In nonforwarding instances implemented in JUNOS Release 5.3 and earlier, you could configure interinstance export through use of import routing table groups. A secondary routing instance would import routes from the primary routing instance. Then, IGPs would advertise the routes received from the second instance table as shown in the example in Figure 32.
Figure 32: Nonforwarding Instance Concept
In JUNOS Release 5.4 and later, you can use the instance-import and instance-export policy keywords to perform nonforwarding, interinstance route sharing. The keywords are assigned at the [edit routing-instances instance-name routing-options] hierarchy level. These statements are similar to VRF import and VRF export policies used for VRF instances.
The “rt-export” module examines the from instance statements present in an instance import policy to construct the list of import tables for a particular exporting instance. The following example illustrates the configuration hierarchy for this feature:
- [edit]
- policy-options {
-
- policy-statement {
-
- red-import {
- from instance blue;
-
- then {
- tag 1;
- accept;
- }
- }
-
- blue-import {
- from instance red;
-
- then {
- tag 2;
- accept;
- }
- }
- }
- }
- routing-instances {
-
- red {
-
- routing-options {
- instance-import red-import;
- }
- }
-
- blue {
-
- routing-options {
- instance-import blue-import;
- }
- }
- }
To advertise instance blue routes through an instance red IGP such as OSPF, you would add an export policy to OSPF to advertise routes from the local table.
- [edit}
- policy-options {
-
- policy-statement ospf-export {
- from /* some criteria */
- then accept;
- }
- }
- routing-instances {
-
- red {
-
- protocols ospf {
- export ospf-export;
- }
- }
- }
When an instance import policy is configured, the policy is allowed to modify route attributes other than next-hop.
Figure 33: Nonforwarding Instances Topology Diagram
In Figure 33, routers CE1, CE2, CE3, and CE4 are CE routers, PE0 and PE2 are PE routers, and Router P is the provider core transit router. CE1 and CE3 are part of a “community of interest” group called data, whereas CE2 and CE4 belong to a group called voice. Your goal is to connect the members of each group to each other by using a nonforwarding instance at the PE routers.
Note that routers PE0, CE1, and CE2 mirror the configurations on PE2, CE3, and CE4, respectively. Therefore, the latter routers are not shown in this example. The loopback addressing scheme for this network is shown in Table 20.
Table 20: Nonforwarding Instances—Loopback Addresses
Router |
Loopback Address |
|---|---|
CE1 |
10.255.255.172 |
CE2 |
10.255.255.180 |
PE0 |
10.255.255.176 |
P |
10.255.255.178 |
PE2 |
10.255.255.174 |
CE3 |
10.255.255.182 |
CE4 |
10.255.255.181 |
Routers CE1, CE2, CE3, and CE4 only need basic connectivity to their directly connected PE router. You enable OSPF on the interface that connects the CE routers to the PE routers. Since the configurations for all the CE routers are almost identical, only CE3 and CE4 are shown.
Router CE3
Router CE4
PE router configuration is next. Because the configurations for routers PE0 and PE2 mirror each other, only Router PE2 is displayed.
You must enable auto-export at the routing-options level for both the main configuration and the nonforwarding instances, establish policies that set tags on packets arriving from the CE routers, and accept packets into a specific instance that match the corresponding outbound tags. Specifically, you configure the router to attach a data tag to all packets coming from Router CE3 and a voice tag to all packets arriving from Router CE4. Also, forward any OSPF traffic coming from the core with a data tag to Router CE3, while OSPF core traffic with a voice tag is sent to Router CE4.
