Juniper JUNOSE 11.2.X BGP AND MPLS Configuration Manual Download Page 328 | Manualshive

Page: 328 / 742

background image

You configure a shared secret (password) on potential LDP peers. Any given pair of peers
must share the same password. When a peer sends a TCP segment to an LSR, it uses
the password and the segment to compute an MD5 digest that it sends along with the
segment.

When the LSR receives the segment, the LSR calculates its own version of the digest
using its instance of the password and the segment. The LSR validates the segment if
the local digest matches the received digest. If the comparison fails—for example, if the
password is not configured the same on both peers—the LSR drops the segment and
does not send a response to the peer.

You can optionally enable a strict authentication mode that allows only peers configured
with passwords to establish sessions. In this mode, LDP hello messages from peers that
have no password are ignored. If you do not configure strict authentication, then peers
that do not have configured passwords can establish connections with each other.

If you configure LDP MD5 authentication or change the authentication password for a
peer while it is in an established LDP session, MPLS restarts that session.

To configure LDP MD5 authentication:

1.

Set the password for an LDP peer.

host1(config)#

mpls ldp neighbor 10.3.5.1 password rop23ers

2.

(Optional) Set strict LDP authentication mode so that only peers with passwords
can establish LDP sessions.

host1(config)#

mpls ldp strict-security

Related Topics

Basic MPLS Configuration Tasks on page 276

•

•

Additional LDP Configuration Tasks on page 288

•

mpls ldp neighbor password

•

mpls ldp strict-security

Controlling LDP Label Distribution

By default, LDP advertises label mappings for all IGP prefixes to all LDP peers. In this
case, mappings are not advertised for interface addresses. You can alternatively specify
that LDP labels be distributed for a particular interface itself, in addition to the subnet
that the interface is on. This behavior enables LSPs to be set up to the LSR configured
with the interface address.

When the LSR learns an IGP route and tries to decide whether to advertise a label for the
destination to a particular LDP neighbor, it attempts to match the destination against a
route access list specified by the

mpls ldp advertise-labels

command, in the order in

which the commands were issued. The first match determines the action taken, and no
further matching is attempted for that destination. If the destination matches, labels are
advertised to peers subject to any specified neighbor address list. If either access list is
not matched, the labels are not advertised.

Copyright © 2010, Juniper Networks, Inc.

292

JunosE 11.2.x BGP and MPLS Configuration Guide

«
...
326
327
328
329
330
...
»

Summary of Contents for JUNOSE 11.2.X BGP AND MPLS

Page 1: ...JunosE Software for E Series Broadband Services Routers BGP and MPLS Configuration Guide Release 11 2 x Published 2010 07 16 Copyright 2010 Juniper Networks Inc...

Page 2: ...5 473 599 5 905 725 5 909 440 6 192 051 6 333 650 6 359 479 6 406 312 6 429 706 6 459 579 6 493 347 6 538 518 6 538 899 6 552 918 6 567 902 6 578 186 and 6 590 785 JunosE Software for E Series Broadb...

Page 3: ...re physically contained on a single chassis c Product purchase documents paper or electronic user documentation and or the particular licenses purchased by Customer may specify limits to Customer s us...

Page 4: ...ATE WITHOUT ERROR OR INTERRUPTION OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK In no event shall Juniper s or its suppliers or licensors liability to Customer whether in contract tort inclu...

Page 5: ...ree years from the date of distribution Such request can be made in writing to Juniper Networks Inc 1194 N Mathilda Ave Sunnyvale CA 94089 ATTN General Counsel You may obtain a copy of the GPL at http...

Page 6: ...Copyright 2010 Juniper Networks Inc vi...

Page 7: ...7 Monitoring BGP MPLS VPNs 489 Part 3 Layer 2 Services Over MPLS Chapter 8 Layer 2 Services over MPLS Overview 509 Chapter 9 Configuring Layer 2 Services over MPLS 529 Chapter 10 Monitoring Layer 2 Se...

Page 8: ...Copyright 2010 Juniper Networks Inc viii JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 9: ...ker 5 BGP Peers and Neighbors 5 BGP Session 5 IBGP and EBGP 6 Interior Gateway Protocols 7 BGP Messages 7 BGP Route 9 Routing Information Base 9 Prefixes and CIDR 9 Path Attributes 11 Transit and Nont...

Page 10: ...ient Behavior 47 Configuring Promiscuous Peers and Dynamic Peering 47 Configuring Passive Peers 50 Advertising Routes 50 Prefixes Originating in an AS 51 Advertising Best Routes 52 Redistributing Rout...

Page 11: ...l preference Command 113 Using a Route Map to Set the Local Preference 114 Understanding the Origin Attribute 114 Understanding the AS Path Attribute 117 Configuring a Local AS 118 Configuring the MED...

Page 12: ...es 174 Monitoring BGP Routes with Matching AS Paths and AS Path Access Lists 176 Monitoring BGP Flap Statistics 177 Monitoring BGP Routes with Inconsistent AS Paths 178 Monitoring BGP Neighbors 180 Mo...

Page 13: ...Hop Tables Overview 233 MPLS Packet Spoof Checking Overview 234 IP and IPv6 Tunnel Routing Tables and MPLS Tunnels Overview 234 Explicit Routing for MPLS Overview 235 MPLS Interfaces and Interface St...

Page 14: ...During Graceful Restart 260 Synchronization Behavior on LAN Interfaces 260 Synchronization Behavior on IGP Passive Interfaces 260 Synchronization and TE Metrics 260 Use of RSVP TE Hello Messages to D...

Page 15: ...figuration 290 Configuring LDP IGP Synchronization 291 Configuring LDP MD5 Authentication 291 Controlling LDP Label Distribution 292 Additional RSVP TE Configuration Tasks 293 Configuring RSVP MD5 Aut...

Page 16: ...h Traffic Engineering Bandwidth Accounting 327 Monitoring Virtual Router Configuration 328 Monitoring IP and IPv6 Tunnel Routing Tables 329 Monitoring LDP 330 Monitoring MPLS Label Bindings 332 Monito...

Page 17: ...r the trace mpls Command 375 Packet Flows for ping and trace to L3VPN IPv4 Prefixes 376 Inter AS Topology 378 Packet Flows to L3VPN IPv6 Prefixes 379 Troubleshooting MTU Problems in Point to Point LSP...

Page 18: ...1 PE Router Configuration Tasks 423 Creating a VRF 424 Specifying a Route Distinguisher 424 Defining Route Targets for VRFs 425 Setting Import and Export Maps for a VRF 428 Characteristics of Import a...

Page 19: ...ring a Default Route to a Shared Interface 462 Configuring a Fallback Global Option 463 Configuring a Global Import Map for Specific Routes 464 Creating a BGP Session Between the CE Router and the Par...

Page 20: ...rvices over MPLS Platform Considerations 510 Module Requirements 510 Interface Specifiers 511 Layer 2 Services over MPLS References 511 Layer 2 Services over MPLS Implementation 512 Local Cross Connec...

Page 21: ...iguration of Many Shim Interfaces with the Same Peer VC Type and VC ID 540 Example Configuring Many Shim Interfaces with the Same Peer VC Type and VC ID 540 Load Balancing Group Configuration 541 MPLS...

Page 22: ...ltihomed Site 583 Multihoming Reaction to Failures in the Network 585 VPLS Supported Features 585 VPLS Platform Considerations 586 Module Requirements 586 Interface Specifiers 587 VPLS References 587...

Page 23: ...Address Family 612 Clearing BGP Route Flap Dampening Information for the L2VPN Address Family 612 Clearing BGP Route Flap Dampening Information for the VPWS Address Family 612 Clearing the Wait for E...

Page 24: ...P for VPWS 656 BGP Signaling for VPWS Overview 656 Configuring BGP Signaling for VPWS 657 MPLS LSPs for VPWS Overview 658 Configuring MPLS LSPs for VPWS 658 Example Configuring VPWS on Local and Remot...

Page 25: ...sent 66 Figure 19 Advertising a Route When Another Route is Absent 67 Figure 20 Advertising a Default Route When Another Route is Present 69 Figure 21 Filtering with Access Lists 82 Figure 22 Filterin...

Page 26: ...ure 58 LDP Tunneled Through an RSVP TE Core 256 Figure 59 Flow for Initial Setting of EXP Bits for the First Label Pushed 270 Figure 60 Flow for Setting EXP Bits for All Pushed Labels 271 Figure 61 Si...

Page 27: ...AS in VPNv4 Address Family 451 Figure 99 Topology for Fast Reconvergence by Means of Unique VRF RDs Before Tunnels Go Down 456 Figure 100 Topology for Fast Reconvergence by Means of Reachability Check...

Page 28: ...Two Pseudowires Between PE Facing Routers 557 Figure 127 Martini Circuit Deployment for Transmission of Multiple ATM VCs over a SIngle Pseudowire 559 Part 4 Virtual Private LAN Service Chapter 11 VPL...

Page 29: ...nfigurations 31 Table 14 Commands That Create Match and Set Route Maps 70 Table 15 Clauses Supported in BGP Match and Set Route Maps 71 Table 16 Commands That Create Match Only Route Maps 71 Table 17...

Page 30: ...erms and Acronyms 212 Table 51 TLVs Supported by MPLS LSP ping 243 Table 52 Sub TLVs Supported for the Target FEC Stack TLV 244 Table 53 Sub TLVs Supported for the P2MP Responder Identifier TLV 249 Ta...

Page 31: ...30 Table 91 Resolution of Indirect Next Hops 460 Table 92 Advertising Action Taken Following Best Route Selection 461 Table 93 Route Types and Route Origins 480 Chapter 7 Monitoring BGP MPLS VPNs 489...

Page 32: ...Fields 624 Table 125 show bridge table Output Fields 624 Table 126 show subscriber policy Output Fields 626 Table 127 show ip bgp l2vpn Output Fields 628 Table 128 show ip bgp next hops Output Fields...

Page 33: ...e information in the latest release notes differs from the information in the documentation follow the JunosE Release Notes To obtain the most current version of all Juniper Networks technical documen...

Page 34: ...ffic class low loss1 Represents text that the user must type Bold text like this host1 show ip ospf 2 Routing Process OSPF 2 with Router ID 5 5 0 250 Router is an Area Border Router ABR Represents inf...

Page 35: ...n CD ROMs or DVD ROMs see the Portable Libraries page at http www juniper net techpubs resources index html Copies of the Management Information Bases MIBs for a particular software release are availa...

Page 36: ...uniper net techpubs Find solutions and answer questions using our Knowledge Base http kb juniper net Download the latest versions of software and review release notes http www juniper net customers cs...

Page 37: ...PART 1 Border Gateway Protocol Configuring BGP Routing on page 3 Monitoring BGP on page 157 1 Copyright 2010 Juniper Networks Inc...

Page 38: ...Copyright 2010 Juniper Networks Inc 2 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 39: ...38 Managing a Large Scale AS on page 141 Configuring BGP Multicasting on page 150 Using BGP Routes for Other Protocols on page 153 Configuring BGP MPLS VPNs on page 154 Testing BGP Policies on page 15...

Page 40: ...live LOCAL_PREF local pref MULTI_EXIT_DISC multiexit discriminator or MED NEW_AS_PATH new as path NEW_AGGREGATOR new aggregator NEXT_HOP next hop or next hop NO_ADVERTISE no advertise NO_EXPORT no exp...

Page 41: ...automatically discover each other and begin exchanging information Instead each BGP speaker must be explicitly configured with a set of BGP peers with which it exchanges routing information BGP peers...

Page 42: ...ion When two BGP speakers are in different autonomous systems the BGP session is called an external BGP session or EBGP session BGP uses the same types of message on IBGP and EBGP sessions but the rul...

Page 43: ...3 Interior Gateway Protocols BGP Messages BGP speakers exchange routing information with each other by exchanging BGP messages over a BGP session BGP uses the following five message types Open BGP me...

Page 44: ...as exceeded the upper bound configured with the neighbor maximum prefix command The notification message can include address family and upper bound information in the data field 1 Administratively Shu...

Page 45: ...et of addresses To reduce confusion this chapter restricts network to its more common usage to refer to a physical structure of routers and links Prefixes are made possible by classless interdomain ro...

Page 46: ...address as shown in Figure 4 on page 10 Figure 4 Routing Without CIDR With CIDR the ISP can aggregate the routes as 192 168 128 0 17 and advertise a single address to that prefix as shown in Figure 5...

Page 47: ...us system on the path to the destination Local pref and multiexit discriminator MED are metrics that administrators can tune to ensure that certain routes are more attractive over other routes The loc...

Page 48: ...e able to ensure the appropriate use of its resources For example Figure 6 on page 12 shows three ISPs and three customers ISP 1 ISP 2 and ISP 3 are directly connected to one another through a physica...

Page 49: ...gure 8 IPv6 Routing over TCP IPv4 The E Series router s MP BGP implementation uses BGP update messages to announce the feasible routes to an associated IPv6 BGP next hop and also to announce the nonfe...

Page 50: ...op is considered an invalid configuration The router accepts both global and link local BGP IPv6 next hop addresses received from its BGP IPv6 peers As a consequence when advertising a route to an int...

Page 51: ...n JunosE Release Notes Appendix A System Maximums Refer to the Release Notes corresponding to your software release for information about maximum values RFC 1657 Definitions of Managed Objects for the...

Page 52: ...rtisement with BGP 4 November 2002 RFC 4271 A Border Gateway Protocol BGP 4 January 2006 RFC 4364 BGP MPLS IP Virtual Private Networks VPNs February 2006 RFC 4721 Graceful Restart Mechanism for BGP Ja...

Page 53: ...le protocol often providing more than one way to achieve a routing goal The configuration tasks required therefore vary depending on your needs and decisions Read all of the following sections to dete...

Page 54: ...one BGP AS per virtual router This command takes effect immediately Example host1 config router bgp 100 Use the no version to remove the BGP process See router bgp Understanding BGP Command Scope BGP...

Page 55: ...fier ip bgp community new format bgp confederation peers overload shutdown bgp default local preference rib out disable bgp default route target filter router bgp bgp enforce first as timers bgp bgp f...

Page 56: ...ress family ipv4 multicast host1 config router af neighbor 10 2 3 4 ebgp multihop Invalid input detected at marker host1 config router af exit address family Table 8 Commands Affecting All Address Fam...

Page 57: ...or route reflector client neighbor distribute list neighbor send community neighbor filter list neighbor send label neighbor local as neighbor soft reconfiguration inbound neighbor maximum prefix neig...

Page 58: ...or remote as neighbor route map neighbor send label neighbor site of origin neighbor unsuppress map neighbor update source neighbor weight neighbor default originate neighbor graceful restart neighbor...

Page 59: ...any peer group to which it belongs Applied to a peer group the default version causes the peer group to inherit the state of the feature enabled or disabled from the BGP global configuration The foll...

Page 60: ...inherits the timer values from the peer group host1 config router neighbor eastcoast timers 15 40 Now peer group eastcoast has a keepalive timer of 15 seconds and a hold time timer of 40 seconds Peer...

Page 61: ...peer group as follows The next hop can be different for each update sent to peer group members if the members are all external peers The AS path can be different for each update sent to peer group mem...

Page 62: ...er LA and router Boston as peers host2 config router bgp 873 host2 config router neighbor 10 2 2 3 remote as 873 host2 config router neighbor 10 5 5 1 remote as 17 The following commands configure rou...

Page 63: ...nfig router neighbor eastcoast route map wtset in host1 config router neighbor 10 6 6 2 remote as 12 host1 config router neighbor 10 6 6 2 peer group eastcoast host1 config router neighbor 10 7 3 2 re...

Page 64: ...ype peer is allowed IPv4 or IPv6 For example the following error is generated if an IPv6 peer group member is added to a peer group that already has IPv4 members that is where the peer group type is I...

Page 65: ...erent sub AS in the same confederation Use this keyword only if confederations are employed This command takes effect immediately If the command changes the peer type of the peer group all BGP session...

Page 66: ...hanges 3 5 5 5 5 peer 5 5 5 5 in core leaves established state NOTICE 04 30 2001 21 06 22 bgpNeighborChanges 3 6 6 6 6 peer 6 6 6 6 in core leaves established state NOTICE 04 30 2001 21 06 22 bgpNeigh...

Page 67: ...eer This command takes effect immediately and automatically bounces the BGP session If you specify an interface in this command and the interface is later removed then this command is also removed fro...

Page 68: ...specify an interface with the neighbor update source command the IPv4 mapped IPv6 address of the interface is used instead of the native IPv6 address for the next hop host1 config interface loopback 0...

Page 69: ...GP to accept route updates from external peers in networks that are not directly connected to the local peer If you specify a BGP peer group by using the peerGroupName argument all the members of the...

Page 70: ...mory resources required to process routing information increases Some peers send so much routing information that a BGP speaker can be overwhelmed by the updates You can use the neighbor maximum prefi...

Page 71: ...rs of the peer group inherit the characteristic configured with this command You cannot override the characteristic for a specific member of the peer group Example host1 config router neighbor 10 10 1...

Page 72: ...mmand to perform a soft clear or hard clear of the current BGP session Use the no version to halt checking of received AS path lengths See bgp maxas limit If you use the fields as path option with the...

Page 73: ...ord that is you use the 0 keyword or no encryption keyword and if the service password encryption command has not been issued then the output of the showconfiguration command displays the text that yo...

Page 74: ...mbers of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer BGP always accepts updates of up to 4096 octets regardless of the setting fo...

Page 75: ...does not send any keepalive messages If you do not expect the peer to send any keepalives set the hold time timer to 0 This command takes effect immediately and automatically bounces the session to fo...

Page 76: ...hutdown You can administratively shut down particular BGP neighbors or peer groups without removing their configuration from BGP by using the neighbor shutdown command You can also administratively sh...

Page 77: ...due to transition from Overload state Shutdown in overload state is enabled Default local preference is 100 Enabling Route Storage in Adj RIBs Out Tables By default a BGP speaker does not store a cop...

Page 78: ...n prevents the sending of unnecessary withdrawals for both peers and peer groups because the BGP speaker will not send a withdrawal if the table indicates it has not previously advertised that route t...

Page 79: ...ally bounces the BGP session s if the command changes the current configuration Example host1 config router no neighbor 10 15 24 5 rib out disable Use the no version to enable the route storage Use th...

