighbor 30.30.30.30;
}
[edit protocols bgp]
admin@lab1#
[edit policy-options]
admin@lab1# show
policy-statement ALLOW-J2 {
from {
protocol bgp;
as-path J2;
}
then accept;
}
policy-statement J2-EXPORT {
term 10 {
from {
protocol [ bgp static direct ];
as-path J2;
}
then accept;
}
term 20 {
then reject;
}
from as-path J2;
}
policy-statement J2-IMPORT {
term 10 {
from {
protocol bgp;
community J2;
}
then accept;
}
term 20 {
then reject;
}
}
policy-statement Load-Balance-Traffic {
then {
load-balance per-packet;
}
}
policy-statement red-conn {
from protocol direct;
}
policy-statement redistribute-connected {
from protocol direct;
then accept;
}
community J2 members target:2:200;
as-path J2 2;
[edit policy-options]
admin@lab1#
[edit routing-instances]
admin@lab1# show
VPN1 {
description "VPN tra J1-CE e J2-CE";
instance-type vrf;
interface ge-0/0/0.0;
route-distinguisher 2:200;
vrf-import J2-IMPORT;
vrf-export J2-EXPORT;
inactive: vrf-target target:2:200;
inactive: routing-options {
static {
route 30.30.30.30/32 {
lsp-next-hop 192.168.22.2;
install;
}
}
}
protocols {
bgp {
group PE1<->CE1 {
type external;
inactive: keep all;
import ALLOW-J2;
family inet-vpn {
unicast;
}
peer-as 2;
inactive: neighbor 192.168.21.2;
}
}
}
}
[edit routing-instances]
admin@lab1#
Please.....answer me only in italian or english.
Thanks all for your help.
My testbed is made by 2 CE routers and 2 PE routers.
In the ingress PE VPN seems to be up,but if i do "show route table VPN1.inet.0" and "show route table bgp.l3vpn.0", those tables r empty or contain only the other PE router's loopback interface.
I'm not sure where my mistake is: on the bgp configuration, on the routing-instance configuration or both.
Please, someone can help me and tell me what is my mistake??
The ingress PE configuration ( BGP and routing instance) is:
[edit protocols bgp]
admin@lab1# show
family inet {
any;
}
group IBGP_PE1->PE2 {
type internal;
multihop;
local-address 10.10.10.10;
family inet-vpn {
any;
}
neighbor 30.30.30.30;
}
[edit protocols bgp]
admin@lab1#
[edit policy-options]
admin@lab1# show
policy-statement ALLOW-J2 {
from {
protocol bgp;
as-path J2;
}
then accept;
}
policy-statement J2-EXPORT {
term 10 {
from {
protocol [ bgp static direct ];
as-path J2;
}
then accept;
}
term 20 {
then reject;
}
from as-path J2;
}
policy-statement J2-IMPORT {
term 10 {
from {
protocol bgp;
community J2;
}
then accept;
}
term 20 {
then reject;
}
}
policy-statement Load-Balance-Traffic {
then {
load-balance per-packet;
}
}
policy-statement red-conn {
from protocol direct;
}
policy-statement redistribute-connected {
from protocol direct;
then accept;
}
community J2 members target:2:200;
as-path J2 2;
[edit policy-options]
admin@lab1#
[edit routing-instances]
admin@lab1# show
VPN1 {
description "VPN tra J1-CE e J2-CE";
instance-type vrf;
interface ge-0/0/0.0;
route-distinguisher 2:200;
vrf-import J2-IMPORT;
vrf-export J2-EXPORT;
inactive: vrf-target target:2:200;
inactive: routing-options {
static {
route 30.30.30.30/32 {
lsp-next-hop 192.168.22.2;
install;
}
}
}
protocols {
bgp {
group PE1<->CE1 {
type external;
inactive: keep all;
import ALLOW-J2;
family inet-vpn {
unicast;
}
peer-as 2;
inactive: neighbor 192.168.21.2;
}
}
}
}
[edit routing-instances]
admin@lab1#
Please.....answer me only in italian or english.
Thanks all for your help.