Juniper Contrail – how to check Next-Hop

One might need to check which MPLSoGRE/UDP/VXLAN tunnel is used to reach a specific prefix on a vrouter.

There are few steps needed to find it out after logging in to a compute node running a VM/contrainer with an interface of interest (its prefix or prefix reachable via it) :

    1. List all interfaces and see which vrouter VRF a specific interface maps to:

    2. Use the VRF id to dump routes in a routing table for this VRF and check a prefix in question and its next-hop id:

    3. Check next-hop id parameters with:

Inter-AS Option B between Juniper routers

Recently I stumbled on a topic related to interconnecting 2 Juniper routers with Inter-AS Option B. 

With this kind of connectivity it is not enough to have control plane working properly i.e. prefixes exchanged and visible in appropriate routing-instances on both ends – for data plane to work you need to have next-hop resolved – and it is implicit in case E-BGP peering is sourced with interface address. In case loopback is used as a source you need to have it resolved by:

  • either a LSP between the two ASBR (actually no label required, but it must appear in inet.3, it can even be a static dummy LSP)
  • or configure routing-options resolution rib bgp.l3vpn.0 resolution-ribs inet.0 which will allow L3VPN routes to be resolved in inet.0 instead of inet.3

More details can be found on the Juniper forum where I found the solution:


There are also 2 useful commands that can be used for troubleshooting next-hop connectivity