Page 80: ...you specify the VPN IPv6 address family you can configure the router to provide IPv6 VPN services over an MPLS backbone These VPNs are often referred to as BGP MPLS VPNs L2VPN If you specify the L2VP...

Page 81: ...first be created in the IPv4 address family host1 config router af neighbor 10 10 2 2 peer group ibgp host1 config router af neighbor 10 10 3 3 peer group ibgp 5 From within the address family config...

Page 82: ...By default a peer is activated only for the IPv4 unicast address family The peer or peer group must be created in unicast IPv4 before you can activate it in another address family If you specify a BGP...

Page 83: ...rrors generated by a peer such as malformed BGP messages or finite state machine errors The speaker attempts to recover from the errors and avoid bringing down the BGP session with the peer Lenient be...

Page 84: ...er group has been configured with a peer type but not a remote AS then the remote AS for dynamic peers is not known until an open message has been received from the peer Until then show commands displ...

Page 85: ...y remote address that matches the specified access list When the BGP connection is accepted a dynamic peer is automatically created This command is supported only for peer groups it is not available f...

Page 86: ...n never come up because neither side can initiate the connection neighbor passive Use to configure the BGP speaker to only accept inbound BGP connections from the specified peer and never initiate out...

Page 87: ...ig router network 192 168 33 0 mask 255 255 255 0 The following commands configure router Boston host2 config router bgp 100 host2 config router neighbor 10 2 25 2 remote as 300 host2 config router ne...

Page 88: ...does not advertise a route to that destination to the speaker s internal peers In earlier software releases the default behavior was for BGP to select two best routes to any destination The best route...

Page 89: ...he origin attribute for the route to Incomplete See Understanding the Origin Attribute on page 114 for more information about origins The following commands configure three static routes on router Bos...

Page 90: ...om the source routing protocol into BGP If you do not specify the route map option all routes are redistributed Use the metric keyword to set the multiexit discriminator MED for routes redistributed i...

Page 91: ...o restore the default of permitting the redistribution only of EBGP routes See bgp redistribute internal Configuring a Default Route Default routes can provide backup routes if primary connections fai...

Page 92: ...outes into BGP Use the route map keyword to specify outbound route maps to apply to the default route The route map can modify the attributes of the default route This command takes effect immediately...

Page 93: ...t1 config router network 172 17 24 0 mask 255 255 248 0 host1 config router neighbor 10 8 3 1 remote as 21 host1 config router neighbor 10 8 3 1 default originate You prefer that router Chicago send t...

Page 94: ...he minimum interval between the sending of BGP updates Lower values for the advertisement interval cause route changes to be reported more quickly but may cause routers to use more bandwidth and proce...

Page 95: ...o router Boston Alternatively you can use the summary only option to configure router SanJose to suppress the more specific routes and advertise only the aggregate route host2 config router bgp 873 ho...

Page 96: ...it host2 config access list 1 permit 172 24 48 0 0 240 255 255 You can use the attribute map option to configure attributes for the aggregated route In Figure 17 on page 59 suppose that router LA has...

Page 97: ...y the attribute map tag a string of up to 32 characters that identifies the route map that sets the attributes of the aggregate route This command takes effect immediately Use the no version to remove...

Page 98: ...an AS Path You can use the bgp enforce first as command to cause BGP to compare the first AS in the AS path of a received route with the configured remote AS number of that EBGP peer If the check fail...

Page 99: ...speaker advertises the best routes in its routing table to its peers However in some circumstances you might prefer that some routes be advertised to a peer or peer group only when another route is i...

Page 100: ...dvertise route map that matches the determining route The sequence number specifies the order in which the advertise route maps are processed It indicates the position the specified advertise route ma...

Page 101: ...this command This characteristic cannot be overridden for individual members of the peer group This command takes effect immediately Example host1 config router af neighbor192 168 2 2advertise mapadv...

Page 102: ...7 host1 config route map exit Configure route map to match one trigger route from R3 host1 config ip as path access list 1 permit 300 host1 config access list 70 permit 172 24 19 0 0 0 0 255 host1 con...

Page 103: ...e only when the BGP routing table does not contain some other particular route In the network shown in Figure 19 on page 67 router R2 has established BGP sessions with both router R1 and router R3 The...

Page 104: ...route map condition2 permit 10 host1 config route map match ip address test host1 config route map match as path 1 host1 config route map exit In this configuration the condition1 route map has a seq...

Page 105: ...R3 only when the IGP prefix 172 55 55 0 24 is reachable on router R2 The default route is withdrawn if this prefix becomes unreachable Figure 20 Advertising a Default Route When Another Route is Prese...

Page 106: ...osE IP Services Configuration Guide for a thorough background on how these features work in general Types of BGP Route Maps A route map consists of match clauses and set clauses Match clauses which co...

Page 107: ...red with any of the commands listed in Table 16 on page 71 You can use any of the match clauses listed in Table 15 on page 71 in these route maps Set clauses have no effect in these route maps Table 1...

Page 108: ...ministrative distance Example host1 config route map nyc1 permit 10 host1 config route map match distance 25 Use the no version to delete the match clause from a route map or a specified value from th...

Page 109: ...192 54 24 1 Use the no version to delete the match clause from a route map or a specified value from the match clause See match ip next hop match level Use to match routes for the specified type Examp...

Page 110: ...atch no further processing takes place with respect to this peer and those routes are not advertised to this peer The nonmatching route is still in the BGP RIB and can be sent to other peers depending...

Page 111: ...ing or modifying updates sent to or received from peers Each route map command has a list of match and set commands associated with it The match commands specify the match criteria the conditions unde...

Page 112: ...1 config router neighbor 10 6 2 5 route map indelete in host1 config router route map indelete permit 10 host1 config route map set comm list 1 delete Router Test receives the same route from 10 6 2 5...

Page 113: ...ete the set clause from a route map See set dampening set extcommunity Use to set the extended community attributes in a route map for BGP updates You can specify a site of origin soo extended communi...

Page 114: ...d from the metric of any routes matching the route map The relative metric value can be in the range 0 4294967295 Example host1 config route map nyc1 permit 10 host1 config route map set metric 25 You...

Page 115: ...he no version to delete the set clause from a route map See set origin set tag Use to set the tag value of the destination routing protocol Example host1 config route map nyc1 permit 10 host1 config r...

Page 116: ...to that prefix Setting distance in any other circumstance has no effect Example host1 config route map set distance 5 Use the no version to delete the set clause from a route map See set distance set...

Page 117: ...al O OSPF E1 external type 1 E2 external type2 N1 NSSA external type1 N2 NSSA external type2 Prefix Length Type Next Hop Dist Met Intf 10 100 3 3 32 Bgp 10 12 12 1 20 0 ATM5 1 12 10 63 42 23 32 Bgp 10...

Page 118: ...ccepted or passed If the first match is for a deny condition the route is rejected or blocked The order of conditions is critical because testing stops with the first match If no conditions match the...

Page 119: ...router neighbor 10 5 5 1 remote as 100 host2 config router neighbor 10 5 5 1 distribute list 1 out host2 config router exit host2 config access list 1 deny 10 16 22 0 0 254 255 255 access list Use to...

Page 120: ...policies configured for peer groups for which you have enabled Adj RIBs Out If you change the outbound policy for such a peer group and want to fill the Adj RIBs Out table for that peer group with th...

Page 121: ...92 168 1 158 prefix tree newyork out New policy values are applied to all routes that are sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes...

Page 122: ...critical because testing stops with the first match If no conditions match the router rejects or blocks the route that is the last action of any list is an implicit deny condition for all routes You c...

Page 123: ...on rejects routes with the AS path 11 621 or 621 282 11 Router London accepts routes with the AS path 11 282 621 282 621 11 282 or 11 621 282 However it applies AS path access list 3 to routes it forw...

Page 124: ...eristic configured with this command unless it is overridden for a specific peer However you cannot configure a member of a peer group to override the inherited peer group characteristic for outbound...

Page 125: ...router Chicago host1 config router neighbor 10 5 5 2 route map alpha in host1 config router exit host1 config route map alpha permit 10 host1 config route map match as path dog1 host1 config route map...

Page 126: ...AS set aggregate Several well known communities have been predefined Table 19 on page 90 describes how a BGP speaker handles a route based on the setting of its community attribute Table 19 Action Bas...

Page 127: ...host1 config router neighbor 10 72 4 3 route map setcomm out host1 config router exit host1 config ip as path access list 1 permit host1 config route map setcomm permit 10 host1 config route map matc...

Page 128: ...munity within the autonomous system Use the no version to restore the default display See ip bgp community new format neighbor send community Use to specify that a community attribute must be sent to...

Page 129: ...ry Alternatively you can use the list keyword to specify the name of a community list that you previously created with the ip community list command Example host1 config route map nyc1 permit 10 host1...

Page 130: ...community 1 host1 config route map set metric 20 host1 config route map exit host1 config route map commtrc permit 2 host1 config route map match community 2 host1 config route map set metric 75 host1...

Page 131: ...unity list unrelated to the community list that uses regular expressions BGP speakers can use the new extended community attribute to control routes similarly to the way it uses the community attribut...

Page 132: ...policies for peer groups for which you have enabled Adj RIBs Out You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only...

Page 133: ...l members of the specified peer group Use with the clear ip bgp soft in command to reapply inbound policies to stored routes without clearing the BGP sessions Example host1 config router bgp 37 host1...

Page 134: ...e advantage of both reducing the amount of processing required for inbound BGP updates and reducing the amount of BGP control traffic generated by BGP updates clear ip bgp Use to push an ORF to the pe...

Page 135: ...l19 in New policy values are applied to all routes that are sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes that are already present in th...

Page 136: ...r set of values for the remaining routes BGP uses and stores two dampening parameter blocks one for each set Global Route Flap Dampening Use the bgp dampening command if you want to enable route flap...

Page 137: ...ific route host1 clear bgp ipv6 dampening 6000 64 To clear IPv4 dampening information for all routes in all address families in all VRFs host1 clear ip bgp dampening To clear IPv4 dampening informatio...

Page 138: ...gument all the members of the peer group inherit the characteristic configured with this command You cannot override this inheritance for a peer group member Routes previously suppressed by a route ma...

Page 139: ...d from peers You can test the following kinds of policies distribute lists filter lists prefix lists prefix trees or route maps If you do not specify a policy then the test uses whatever policies are...

Page 140: ...routing table BGP Path Decision Algorithm BGP determines the best path to each destination for a BGP speaker by comparing path attributes according to the following selection sequence 1 Select a path...

Page 141: ...peer that advertised the route The next hop for IBGP sessions is one of the following If the route originated inside the AS the next hop is the IP address of the peer that advertised the route If the...

Page 142: ...nnection to 10 1 13 2 Otherwise router Memphis will drop packets destined for 192 168 32 0 19 because the next hop address is not accessible Router Memphis does a lookup in its IP routing table to det...

Page 143: ...In some circumstances using a third party next hop causes routing problems These configurations typically involve nonbroadcast multiaccess NBMA media To better understand this situation first conside...

Page 144: ...to router Toledo To disable third party next hop processing configure router Madrid as follows host1 config router bgp 319 host1 config router neighbor 10 19 7 8 remote as 211 host1 config router neig...

Page 145: ...eritance of the feature configuration See neighbor next hop self Assigning a Weight to a Route You can assign a weight to a route when more than one route exists to the same destination A weight indic...

Page 146: ...e router LA instance 10 of route map 10 assigns a weight of 1000 to any routes from AS 100 Instance 20 assigns a weight of 500 to routes from any other AS host1 config router bgp 400 host1 config rout...

Page 147: ...II string then the permit or deny condition applies The AS path allows substring matching For example the regular expression 20 matches AS path 20 and AS path 100 200 300 because 20 is a substring of...

Page 148: ...be chosen as the preferred route when multiple routes are available to a particular network The weights assigned with the set weight commands in a route map override the weights assigned with the nei...

Page 149: ...e Local Preference Attribute The following commands configure router LA host1 config router router bgp 873 host1 config router neighbor 10 72 4 2 remote as 32 host1 config router neighbor 10 2 2 4 rem...

Page 150: ...at pass through AS 293 The following commands configure router SanJose host2 config router router bgp 873 host2 config router neighbor 10 2 2 3 remote as 873 host2 config router neighbor 10 5 5 1 remo...

Page 151: ...config router neighbor 10 2 25 1 remote as 100 host1 config router neighbor 10 4 4 1 remote as 100 host1 config router neighbor 10 3 3 1 remote as 300 host1 config router network 172 19 0 0 host1 conf...

Page 152: ...the same regardless of where you examine it Table 20 on page 116 shows this for all the routes known to routers NY and LA Table 20 Origin and AS Path for Routes Viewed on Different Routers AS Path Or...

Page 153: ...which a route has passed Whenever a route enters an AS BGP prepends the AS number to the AS path attribute This feature enables network operators to track routes but it also enables the detection and...

Page 154: ...event the ASs are merged neighbor local as Use to assign a local AS to the given BGP peer or peer group If you specify a BGP peer group by using the peerGroupName argument all the members of the peer...

Page 155: ...map Unless configured otherwise a receiving router compares MED attributes only for paths from external neighbors that are members of the same AS If you want MED attributes from neighbors in different...

Page 156: ...the route whereas router Paris advertises a MED of 50 On this basis router London prefers the path through router Paris Because BGP by default compares only MED attributes of routes coming from the s...

Page 157: ...e host1 config router bgp always compare med Changes apply automatically whenever BGP subsequently runs the best path decision process for a destination prefix that is whenever a best route is picked...

Page 158: ...ration of sub ASs might need to compare routes to determine the best path to a destination By default BGP does not use the MED value when comparing routes originated in different sub ASs within the co...

Page 159: ...ections from peers that perform capability negotiation Capabilities are negotiated by means of the open messages that are exchanged when the session is established The router supports the following ca...

Page 160: ...her capability or to remove a previously negotiated capability The data field of the capability message contains a list of all the capabilities that can be dynamically negotiated In earlier versions n...

Page 161: ...he BGP speaker Until this point BGP has still been using the stale routes to forward traffic Upon receipt of the End of RIB marker the BGP speaker flushes any remaining stale routes from the restarted...

Page 162: ...p If the receiving peer does not receive an End of RIB marker from the restarted peer before the stalepaths timer expires the receiving peer flushes all stale routes from the peer In this release BGP...

Page 163: ...n interval shorter than the stalepaths time This command takes effect immediately and automatically bounces the session Example host1 config router bgp graceful restart restart time 240 Use the no ver...

Page 164: ...he session Example host1 config router no neighbor 10 21 3 5 graceful restart Use the no version to disable advertisement of the graceful restart capability for specified peers or peer groups Use the...

Page 165: ...edge router PE1 at one side of the service provider core is connected to a provider core router P which is a label switched router LSR that carries traffic for the VPN tunnel The core router P is con...

Page 166: ...he route refresh or route refresh cisco keywords the command takes effect immediately If dynamic capability negotiation was negotiated for the session a capability message is sent to inform the peer o...

Page 167: ...ropagates the route to router Chicago before the IGP within AS 100 has converged that is before router Albany learns the route then router Chicago might start sending traffic for that route before rou...

Page 168: ...extensive redistributing those routes into your IGP consumes processor and memory resources You can disable synchronization if your AS does not pass traffic from one AS to another or if all the trans...

Page 169: ...200 host4 config router neighbor 3 3 3 1 remote as 100 To configure router LA host5 config router bgp 300 host5 config router neighbor 1 1 1 1 remote as 100 host5 config router network 192 56 0 0 syn...

Page 170: ...more information You can use the distance bgp command to configure the administrative distance associated with routes If you choose to set an administrative distance you must specify a value for all...

Page 171: ...external to the AS in the range 1 255 The default is 20 internal distance Administrative distance for routes internal to the AS in the range 1 255 The default is 200 local distance Administrative dist...

Page 172: ...the route into the interior gateway protocol RIP which informs router NY of the route Router NY propagates the route to router Boston by means of RIP from which it is injected into BGP In this exampl...

Page 173: ...or Route You can modify this behavior by issuing the network backdoor command on router NY host1 config router bgp 300 host1 config router neighbor 10 4 4 1 remote as 400 host1 config router network 1...

Page 174: ...ernal peers This command takes effect immediately it does not bounce the session You can specify the maximum number of equal cost multipaths in the context of the virtual router an IPv4 unicast or IPv...

Page 175: ...peer or both by setting a desired time interval between the packets The actual timer values can be different as a result of other applications requesting BFD protocol sessions on the same interface wi...

Page 176: ...are up BFD moves to the Admin Down state and communicates the change to the peer to enable the client protocols to handle this in a seamless manner without going down For the Admin Down state to work...

Page 177: ...Configure route reflectors Both of these strategies are complex and can create their own problems Neither strategy is typically used unless the mesh of IBGP peers approaches 100 sessions per peer Conf...

Page 178: ...tify each sub AS AS 29 is now a confederation of three sub ASs AS 64720 AS 64721 and AS 64722 Each sub AS consists of fully meshed IBGP peers A slightly modified version of EBGP runs between the sub A...

Page 179: ...d sub AS 64722 are members of the same confederation as the sub AS that includes router Salem The neighbor remote as commands specify the IBGP connection with a neighbor in sub AS 64720 and the EBGP c...

Page 180: ...specify one or more individual sub AS numbers or you can issue the filter list keyword and an AS path access list which is based on regular expressions to specify a list of sub AS numbers If the remot...

Page 181: ...with clients and other route reflectors within the cluster outside the cluster they peer with other reflectors and other routers that are neither clients nor reflectors Route reflectors and nonclient...

Page 182: ...router Plymouth is isolated if any problems develop with router Westford Figure 44 Route Reflection Logical Redundancy In Figure 45 on page 146 the operator has added physical redundancy to the cluste...

Page 183: ...ient forwards out of the cluster No cluster ID is needed because clients can forward routes only to EBGP peers that is to peers outside the AS Looping between ASs is prevented by the AS path list The...

Page 184: ...To configure router Acton as a route reflector host3 config router bgp 29 host3 config bgp cluster id 23 host3 config router neighbor 10 3 1 1 remote as 29 host3 config router neighbor 10 3 1 1 route...

Page 185: ...in the BGP routing table you must use the clear ip bgp command to issue a hard clear or an outbound soft clear Use the no version to disable route reflection use only if the route reflector s clients...

