Mailing List Archive

On Thu, 8 Jan 2004, Bosco Sachanandani wrote:
> My query in general is that what are "hidden" routes? I am using an
> M20 with JunOS , the upstream provider is using a Cisco 7000 series
> box. There are NO inbound BGP policies at my end.

hidden routes are those which are rejected by inbound policy, or have
unresolvable next-hop.

As you can see, the next-hop is within the advertised prefix itself,
so next-hop isn't considered valid, and the routes aren't installed.


> admin@srmum1-re0> show route table Gp_VRF hidden
>
> Gp_VRF.inet.0: 514 destinations, 525 routes (513 active, 0 holddown, 2 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 202.123.213.80/28 [BGP/170] 23:37:07, MED 0, localpref 100, from 202.123.213.83
> AS path: 19440 I
> Unusable
> 213.181.39.0/24 [BGP/170] 23:38:48, localpref 100, from 213.181.39.20
> AS path: 6774 I
> Unusable
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

hi,

As asked by some of you, maybe this is more helpful. Also, do I need to set the next-hop self option in this case on my router?



admin@srmum1-re0> show route table Gp_VRF hidden extensive

Gp_VRF.inet.0: 513 destinations, 524 routes (512 active, 0 holddown, 2 hidden)
202.123.213.80/28 (2 entries, 1 announced)
TSI:
Page 0 idx 1 Type 1 val 88002d8
Nexthop: 213.181.39.20
AS path: 6774 19440 I
Communities:
Page 0 idx 5 Type 1 val 8a93b7c
Nexthop: 213.181.39.20
Localpref: 100
AS path: 6774 19440 I
Communities:
Path 202.123.213.80 from 213.181.39.20 Vector len 4. Val: 1 5
KRT in-kernel 202.123.213.80/28 -> {indirect(393)}
BGP Preference: 170/-101
Next hop type: Unusable
State: <Hidden Ext>
Inactive reason: Unusable path
Local AS: 64721 Peer AS: 19440
Age: 1d 5:19:26 Metric: 0
Task: BGP_19440_64721.202.123.213.83+179
AS path: 19440 I
Localpref: 100
Router ID: 192.168.4.1
Indirect next hops: 1
Protocol next hop: 202.123.213.83 Indirect next hop: 0 -
202.123.213.80/28 Originating RIB: Gp_VRF.inet.0
Node path count: 1
Indirect nexthops: 1
Protocol Nexthop: 213.181.39.20
Indirect nexthop: 86d1000 393
Indirect path forwarding nexthops: 1
Nexthop: 213.181.39.25 via fe-0/3/1.3
0.0.0.0/0 Originating RIB: Gp_VRF.inet.0
Node path count: 1
Forwarding nexthops: 1
Nexthop: 213.181.39.25 via fe-0/3/1.3

213.181.39.0/24 (1 entry, 0 announced)
BGP Preference: 170/-101
Next hop type: Unusable
State: <Hidden Ext>
Local AS: 64721 Peer AS: 6774
Age: 1d 5:21:07
Task: BGP_6774_64721.213.181.39.20+179
AS path: 6774 I (Atomic)Aggregator: 6774 213.181.59.92
Localpref: 100
Router ID: 213.181.58.132
Indirect next hops: 1
Protocol next hop: 213.181.39.20 Indirect next hop: 0 -
0.0.0.0/0 Originating RIB: Gp_VRF.inet.0
Node path count: 1
Forwarding nexthops: 1
Nexthop: 213.181.39.25 via fe-0/3/1.3





Probably you're not setting next-hop to self for these prefixes...

Please provide extensive info.
>admin@srmum1-re0> show route table Gp_VRF hidden extensive

cu
Anton

At 11:37 AM 1/8/2004 +0530, you wrote:
>Hi all,
>
>Need a small piece of info. I am running BGP with 2 upstream GRX
>providers. I am recieving all routes correctly from them except the ones
>mentioned below.
>
>It turns out that these prefixes are the GRX provider's network prefix's
>itself. Since it does not get installed in the route table, I have to put
>in static routes to access stuff like the their DNS servers which are part
>of these subnets, which is not a very nice thing to do.
>
>My query in general is that what are "hidden" routes? I am using an M20
>with JunOS , the upstream provider is using a Cisco 7000 series box. There
>are NO inbound BGP policies at my end.
>
>The GRX guys cannot seem to figure out why this is happening.
>
>thanks.
>
>
>admin@srmum1-re0> show route table Gp_VRF hidden
>
>Gp_VRF.inet.0: 514 destinations, 525 routes (513 active, 0 holddown, 2 hidden)
>+ = Active Route, - = Last Active, * = Both
>
>202.123.213.80/28 [BGP/170] 23:37:07, MED 0, localpref 100, from
>202.123.213.83
> AS path: 19440 I
> Unusable
>213.181.39.0/24 [BGP/170] 23:38:48, localpref 100, from 213.181.39.20
> AS path: 6774 I
> Unusable
>
>_______________________________________________
>juniper-nsp mailing list juniper-nsp@puck.nether.net
>http://puck.nether.net/mailman/listinfo/juniper-nsp

This seems to be in issue of route recursion, where if a route were to be
installed it would deactivate the route's forwarding or protocol next hop by
virtue of being more specific leading to a recursion loop.