Router PE2
- [edit]
- routing-options {
- auto-export;
- }
- protocols {
-
- ospf {
- export [tag-voice tag-data];
-
- area 0.0.0.0 {
- interface t3-0/1/1.0;
- }
- }
- }
- routing-instances {
-
- data {
- instance-type no-forwarding;
- interface t3-0/1/3.0;
-
- routing-options {
- auto-export;
- }
-
- protocols {
-
- ospf {
- export import-data;
-
- area 0.0.0.0 {
- interface all;
- }
- }
- }
- }
-
- voice {
- instance-type no-forwarding;
- interface t3-0/1/0.0;
-
- routing-options {
- auto-export
- }
-
- protocols {
-
- ospf {
- export import-voice;
-
- area 0.0.0.0 {
- interface all;
- }
- }
- }
- }
- }
- policy-options {
-
- policy-statement tag-voice {
- from instance voice;
-
- then {
- tag 11;
- accept;
- }
- }
-
- policy-statement tag-data {
- from instance data;
-
- then {
- tag 12;
- accept;
- }
- }
-
- policy-statement import-voice {
-
- from {
- instance master;
- protocol ospf;
- tag 11;
- }
- then accept;
- }
-
- policy-statement import-data {
-
- from {
- instance master;
- protocol ospf;
- tag 12;
- }
- then accept;
- }
- }
On Router P, the provider core router configuration is simple. Include the interfaces that connect to the two PE routers (PE0 and PE2) in the OSPF process.
Router P
If all the configurations are correct, routers CE1 and CE3 (the data tagged routers) can send traffic to one another and routers CE2 and CE4 (the voice tagged routers) can communicate bidirectionally, but routers with different tag types cannot reach each other.
To verify that the nonforwarding instances configuration is functioning properly, you can use the following commands:
The following sections show the output of these commands used with the configuration example:
user@PE2> show ospf database OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *10.255.255.174 10.255.255.174 0x80000014 180 0x2 0x14b3 60
Router 10.255.255.176 10.255.255.176 0x80000010 592 0x2 0x14c1 60
Router 10.255.255.178 10.255.255.178 0x80000007 1074 0x2 0x9329 84
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 10.255.255.172 10.255.255.176 0x8000000f 489 0x2 0xd258 36
Extern 10.255.255.180 10.255.255.176 0x8000000f 189 0x2 0x948d 36
Extern *10.255.255.181 10.255.255.174 0x8000000f 780 0x2 0x968c 36
Extern *10.255.255.182 10.255.255.174 0x8000000f 480 0x2 0x7aa8 36
user@PE2> show ospf database instance voice
OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 10.255.255.181 10.255.255.181 0x80000008 1112 0x2 0x29ac 60
Router *192.255.197.117 192.255.197.117 0x8000000c 2681 0x2 0x5d7a 48
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern *10.255.255.180 192.255.197.117 0x80000001 2681 0x2 0x5cf7 36
user@PE2> show ospf database instance data
OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 10.255.255.182 10.255.255.182 0x8000000b 1117 0x2 0x53d 60
Router *192.255.197.249 192.255.197.249 0x8000000e 2686 0x2 0xbd05 48
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern *10.255.255.172 192.255.197.249 0x80000002 2686 0x2 0x7d5a 36
user@CE3> ping 10.255.255.172 PING 10.255.255.172 (10.255.255.172): 56 data bytes
64 bytes from 10.255.255.172: icmp_seq=0 ttl=252 time=2.978 ms
64 bytes from 10.255.255.172: icmp_seq=1 ttl=252 time=2.903 ms
^C
--- 10.255.255.172 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.903/2.941/2.978/0.037 ms
user@CE3> ping 10.255.255.180
PING 10.255.255.180 (10.255.255.180): 56 data bytes
^C
--- 10.255.255.180 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
user@CE3> show ospf database
OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *10.255.255.182 10.255.255.182 0x8000000b 1164 0x2 0x53d 60
Router 192.255.197.249 192.255.197.249 0x8000000e 2735 0x2 0xbd05 48
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 10.255.255.172 192.255.197.249 0x80000002 2735 0x2 0x7d5a 36
user@CE3> show route 10.255.255.172 detail
inet.0: 31 destinations, 32 routes (30 active, 0 holddown, 1 hidden)
10.255.255.172/32 (1 entry, 1 announced)
*OSPF Preference: 150
Next hop: via t3-0/0/0.0, selected
State: <Active Int Ext>
Local AS: 69
Age: 47:23 Metric: 2 Tag: 12
Task: OSPF
Announcement bits (1): 0-KRT
AS path: I