Page 186: ...about PIM You can configure a multicast routing topology different from your unicast topology to achieve greater control over network resources This application of MP BGP is often referred to as mult...

Page 187: ...onfiguration commands fall into five categories If you specify the multicast address family from within the Address Family Configuration mode you can issue the commands listed in Table 7 on page 19 to...

Page 188: ...it in another address family If you specify a BGP peer group by using the peerGroupName argument all the members of the peer group inherit the characteristic configured with this command unless it is...

Page 189: ...However you might use this command if you do not want to run multicast MP BGP or if you are running BGP between CE routers in a given BGP MPLS VPN the current specification does not provide a way to t...

Page 190: ...on in command must be in effect NOTE You can use the standard redirect operators to redirect the test output to network or local files See JunosE System Basics Configuration Guide The output of these...

Page 191: ...information Otherwise only summary information is shown Use the fields option to select particular fields of interest If you specify a BGP peer group by using the peerGroupName argument all the membe...

Page 192: ...Copyright 2010 Juniper Networks Inc 156 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 193: ...ge 159 Setting the Default BGP Routing Table Output Fields on page 159 Monitoring AS Path Access Lists on page 162 Monitoring the BGP Routing Table on page 162 Monitoring Advertised BGP Routes on page...

Page 194: ...toring the Status of All BGP Neighbors on page 200 Monitoring All Routes in a BGP Community List on page 204 Disabling Display of BGP Logs on page 205 Setting a Baseline on All BGP Statistics You can...

Page 195: ...utput fields Table 22 show bgp summary Output Fields Field Description Field Name BGP neighbors Neighbor AS number of the peer AS State of the connection State Time the connection has been up or down...

Page 196: ...d amount of memory consumed by routes If several peers have advertised a route to the same prefix only the best route is included in this count destinations Number of routes in the BGP routing table t...

Page 197: ...r route table installation Number of unicast and multicast routes in the BGP routing table that have been inserted into the IP routing table that are also available for use in the IP tunnel routing ta...

Page 198: ...table The show ip bgp and show bgp ipv6 commands display similar information Action To display information about routes in the IPv6 multicast address family host1 show bgp ipv6 multicast Local BGP ide...

Page 199: ...ut label is 17 Next hop IP address is ffff 2 2 2 2 metric 3 Multi exit discriminator is 0 Local preference is 100 Weight is 0 Origin is IGP AS path is 65021 To display information about next hop route...

Page 200: ...and external peers Address Family Identifier AFI is ip v4 Subsequent Address Family Identifier SAFI is route target signaling Next hop IP address is 11 11 11 11 metric 0 Multi exit discriminator is n...

Page 201: ...or route tables installation 0 unicast multicast routes selected for route table installation 0 unicast multicast tunnel usable routes selected for route table installation 0 tunnel only routes select...

Page 202: ...ives two routes for different prefixes but with identical path attributes BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory pat...

Page 203: ...s table If BGP receives two routes for different prefixes but with identical path attributes BGP will create only one entry in its internal path attribute table and share it between the two routes to...

Page 204: ...168 lists the show ip bgp advertised routes command output fields Table 26 show ip bgp advertised routes Output Fields Field Description Field Name BGP router ID of the local router Local BGP identifi...

Page 205: ...n Action To display information about aggregate addresses host1 show bgp ipv6 aggregate address Prefix AS set Summ only Attribute map Advertise map Suppress map 3ffe 48 No No None None None Meaning Ta...

Page 206: ...only Output Fields Field Description Field Name BGP router ID of the local router Local BGP identifier Local autonomous system number local AS Total number of routes stored in the BGP routing table a...

Page 207: ...how bgp ipv6 community commands display similar information Action To display all routes that are members of the specified BGP community NOTE Specify the community number in AA NN format AA Number tha...

Page 208: ...prefix only the best route is included in this count distinct prefixes Number of routes in the BGP routing table that have been inserted into the IP routing table routes selected for route table inst...

Page 209: ...777 777 888 888 9 2 0 0 16 10 5 0 48 777 777 888 888 9 20 0 0 17 10 5 0 48 777 777 888 888 12 0 0 0 8 10 5 0 48 777 777 888 888 Meaning Table 30 on page 173 lists the show ip bgp community list comman...

Page 210: ...display similar information Action To display information about dampened routes host1 show ip bgp dampened paths Local router ID 192 168 1 218 local AS 100 Route flap dampening is enabled Decay half...

Page 211: ...Route flap dampening Time in minutes after which a penalty is decreased After the route has been assigned a penalty the penalty is decreased by half after the half life period which is 15 minutes by d...

Page 212: ...4 10 5 0 48 100 100 11488 701 7018 10656 12 2 169 0 24 10 5 0 48 100 100 11488 701 7018 11806 12 4 114 0 24 10 5 0 48 100 100 11488 701 7018 14065 12 4 119 0 24 10 5 0 48 100 100 11488 701 7018 14065...

Page 213: ...rmation about BGP flap statistics The show ip bgp flap statistics and show bgp ipv6 flap statistics commands display similar information Action To display information about flap statistics host1 show...

Page 214: ...he software declares a peer dead Default maximum hold down time Status of route flap history for route paths route flap history Prefix for the routing table entry Prefix IP address of BGP peer Peer St...

Page 215: ...ed a route to the same prefix all routes are included in this count routes Number of routes to unique prefixes stored in the BGP routing table If several peers have advertised a route to the same pref...

Page 216: ...d Next hop self is disabled seconds Policy Neighbor weight is 100 Timers Connect retry interval is 120 seconds Minimum route advertisement interval is 30 seconds Minimum AS origination interval is 10...

Page 217: ...peer has restarted Graceful restart negotiation Sent restart time is 120 seconds Sent restart state bit is zero we are not restarting Received restart time is 120 seconds Received restart state bit i...

Page 218: ...ce 10 Status Advertise Meaning Table 35 on page 182 lists the show ip bgp neighbors command output fields Table 35 show ip bgp neighbors Output Fields Field Description Field Name BGP identifier of th...

Page 219: ...ate filter list Update filter list for outgoing route if configured Outgoing update filter list Weight filter list for routes if configured Weight filter list Incoming route map if configured Incoming...

Page 220: ...ddress family and whether it is advertised configured or received Address Family dependent capabilities Limit of ORF entries that will be accepted from the neighbor Maximum number of ORF entries Lists...

Page 221: ...th a lower sequence number and actually advertised or not according to that map Status Related Topics show bgp ipv6 neighbors show ip bgp neighbors Monitoring Dampened BGP Routes of Specified Neighbor...

Page 222: ...ored in the BGP routing table and amount of memory consumed by routes If several peers have advertised a route to the same prefix all routes are included in this count routes Number of routes to uniqu...

Page 223: ...0 1 IGP 192 168 1 1 11488 701 6453 8297 6758 0xC384EE0 1 IGP 192 168 1 1 11488 701 5511 3215 0xC384F50 1 IGP 192 168 1 1 11488 701 3561 5683 5551 0xC384FC0 1 IGP 192 168 1 1 11488 701 1239 1755 1273 8...

Page 224: ...oute is unreachable if not display the IGP cost to the indirect next hop The show ip bgp neighbors received routes and show bgp ipv6 neighbors received routes commands display similar information Acti...

Page 225: ...fixes but with identical path attributes BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory path attribute entries Prefix for th...

Page 226: ...outes If several peers have advertised a route to the same prefix only the best route is included in this count destinations Number of routes in the BGP routing table that have been inserted into the...

Page 227: ...and show bgp ipv6 network commands display similar information Action To display information about networks in an AS host1 show bgp ipv6 network Prefix Weight Route map Backdoor 3ffe 0 0 2 64 No Mean...

Page 228: ...ct next hop atm2 0 34 34 34 34 4 atm2 0 35 35 35 35 5 Reference count is 3 Indirect next hop 13 13 13 1 Not reachable Reference count is 2 Meaning Table 42 on page 192 lists the show ip bgp next hops...

Page 229: ...s Table 43 show bgp ipv6 paths Output Fields Field Description Field Name Hexadecimal number that uniquely identifies the path attributes Address Number of routes that share the path attributes Refcou...

Page 230: ...t reconfiguration is disabled Private AS number stripping is disabled Override site AS with provider AS is disabled No loops in the received AS path are allowed Members 10 2 2 2 10 3 3 3 Fields releva...

Page 231: ...r group enabled or disabled Next hop self BGP peer group is configured as a route reflector This field does not appear when route reflectors are not configured Peers are route reflector clients Neighb...

Page 232: ...or Single Regular Expressions Purpose Display information about BGP routes whose AS path matches the specified regular expression Accepts a single regular expression element Report whether the indirec...

Page 233: ...Prf Weight AS path 10 99 1 2 32 10 1 1 2 100 100 200 10 99 1 3 32 10 1 1 2 100 100 200 10 10 99 1 4 32 10 1 1 2 100 100 200 10 20 Meaning Table 45 on page 197 lists the show ip bgp quote regexp comman...

Page 234: ...whether the indirect next hop of a route is unreachable if not display the IGP cost to the indirect next hop Regular expressions match numbers for which the specified path is a substring for example...

Page 235: ...p command output fields Table 46 show ip bgp regexp Output Fields Field Description Field Name BGP router ID of the local router Local router ID Local autonomous system number local AS Total number of...

Page 236: ...tate is disabled Default local preference is 100 IGP synchronization is disabled Default originate is disabled Always compare MED is disabled Compare MED within confederation is disabled Advertise ina...

Page 237: ...l state is Up Default IPv4 unicast is enabled Redistribution of iBGP routes is disabled Check reachability of next hops for VPN routes is enabled To display the status of fields related to enabling lo...

Page 238: ...imum number of equal cost IBGP paths Status enabled or disabled Log neighbor changes Status enabled or disabled Fast External Fallover Indicates whether limit is set for AS path length and if set the...

Page 239: ...nless the field name is preceded by IPv4 applies the map to only IPv4 routes or IPv6 applies the map to only IPv6 routes The can filter routes text appears only if the filter keyword was issued for ex...

Page 240: ...nt to peer Messages sent Number of messages received from peer Messages received Number of prefixes received from peer Prefixes received Last RIB version queued to be sent to peer Rib Ver Number of me...

Page 241: ...dition statement for routes matching the condition permit deny Disabling Display of BGP Logs To disable the display of information about BGP logs that was previously enabled with the debug ip bgp comm...

Page 242: ...Copyright 2010 Juniper Networks Inc 206 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 243: ...Layer Switching MPLS Overview on page 209 Configuring MPLS on page 275 Monitoring MPLS on page 321 Configuring BGP MPLS Applications on page 383 Monitoring BGP MPLS VPNs on page 489 207 Copyright 2010...

Page 244: ...Copyright 2010 Juniper Networks Inc 208 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 245: ...Hop Tables Overview on page 233 MPLS Packet Spoof Checking Overview on page 234 IP and IPv6 Tunnel Routing Tables and MPLS Tunnels Overview on page 234 Explicit Routing for MPLS Overview on page 235...

Page 246: ...ybrid protocol that integrates network layer routing with label switching to provide a layer 3 network with traffic management capability MPLS provides traffic engineering capabilities that make effec...

Page 247: ...UEST_ABORT Label Request Abort label request abort LABEL_WITHDRAWAL Label Withdrawal label withdrawal MESSAGE_ACK message_Ack message ack MESSAGE_ID message_ID message ID Srefresh srfresh PATH Path pa...

Page 248: ...r is used to determine the per hop behavior applied to the packet E LSP A subset of constraint based routing where the constraint is an explicit route Explicit routing Forwarding equivalence class Gro...

Page 249: ...s it leaves an MPLS domain MPLS egress node MPLS edge node in the role of handling traffic as it enters an MPLS domain MPLS ingress node Label carried in a packet header that represents a packet s for...

Page 250: ...eir resources Traffic engineering LSP that is used by an IGP to reach a destination or an LSP that uses traffic engineering Tunnel Related Topics MPLS Overview on page 210 Terminology for MPLS Topics...

Page 251: ...6 Point to multipoint LSP support Data replication at branch nodes E Series routers as egress LSRs Related Topics MPLS Overview on page 210 Terminology for MPLS Topics on page 210 MPLS Terms and Acron...

Page 252: ...1997 5 2 RFC 2205 Resource ReSerVation Protocol RSVP Version 1 Functional Specification September 1997 RFC 2209 Resource ReSerVation Protocol RSVP Version 1 Message Processing Rules September 1997 RFC...

Page 253: ...ReserVation Protocol Traffic Engineering RSVP TE Extensions January 2003 RFC 3478 Graceful Restart Mechanism for Label Distribution Protocol February 2003 RFC 3479 Fault Tolerance for the Label Distri...

Page 254: ...hop and a different label to prepend to the packet before forwarding This table is usually referred to as a label information base LIB The LSR that serves as the egress MPLS node uses the label as an...

Page 255: ...meaning for two LSR peers Each pair of LSRs consisting of a label originator and a label acceptor must use a label distribution protocol to agree on the label to FEC binding Because of the local label...

Page 256: ...PHP is signaled by the LER when it includes an implicit null label in the label mapping message that it sends to its upstream neighbor The implicit null label never appears in the encapsulation You c...

Page 257: ...abel space is a large single unconfigurable pool of labels that can be shared by the platform all MPLS interfaces on a given virtual router By contrast interface labels enable you to effectively creat...

Page 258: ...crement the TTL to the correct final value The TTL is then carried in the shim header to the egress node without modification arriving with the correct count Related Topics MPLS Label Distribution Met...

Page 259: ...oming TTL is set to the TTL value found in the outermost label In all cases the TTL values of any further inner labels are ignored When an IP packet is exposed after MPLS pops all the labels that shou...

Page 260: ...itched after processing on the line module the TTL value in the swapped to label is decremented by 1 from the incoming TTL value when the swapped to label is not implicit null When the swapped to labe...

Page 261: ...p propagate ttl command has been configured When the no mpls ip propagate ttl local command has been configured MPLS sets the TTL to 255 When the packet is a forwarded IP or MPLS packet MPLS copies th...

Page 262: ...the TTL in a MPLS label of a received MPLS packet expires 1 A TTL expired ICMP packet is constructed 2 The destination address of ICMP packet is set to the source address of the IP packet that was en...

Page 263: ...trol with LDP ordered control is the default BGP accepts only downstream unsolicited ordered control Downstream on demand means that MPLS devices do not signal a FEC to label binding until requested t...

Page 264: ...or the destination it is used by BGP or LDP when adjacent peers are configured to use the platform label space Figure 53 LSP Creation Downstream on Demand Ordered Control Independent control means tha...

Page 265: ...atic routes until the tunnel interface has been created However the tunnel does not have to be active before you create the static routes RSVP TE tunnels are announced to IS IS and OSPF the IGP then u...

Page 266: ...uses the default IPv4 interface for non VPN traffic Typically you request the creation of separate IPv4 interfaces for VPN traffic only when you want the IPv4 interface for VPN traffic to have differ...

Page 267: ...the dynamic IP interfaces This behavior can create some confusion when you examine the output from commands such as show egress queue rate interface ip In the following sample output the statistics of...

Page 268: ...mpls interface MPLS major interface ATM9 0 10 ATM circuit type is 1483 LLC encapsulation Administrative state is enabled Operational state is up Operational MTU is 9180 Received 1 packet 136 bytes 0...

Page 269: ...ce or another MPLS next hop The chain of MPLS next hops which ends at an interface informs MPLS which labels to push and where to send the MPLS packet For RSVP TE tunnels minor interfaces are created...

Page 270: ...t the packet is dropped Each entry in the forwarding table has a spoof check field that specifies the type of checking that must be performed for the associated in label The signaling protocol BGP LDP...

Page 271: ...cit routing In explicit routing the route the LSP takes is defined by the ingress node The path consists of a series of hops defined by the ingress LSR Each hop can be a traditional interface an auton...

Page 272: ...r interface is stacked If the layer 2 interface is an ATM AAL5 interface the major interface uses the interface label space For all other layer 2 interface types the major interface uses the platform...

Page 273: ...aved in NVS Use the show mpls interface minor command to view the minor interfaces The following attributes of the minor interface are set by RSVP TE The UID of the minor interface assigned automatica...

Page 274: ...abel distribution protocols are sometimes referred to as signaling protocols However label distribution is a more accurate description of their function and is preferred in this text The following pro...

Page 275: ...sed in LDP discovery hello messages Interfaces that use the platform label space default to the LSR router ID for the transport address You can use the mpls ldp discovery transport address command to...

Page 276: ...unreliable because it does not use TCP to exchange messages In contrast to LDP a hard state protocol RSVP TE is a soft state protocol meaning that much of the session information is embedded in a stat...

Page 277: ...enabling the sending node to determine whether a message was lost and triggering a retransmission as necessary Summary refresh srefresh messages refresh the state previously advertised in path or res...

Page 278: ...Switching and Packet Forwarding Overview on page 218 MPLS Interfaces and Interface Stacking Overview on page 236 Topology Driven LSPs Overview on page 255 ECMP Labels for MPLS Overview MPLS supports e...

Page 279: ...not supported An MPLS LSP trace echo request includes this TLV This TLV contains the downstream address all routers multicast that is the well known IP address 224 0 0 2 Validation of the downstream...

Page 280: ...alue Subtype Number LDP IPv4 prefix 1 LDP IPv6 prefix 2 RSVP IPv4 LSP 3 VPN IPv4 prefix 6 VPN IPv6 prefix 7 For VPLS and VPWS L2 VPN endpoint 8 For Martini encapsulation FEC 128 pseudowire 10 For iden...

Page 281: ...mands perform a basic connectivity check When the echo request exits the tunnel at the egress LSR the LSR sends the packet to the control plane The egress router validates the FEC stack to determine w...

Page 282: ...ipoint MPLS applications such as LDP LSPs because E Series routers do not support such functionality In addition because E Series routers do not support ingress transit or branch label switched router...

Page 283: ...he interfaces no response is sent to the originator If errors exist in the syntax of TLVs in the message received or if the router to which echo request packets are sent is not an egress node for the...

Page 284: ...data plane failures using the pingmpls and tracempls commands at egress nodes of point to multipoint LSPs JunosE Software supports two new TLVs Echo Jitter and P2MP Responder Identifier Also a sub TL...

Page 285: ...request depending on the setting of the Response Type field in the echo message The P2MP Responder Identifier TLV is assigned a type number of 11 The P2MP Responder Identifier TLV is valid only in an...