For example, it seems that for:

213.181.39.0/24 (1 entry, 0 announced)
. . . .
Protocol next hop: 213.181.39.20 Indirect next hop:
0 -
0.0.0.0/0 Originating RIB: Gp_VRF.inet.0 <<<<<
Node path count: 1
Forwarding nexthops: 1
Nexthop: 213.181.39.25 via fe-0/3/1.3

You are ultimately using a default route for next hop resolution. This is
ok, expect the route you want to install (213.181.39/24) is a longer match
for the protocols next hop (213.181.39.20) then the currently used 0/0
default. As a result, installing the BGP route would resulting in the
protocol next-hop resolving through the BGP route that needs it's protocol
next-hop resolved.

There are several ways to deal with this. Check out the IP prep guide for
some additional discussion. Some folks alter their IGP to leak/advertise the
protocol next hop so that a default is no longer needed. Setting next-hop to
a physical interface address that is carried by the IGP in that Area/Level
is also workable.

HTHs.





> -----Original Message-----
> From: juniper-nsp-bounces@puck.nether.net
> [mailto:juniper-nsp-bounces@puck.nether.net] On Behalf Of
> Bosco Sachanandani
> Sent: Thursday, January 08, 2004 3:49 AM
> To: juniper-nsp@puck.nether.net
> Subject: RE: [j-nsp] hidden bgp route
>
>
> hi,
>
> As asked by some of you, maybe this is more helpful. Also, do
> I need to set the next-hop self option in this case on my router?
>
>
>
> admin@srmum1-re0> show route table Gp_VRF hidden extensive
>
> Gp_VRF.inet.0: 513 destinations, 524 routes (512 active, 0
> holddown, 2 hidden) 202.123.213.80/28 (2 entries, 1 announced)
> TSI:
> Page 0 idx 1 Type 1 val 88002d8
> Nexthop: 213.181.39.20
> AS path: 6774 19440 I
> Communities:
> Page 0 idx 5 Type 1 val 8a93b7c
> Nexthop: 213.181.39.20
> Localpref: 100
> AS path: 6774 19440 I
> Communities:
> Path 202.123.213.80 from 213.181.39.20 Vector len 4. Val: 1
> 5 KRT in-kernel 202.123.213.80/28 -> {indirect(393)}
> BGP Preference: 170/-101
> Next hop type: Unusable
> State: <Hidden Ext>
> Inactive reason: Unusable path
> Local AS: 64721 Peer AS: 19440
> Age: 1d 5:19:26 Metric: 0
> Task: BGP_19440_64721.202.123.213.83+179
> AS path: 19440 I
> Localpref: 100
> Router ID: 192.168.4.1
> Indirect next hops: 1
> Protocol next hop: 202.123.213.83
> Indirect next hop: 0 -
> 202.123.213.80/28 Originating RIB:
> Gp_VRF.inet.0
> Node path count: 1
> Indirect nexthops: 1
> Protocol Nexthop: 213.181.39.20
> Indirect nexthop: 86d1000 393
> Indirect path forwarding nexthops: 1
> Nexthop:
> 213.181.39.25 via fe-0/3/1.3
> 0.0.0.0/0 Originating RIB:
> Gp_VRF.inet.0
> Node path count: 1
> Forwarding nexthops: 1
> Nexthop:
> 213.181.39.25 via fe-0/3/1.3
>
> 213.181.39.0/24 (1 entry, 0 announced)
> BGP Preference: 170/-101
> Next hop type: Unusable
> State: <Hidden Ext>
> Local AS: 64721 Peer AS: 6774
> Age: 1d 5:21:07
> Task: BGP_6774_64721.213.181.39.20+179
> AS path: 6774 I (Atomic)Aggregator: 6774 213.181.59.92
> Localpref: 100
> Router ID: 213.181.58.132
> Indirect next hops: 1
> Protocol next hop: 213.181.39.20
> Indirect next hop: 0 -
> 0.0.0.0/0 Originating RIB: Gp_VRF.inet.0
> Node path count: 1
> Forwarding nexthops: 1
> Nexthop: 213.181.39.25 via fe-0/3/1.3
>
>
>
>
>
> Probably you're not setting next-hop to self for these prefixes...
>
> Please provide extensive info.
> >admin@srmum1-re0> show route table Gp_VRF hidden extensive
>
> cu
> Anton
>
> At 11:37 AM 1/8/2004 +0530, you wrote:
> >Hi all,
> >
> >Need a small piece of info. I am running BGP with 2 upstream GRX
> >providers. I am recieving all routes correctly from them
> except the ones
> >mentioned below.
> >
> >It turns out that these prefixes are the GRX provider's network
> >prefix's
> >itself. Since it does not get installed in the route table,
> I have to put
> >in static routes to access stuff like the their DNS servers
> which are part
> >of these subnets, which is not a very nice thing to do.
> >
> >My query in general is that what are "hidden" routes? I am
> using an M20
> >with JunOS , the upstream provider is using a Cisco 7000
> series box. There
> >are NO inbound BGP policies at my end.
> >
> >The GRX guys cannot seem to figure out why this is happening.
> >
> >thanks.
> >
> >
> >admin@srmum1-re0> show route table Gp_VRF hidden
> >
> >Gp_VRF.inet.0: 514 destinations, 525 routes (513 active, 0
> holddown, 2
> >hidden)
> >+ = Active Route, - = Last Active, * = Both
> >
> >202.123.213.80/28 [BGP/170] 23:37:07, MED 0, localpref 100, from
> >202.123.213.83
> > AS path: 19440 I
> > Unusable
> >213.181.39.0/24 [BGP/170] 23:38:48, localpref 100, from
> 213.181.39.20
> > AS path: 6774 I
> > Unusable
> >
> >_______________________________________________
> >juniper-nsp mailing list juniper-nsp@puck.nether.net
> >http://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/junipe> r-nsp
>