JUNIPER GRE OVER BGP

'''

   經過GRE接口創建BGP，會發現BGP一直起不來。咋肥事呢咋肥事？

   很是感謝大俠的指導，咱們須要在BGP的策略裏面把GRE接口的源目地址給deny掉。

'''

實驗拓撲：

使用了兩臺SRX300防火牆和一臺EX2200交換機。

SRX320----EX2200---SRX300

實驗配置：

1.gre配置：

admin# show interfaces gr-0/0/0 

unit 0 {

    tunnel {

        source 220.220.220.1;

        destination 110.110.110.1;

    }

    family inet {

        address 172.16.101.2/24;  

    }

}

2.BGP配置：

admin# show protocols bgp 

group EBGP_1101 {

    type external;

    multihop {

        ttl 64;

    }

    import IMPORT-1101;

    export EXPORT-1101;

    neighbor 110.110.110.1 {

        peer-as 1101;

    }

}

3.policy-options配置：

policy-statement EXPORT-1101 {    #Export方向deny掉源地址的明細路由

    term 1 {

        from {

            route-filter 220.220.220.0/24 exact;

        }

        then reject;

    }

    term 2 {

        then accept;

    }

}

policy-statement IMPORT-1101 {    #ixport方向deny掉目的地址的明細路由

    term 1 {

        from {

            route-filter 110.110.0.0/16 exact;

        }

        then reject;

    }

    term 2 {

        then accept;

    }

}

4.如何選擇這個明細路由：

admin# run show route 110.110.110.1    

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

110.110.0.0/16     *[Static/5] 02:20:13

                    > to 220.220.220.254 via ge-0/0/0.0

[edit]

admin# run show route 220.220.220.1/24 

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

220.220.220.0/24   *[Direct/0] 02:38:33

                    > via ge-0/0/0.0

220.220.220.1/32   *[Local/0] 02:38:37

                      Local via ge-0/0/0.0

[edit]

admin# 

5.檢查BGP：

admin# run show bgp summary    

Groups: 1 Peers: 1 Down peers: 0

Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending

inet.0               

                       1          1          0          0          0          0

Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...

110.110.110.1          1101        262        262       0       0     1:55:46 1/1/1/0              0/0/0/0

[edit]

admin# run show route protocol bgp   

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

192.168.1.0/24     *[BGP/170] 01:54:44, localpref 100, from 110.110.110.1

                      AS path: 1101 I, validation-state: unverified

                    > to 220.220.220.254 via ge-0/0/0.0

[edit]