Page 286: ...s not specify the address of a branch or intermediate node This address is made available to the nodes upstream of the target node using signaling protocols such as RSVP This sub TLV may be used to tr...

Page 287: ...ddress command LDP Extended Discovery Mechanism To discover LDP peers that are not directly connected LSRs periodically send out LDP targeted hellos to potential peers The targeted hellos are containe...

Page 288: ...emand ordered control for label mapping and distribution Explicit routing specifies a list or group of nodes hops that must be used in setting up the tunnels CR explicit paths can be strict or loose S...

Page 289: ...RSVP TE Tunnels You can use either of the following methods to configure RSVP TE tunnels Configure individual tunnels with the interface tunnel mpls tunnelName command Configure multiple tunnels with...

Page 290: ...urce flooding threshold and period The resource flooding threshold and period together control the flooding of the resource information by the IGP protocols IS IS and OSPF Configuring Traffic Engineer...

Page 291: ...resources Topology Driven LSPs Overview Topology driven LSPs are implemented for best effort hop by hop routing In topology driven LSP mode LDP automatically sets up LSPs for IGP direct and static rou...

Page 292: ...configured on LSR 2 Related Topics MPLS Label Distribution Methodology on page 227 MPLS Label Switching and Packet Forwarding Overview on page 218 MPLS Label Distribution Protocols Overview on page 23...

Page 293: ...s possible for LDP graceful restart Table 54 Summary of LDP Graceful Restart States Reconnecttimeoutvalue sent in TLV FT TLV sent to neighbor Helper mode enabled Graceful restart enabled Nonzero Yes Y...

Page 294: ...very timer expires Dynamic exchange of the graceful restart capability is not supported In some circumstances such as when a standby SRP module is removed an LSR that has communicated to neighbors tha...

Page 295: ...the IGP is operational When synchronization is in effect the IGP advertises the maximum possible cost or metric for that link If an alternative next hop exists for traffic the IGP can choose that nex...

Page 296: ...an undesirable situation Synchronization Behavior on IGP Passive Interfaces On IGP passive interfaces the link cost is not raised when LDP IGP synchronization is configured and a triggering event occ...

Page 297: ...t an RSVP TE node has most recently received from its peer If the node has never received a hello message from that peer then it sets the destination instance value to zero Hello adjacency peers monit...

Page 298: ...previous value If the value differs or is set to zero then the requesting peer treats the acknowledging peer as if communication has been lost The requesting peer also determines whether the acknowled...

Page 299: ...lper node for a neighboring router that is restarting or both Announcement of the Graceful Restart Capability LSRs use the RSVP TE hello mechanism to announce their graceful restart capabilities to th...

Page 300: ...ailed neighbor has restarted when it finds a new source instance in the neighbor s hello message When a nonzero recovery time is received in that hello message the helper router determines that the re...

Page 301: ...onveys the outgoing label from the restarting LSR to its downstream neighbor Related Topics Configuring RSVP TE Graceful Restart on page 298 RSVP TE Hellos Based on Node IDs Overview For interoperabil...

Page 302: ...nces Node hellos require only a single hello session between the two node IDs compared to link based hellos that have hello sessions between all interface pairs Less traffic and overhead result in a l...

Page 303: ...r Differentiated Services Overview The JunosE Software supports both the pipe model and the uniform model for tunneling with the mpls tunnel model command The router also provides a way to implement t...

Page 304: ...model EXP Bits for Differentiated Services Overview MPLS matches on the EXP bits for incoming traffic to set the traffic class color combination and sets the EXP bits for outgoing traffic based on the...

Page 305: ...the UPC field at the LSP endpoint because the UPC value might have been set by a lower layer policy for a different purpose NOTE For control traffic originated from this router if an attached per LSP...

Page 306: ...Bits for the First Label Pushed Figure 59 on page 270 shows how packet type and configuration determine how the EXP bits are set for the first label pushed Copyright 2010 Juniper Networks Inc 270 Juno...

Page 307: ...oid unnecessary duplication of packets at the ingress router by allowing non ingress LSRs to replicate the incoming data on one or more outgoing interfaces Point to multipoint LSPs for multicast VPNs...

Page 308: ...quired to configure a point to multipoint tunnel you need to use a single path message to signal multiple sub LSPs The following are some of the benefits of using point to multipoint LSPs A point to m...

Page 309: ...es router LSR 4 Egress LSRs can also be directly connected to the ingress LSR In this figure the connection between LSR 8 and LSR 1 is an example of this type NOTE You cannot use E Series routers as c...

Page 310: ...Copyright 2010 Juniper Networks Inc 274 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 311: ...uring LDP IGP Synchronization on page 291 Configuring LDP MD5 Authentication on page 291 Controlling LDP Label Distribution on page 292 Additional RSVP TE Configuration Tasks on page 293 Configuring R...

Page 312: ...3 Optional Configure a profile that contains settings to be used by multiple MPLS tunnels See MPLS Tunnel Profile Configuration Tasks on page 285 Many users find it convenient to configure MPLS by com...

Page 313: ...al Tasks on page 278 RSVP TE Global Tasks on page 279 MPLS Global Tasks In a typical network you perform only the first task You might also perform the optional configuration tasks but typically do no...

Page 314: ...hat targeted hello messages are sent to or accepted from host1 config mpls ldp targeted hello send list 10 21 5 87 host1 config mpls ldp targeted hello receive list 192 168 45 25 NOTE The mplsldptarge...

Page 315: ...s host1 config ldp ip forwarding host only 4 Optional Establish a policy governing the distribution of incoming LDP labels host1 config mpls ldp advertise labels for boston1 5 Optional Remove and then...

Page 316: ...ion the frequency at which MPLS searches for better paths for existing tunnels NOTE Low timer values lead to frequent reoptimization of LSPs which is undesirable for the following reasons Frequent cha...

Page 317: ...Configuration Tasks on page 281 1 Access the desired profile configuration mode host1 config mpls rsvp interface profile rsvp4 2 Configure interface profile settings to define the RSVP tunnel timeout...

Page 318: ...I range If you do not the interface will remain operationally down 3 Optional Specify an interface for signaling for an MPLS major interface in the interface label space host1 config if mpls signaling...

Page 319: ...st1 config if mpls traffic eng administrative weight 25 MPLS Tunnel Configuration Tasks Complete the following tasks to configure a tunnel interface Configure the tunnel endpoint last anything configu...

Page 320: ...text description with the tunnel host1 config if tunnel mpls description southshore 10 Configure the tunnel endpoint host1 config if tunnel destination 10 12 21 5 Related Topics MPLS Global Configura...

Page 321: ...solute 100 4 Optional Configure the path options used for the tunnel host1 config tunnelprofile tunnel mpls path option 3 dynamic isis 5 Optional Configure the bandwidth required for the tunnel host1...

Page 322: ...nal LDP Configuration Tasks on page 288 Additional RSVP TE Configuration Tasks on page 293 mpls tunnels profile tunnel destination tunnel mpls affinity tunnel mpls autoroute announce tunnel mpls autor...

Page 323: ...next address 172 18 100 5 Add the next hop if need be after a particular index in the explicit path host1 config expl path append after 5 next address 192 168 47 22 3 Configure a next hop at the end...

Page 324: ...ding on your network design See Configuring LDP Autoconfiguration on page 290 Configure LDP IGP synchronization depending on your network design See Configuring LDP IGP Synchronization on page 291 Con...

Page 325: ...e the mpls ldp deaggregate command host1 config mpls ldp deaggregate Related Topics Basic MPLS Configuration Tasks on page 276 Additional LDP Configuration Tasks on page 288 mpls ldp deaggregate Confi...

Page 326: ...ful restart recovery time mpls ldp graceful restart timers max recovery mpls ldp graceful restart timers neighbor liveness Configuring LDP Autoconfiguration LDP autoconfiguration enables you to ensure...

Page 327: ...is synchronized with the IGP on the current interface or all interfaces Synchronize LDP with the IGP on the current interface host1 config interface atm 2 0 host1 config if mpls ldp isis sync Synchro...

Page 328: ...s ldp neighbor 10 3 5 1 password rop23ers 2 Optional Set strict LDP authentication mode so that only peers with passwords can establish LDP sessions host1 config mpls ldp strict security Related Topic...

Page 329: ...ed Topics Basic MPLS Configuration Tasks on page 276 Additional LDP Configuration Tasks on page 288 mpls ldp advertise labels Additional RSVP TE Configuration Tasks All of the following RSVP TE config...

Page 330: ...ending interface also places a sequence number in the integrity object Each sequence number is a unique monotonically increasing number The secured interface expects each received RSVP message to incl...

Page 331: ...liseconds You must statically configure the bypass tunnel for each link that you want to protect on each router in the LSP The bypass tunnel must intersect the protected LSP at two locations The start...

Page 332: ...primary tunnel When the ingress router learns by RSVP TE signaling that local protection a bypass tunnel is in use it attempts to find a new optimal path for the tunnel based on the configured path op...

Page 333: ...more information about these commands see JunosE Physical Layer Configuration Guide mpls backup path tunnel mpls fast reroute Configuring RSVP TE Hello Messages to Determine Peer Reachability The RSVP...

Page 334: ...TE Configuration Tasks on page 293 mpls rsvp signalling hello Configuring RSVP TE Graceful Restart Configure RSVP TE graceful restart to enable routers to maintain MPLS forwarding state when a link or...

Page 335: ...h routers that cannot support RSVP TE graceful restart with link based hellos E Series routers use node hellos only to support their graceful restart capabilities NOTE Graceful restart must be enabled...

Page 336: ...the actual transmit intervals for BFD packets Use the minimum transmit interval keyword to specify the interval at which the local peer proposes to transmit BFD control packets to the remote peer hos...

Page 337: ...ce directly connected to the LSP endpoint The IGP can consider the LSP as a potential output interface for the LSP endpoint and for destinations beyond the endpoint In this case the SPF computation re...

Page 338: ...ust also specify a stable router interface with the mpls traffic eng router id command MPLS traffic engineering also requires that IS IS generate the new style TLVs that enable wider metrics Use the m...

Page 339: ...e for more information about enabling OSPF to support traffic engineering and monitoring OSPF traffic engineering For information about BGP and MPLS see Configuring BGP MPLS Applications on page 383 m...

Page 340: ...ple Differentiated Services Application and Configuration on page 305 Classify traffic In a differentiated services domain See Classifying Traffic for Differentiated Services on page 307 Configuring t...

Page 341: ...est effort green The policy sets the UPC to 0 QoS VPN service For CE to PE traffic the VPN EXP is copied from the IP precedence value when the PE router pushes VPN stacked labels For PE to CE traffic...

Page 342: ...host1 config policy list classifier group color green host1 config interface atm 3 0 1 host1 config subif ip policy input qos service 2 Create and attach an IP input policy for the plain Internet ser...

Page 343: ...t classifier group control traffic prec0 host1 config policy list classifier group user packet class prec0 host1 config policy list classifier group traffic class class0 host1 config policy list class...

Page 344: ...PSC The PHB is determined from a combination of the packet s label which indicates the traffic class and the EXP field of the shim header which indicates the drop precedence Table 56 on page 308 indic...

Page 345: ...ic EXP to PHB Mapping on page 309 Signaled Mapping for RSVP TE Tunnels on page 310 Preference of per VR Versus per LSP Behavior on page 312 Configuring Static EXP to PHB Mapping You can configure stat...

Page 346: ...ffic class and drop preference color red yellow or green This matching is accomplished by means of a policy corresponding to the signaled EXP to PHB mapping that is created and attached when the LSP i...

Page 347: ...ess transit and egress systems during signaled mapping sessions Figure 66 Signaled Mapping To define a policy rule that sets the EXP bits in packets to which the policy is applied Issue the mark exp c...

Page 348: ...ofile These classes originate from E LSPs and L LSPs classes derived from the signaled PHB ID or regular LSPs classes configured with the mpls traffic class command To specify the PHB supported by a s...

Page 349: ...e JunosE Policy Management Configuration Guide The four traffic classes are configured to allocate fabric resources and allow global synchronization of the three segments of the data path through an E...

Page 350: ...2 color green host1 config mpls diff serv phb id standard 20 traffic class af2 color yellow host1 config mpls diff serv phb id standard 22 traffic class af2 color red host1 config mpls diff serv phb i...

Page 351: ...committed rate 8000000 host1 config rate limit profile committed burst 1500000 host1 config rate limit profile peak rate 12000000 host1 config rate limit profile peak burst 1000000 You attach the pol...

Page 352: ...he router host1 config mpls classifier list bf packets exp 0 host1 config mpls classifier list af11 packets exp 1 host1 config mpls classifier list af12 packets exp 2 host1 config mpls classifier list...

Page 353: ...rentiated Services on page 303 Configuring EXP Bits for Differentiated Services on page 304 Example Differentiated Services Application and Configuration on page 305 Classifying Traffic for Differenti...

Page 354: ...packets complete the following steps to configure an E Series router as an egress router 1 Create a profile by using the profile command Add commands to enable IP IGMP and IP processing on the loopbac...

Page 355: ...Related Topics Point to Multipoint LSPs Overview on page 271 show mpls tunnels 319 Copyright 2010 Juniper Networks Inc Chapter 4 Configuring MPLS...

Page 356: ...Copyright 2010 Juniper Networks Inc 320 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 357: ...Clearing and Refreshing IPv6 Dynamic Routes in the Tunnel Routing Table on page 325 Tracing Paths Through the MPLS User Plane on page 325 Monitoring ATM VCs and VPI VCI Ranges Used for MPLS on page 3...

Page 358: ...acket Flow Examples for Verifying MPLS Connectivity on page 372 Troubleshooting MTU Problems in Point to Point LSPs on page 379 Setting the Baseline for MPLS Statistics You can use the baselinempls co...

Page 359: ...utgoing labels but not for others such as BGP outgoing labels Statistics are not stored in NVS When enabled the following statistics are maintained for each forwarding table entry receive error packet...

Page 360: ...tistics Collection for Policies Attached to MPLS Tunnels To enable collection of the following statistics for each policy attached to a tunnel Issue the mpls statistics policy command host1 mpls stati...

Page 361: ...s from the tunnel routing table of the virtual router or a specified VRF Issue the clear ipv6 tunnel routes command host1 config clear ipv6 tunnel routes There is no no version This command takes effe...

Page 362: ...AP UBR 0 0 0 UP ATM 3 0 8100 1 8100 8100 PVC SNAP UBR 0 0 0 DOWN 8000 circuit s found Reserved VCC ranges Start Start End End Interface VPI VCI VPI VCI ATM 2 0 2 100 2 102 ATM 2 0 3 300 3 303 2 reserv...

Page 363: ...cuit identifier inclusive of the reserved VC range End VCI Related Topics show atm vc Monitoring Global Call Admission Control Configuration Purpose Display global call admission control CAC configura...

Page 364: ...rk flooding is triggered when bandwidth increases past any of the up threshold values and when bandwidth decreases past any of the down threshold values MPLS TE flooding threshold up down Weight assig...

Page 365: ...pTunnel 200 0 L20 L26 ATM5 0 10 BgpTunnel 200 0 L20 L34 ATM5 0 10 To display detailed information about all IP tunnel routes beginning with address 200 200 200 1 32 host1 vr2 show ip tunnel route 200...

Page 366: ...routing table Next Hop Administrative distance for the route Dst or Distance Number of hops metric Met or Metric Interface type and interface specifier Interface Numeric tag that identifies route Tag...

Page 367: ...ured value for the LDP session hold time LDP session hold time Interval at which LDP sends session keepalive messages in seconds LDP session keepalive interval LDP targeted hello hold time in seconds...

Page 368: ...r MPLS vc id 50001 group id 2 In 26 neighbor 10 9 1 3 Out 27 neighbor 10 9 1 3 VLAN over MPLS vc id 240001 group id 2 In 22 neighbor 10 9 1 3 Out 25 neighbor 10 9 1 3 10 1 1 1 32 In 10001 neighbor 10...

Page 369: ...very Time 240 sec Max Recovery Time 260 sec Neighbor Liveness Timer 280 sec Peer 80 0 1 1 0 State operational Restarter Mode disabled Helper Mode enabled Peer 80 0 3 3 0 State operational Restarter Mo...

Page 370: ...0 0 LDP configured SYNC enabled SYNC status sync achieved peer reachable IGP holddown time infinite Peer LDP Ident 10 130 0 1 0 IGP enabled OSPF 1 Meaning Table 66 on page 334 lists the show ldp igp s...

Page 371: ...r compatibility with non E Series implementations Meaning Table 67 on page 335 lists the show ldp interface command output fields Table 67 show ldp interface Output Fields Field Description Field Name...

Page 372: ...msg Number of label mapping messages received or received bad or sent mapping Number of label request messages received or received bad or sent request Number of label abort messages received or rece...

Page 373: ...isement Unsolicited Up for 00 20 03 Number of next hop addresses received 3 10 0 2 2 100 6 12 2 100 6 23 2 Number of adjacencies 1 Link Hello adjacency address 10 6 12 2 transport 10 0 2 2 Up for 00 2...

Page 374: ...output fields Table 68 show ldp neighbor Output Fields Field Description Field Name IP address of LDP peer LDP neighbor IP address of remote and local peers the number following the colon is the plat...

Page 375: ...sent Keepalive Number of notification messages received and sent Notification Number of address messages received and sent Address Number of address withdraw messages received and sent Address withdr...

Page 376: ...r LDP on the current virtual router Action To display all LDP statistics host1 show ldp statistics Message type Received Sent Hello 25733 25735 Initialization 2 2 Keepalive 9646 9646 Notification 0 0...

Page 377: ...on Number of address messages received and sent Address Number of address withdraw messages received and sent Address withdraw Number of label mapping messages received and sent Label mapping Number o...

Page 378: ...g TLV events Missing TLV Number of PDU too large events PDU too large Number of PDU too small events PDU too small Number of no memory events No Memory Related Topics show ldp statistics Monitoring LD...

Page 379: ...abel range 3000 4000 retry forever at interval 30 during LSP setup if there is route retry forever at interval 30 during LSP setup if there is no route Loop Detect enabled Additional detail is shown w...

Page 380: ...sabled Loop Detect This field and the following fields are displayed only when LDP is enabled LDP IP address of label switched router LSR ID State of FEC deaggregation on or off FEC Deaggregation Type...

