Académique Documents
Professionnel Documents
Culture Documents
http://noshut.blogspot.com/2012/03/basic-junos-mpls-based-ip-vpns.html
For R3-P - the configuration is very similar as to what has occured for R2-PE and R4-PE. The primary difference here is
that R3-P is a BGP route-reflector. Within the configured BGP peer group, once the cluster id is set, the router is now
acting as a route reflector
root@R3-P> show configuration | display set
set system host-name R3-P
set interfaces em1 vlan-tagging
set interfaces em1 unit 23 vlan-id 23
set interfaces em1 unit 23 family inet address 10.1.23.3/24
set interfaces em1 unit 34 vlan-id 34
set interfaces em1 unit 34 family inet address 10.1.34.3/24
set interfaces lo0 unit 0 family inet address 3.3.3.3/32
set routing-options router-id 3.3.3.3
set protocols ospf area 0.0.0.0 interface em1.23
set protocols ospf area 0.0.0.0 interface lo0.0
set protocols ospf area 0.0.0.0 interface em1.34
set
set
set
set
set
set
set
set
set
set
set
set
set
set
protocols
protocols
protocols
protocols
bgp
bgp
bgp
bgp
group
group
group
group
Core-RRClients
Core-RRClients
Core-RRClients
Core-RRClients
cluster 3.3.3.3
peer-as 65500
neighbor 2.2.2.2
neighbor 4.4.4.4
So at this stage, we have our core network MP-BGP enabled, MPLS/LDP active but no L3 VPN configuration yet
root@R2-PE#
root@R2-PE#
root@R2-PE#
root@R2-PE#
set
set
set
set
interface em1.12
instance-type vrf
route-distinguisher 65500:1
vrf-target target:65500:1
The following command is a hack used on Olives which doesn't have a tunnel services PIC to assist in the double label
lookup, so normally isn't required on real platforms.
[edit routing-instances CustomerA]
root@R2-PE# set vrf-table-label
Now we set up the BGP configuration to peer with our R1-CE
[edit routing-instances CustomerA]
root@R2-PE# edit protocols bgp group CE
[edit routing-instances CustomerA protocols bgp group CE]
root@R2-PE# set type external
root@R2-PE# set family inet unicast
root@R2-PE# set neighbor 10.1.12.1 peer-as 64512
root@R2-PE# commit and-quit
commit complete
Exiting configuration mode
For R4-PE the configuration is similar (R5-CE is in AS 64513)
root@R4-PE> configure
Entering configuration mode
[edit]
root@R4-PE# set interfaces em1 unit 45 vlan-id 45
root@R4-PE# set interfaces em1 unit 45 family inet address 10.1.45.4/24
root@R4-PE# edit routing-instances CustomerA
[edit routing-instances CustomerA]
root@R4-PE# set instance-type vrf
root@R4-PE# set interface em1.45
root@R4-PE# set route-distinguisher 65500:1
root@R4-PE# set vrf-target target:65500:1
root@R4-PE# set vrf-table-label
root@R4-PE# edit protocols bgp group CE
[edit routing-instances CustomerA protocols bgp group CE]
root@R4-PE# set type external
root@R4-PE# set family inet unicast
root@R4-PE# set neighbor 10.1.45.5 peer-as 64513
root@R4-PE# commit and-quit
commit complete
Exiting configuration mode
The CE Configurations are quite straight forward - each has an EBGP peering with the MPLS PE and redistributes it's
directly connected interfaces into BGP with the intention that each CE will have reachability to the others lo0.0
interface.
root@R1-CE> show configuration | display set
set system host-name R1-CE
set interfaces em1 vlan-tagging
set
set
set
set
set
set
set
set
set
set
set
Destination
1.1.1.1/32
5.5.5.5/32
10.1.12.0/24
10.1.12.1/32
10.1.45.0/24
P Prf
D
0
B 170
D
0
L
0
B 170
Metric 1
Metric 2
100
100
Next hop
>lo0.0
>10.1.12.2
>em1.12
Local
>10.1.12.2
AS path
65500 64513 I
65500 I
Active/holddown/hidden
5/0/0
10.1.12.0/24
10.1.12.2/32
10.1.45.0/24
AS path: 64513 I
> to 10.1.23.3 via em1.23, Push 16, Push 299840(top)
*[Direct/0] 00:17:02
> via em1.12
[BGP/170] 00:16:58, localpref 100
AS path: 64512 I
> to 10.1.12.1 via em1.12
*[Local/0] 00:17:02
Local via em1.12
*[BGP/170] 00:11:23, localpref 100, from 3.3.3.3
AS path: I
> to 10.1.23.3 via em1.23, Push 16, Push 299840(top)
On the Route Reflector we can see that the VPN Label matches up as well
root@R3-P> show route table bgp.l3vpn.0 5.5.5.5/32
bgp.l3vpn.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
65500:1:5.5.5.5/32
Which we can confirm that Label 16 on R4-PE refers to the CustomerA.inet.0 routing table.
root@R4-PE> show route table mpls
mpls.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0
1
2
16
300112
300112(S=0)
300128
All this certainly indicates that we should have connectivity from R1-CE to R5-CE, so lets verify it: