Example: BGP Route Target Filtering for VPNs
BGP route target filtering is enabled by configuring the family route-target
statement at the appropriate BGP hierarchy
level. This statement enables the exchange of a new route-target
address family, which is stored in the bgp.rtarget.0 routing table.
The following configuration illustrates how you could configure
BGP route target filtering for a BGP group titled to_vpn04
:
[edit] protocols { bgp { group to_vpn04 { type internal; local-address 10.255.14.182; peer-as 200; neighbor 10.255.14.174 { family inet-vpn { unicast; } family route-target; } } } }
The following configuration illustrates how you could configure
a couple of local VPN routing and forwarding (VRF) routing instances
to take advantage of the functionality provided by BGP route target
filtering. Based on this configuration, BGP would automatically generate
local routes corresponding to the route targets referenced in the
VRF import policies (note the targets defined by the vrf-target
statements).
[edit] routing-instances { vpn1 { instance-type vrf; interface t1-0/1/2.0; vrf-target target:200:101; protocols { ospf { export bgp-routes; area 0.0.0.0 { interface t1-0/1/2.0; } } } } vpn2 { instance-type vrf; interface t1-0/1/2.1; vrf-target target:200:102; protocols { ospf { export bgp-routes; area 0.0.0.0 { interface t1-0/1/2.1; } } } } }
Issue the show route table bgp.rtarget.0 show command to verify the BGP route target filtering configuration:
user@host> show route table bgp.rtarget.0 bgp.rtarget.0: 4 destinations, 6 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 200:200:101/96 *[RTarget/5] 00:10:00 Local 200:200:102/96 *[RTarget/5] 00:10:00 Local 200:200:103/96 *[BGP/170] 00:09:48, localpref 100, from 10.255.14.174 AS path: I > t3-0/0/0.0 200:200:104/96 *[BGP/170] 00:09:48, localpref 100, from 10.255.14.174 AS path: I > t3-0/0/0.0
The show
command display format for route target
prefixes is:
AS number:route target extended community/length
The first number represents the autonomous system (AS) of the
router that sent this advertisement. The remainder of the display
follows the Junos show
command convention for extended
communities.
The output from the show route table bgp-rtarget.0
command displays the locally generated and remotely generated routes.
The first two entries correspond to the route targets configured
for the two local VRF routing instances (vpn1
and vpn2
):
200:200:101/96
—Community200:101
in thevpn1
routing instance200:200:102/96
—Community200:102
in thevpn2
routing instance
The last two entries are prefixes received from a BGP peer:
200:200:103/96
—Tells the local router that routes tagged with this community (200:103
) should be advertised to peer10.255.14.174
throught3-0/0/0.0
200:200:104/96
—Tells the local router that routes tagged with this community (200:104
) should be advertised to peer10.255.14.174
throught3-0/0/0.0