Page 381: ...o be performed during LSP setup Tunnel retry State of RSVP TE summary refresh reduction OFF or ON Refresh reduction State of RSVP TE summary refresh message bundling OFF or ON Message bundling Type of...

Page 382: ...mpls explicit paths Monitoring the RSVP TE Bypass Tunnels Purpose Display information about the backup status of primary LSPs protected with bypass tunnels Action To display the backup status of prot...

Page 383: ...Spoof check router pe1 Action MPLS next hop 1 lookup on inner header label Statistics 0 in pkts 0 in Octets 0 in errors 0 in discard pkts To display summary information about MPLS labels used for forw...

Page 384: ...sent in discardPkts Related Topics show mpls forwarding Monitoring MPLS Interfaces Purpose Display status and configuration information about MPLS interfaces Action To display information about all M...

Page 385: ...onfigured LDP not configured IP interfaces on this MPLS interface 192 168 100 21 30 MPLS Statistics Rcvd 0 failed lbl lookup 0 octets 0 hcOctets 0 pkts 0 hcPkts 0 errors 0 discards Sent 0 octets 0 hcO...

Page 386: ...scards LDP information 10 1 1 1 24 enabled with profile default 0 hello recv 2 hello sent 0 hello rej 0 adj setup 0 adj deleted RSVP Enabled with profile default Authentication is disabled Authenticat...

Page 387: ...or ATM2 0 10 Operational state is up MPLS minor interface UID is 0x1a000004 Lower MPLS major interface UID is 0x19000001 Statistics not enabled for this interface The following excerpt shows detailed...

Page 388: ...nd advertised to this peer label alloc Number of labels received from this peer label learned Cumulative total number of labels allocated and advertised to this peer accum label alloc Cumulative total...

Page 389: ...ince last hello message sent last hello sent time Number of packets received whose labels are not recognized failed lbl lookup Number of octets received or sent octets Number of high capacity 64 bit o...

Page 390: ...e is up Sent 0 packets 0 bytes queue 0 traffic class best effort bound to atm vc ATM2 0 10 Queue length 0 bytes Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packet...

Page 391: ...available next hop statistics Next hops can be pointed to by MPLS forwarding entries on an LSR IP or IPv6 routes on an LER and VPLS bridge groups Action To display MPLS next hops host1 vr2 show mpls...

Page 392: ...s and Traffic Class Color Combinations Purpose Display the configured mapping between PHB IDs and traffic class color combinations PHB IDs used for L LSPs do not have color Action To display the mappi...

Page 393: ...w mpls tunnels profile MPLS Tunnel Profile tunnelProfile LSP setup using rsvp te tunnel not announced to any IGP Global Retry forever at Global interval 5 during Lsp setup if there is route Global Ret...

Page 394: ...ntrolled Load Token Bucket Rate 0 Token Bucket Size 0 Peak Data Rate 0 Min Policed Unit 0 Max Packet Size 0 Flags InUse RroRequired PathRefreshSent To display reservation state control blocks for an i...

Page 395: ...ags InUse StyleConverted ResvRefrSent Meaning Table 81 on page 359 lists the show mpls rsvp command output fields Table 81 show mpls rsvp Output Fields Field Description Field Name Path state control...

Page 396: ...object ADSPEC Incoming explicit route object IN ERO Outgoing explicit route object OUT ERO RSVP session attributes SES ATTR Setup priority of tunnel Setup Pri Hold priority of tunnel Hold Pri Name of...

Page 397: ...l has changed PSB Flag LabelChanged Reservation refresh needed PSB Flag ResvRefreshNeeded Path refresh needed PSB Flag PathRefreshNeeded Record route object required PSB Flag RroRequired Session is eg...

Page 398: ...Mpls interface ATM6 0 2 RSVP Authentication Secure Association with peer 102 2 2 2 Receive Sequence Number 4592798942692985934 Mpls interface ATM6 0 3 RSVP Authentication Secure Association with peer...

Page 399: ...the same value Minimum Interval Minimum receive interval in milliseconds minimum interval at which the local peer must receive BFD control packets from the remote peer Minimum Rx Interval Minimum tran...

Page 400: ...received on the interface Path Error Rcvd Number of pathtear messages sent on the interface Path Tear Sent Number of pathtear messages received on the interface Path Tear Rcvd Number of resv messages...

Page 401: ...Triggers Number of locally triggered resv messages Resv Triggers RSVP control packets that are forwarded through the router Forwarded Pkts Number of hello messages sent Hello Sent Number of hello mess...

Page 402: ...ls rsvp hello graceful restart Monitoring RSVP TE Hello Adjacency Instances Purpose Display summary or detailed information about RSVP TE hello adjacency instances Action To display summary informatio...

Page 403: ...e Adjacency has been lost Hellos were received from the peer but have timed out The peer is known to be capable of graceful restart so the router is waiting for hellos to resume from the peer The rout...

Page 404: ...between the hello adjacency peers SrcInstance 32 bit SrcInstance value most recently received from hello adjacency peer value is zero when no instance has been received from that peer DstInstance Num...

Page 405: ...6 1 18a for 222 9 1 2 State Up In label 20 on ATM3 0 1 0 pkts 0 hcPkts 0 octets 0 hcOctets 0 errors 0 discardPkts In the output for Tunnel 2 shown here the line phb id 2 indicates that the tunnel is a...

Page 406: ...tets Number of packets that are dropped for some reason before being sent errors Number of packets that are discarded due to lack of buffer space before being sent discardPkts Tunnel identifier name i...

Page 407: ...the specified IP or IPv6 address Issue the ping mpls command host1 pe1 ping mpls ip 10 2 2 2 32 Tracing the Path of an MPLS Echo Request Packet to an IP or IPv6 Address To send MPLS echo request packe...

Page 408: ...race mpls rsvp tunnel command host1 pe1 pe11 trace mpls rsvp tunnel west1 detail Sending an MPLS Echo Request Packet to a VPLS Instance To send an MPLS echo request packet to the specified VPLS instan...

Page 409: ...opologies When you specify a VRF name the LSP to the specified prefix must originate from the VRF because the ping is generated from the specified VRF Packet Flow Example for the ping mpls Command The...

Page 410: ...h The echo reply packet includes the Interface and Label Stack TLV to indicate both the interface on which the request packet was received and the incoming label stack The MPLS echo reply packet is se...

Page 411: ...2 10 2 2 2 over an LDP base tunnel host1 pe1 trace mpls ip 10 2 2 2 32 1 PE 1 sends an MPLS echo request UDP packet that contains an LDP IPv4 sub TLV and a Downstream Mapping TLV The packet has the fo...

Page 412: ...ownstream Mapping TLV is not included in the echo reply packet 6 When PE 2 s echo reply packet reaches router PE 1 the router matches PE 2 s handle and the sequence number to the echo request packet t...

Page 413: ...which means that the replying router is an egress for the FEC at stack depth The echo reply packet includes the Interface and Label Stack TLV to indicate both the interface on which the request packe...

Page 414: ...ace and Label stack 20 bytes Router 10 33 33 33 Intf 10 10 10 2 L34 EXP 5 TTL 1 L68 EXP 0 S TTL 1 TLV Downstream mapping 24 bytes Router 10 31 31 2 Intf 10 31 31 1 mtu 9180 L56 EXP 5 LDP L68 EXP 0 S U...

Page 415: ...oint MPLS LSPs to determine whether MPLS packets with a particular size can be forwarded over an MPLS point to point LSP when the size of the packets exceeds the MTU size at any of the LSRs that are n...

Page 416: ...d with a Martini circuit that causes MPLS packets to be discarded owing to the size of the packet exceeding the MTU size Issue the trace mpls l2transport command with the data size keyword host1 pe1 t...

Page 417: ...sport ping mpls l3vpn ping mpls rsvp tunnel ping mpls vpls trace mpls ip trace mpls l2transport trace mpls l3vpn trace mpls rsvp tunnel trace mpls vpls 381 Copyright 2010 Juniper Networks Inc Chapter...

Page 418: ...Copyright 2010 Juniper Networks Inc 382 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 419: ...ervices over VPNs on page 421 Configuring BGP VPN Services on page 421 Providing Internet Access to and from VPNs on page 461 Carrier of Carriers IPv4 VPNs on page 469 Carrier of Carriers IPv6 VPNs on...

Page 420: ...IPv6 routes or unicast IPv6 routes in a specified VRF For a description of IPv6 see IPv6 Overview in the JunosE IP IPv6 and IGP Configuration Guide Multicast IPv6 If you specify the multicast IPv6 add...

Page 421: ...he set of viable routes as soon as it is notified of the failure When the recalculation has finished the protocol then updates the routing table with the new routes From the time the path fails until...

Page 422: ...indirect next hop as soon as BGP is notified of the loss of connectivity However some traffic continues to be forwarded to CE 2 through PE 2 this traffic is lost BGP quickly prunes the failed route fr...

Page 423: ...direct connection to a customer edge CE device that sits at the edge of the customer site The CE device can be a single host a switch or most typically a router When the CE device is a router it is a...

Page 424: ...e VRFs in addition to its global routing table which is not associated with any VPN CE router or customer site A router can support up to 1000 forwarding tables that is up to a combined total of 1000...

Page 425: ...tion of your network For example if each VRF always belongs to only one VPN you might use a single RD for all VRFs that belong to a particular VPN Route Targets A route target extended community or ro...

Page 426: ...munity information and MPLS labels required for BGP MPLS VPNs Consider the simple example shown in Figure 71 on page 390 The customer edge devices are connected with their associated provider edge rou...

Page 427: ...d by CE 1 thus creating labeled VPN IPv4 prefixes The prepended information consists of a route distinguisher and an MPLS label Because the CE router uses IPv4 addresses from the VPN s private address...

Page 428: ...n the service provider core In addition PE 2 must have PE 1 s address so that it can establish an LSP back to PE 1 The next hop address must also be carried in the MP Reach NLRI attribute according to...

Page 429: ...cross IPv4 Clouds with BGP draft ietf ngtrans bgp tunnel 04 txt July 2002 expiration JunosE Release Notes Appendix A System Maximums Refer to the Release Notes corresponding to your software release f...

Page 430: ...ciated out label the out label is the label sent with MPLS traffic Consider the network shown in Figure 73 on page 394 If you display the in label on PE 1 you see that MP BGP advertises a labeled VPN...

Page 431: ...nner labels themselves are communicated between PE routers in the MP BGP extended update messages as described in the previous section MPLS uses the outer labels to forward data packets from the ingre...

Page 432: ...m PE 2 to PE 1 using label 58 for the PE 2 to P 2 link label 12 for the P 2 to P 1 link and label 37 for the P 1 to PE 1 link PE 2 can forward data packets along the LSP to PE 1 and its customer sites...

Page 433: ...d forwards the data packet to PE 2 PE 2 receives the data packet from P 2 and looks up label 46 PE 2 determines it is the egress router of the LSP and must pop label 46 Then it proceeds to look up the...

Page 434: ...the MPLS core network Link local scope addresses cannot be used for reachability across IPv6 VPN sites and can never be advertised by means of MP BGP to remote PE routers Global scope addresses are e...

Page 435: ...so configure IPv6 static routes in the VRFs on the PE routers to reach the networks through the CE IPv6 link Alternatively you can configure the static routes with any routing protocol that supports I...

Page 436: ...s 128 for MPLS labeled VPN IPv6 When PE 2 receives the VPNv6 prefix 6001 0430 48 with label L1 it imports the prefix into VRF B because VRF B s import route target matches the route target received in...

Page 437: ...vices in three different ways known as inter AS option A option B and option C Option C is preferred to option B option B is preferred to option A For inter AS options B and C you must explicitly conf...

Page 438: ...N IPv4 routes throughout AS 42 in extended BGP update messages by means of internal MP BGP ASBR 2 then distributes the routes to ASBR 3 with external MP BGP ASBR 2 specifies itself as the next hop add...

Page 439: ...le of VR IP indirect next hop index 10 Reachable metric 3 Number of direct next hops is 1 Direct next hop ATM6 1 20 10 20 20 1 Resolution in IP tunnel route table of VR MPLS indirect next hop index 29...

Page 440: ...direct next hop 4 4 4 4 Resolution in IP route table of VR IP indirect next hop index 11 Reachable metric 3 Number of direct next hops is 1 Direct next hop ATM4 0 33 33 33 33 2 Resolution in IP tunnel...

Page 441: ...multihop EBGP redistribution of labeled VPN IPv4 routes between source and destination autonomous systems Labeled IPv4 routes are redistributed by EBGP between neighboring autonomous systems Inter AS...

Page 442: ...IB 1 P 2 learns label L2 for the route to the loopback address on PE 2 by means of LDP or RSVP TE from PE 2 2 ASBR 2 learns label L3 for the route to the loopback address on PE 2 by means of LDP or RS...

Page 443: ...termost label L7 and swaps the middle label L6 for L4 to get to ASBR 2 3 ASBR 2 swaps outer label L4 for L3 to get to its next hop P 2 4 P 2 swaps outer label L3 for L2 to get to its next hop PE 2 5 P...

Page 444: ...the next hop See neighbor next hop unchanged Providing IPv6 VPN Services Across Multiple Autonomous Systems The JunosE Software supports inter AS services for IPv6 VPNs in addition to IPv4 VPNs See Pr...

Page 445: ...tra AS services JunosE Software supports both IPv4 backbone and IPv6 backbone types of BGP next hop encodings The default BGP next hop encoding used for IPv6 VPN inter AS services is the one specified...

Page 446: ...et attached Because this route target is attached to each route advertised by VPN A VRFs every site in VPN A accepts routes only from other sites in VPN A The same principle applies to VPN B Figure 83...

Page 447: ...rt route target of 100 11 so routes advertised by the hub do match the import target of each spoke and are accepted by all of the spokes Figure 85 Route Target Configuration for a Hub and Spoke VPN Ov...

Page 448: ...can be accepted by any site in either VPN A or VPN B Figure 87 Route Target Configuration for an Overlapping VPN An interesting special case of an overlapping VPN is when two VRFs on the same PE route...

Page 449: ...The source address of the transmit interface is not used as the source address of the packet Constraining Route Distribution with Route Target Filtering In typical BGP configurations you can use coope...

Page 450: ...ts of reduced traffic and smaller routing tables Exchanging Route Target Membership Information BGP peers exchange route target membership information in the following sequence 1 When the BGP peers ne...

Page 451: ...dense the amount of VPN NLRI exchange traffic is about the same regardless of whether route target filtering is configured Receiving and Sending RT MEM NLRI Routing Updates RT MEM NLRI routing update...

Page 452: ...es EBGP confederation peer Advertising to IBGP clients varies from the standard advertisement rules in terms of path attribute modifications When locally originated RT MEM NLRI routes are advertised t...

Page 453: ...filters for incoming traffic This command takes effect immediately To prevent a peer from continually flapping when it goes to state idle because the maximum number of prefixes has been reached the p...

Page 454: ...t route default information originate Use in the route target address family to cause a BGP speaker the local router to send the Default RT MEM NLRI route 0 0 0 0 to all peers for use as a default rou...

Page 455: ...Enabled When route target filtering is enabled for a peer BGP applies outbound filters to initially prevent the speaker from advertising any VPN routes to the peer If the BGP speaker subsequently rec...

Page 456: ...e neighbor commands to specify the PE router peers to which BGP advertises routes and to configure any additional BGP attributes host1 config router neighbor 10 2 2 2 remote as 45 host1 config router...

Page 457: ...alue 1 See external paths Multicast Services over VPNs For information on VPN multicast services see Creating Multicast VPNs in the JunosE Multicast Routing Configuration Guide Configuring BGP VPN Ser...

Page 458: ...config vrf ip route vrf vrfA 10 3 0 0 255 255 0 0 10 1 1 1 host1 vr1 config vrf ip route vrf vrfA 10 12 0 0 255 255 0 0 10 1 1 1 or host1 config virtual router vr1 vrfA host1 vr1 vrfA config ip route...

Page 459: ...he reachability of indirect next hops when selecting the best VPN IPv4 route to a prefix host1 pe1 config router af check vpn next hops 5 Configure PE to CE BGP sessions a Enable and configure BGP hos...

Page 460: ...by means of an external script If you do not issue the wait for completion keyword in these circumstances an ip vrf command issued as soon as the prompt appears might fail because the router is still...

Page 461: ...list then the route is installed in that VRF s forwarding table For the most common configuration do the following 1 Allocate one route target extended community value per VPN 2 Define the route targe...

Page 462: ...o remove a route target from the import list the export list or both lists See route target Example FullyMeshed VPNs In a fully meshed VPN each site in the VPN can reach every other site in the VPN Fi...

Page 463: ...a hub and spoke design only the hub site can reach every site in the VPN All other sites spokes can reach only the hub site More complex hub and spoke designs are possible but require additional conf...

Page 464: ...from PE 1 BGP installs the advertised route only if it has a route target of 25 Routes from PE 3 have a route target of 50 and cannot be installed When PE 1 receives updates from either PE 2 or PE 3...

Page 465: ...xt of the BGP address family for that VRF Routes maintain their type when exported Private prefixes are exported without being converted into public prefixes Consequently the prefix of an exported rou...

Page 466: ...f you want to export only one or the other you can use a match mpls label command in the export or global export route map Table 90 on page 430 lists additional characteristics of export and global ex...

Page 467: ...the global BGP VPN RIB local to the VR This RIB is often referred to as the core VPN RIB Export maps can optionally filter routes When the VRF route matches the export map the route is exported and t...

Page 468: ...y the VRF to the global BGP non VPN RIB in the parent VR You can specify that only IPv4 or only IPv6 routes are exported By default both types of routes are exported Example host1 boston config vrf gl...

Page 469: ...y default both types of routes are imported Use the max routes keyword to specify the maximum number of routes that you want to be imported into the local RIB BGP generates a log message when the spec...

Page 470: ...ves a packet at this interface it routes the packet using the VRF s forwarding table rather the global forwarding table You can assign the interface from outside the context of the VRF or inside the c...

Page 471: ...issuing the command Example host1 foo config if ip vrf forwarding vrfA host1 foo vrfA config if ip address 10 12 4 5 255 255 255 0 or host1 foo config if ip vrf forwarding vrfA fallback global Use the...

Page 472: ...s only for as long as you are configuring attributes on the given interface within the VRF Entering a top level command such as interface within this VRF context takes the CLI out of the VRF context b...

Page 473: ...fixes in CE 1 host1 config virtual router pe1 host1 pe1 config ip vrf vpnA host1 pe1 config vrf ip route vrf vrfA 10 3 0 0 255 255 0 0 10 1 1 1 host1 pe1 config vrf ip route vrf vrfA 10 12 0 0 255 255...

Page 474: ...e VRF context For example for OSPF you might issue the following command and then complete OSPF configuration tasks for VRF A host1 config router ospf 100 vrf vrfa For RIP you create the RIP process s...

Page 475: ...automatic route target filtering is always disabled on route reflectors that have at least one route reflector client You cannot enable automatic route target filtering for such route reflectors bgp d...

Page 476: ...rding mode label switched host1 config vrf ip route vrf pe11 10 3 4 5 255 255 255 255 fastEthernet 0 1 host1 config vrf ip route vrf pe11 10 1 1 1 255 255 255 255 loopback 1 host1 config vrf exit host...

Page 477: ...s to be included in the list of available equal cost paths You can use the maximum paths command with the ibgp or eibgp keywords to enable ECMP support for BGP MPLS VPNs The eibgp keyword specifies th...

Page 478: ...or PE 3 is forwarded as MPLS encapsulated packets PE 2 and PE 3 receive the MPLS encapsulated traffic from PE 1 remove the MPLS encapsulation and then forward the traffic as IP packets by means of th...

Page 479: ...fic from PE 1 removes the encapsulation and then forwards the traffic as IP packets by means of the EBGP route to CE 2 maximum paths Use to enable ECMP support for BGP MPLS VPNs Specify a value in the...

Page 480: ...or information about configuring BGP sessions The section Understanding BGP Command Scope on page 18 has tables that list BGP commands according to their scope From Address Family Configuration mode y...

Page 481: ...t configuration from the peer or peer group and reestablish inheritance of the feature configuration See neighbor activate Configuring PE to CE BGP Sessions If you have established a BGP session betwe...

Page 482: ...Advertising IGP Routes to Customers If the PE router learns routes from a CE router by means of an IGP you can configure BGP to advertise these IGP routes to all customer sites within the VPN with re...

Page 483: ...st1 vr1 config router no bgp default ipv4 unicast host1 vr1 config router neighbor 10 26 5 10 remote as 100 host1 vr1 config router address family vpnv4 unicast host1 vr1 config router af neighbor 10...

Page 484: ...nnot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj RIBs Out table Example 1 host1 vr1 config route...

Page 485: ...work with Potential Routing Loops The following commands are relevant to the illustrated network host1 pe1 config ip vrf yourvpn host1 pe1 config vrf rd 200 1 host1 pe1 config vrf route target both 20...

Page 486: ...r send community extended command has been issued for the peer The configured site of origin does not override the site of origin if it is already present in the extended community list of a route If...

Page 487: ...family always accept routes containing their own AS number by default Issuing this command in the VRF for such a peer has no effect on the behavior of IBGP peers in this address family This behavior r...

Page 488: ...threshold When the router attempts to add a route it compares the limit you configure against a route count it maintains for routes already in the VRF s forwarding table With a warning threshold conf...

Page 489: ...a limit exceeded warning and rejects the route An interval of 5 minutes must pass before another limit exceeded message can be generated Messages are logged to ipRouteTable at severity warning The in...

Page 490: ...r loopback 1 In this example assume that the global instance of BGP for the PE router runs in the parent VR PE 1 to exchange VPN routes with its peers by means of internal or external MP BGP BGP can a...

Page 491: ...BGP indirect next hop Instead best path selection is based on weight local preference AS path length and other attributes After the route has been imported into a VRF the reachability of the BGP indir...

Page 492: ...achable It then selects the PE 2 route as the best route and installs it in the VRF s IP routing table On the other hand if the VRFs in PE 1 and PE 2 share the same RD the route reflector reflects onl...

Page 493: ...prefix Because the route reflector selects only one best path and reflects that single best path toward its clients and nonclients the amount of state in the network is reduced The core of the network...

Page 494: ...utes You can issue the neighbor send label command to enable BGP to exchange both labeled and unlabeled unicast routes in the same address family same AFI over the same BGP peering session The routes...

Page 495: ...ion or implicitly as a result of participating in an EBGP session BGP allocates a new in label and adds an entry to the MPLS forwarding table creating a label to next hop mapping When a BGP router doe...

Page 496: ...When the indirect next hop is a native IPv6 address the indirect next hop is resolved in the IPv6 routing table and IPv6 tunnel routing table Labeled VPN Routes In the core VRF when BGP receives a BGP...

Page 497: ...the Internet The exchange of traffic between a VPN and the Internet requires both of the following Traffic flow from the VPN to the Internet Traffic flow from the Internet to the VPN The most common...

Page 498: ...obal import map to import only the specific route to these networks into the VRF You can create multiple IP interfaces on top of a single layer 2 interface One of those interfaces is the primary IP in...

Page 499: ...0 0 0 0 ip internet access See Shared IP Interfaces in the JunosE IP IPv6 and IGP Configuration Guide for information about shared IP interfaces and default routes Configuring a Fallback Global Option...

Page 500: ...e1 config if ip vrf forwarding pe11 fallback global host1 pe1 pe11 config if atm pvc 11 0 11 aal5snap host1 pe1 pe11 config if ip address 10 11 11 1 255 255 255 0 host1 pe1 pe11 config if exit See Def...

Page 501: ...map globimap1 Creating a BGP Session Between the CE Router and the Parent VR The fallback global option enables traffic that arrives at a VRF from the CE router to be sent out on the uplink determine...

Page 502: ...pe1 config if ip share interface atm2 0 1 host1 pe1 config if ip address 10 1 1 3 255 255 255 255 host1 pe1 config if exit host1 pe1 config ip route 10 4 4 4 255 255 255 255 ip ce1 cust The following...

Page 503: ...ation is to use a global export map as described in Setting Import and Export Maps for a VRF on page 428 Enabling Traffic Flow from the Internet to the VPN When traffic flows from the Internet to a VP...

Page 504: ...ip ce1 cust Global Export Map The global export map enables VPN routes to be automatically exported from the BGP RIB table in a VRF to the global BGP RIB table the BGP RIB table of the parent VR based...

Page 505: ...a VPN backbone network for the customer carrier Tier 1 The customer carrier in turn provides layer 3 VPN or Internet services to its end customers Tier 2 This section provides the background you need...

Page 506: ...xibility The VPN backbone can be used to deliver both VPN services and Internet connectivity services The following benefits are provided to the provider carriers Reduced VPN administration Provider c...

Page 507: ...in which the customer carrier provides Internet connectivity services to its customers The figure shows how the labels are added and removed as the traffic traverses the network The label signaling pr...

Page 508: ...s PE router Customer Carrier as a VPN Service Provider The carrier of carriers VPN can be used to create two tiered hierarchical VPNs In a hierarchical VPN the provider carrier s VPN is the backbone o...

Page 509: ...ete the following configuration process when the customer carrier provides VPN services for its customers On the provider carrier s PE router 1 Configure MPLS 2 Configure BGP 3 Configure an IGP 473 Co...

Page 510: ...creates a backbone VPN that is used by a customer carrier You must enable carrier of carriers support on the VRF of the provider carrier s PE device that connects to the PE device of the customer car...

Page 511: ...on the PE router or into the core VRFs maintain a routing table only for the customer internal routes Forwarding is accomplished primarily by label switching without a routing table lookup Only custo...

Page 512: ...routing protocol to access the CE routers Use any MPLS signaling protocol to establish an MPLS base tunnel in the IPv4 core network Each PE router runs MP BGP over an IPv4 stack MP BGP TCP IPv4 MP BG...

Page 513: ...2 sends native IPv6 packets destined for the 2001 0430 32 network to PE 2 On receipt PE 2 performs a lookup in its global IPv6 routing table PE 2 prepends two labels to the IPv6 header L1 L2 IPv6 and...

Page 514: ...host1 config ip address 10 10 10 1 120 3 On PE 1 configure a loopback interface host1 config interface loopback 1 host1 config ip address 1 1 1 1 255 255 255 0 4 On PE 1 configure an IPv4 IGP and an...

Page 515: ...hout creating OSPF adjacencies between the domains The BGP MPLS VPN backbone acts as either an OSPF backbone area 0 or an OSPF area above the backbone In this topology OSPF is the routing protocol bet...

Page 516: ...GP uses these attributes and the MED to preserve OSPF routing information across the BGP MPLS VPN backbone OSPF Domain Identifier Attribute The OSPF domain identifier attribute uniquely identifies the...

Page 517: ...icate an external route In the first case the PE router advertises the route as an external type 2 route In the second case the PE router advertises the route as an external type 2 route if the least...

Page 518: ...ected CE router are installed into the IP routing table of the VRF associated with that CE router The OSPF routes in the VRF s IP routing table are then redistributed into MP BGP and advertised as VPN...

Page 519: ...13 on page 483 shows how you can use OSPF sham links to avoid the problem created by the intra area backdoor link The sham link is a logical intra area link between VRF B on PE 2 and PE 3 OSPF creates...

Page 520: ...ee Remote Neighbors in the JunosE IP IPv6 and IGP Configuration Guide dont install routes Use to prevent any OSPF routes that point directly to the OSPF remote neighbor from being installed in the IP...

Page 521: ...Guide 1 Create the VRF host1 config ip vrf ospf2 Proceed with new VRF creation confirm host1 config vrf rd 100 85 host1 config vrf exit 2 Start OSPF on the VRF either from the parent VR or directly fr...

Page 522: ...AS number Example host1 default ospf2 config router domain tag 1200 Use the no version to restore the default value See domain tag Configuring VPLS You can configure one or more instances of the Virt...

Page 523: ...or by means of layer 2 virtual circuits that employ ATM or Frame Relay L2VPNs enable the sharing of a provider s core network infrastructure between IP and L2VPN services reducing the cost of providin...

Page 524: ...Copyright 2010 Juniper Networks Inc 488 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 525: ...F Interfaces on page 491 Monitoring VRF Routing Protocols on page 494 Monitoring the VRF Routing Table on page 496 Monitoring the VRF on page 497 Monitoring Load Balanced Martini Circuits on page 503...

Page 526: ...bgp vpnv4 vrf pe22 next hops Indirect next hop 10 61 61 2 Resolution in IP route table of VRF pe22 IP indirect next hop index 3 Reachable metric 0 Number of direct next hops is 1 Direct next hop ATM4...

Page 527: ...address is 255 255 255 255 255 255 255 255 Broadcast address is 255 255 255 255 Operational MTU 1500 Administrative MTU 0 Operational speed 100000000 Administrative speed 0 Discontinuity Time 0 Route...

Page 528: ...status Status of the protocol Protocol Description Status of the line protocol line protocol Status of SNMP link up down traps on the interface Link up down trap IP address of the interface Internet a...

Page 529: ...ting In Policed Packets Bytes Number of packets discarded on a receive IP interface because of IP header errors In Error Packets Number of packets discarded on a receive IP interface because of invali...

Page 530: ...stributing Local preference value Default local preference Status of IGP synchronization enabled disabled IGP synchronization Status of multiexit discrimination enabled disabled Always compare MED Sta...

Page 531: ...tes learned form other routing protocols Address Summarization Network for which OSPF is currently injecting routes Routing for Networks RIP RIP protocol state Enable means it is allowed to send and r...

Page 532: ...e VRF host1 show ip route vrf vpn2 Protocol Route type codes I1 ISIS level 1 I2 ISIS level2 I route type intra IA route type inter E route type external i metric type internal e metric type external O...

Page 533: ...11 11 1 Default TTL 127 Reassemble Timeout 30 Interface Configured null0 ATM2 0 11 tun mpls vpnEgL17 3 ip dyn 24 Import VPN Route Target Extended Communities 100 1 Export VPN Route Target Extended Co...

Page 534: ...up pe12 null0 255 255 255 255 32 up up pe13 loopback1 7 7 7 2 24 up up pe13 To display detailed information about the interfaces host1 PE1 show ip vrf interfaces detail null0 is up line protocol is u...

Page 535: ...Packets 0 Out Forwarded Packets 0 Bytes 0 Unicast Packets 0 Bytes 0 Multicast Packets 0 Bytes 0 Out Requested Packets 0 Bytes 0 Out Total Dropped Packets 0 Bytes 0 Out Scheduler Drops Committed Packet...

Page 536: ...BGP non VPN RIB The map applies to both IPv4 and IPv6 routes unless the field name is preceded by IPv4 applies to only IPv4 routes or IPv6 applies to only IPv6 routes Global Import Route map Route ma...

Page 537: ...ontaining addressing errors addr errors Number of packets received containing unknown protocols unkn proto Number of discarded packets discards IP Statistics Frags Number of reassembled packets reasm...

Page 538: ...k requests addr mask req Number of address mask replies addr mask rpy ICMP Statistics Sent Number of error packets sent errors Number of packets sent with destination unreachable dst unreach Number of...

Page 539: ...to atm vc ATM6 0 1 Queue length 0 bytes Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packets 0 bytes 0 Dropped exceeded packets 0 bytes 0 Member Interfaces Interf...

Page 540: ...kets sent across tunnel pkts Number of high capacity 64 bit packets sent across tunnel hcPkts Number of octets sent across tunnel octets Number of high capacity 64 bit octets sent across tunnel hcOcte...

Page 541: ...nfiguration for all tunnels or for a specific tunnel in the current router context Action To display the configuration for all tunnels host12 show mpls tunnels LSP vpnIngress 21 to 3 3 3 3 State Up Ou...

Page 542: ...t of labels associated with the variable interface one will be selected to be prepended to packets before being sent across tunnel Labels Related Topics show mpls tunnels Disabling the MP BGP Events L...

Page 543: ...r 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 509 Configuring Layer 2 Services over MPLS on page 529 Monitoring Layer 2 Services over MPLS on page 561 507 Copyright 2010 Juniper N...

Page 544: ...Copyright 2010 Juniper Networks Inc 508 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 545: ...S Overview Many Internet service providers offer multiple services such as Frame Relay Asynchronous Transfer Mode ATM Ethernet High Speed Data Link Control HDLC and IP to their customers but are conso...

Page 546: ...ns to E Series routers are unaware that MPLS tunneling is used Figure 114 Layer 2 Services over a Provider s MPLS Network Related Topics Layer 2 Services over MPLS Implementation on page 512 Layer 2 S...

Page 547: ...rmat which includes an identifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right IOA bay E120 router and the upper IOA bay E320 router adapter 1 identi...

Page 548: ...tion Guide See Configuring Packet over SONET in JunosE Link Layer Configuration Guide See Configuring Bridged Ethernet in JunosE Link Layer Configuration Guide For information about configuring suppor...

Page 549: ...rawal into LMI notifications to its CPE When the Frame Relay subinterface comes back a VC label is advertised and the remote PE router again translates it into LMI notifications Related Topics Layer 2...

Page 550: ...m interface You can configure the following attributes for each MPLS shim interface The administrative state enabled or disabled configured with the mpls relay disable command The IP address of the re...

Page 551: ...stacked above the layer 2 interface By contrast when you configure an MPLS shim interface over any Ethernet or Ethernet VLAN interface both the MPLS shim interface and other interfaces such as IP PPP...

Page 552: ...ulation VCC cell relay encapsulation The following sections describe each of these encapsulation methods AAL5 Encapsulation JunosE Software supports the AAL5 relay method of encapsulation that is spec...

Page 553: ...nosE Software does not allow for setting a segment endpoint on an ATM cross connect interface Segment OAM cells are forwarded to the egress interface in the same manner as end to end cells QoS Classif...

Page 554: ...over ATM applications that use ATM Adaptation Layer 2 AAL2 encapsulated voice transmission AAL0 Raw Cell Mode VCC cell relay encapsulation supports ATM Adaptation Layer 0 AAL0 encapsulation also refer...

Page 555: ...l sequence number field The JunosE implementation of VCC cell relay encapsulation supports the T bit which is always set to indicate raw ATM cells and the optional sequence number The E C and U bits h...

Page 556: ...ents the configuration and displays an error message This behavior contrasts with that of bridged Ethernet and Ethernet interfaces with and without VLANs which allow configuration of both an MPLS shim...

Page 557: ...S L2VPNs over LAG is available on GE HDE GE 2 ES2 4G LM and ES2 10G LMs Similarly you can enable distribution of IP traffic from pseudowires across multiple physical interfaces on the PE routers facin...

Page 558: ...ly over LAG or stacked on a VLAN interface over LAG For more information on the guidelines to be followed when you configure the MPLS shim interface to enable MPLS Martini circuits to use LAG on the C...

Page 559: ...ing this tag and then inserting the resulting frame into the pseudowire connection Inserting the specified service delimiting tag on the layer 2 frame received from the pseudowire connection and then...

Page 560: ...cannot configure an S VLAN subinterface with an S VLAN ID value and the C VLAN ID as anyUntagged if its Ethertype is 0x8100 and if any VLAN subinterface on the same major VLAN is configured with a VL...

Page 561: ...R scheduler all possible ATM virtual circuits for a single ATM port cannot be opened on the SAR device Therefore to enable multiple VCs over a single pseudowire to be configured on the ERX routers you...

Page 562: ...r of concatenated ATM cells is not used For more information on the guidelines to be followed when you configure cell concatenation and cell packing timer identifiers for transporation of ATM VCs on a...

Page 563: ...erfaces this setting is not saved and an error message is displayed When you run the mpls relay or route interface tunnel command no default VPI VCI range is configured You must specifically configure...

Page 564: ...mand on other interface types such as ATM subinterfaces or Ethernet interfaces this setting is not saved and an error message is displayed Performance Impact and Scalability Considerations Because the...

Page 565: ...figuring HDLC Layer 2 Services on page 538 CE Side Load Balancing for Martini Layer 2 Transport on page 539 Example Configuring Frame Relay over MPLS on page 543 Example Configuring MPLS L2VPN Tunnel...

Page 566: ...eudowire type 1 Configure the Frame Relay interface host1 config interface serial 4 1 1 1 host1 config if encapsulation frame relay ietf host1 config if frame relay intf type dte host1 config if frame...

Page 567: ...nterface serial mpls relay route interface Configuring Ethernet VLAN Layer 2 Services To configure Ethernet VLAN layer 2 services over MPLS 1 Configure the Ethernet VLAN interface host1 config interfa...

Page 568: ...ernet 8 1 host1 config if encapsulation vlan host1 config if interface fastEthernet 8 1 1 2 Create the S VLAN tunnel and assign the S VLAN Ethertype For example the following commands tunnel traffic f...

Page 569: ...can use any reachable local IP address This example uses a loopback interface to provide the local IP address host1 config interface loopback 0 host1 config if ip address 10 1 1 1 255 255 255 255 hos...

Page 570: ...specified in Step 4 host1 config if mpls relay 10 1 1 1 4 host1 config if exit Related Topics encapsulation vlan interface fastEthernet interface loopback ip address mpls relay vlan id Configuring Loc...

Page 571: ...5 Create an MPLS relay connection to the loopback interface The VC ID must be the same on both sides of the connection host1 config subif mpls relay 10 1 1 1 2 host1 config subif exit 6 Optional Disp...

Page 572: ...bif atm pvc 100 0 100 aal0 4 Optional Configure the following cell concatenation parameters for the ATM 1483 subinterface Maximum number of ATM cells that the router can concatenate in a single packet...

Page 573: ...ximum number of cells per packet 100 Cell aggregation timeout timer 2 SNMP trap link status disabled InPackets 0 InBytes 0 OutPackets 0 OutBytes 0 InErrors 0 OutErrors 0 InPacketDiscards 0 InPacketsUn...

Page 574: ...lation Use this command syntax if the traffic carried on the serial or POS interface is any kind of standard HDLC including PPP or Cisco HDLC host1 config if mpls relay 2 2 2 1 1 or host1 config if ro...

Page 575: ...ss in the mpls relay command CE Side Load Balancing for Martini Layer 2 Transport This section contains the following subsections Understanding CE Load Balancing for Martini Layer 2 Transport on page...

Page 576: ...bel 53 to the remote peer 10 9 1 3 and receives a single label 55 from the peer resulting in the following forwarding table host1 show mpls forwarding brief Platform label space In Label Owner Action...

Page 577: ...arrives on interface 6 2 101 is forwarded by means of ECMP to interface 6 0 101 and interface 6 2 103 Traffic that arrives on interface 6 2 103 is forwarded by means of ECMP to interface 6 0 101 and...

Page 578: ...cing group and cannot be configured All MPLS shim interfaces within a load balancing group circuit point to the same MPLS next hop Traffic arriving from the CE router over this set of MPLS shim interf...

Page 579: ...o mpls relay Example Configuring Frame Relay over MPLS The script provided in this section is one way to configure Frame Relay services over MPLS Explanation notes are provided within the script You m...

Page 580: ...l 4 0 1 1 encapsulation frame relay ietf interface serial 4 0 1 1 1 frame relay interface dlci 17 ietf interface serial 4 0 2 1 encapsulation frame relay ietf interface serial 4 0 2 1 1 frame relay in...

Page 581: ...e atm 2 0 2 atm pvc 2 1 12 aal5snap ip address 10 10 12 3 255 255 255 0 ip router isis mpls mpls ldp router isis net 47 0005 80FF F800 0000 0000 0004 0000 F209 0303 00 mpls traffic eng router id loopb...

Page 582: ...nnel over VLAN over LAG Figure122onpage547showsasampleconfigurationscenarioofanMPLSL2VPNorMartini tunnel over VLAN over LAG The sample topology shows a customer edge router CE1 connected to a provider...

Page 583: ...nterfaces between CE1 and PE1 host1 ce1 config interface lag 1 Add the Gigabit Ethernet physical interfaces to the LAG bundle named lag 1 host1 ce1 config if member interface gigabitEthernet 2 1 0 hos...

Page 584: ...2 22 22 1 Create another Gigabit Ethernet interface on PE1 specify VLAN as the encapsulation method and configure another subinterface For this subinterface assign a VLAN ID specify the encapsulation...

Page 585: ...erface gigabitEthernet 2 1 6 1 host1 pe2 config subif svlan id 1 1 host1 pe2 config subif mpls relay 11 11 11 11 1 Create a Gigabit Ethernet interface on PE2 and specify VLAN as the encapsulation meth...

Page 586: ...AG The topology is the same as the one described in Example Configuring MPLS L2VPN Tunnel over VLAN over LAG on page 546 with the exception of LAG bundles being used to transmit traffic from CE1 to PE...

Page 587: ...interfaces between CE1 and PE1 host1 ce1 config interface lag 1 Add the Gigabit Ethernet physical interfaces to the LAG bundle named lag 1 Assign an IP address and mask to it host1 ce1 config if memb...

Page 588: ...terface gigabitEthernet 2 1 4 host1 pe1 config if encapsulation vlan host1 pe1 config if interface gigabitEthernet 2 1 4 1 host1 pe1 config subif vlan id 20 host1 pe1 config subif ip address 2 0 0 1 2...

Page 589: ...config subif ip address 2 0 0 2 255 255 255 0 host1 pe2 config subif mpls host1 pe2 config subif mpls ldp Configure a static route with the destination IP address mask and IP address of the next hop t...

Page 590: ...ive Ethernet frames The packets reaching the CE side devices can be S VLAN aware or not The MPLS network might also be S VLAN aware or not which means that S VLAN tags might or might not be sent over...

Page 591: ...i Circuit Scenarios with Ethernet Raw Mode Whether scenario is supported when raw mode is not configured on the S VLAN interface Receiving CE Device CE2 MPLS network between local and remote routers P...

Page 592: ...he S VLAN subinterface If the packet arrives with a single or no tag the router adds the S VLAN tag and sends it to the CE facing device On ES2 10G LMs ES2 10G Uplink LMs and ES2 10G ADV LMs at point...

Page 593: ...ify a particular user If the S VLAN Ethertype is 0x8100 then you must create two sub interfaces one for the double tagged packets and the other for single tagged packets to process both these types of...

Page 594: ...two cases with this configuration Case 1 Assume that svlan id X any 8100 is configured on the subinterface In this case all packets with the outer tag as X and Ethertype as 8100 are matched to the su...

Page 595: ...ATM switch CE1 and the provider edge router PE1 on one side of the core are connected by an ATM port Similarly PE2 and CE2 are connected by an ATM port The necessary MPLS Martini circuit configuratio...

Page 596: ...elay encapsulation on an ATM subinterface that transports ATM cells associated with an ATM subinterface on a single pseudowire Because the same PW type is used for both the cell relay encapsulation fo...

Page 597: ...ices over MPLS on page 563 Monitoring MPLS Forwarding for Layer 2 Services over MPLS on page 564 Monitoring MPLS Layer 2 Interfaces for Layer 2 Services over MPLS on page 566 Setting Baselines for Lay...

Page 598: ...ds Field Description Field Name Value in microseconds for the first ATM Martini cell packing timer Timer1 Value in microseconds for the second ATM Martini cell packing timer Timer2 Value in microsecon...

Page 599: ...nterfaces Encap Maximum number of ATM cells that the router can concatenate in a single packet if this value is not configured Martini cell aggregation disabled appears instead of this field Displayed...

Page 600: ...es up the local cross connect Interface Virtual path identifier of the first subinterface VPI Virtual channel identifier of the first subinterface VCI Current state of the connection Status Related To...

Page 601: ...thernet2 0 2 ldp swap to 54 push 42 on ATM5 0 1 nbr 10 10 11 5 The swap to labels 55 and 54 under the L2transport heading in the summary example are VC labels received from the other router The label...

Page 602: ...0 300 up on the line card ATM cell aggregation is enabled ATM cell aggregation maximum cells per packet is 20 ATM cell aggregation timeout timerId is 2 Administrative state is enabled Operational stat...

Page 603: ...rt interface command output fields Table 107 show mpls interface and show mpls l2transport interface Output Fields Field Description Field Name Interface specifier MPLS shim interface Address of the r...

Page 604: ...perational MTU Statistics for MPLS traffic received or sent on the interface Received Sent Number of packets received or sent packets Number of bytes received or sent bytes Number of packets that are...

Page 605: ...t MPLS statistics Number of packets received or sent pkts Number of high capacity 64 bit packets received or sent hcPkts Number of octets received or sent octets Number of high capacity 64 bit octets...

Page 606: ...Related Topics show mpls interface show mpls l2transport interface Copyright 2010 Juniper Networks Inc 570 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 607: ...PART 4 Virtual Private LAN Service VPLS Overview on page 573 Configuring VPLS on page 589 Monitoring VPLS on page 609 571 Copyright 2010 Juniper Networks Inc...

Page 608: ...Copyright 2010 Juniper Networks Inc 572 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 609: ...dual LANs across a service provider s MPLS core network The geographically dispersed multiple LANs function as a single virtual LAN VPLS provides a point to multipoint capability for traffic forwardin...

Page 610: ...Sample Topology Related Topics BGP Signaling for VPLS Overview on page 579 Configuring VPLS with BGP Signaling on a PE Router on page 590 in Configuring VPLS on page 589 LDP Signaling for VPLS Overvie...

Page 611: ...PLS network appears to be a single layer 2 switch that can switch layer 2 packets learn and filter on media access control MAC addresses and flood packets that have unknown MAC destination addresses D...

Page 612: ...and filters that enables it to learn the network topology by examining the media access control MAC source address of every incoming packet The VPLS instance then creates an entry in its forwarding t...

Page 613: ...licies on page 578 Considerations for VPLS Network Interfaces on page 579 Network Interface Types VPLS instances like bridge groups support two types of network interfaces Subscriber client A subscrib...

Page 614: ...ed in the trunk policy Table 112 Default Subscriber Policies for VPLS Network Interfaces Default Trunk Policy Default Subscriber Policy Packet Attribute Type Permit Permit ARP Permit Deny Broadcast Pe...

Page 615: ...a trunk host1 config interface tenGigabitEthernet 4 0 1 host1 config if bridge group vplsBoston subscriber trunk If you configure a VPLS network interface as a subscriber client interface use care if...

Page 616: ...on page 383 LDP Signaling for VPLS Overview When you configure VPLS with LDP signaling LDP supports a full mesh of pseudowires among the participating PE routers This is analogous to BGP signaling in...

Page 617: ...PWid and the VPLS identifier Related Topics Configuring LDP Signaling for VPLS on page 604 Configuring MPLS on page 275 BGP Multihoming for VPLS Overview BGP multihoming enables you to connect a cust...

Page 618: ...d routes for L2VPN multihoming Because all the prefixes advertised by multihomed local PE routers share the same site ID the set of routes advertised for a multihomed site effectively consists of mult...

Page 619: ...h 6 If all paths have the same AS path length select the path based on origin IGP is preferred over EGP EGP is preferred over Incomplete 7 If the origins are the same select the path with lowest MED v...

Page 620: ...VE device triggers the creation of pseudowires to and from the other PE routers in the VPLS When the remote customer site is also multihomed then the designated VE device triggers the creation of pse...

Page 621: ...his enables the remote PE routers to consider the other multihomed PE router as the designated VE device for the multihomed site The remote PE routers each run the best path selection process again an...

Page 622: ...rwarding instance VRF using an external cable connection Multihoming Class of service CoS Inter AS option A inter AS option B and inter AS option C services Minimal filtering and policing support As w...

Page 623: ...rface fastEthernet 3 2 6 For E120 and E320 routers use the slot adapter port subinterface format which includes an identifier for the bay in which the I O adapter IOA resides In the software the upper...

Page 624: ...nths from the date of issuance They must be considered as works in progress Please refer to the IETF Web site at http www ietf org for the latest drafts Copyright 2010 Juniper Networks Inc 588 JunosE...

Page 625: ...s chapter contains the following sections Configuring VPLS with BGP Signaling on a PE Router on page 590 Configuring VPLS Instances with BGP Signaling on page 590 Configuring BGP Multihoming for VPLS...

Page 626: ...ring Optional Attributes for VPLS Instances on page 593 Configuring VPLS Network Interfaces on page 594 Subscriber Policies for VPLS Network Interfaces Overview on page 577 Configuring the Loopback In...

Page 627: ...ID value must be greater than zero and be unique across the VPLS domain This is not true for a multihomed customer site See Configuring BGP Multihoming for VPLS on page 592 for more information 4 Spe...

Page 628: ...t VPLS route distinguisher can t re use the route distinguisher However both vplsA and vplsB can use the same route distinguisher because their transport virtual routers are different Consequently the...

Page 629: ...same whether you employ BGP or LDP signaling for VPLS To configure these attributes you use the same transparent bridging commands that you use to configure bridge groups that do not function as VPLS...

Page 630: ...E router is connected Bridged Ethernet over ATM 1483 subinterfaces Fast Ethernet Gigabit Ethernet 10 Gigabit Ethernet VLAN and S VLAN subinterfaces over bridged Ethernet Fast Ethernet Gigabit Ethernet...

Page 631: ...local processing Any packets routed from the loopback interface but not destined to the loopback interface are dropped To establish a BGP session BGP uses the IP address of the outgoing interface towa...

Page 632: ...topology driven LSPs host1 config interface atm 5 0 100 host1 config subif atm pvc 100 1 100 aal5snap 0 0 0 host1 config subif ip address 192 168 5 5 255 255 255 0 3 Create an MPLS major interface sta...

Page 633: ...se the IP address of a specific operational interface as the update source address for TCP connections the next hop self attribute forces the BGP speaker to report itself as the next hop for an advert...

Page 634: ...router to the remote VE device Related Topics Configuring VPLS with BGP Signaling on a PE Router on page 590 See Configuring BGP Routing on page 3 for information about configuring BGP See Configuring...

Page 635: ...ed vplsA and the instances for the VPLS B domain are named vplsB For each VPLS instance an Ethernet or bridged Ethernet network interface provides a connection to the associated CE device Each VPLS in...

Page 636: ...Ethernet interface 2 0 12 between PE 1 and CE 2 and assign it to vplsB as a trunk interface host1 config interface atm 2 0 12 point to point host1 config subif atm pvc 12 0 12 aal5snap 0 0 0 host1 con...

Page 637: ...ls route target both 100 1 Configure VPLS instance vplsB The route target 100 2 matches the route target configured for vplsB on PE 1 host2 config bridge vplsB vpls transport virtual router default ho...

Page 638: ...af exit address family host2 config router address family vpls vplsB host2 config router af exit address family host2 config router exit Related Topics Configuring VPLS with BGP Signaling on a PE Rout...

Page 639: ...iguring VPLS LDP Signaling on page 605 for a detailed sample configuration Configuring VPLS Instances with LDP Signaling As is the case with BGP signaling when you use LDP signaling you must configure...

Page 640: ...r for each VPLS domain host1 config mpls ldp vpls customer3 vpls id 3 2 Enable LDP signaling for a VPLS instance by configuring a list of neighbor peer addresses on remote VE devices in the VPLS domai...

Page 641: ...ea area 0 0 0 0 one using IP address 10 1 1 1 and one using IP address 10 10 10 0 The network area commands create the two OSPF areas if they do not already exist Related Topics Configuring VPLS with...

Page 642: ...onfiguration with LDP signaling requires that you configure a VPLS ID for each VPLS instance to uniquely identify each VPLS domain In the sample topology in Figure 130 on page 606 instance vplsA is as...

Page 643: ...onfig mpls ldp vpls vplsB neighbor 2 2 2 2 Configure a loopback interface on PE 1 and assign it an IP address host1 config interface loopback 0 host1 config if ip address 1 1 1 1 255 255 255 255 host1...

Page 644: ...dp vpls vplsB vpls id 2 host2 config mpls ldp vpls vplsB neighbor 1 1 1 1 Configure a loopback interface on PE 2 and assign it an IP address host2 config interface loopback 0 host2 config if ip addres...

Page 645: ...for All VPLS Instances on page 614 Monitoring Configuration Statistics and Status for VPLS Network Interfaces on page 616 Monitoring Configuration Statistics and Status for VPLS Core Interfaces on pag...

Page 646: ...PLS network interface Issue the baseline bridge interface command host1 baseline bridge interface gigabitEthernet 4 1 Setting a Baseline for the VPLS Virtual Core Interface associated with a VPLS Inst...

Page 647: ...d host1 clear bridge vplsB address 0090 1a40 9992 Clearing All Dynamic MAC Addresses for a Network Interface associated with a VPLS Instance To clear all dynamic MAC address entries for a network inte...

Page 648: ...soft in keywords to trigger inbound soft reconfiguration Clearing BGP Route Flap Dampening Information for the L2VPN Address Family To clear route flap dampening information for the L2VPN address fami...

Page 649: ...address table and statistics information for all network interfaces associated with the VPLS instance Meaning Table 118 on page 613 lists the show bridge command output fields Table 118 show bridge O...

Page 650: ...Priority Maximum number of sites that can participate in the VPLS domain associated with the VPLS instance SiteRange Extended community identifiers also known as route targets for each VPLS instance c...

Page 651: ...erface Count 1 Transport Virtual Rtr default Route Distinguisher 1 1 1 1 11 SiteName boston SiteId 1 Multi homed No SiteRange 20 VPLS Route Targets No Route Targets configured Flood Next Hop Index 104...

Page 652: ...ite No designates a site that is not multihomed Multi homed Priority value for the VPLS instance for the multihomed site displayed only when the value for the Multi homed field is Yes Site Priority Ma...

Page 653: ...nce including the VPLS virtual core interface vplsB host1 show bridge vplsB interface FastEthernet1 1 1 Port Number 1 Operational Status Up Admin Status Up Snmp Link Status Trap Disabled Max Learn Unl...

Page 654: ...s of the physical interface Up Down LowerLayerDown NotPresent Operational Status State of the physical interface Up Down Admin Status Whether SNMP link status processing is enabled or disabled for the...

Page 655: ...s that were dropped Dropped conformed packets bytes Number of exceeded packets and bytes that were dropped Dropped exceeded packets bytes Identifies the VPLS virtual core interface for the VPLS instan...

Page 656: ...number on which this interface resides Port Number Operational status of the physical interface Up Down LowerLayerDown NotPresent Operational Status State of the physical interface Up Down Admin Statu...

Page 657: ...kets and bytes that were dropped Dropped committed packets bytes Number of conformed packets and bytes that were dropped Dropped conformed packets bytes Number of exceeded packets and bytes that were...

Page 658: ...ce counters last reset 00 07 07 To display a summary of all ports configured for the specified VPLS instance host1 show bridge vplsTest port brief Port Interface Status 1 FastEthernet1 1 1 Up 2 ATM10...

Page 659: ...ng packets discarded on this interface Out Discards Number of outgoing errors on this interface Out Errors Elapsed time since statistics counters were last reset Time since counters last reset Hardwar...

Page 660: ...ge 0009 01a0 002e forward ATM10 1 1 1 0 0090 1a41 3aca forward vpls 10 0 Meaning Table 125 on page 624 lists the show bridge table command output fields Table 125 show bridge table Output Fields Field...

Page 661: ...n the router host1 show subscriber policy Subscriber default Subscriber ARP Permit Broadcast Deny Multicast Permit Unknown Destination Deny IP Permit Unknown Protocol Permit Unicast Permit PPPoE Permi...

Page 662: ...ll VPLS instances in the L2VPN address family The output for this version of the command also includes information about any VPWS instances configured in the L2VPN address family To display layer 2 NL...

Page 663: ...Graceful restart is globally disabled Global graceful restart restart time is 120 seconds Global graceful restart stale paths time is 360 seconds Graceful restart path selection defer time is 360 seco...

Page 664: ...mmand output fields Table 127 show ip bgp l2vpn Output Fields Field Description Field Name IP address of the local VE router Local BGP identifier Autonomous system number local AS Version number of th...

Page 665: ...ops 2 2 2 2 Indirect next hop 2 2 2 2 Resolution in IP route table of VR IP indirect next hop index 2 Reachable metric 3 Number of direct next hops is 1 Direct next hop ATM2 0 10 10 10 10 2 Resolution...

Page 666: ...unt Related Topics show ip bgp next hops Monitoring LDP Related Settings for VPLS Purpose Display MPLS configuration information for a VPLS instance that uses LDP as the signaling protocol Action To d...

Page 667: ...d to bridge group customer2 Meaning Table 130 on page 631 lists the show mpls forwarding command output fields Table 130 show mpls forwarding Output Fields Field Description Field Name Label sent to u...

Page 668: ...Identifier Collision EM Encapsulation Mismatch OR Out of Range DN VC Down because Remote PE Unreachable LD Local Site Down RD Remote Site Down AS Max BGP AS path length exceeded OL No Out Label LN Loc...

Page 669: ...d Subscriber Policy default Subscriber Port Count 2 Interface Count 1 Transport Virtual Rtr pe1 Route Distinguisher 1 1 1 1 10 SiteName westford SiteId 1 SiteRange 20 VPLS Route Targets Route Target R...

Page 670: ...Number of network interfaces currently configured for the VPLS instance Interface Count Name of the transport virtual router configured for the VPLS instance Transport Virtual Rtr Unique route disting...

Page 671: ...ysical interface Up Down LowerLayerDown NotPresent Status Possible status codes for the VPLS connection that appear in the State field Connections status code Remote site identifier Site Status of the...

Page 672: ...Copyright 2010 Juniper Networks Inc 636 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 673: ...PART 5 Virtual Private Wire Service VPWS Overview on page 639 Configuring VPWS on page 651 Monitoring VPWS on page 663 637 Copyright 2010 Juniper Networks Inc...

Page 674: ...Copyright 2010 Juniper Networks Inc 638 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 675: ...means of dedicated leased lines or by means of layer 2 virtual circuits that employ ATM or Frame Relay The service provisioned with these L2VPNs is known as Virtual Private Wire Service VPWS VPWS L2V...

Page 676: ...e VPWS L2VPN topology Figure 131 VPWS Sample Topology In this example the service provider offers VPWS services to Customer A and Customer B Customer A wants to create a full mesh of point to point li...

Page 677: ...ibutes Table 132 Components of VPWS NLRI Size in octets NLRI value 2 Length 8 Route Distinguisher 2 CE ID 2 Label block Offset 3 Label Base 0 n Variable TLVs The local PE router selects a contiguous l...

Page 678: ...control word is included in the encapsulation and whether packets have a sequence number If a control word mismatch occurs the pseudowire remains in a down state with a status of control word mismatc...

Page 679: ...e VPWS Provider Edge Devices In a VPWS configuration E Series routers function as provider edge devices which are also referred to as PE routers These PE routers perform a similar function to PE route...

Page 680: ...router or an MPLS reachability failure between the local PE router and a remote PE router A redundant PE router can begin providing service to the customer site as soon as the failure is detected BGP...

Page 681: ...lt of the second selection process is the single best path to the multihomed site The PE router that originates this advertisement then becomes the designated VE device for the multihomed customer sit...

Page 682: ...the path with the shortest route reflection cluster list Routes without a cluster list are treated as having a cluster list of length 0 11 Select the path received from the peer with the lowest BGP r...

Page 683: ...PE routers in the VPWS network Because some implementations do not support the status vector bit The E Series routers also advertise the down bit in a VPWS network This bit is then used by the other r...

Page 684: ...ises the route to all remote PE routers to inform them that the circuit and site is down The remote PE routers each run the best path selection process again and adjust the VPWS pseudowires as needed...

Page 685: ...stitute an L2VPN instance Multihoming Inter AS option A inter AS option B and inter AS option C services As with VPLS VPWS does not support BGP multipaths VPWS Platform Considerations VPWS is supporte...

Page 686: ...face format which includes an identifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right IOA bay E120 router and the upper IOA bay E320 router adapter 1...

Page 687: ...ace and Router ID for BGP for VPWS on page 656 BGP Signaling for VPWS Overview on page 656 Configuring BGP Signaling for VPWS on page 657 MPLS LSPs for VPWS Overview on page 658 Configuring MPLS LSPs...

Page 688: ...h L2VPN in which the router participates From a configuration standpoint a VPWS instance is simply a new L2VPN that you configure with additional VPWS L2VPN attributes Table133onpage652liststhecommand...

Page 689: ...e MPLS packets that are sent to the remote PE router host1 config l2vpn exampleco control word host1 config l2vpn exampleco sequencing Related Topics l2vpn control word l2vpn encapsulation type l2vpn...

Page 690: ...ort Cisco HDLC Ethernet Fast Ethernet Gigabit Ethernet or 10 Gigabit Ethernet Frame Relay PPP VLAN and S VLAN subinterfaces over Fast Ethernet Gigabit Ethernet or 10 Gigabit Ethernet interfaces Config...

Page 691: ...local cross connects because the local and remote CE devices are connected to the same PE Configuring a Local Cross Connect for VPWS To configure a local cross connect between two local sites 1 Config...

Page 692: ...back interface and router ID on the PE router 1 Configure a loopback interface on the PE router and assign an IP address to the interface host1 config interface loopback 0 host1 config if ip address 1...

Page 693: ...figure the L2VPN address family to specify BGP signaling of VPWS reachability information Currently you can omit the signaling keyword with no adverse effects host1 config router address family l2vpn...

Page 694: ...igure MPLS LSPs on the PE router 1 Enable MPLS on the virtual router host1 config mpls 2 Configure the core facing interface on which you want to enable MPLS Label Distribution Protocol LDP and topolo...

Page 695: ...E 2 at the edge Customer B s Boston site with CE 4 at the edge of Customer B s Chicago site The E Series routers in the topology PE 1 and PE 2 each participate in both L2VPN A and L2VPN B The example...

Page 696: ...site id 1 remote site id 3 host1 config if exit Configure the customer facing interface between PE 1 and CE 2 in L2VPN instance l2vpnB host1 config interface gigabitEthernet 1 1 host1 config subif l2...

Page 697: ...rget both 100 1 host2 config l2vpn l2vpnA control word host2 config l2vpn l2vpnA sequencing Configure VPWS instance l2vpnB The route target 100 2 matches the route target configured for l2vpnB on PE 1...

Page 698: ...fig router address family vpws l2vpnB host2 config router af exit address family Enable MPLS on the default virtual router host2 config mpls Configure ATM core facing interface 3 1 100 between PE 2 an...

Page 699: ...itoring VPWS Connections on page 670 Monitoring VPWS Instances on page 673 Monitoring L2VPN Interfaces for VPWS on page 675 Monitoring MPLS Forwarding Table for VPWS on page 677 Clearing BGP Attribute...

Page 700: ...ude the l2vpn all keywords host1 clear ip bgp l2vpn all dampening Clearing the Wait for the End of RIB Marker for the L2VPN Address Family To clear the wait for receiving an End of RIB marker from the...

Page 701: ...ds for Monitoring BGP Settings for the VPWS Address Family show ip bgp l2vpn vpws show ip bgp show ip bgp next hops show ip bgp community show ip bgp paths show ip bgp community list show ip bgp quote...

Page 702: ...100 Administrative state is Start BGP Operational state is Up Shutdown in overload state is disabled Default local preference is 100 Default originate is disabled Always compare MED is disabled Compar...

Page 703: ...route information for prefix 2 1 Received route learned from internal peer 2 2 2 2 best route Route not placed in PW table Best to advertise to external peers Suppressed by multihoming Address Family...

Page 704: ...ator for the route MED Local preference for the route LocPrf Weight of the route Weight Origin of the route Origin AS path through which this route has been advertised AS Path Description of the L2VPN...

Page 705: ...2 2 Indirect next hop 10 2 2 2 Resolution in IP route table of VR IP indirect next hop index 2 Reachable metric 3 Number of direct next hops is 1 Direct next hop ATM2 0 10 10 10 10 2 Resolution in IP...

Page 706: ...umber of label mappings of BGP routes that use this next hop Reference count Related Topics show ip bgp next hops Monitoring VPWS Connections Purpose Display configuration and status information for V...

Page 707: ...abled up Connections status code UP Operational SC Local and Remote Site Identifier Collision EM Encapsulation Mismatch OR Out of Range DN VC Down because Remote PE Unreachable LD Local Site Down RD R...

Page 708: ...d output fields Table 139 show l2vpn connections Output Fields Field Description Field Name Name of the VPWS instance L2VPN Encapsulation type configured for the VPWS instance Encapsulation Type Local...

Page 709: ...st1 show l2vpn all L2VPN l2vpn1 Encapsulation Type Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100 11 Site Range 10 Sites Site Name boston Site Id 1 Route Targe...

Page 710: ...L5 SDU VCC transport Use of control word is preferred Send sequence numbers Route Distinguisher 100 11 Site Range 10 Sites Site Name westford Site Id 1 Multi homed Yes Site Priority 45 Route Targets R...

Page 711: ...dmin state Operational state of the connection up or down Oper state Related Topics show l2vpn instance Monitoring L2VPN Interfaces for VPWS Purpose Display configuration and status information for in...

Page 712: ...ongs MemberofL2VPNinstance Local customer site ID configured on the interface Local site ID Remote customer site ID configured on the interface Remote site ID Local preference for the control word pre...

Page 713: ...ackets and bytes that have been forwarded Forwarded Number of committed packets and bytes that have been dropped Dropped committed Number of conformed packets and bytes that have been dropped Dropped...

Page 714: ...0 100 In label n a ATM2 0 100 Owner bgp Spoof check router erx pe Action MPLS next hop 27 label 801024 resolved by MPLS next hop 8 MPLS next hop 8 resolved by MPLS next hop 9 peer 10 3 2 2 MPLS next...

Page 715: ...ber of packets that are dropped for some reason before being sent in errors Number of packets that are discarded due to lack of buffer space before being sent in discardPkts Layer 2 interface that is...

Page 716: ...Copyright 2010 Juniper Networks Inc 680 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 717: ...PART 6 Index Index on page 683 681 Copyright 2010 Juniper Networks Inc...

Page 718: ...Copyright 2010 Juniper Networks Inc 682 JunosE 11 2 x BGP and MPLS Configuration Guide...

Page 719: ...rtising networks in 50 confederation 141 IGP interior gateway protocol 7 managing a large scale 141 AS path filtering 85 AS path BGP access lists modifying 71 attribute 117 filtering 85 as set keyword...

Page 720: ...528 performance impact 528 unified ISSU and 528 verifying cell concatenation 566 verifying VCI VPI ranges 566 transmission of multiple VCs over a single pseudowire interoperation with cell relay on a...

Page 721: ...on values 21 keepalive message 7 keepalives and BFD 138 L2VPNs configuring 656 lenient behavior for error recovery 43 link local next hops 14 local pref path attribute 11 messages 7 monitoring 157 mul...

Page 722: ...lobal example 463 465 fast reconvergence 454 filtering routes 413 full mesh VPN 425 global export map example 468 IPv6 VPN routes 433 setting the 428 global import map to import specific routes 464 hu...

Page 723: ...teway Protocol See BGP bridge commands bridge acquire 593 bridge address 593 bridge aging time 593 bridge learn 593 bridge snmp trap link status 593 bridge vpls rd 591 bridge vpls route target 591 bri...

Page 724: ...t MPLS LSPs 246 using ping feature for point to multipoint LDP LSPs unsupported 247 connectivity verify and troubleshoot MPLS 244 conventions notice icons xxxiii text and syntax xxxiv cooperative rout...

Page 725: ...aft Detecting Data Plane Failures in Point to Multipoint Multiprotocol Label Switching MPLS Extensions to LSP Ping 247 type value 12 248 used in MPLS echo request packets delay the sending of echo res...

Page 726: ...r a single pseudowire 525 HDLC High Speed Data Link Control layer 2 services over MPLS configuring 538 overview 520 hello commands hello hold time 278 281 hello interval 278 281 hello messages LDP lin...

Page 727: ...g RSVP P2MP Session sub TLVs 250 inclusion in echo requests does not specify address of branch and transit nodes 249 specifies address of egress nodes 249 using in echo requests that contain Multicast...

Page 728: ...et raw mode encapsulation overview 522 Ethernet VLAN connections 533 Frame Relay example 543 HDLC configuring 538 overview 520 how they work 512 interfaces supported 509 load balancing adding member i...

Page 729: ...mport 432 import 432 Martini ATM virtual circuits over a single pseudowire 525 deployment scenario 559 overview 524 See also ATM virtual circuits transmission of subset of configuring cell concatenati...

Page 730: ...ull label 220 explicit path configured 235 configuring dynamic 288 defining configured 287 dynamic 235 explicit routing 235 fast reroute extensions 295 fast reroute on SONET SDX interfaces 297 feature...

Page 731: ...er list 311 mpls create dynamic interfaces 229 277 mpls diff serv phb id traffic class 312 mpls disable 282 mpls explicit path 287 mpls ip propagate ttl 277 mpls l2 transport load balancing group 541...

Page 732: ...abels 278 mpls ldp autoconfig 290 291 mpls ldp deaggregate 289 mpls ldp disable 282 mpls ldp egress label 278 mpls ldp graceful restart 289 mpls ldp graceful restart reconnect time 289 mpls ldp gracef...

Page 733: ...liveness detection 300 mpls rsvp disable 282 mpls rsvp egress router 279 mpls rsvp profile 279 281 282 mpls rsvp signalling hello 297 mpls rsvp signalling hello graceful restart recovery time 298 mpls...

Page 734: ...eful restart restart time 123 neighbor graceful restart stalepaths time 123 neighbor weights BGP assign neighbor weights 110 neighbors peers BGP assigning weight to connections 109 distributing inform...

Page 735: ...r 249 IPv4 Node Address P2MP Responder Identifier 249 IPv6 Egress Address P2MP Responder Identifier 249 IPv6 Node Address P2MP Responder Identifier 249 to process MPLS LSP ping messages echo requests...

Page 736: ...VPNs 393 L2VPNs 649 layer 2 services over MPLS 510 MPLS 215 VPLS 586 point to multipoint LDP LSPs error response during connectivity verification 247 point to multipoint LSPs traceroute requests track...

Page 737: ...ulation Edge to Edge PWE3 Asynchronous Transfer Mode ATM Transparent Cell Transport Service February 2007 511 RIB routing information base core non VPN RIB 430 core VPN RIB 430 disabling RIBs Out 34 r...

Page 738: ...e 263 restarting behavior 263 hello messages 260 MD5 authentication 294 overview 240 peer reachability 260 purging learned routes 266 refresh reduction 240 state synchronization 240 RSVP TE protocol c...

Page 739: ...how mpls cross connects atm 563 show mpls explicit paths 345 show mpls fast reroute database 346 show mpls forwarding 347 564 631 677 show mpls interface 566 show mpls interface shim 566 verifying cel...

Page 740: ...248 transit service 12 transparent bridging and VPLS 576 transport virtual router configure for VPLS 590 transportation of multiple ATM VCs over a single pseudowire and VPI VCI ranges 525 trigger del...

Page 741: ...configuration example 598 configuration tasks for BGP signaling 590 L2VPN address family 579 596 loopback interface and router ID configuring 595 sample topology configuring 598 signaling overview 579...

Page 742: ...figuring 656 BGP MPLS VPNs 643 CE customer edge device 642 clear BGP reachability 663 BGP route flap dampening 664 BGP wait for end of RIB marker 664 components 642 configuration example 659 configure...

Reviews:

No comments

Related manuals for JUNOSE 11.2.X BGP AND MPLS

PT-D10000 Series

Brand: Panasonic Pages: 37

E-20 - Dual Monaural Earphones

Brand: Olympus Pages: 2

Jetstream CPX-1000

Brand: Paradyne Pages: 93

ONLINE BACKUP - HELP

Brand: F-SECURE Pages: 20

AltiWare OE 4.6

Brand: Altigen Pages: 518

Mobile Anti-Virus 60 Series

Brand: F-SECURE Pages: 90

Pilot User's Android

Brand: Garmin Pages: 150

BMP5 Direct SDK

Brand: Campbell Pages: 32

D-NF610 - Portable Cd Player

Brand: Sony Pages: 1

D-NF420 - Portable Cd Player

Brand: Sony Pages: 2

D-NE718CK - Portable Cd Player

Brand: Sony Pages: 2

D-NE520 - Atrac Cd Walkman Portable Player

Brand: Sony Pages: 2

CPF-IX001 - Wireless PC-Linked Audio System

Brand: Sony Pages: 2

D-NE20 - Atrac Cd Walkman

Brand: Sony Pages: 20

D-NE718CK - Portable Cd Player

Brand: Sony Pages: 36

D-NF420 - Portable Cd Player

Brand: Sony Pages: 38

D-NF610 - Portable Cd Player

Brand: Sony Pages: 40

D-NE329SP - Atrac Cd Walkman Portable Player

Brand: Sony Pages: 39

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands