manualshive.com logo in svg

Juniper JUNOSE, Configuration Manual

The Juniper JUNOSE Configuration Manual is a comprehensive guide for users looking to maximize the potential of their Juniper products. This manual covers key configuration settings and troubleshooting tips. Download your free copy of the manual from manualshive.com today and enhance your Juniper experience.

Share
Download
background image

VRF and is used for VPN traffic. The other logical circuit runs between the CE router
and the parent VR of the VRF and is used for Internet traffic. These logical circuits
are typically FR circuits, ATM circuits, or VLANs.

The following sections describe alternative methods of providing Internet access for
situations in which having two separate logical circuits is not acceptable or desirable.

Enabling Traffic Flow from the VPN to the Internet

Traffic from a CE router arrives on a PE interface that exists in the context of a VRF.
The PE router then looks up the destination address of the IP packet in the context
of the VRF routing table rather than the VR routing table.

Problems

The VRF routing table lookup introduces the following complication.

The size of the Internet routing table. Placing a full default-free Internet routing
table in the VRF routing table is not feasible because it does not scale. The PE
router would have to support more than 100,000,000 routes, because the full
default-free Internet routing table is currently about 120,000 routes and the
router must support up to 1,000 VRFs.

Solutions

The following methods enable advertising of Internet routes to VPN sites and thus
enable traffic flow from the VPNs to the Internet:

Configure default routes instead of a full default-free Internet routing table in the
VRF. The default routes must point to a shared IP interface that you create on
top of the layer 2 interface that points to the Internet gateway.

Configure a single full default-free Internet routing table in the context of the
parent VR and share this one table among all VRFs with the fallback global
feature. Fallback global enables an additional lookup in the IP routing table of
the parent VR in the event that the IP route lookup in the child VRF fails.

When reachability to a small number of networks in the Internet is required,
then configure a global import map to import only the specific route to these
networks into the VRF.

You can create multiple IP interfaces on top of a single layer 2 interface. One of those
interfaces is the primary IP interface for receiving and sending IP packets. The other
interfaces are shared IP interfaces that are used only to send traffic.

Configuring a Default Route to a Shared Interface

For the first solution you create a default route in the VRF that points to a shared IP
interface. You must manually create the shared IP interface on top of the layer 2
interface that points to the Internet gateway. See Figure 101 on page 457.

The main disadvantage of this approach is that if multiple Internet gateways are
available, BGP cannot select the egress gateway that is optimal for each destination

456

Providing Internet Access to and from VPNs

JUNOSe 11.0.x BGP and MPLS Configuration Guide

Summary of Contents for JUNOSE

Page 1: ...are for E Series Routing Platforms BGP and MPLS Configuration Guide Release 11 0 x Juniper Networks Inc 1194 North Mathilda Avenue Sunnyvale California 94089 USA 408 745 2000 www juniper net Published...

Page 2: ...40 6 192 051 6 333 650 6 359 479 6 406 312 6 429 706 6 459 579 6 493 347 6 538 518 6 538 899 6 552 918 6 567 902 6 578 186 and 6 590 785 JUNOSe Software for E Series Routing Platforms BGP and MPLS Con...

Page 3: ...alms devices links ports or transactions or require the purchase of separate licenses to use particular features functionalities services applications operations or capabilities or provide throughput...

Page 4: ...n connection with such withholding taxes by promptly providing Juniper with valid tax receipts and other required documentation showing Customer s payment of any withholding taxes completing appropria...

Page 5: ...nted to in writing by the party to be charged If any portion of this Agreement is held invalid the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement T...

Page 6: ...vi...

Page 7: ...Part 3 Layer 2 Services Over MPLS Chapter 6 Layer 2 Services over MPLS Overview 503 Chapter 7 Configuring Layer 2 Services over MPLS 523 Chapter 8 Monitoring Layer 2 Services over MPLS 557 Part 4 Vir...

Page 8: ...viii JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 9: ...BGP Routing 3 Overview 3 Conventions in This Chapter 3 Autonomous Systems 4 BGP Speaker 5 BGP Peers and Neighbors 5 BGP Session 5 IBGP and EBGP 6 Interior Gateway Protocols 6 BGP Messages 7 BGP Route...

Page 10: ...GP for Overload Conditions 40 Enabling Route Storage in Adj RIBs Out Tables 41 Effects of Changing Outbound Policies 42 Configuring the Address Family 43 Enabling Lenient Behavior 46 Configuring Promi...

Page 11: ...mmand 112 Using a Route Map 113 Using an AS Path Access List 113 Configuring the Local Pref Attribute 115 Using the bgp default local preference Command 116 Using a Route Map to Set the Local Preferen...

Page 12: ...acking 211 MPLS Labels and Label Spaces 212 TTL Processing in the Platform Label Space 213 TTL Processing on Incoming MPLS Packets 214 TTL Processing on Outgoing MPLS Packets 215 MPLS Rules for TTL Ex...

Page 13: ...and TE Metrics 246 Determining Peer Reachability with RSVP TE Hello Messages 246 Hello Message Objects 247 Hello Message Instances 247 Sequence of Hello Message Exchange 247 Determination That a Peer...

Page 14: ...uring LDP MD5 Authentication 281 Controlling LDP Label Distribution 282 Additional RSVP TE Configuration Tasks 282 Configuring RSVP MD5 Authentication 283 Configuring RSVP TE Fast Rerouting with RSVP...

Page 15: ...ission Control Configuration 318 Monitoring Interfaces Configured with Traffic Engineering Bandwidth Accounting 318 Monitoring Virtual Router Configuration 319 Monitoring IP and IPv6 Tunnel Routing Ta...

Page 16: ...racing the Path of an MPLS Echo Request Packet to a VPLS Instance 365 Packet Flow Examples for Verifying MPLS Connectivity 365 Packet Flow Examples for MPLS LSPs to an IP Prefix 366 Packet Flow Exampl...

Page 17: ...t and Global Import Maps 421 Characteristics of Export and Global Export Maps 422 Subsequent Distribution of Routes 423 Creating a Map 423 Export Maps 423 Global Export Maps 424 Import Maps 424 Global...

Page 18: ...tes to a Shared IP Interface 461 Global Export Map 462 Carrier of Carriers IPv4 VPNs 463 Customer Carrier as an Internet Service Provider 464 Configuration Steps 465 Customer Carrier as a VPN Service...

Page 19: ...atency 512 Control Word Support 513 Unsupported Features 513 HDLC Layer 2 Services over MPLS 513 Interface Stacking 514 Encapsulation 514 Control Word Support 514 Local Cross Connects 514 CE Side MPLS...

Page 20: ...543 Configuration on CE2 Remote CE Router 544 MPLS L2VPN Tunnel over LAG Configuration Example 545 Configuration on CE1 Local CE Router 546 Configuration on PE1 Local PE Router 546 Configuration on P...

Page 21: ...riber Policies 590 Modifying Subscriber Policies 591 Considerations for VPLS Network Interfaces 591 Configuring the Loopback Interface and Router ID for VPLS 592 Configuring MPLS LSPs for VPLS 593 Con...

Page 22: ...oring Bridging Related Settings for VPLS 611 Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance 612 Monitoring VPLS Configuration and Statistics for all VPLS Instances 614 Monit...

Page 23: ...Configuring BGP Signaling for VPWS 658 Configuring MPLS LSPs for VPWS 659 VPWS Configuration Example 660 Topology Overview 661 Configuration on PE 1 Local PE Router 661 Configuration on PE 2 Remote PE...

Page 24: ...xxiv Table of Contents JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 25: ...oute When Another Route is Absent 68 Figure 20 Advertising a Default Route When Another Route is Present 70 Figure 21 Filtering with Access Lists 84 Figure 22 Filtering Routes with an Access List 84 F...

Page 26: ...for All Pushed Labels 257 Figure 61 Simple MPLS Domain 259 Chapter 3 Configuring MPLS 263 Figure 62 FEC Aggregation and Equal Cost Paths 278 Figure 63 Bypass Tunnel 285 Figure 64 Differentiated Servic...

Page 27: ...oute for Internet Access 457 Figure 102 Fallback Global Option 458 Figure 103 Global Import Map Applied to Routes Imported from VRF BGP RIB 459 Figure 104 BGP Session Between CE Router and Parent VR 4...

Page 28: ...a SIngle Pseudowire 554 Part 4 Virtual Private LAN Service Chapter 9 VPLS Overview 569 Figure 128 VPLS Sample Topology 570 Chapter 10 Configuring VPLS 583 Figure 129 Topology for VPLS Configuration Ex...

Page 29: ...Addresses and Default Next Hop Addresses for Various Configurations 31 Table 14 Commands That Create Match and Set Route Maps 71 Table 15 Clauses Supported in BGP Match and Set Route Maps 71 Table 16...

Page 30: ...Table 50 show mpls next hop Output Fields 348 Table 51 show mpls phb id Output Fields 349 Table 52 show mpls profile Output Fields 350 Table 53 show mpls rsvp Output Fields 351 Table 54 show mpls rsv...

Page 31: ...Monitoring VPLS Bridging Settings 611 Table 84 show bridge Output Fields 613 Table 85 show bridge groups details Output Fields 615 Table 86 show bridge interface Output Fields 617 Table 87 show bridg...

Page 32: ...Table 105 show ip bgp l2vpn all next hops Output Fields 672 Table 106 show l2vpn connections Output Fields 675 Table 107 show l2vpn instance Output Fields 677 Table 108 show l2vpn interface Output Fie...

Page 33: ...ation in the latest release notes differs from the information in the documentation follow the JUNOSe Release Notes To obtain the most current version of all Juniper Networks technical documentation s...

Page 34: ...f 2 Routing Process OSPF 2 with Router ID 5 5 0 250 Router is an Area Border Router ABR Represents information as displayed on your terminal s screen Fixed width text like this There are two levels of...

Page 35: ...ware CDs and at http www juniper net Documentation Feedback We encourage you to provide feedback comments and suggestions so that we can improve the documentation to better meet your needs Send your c...

Page 36: ...se notes http www juniper net customers csc software Search technical bulletins for relevant hardware and software notifications https www juniper net alerts Join and participate in the Juniper Networ...

Page 37: ...Part 1 Border Gateway Protocol Configuring BGP Routing on page 3 Border Gateway Protocol 1...

Page 38: ...2 Border Gateway Protocol JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 39: ...on page 133 Detecting Peer Reachability with BFD on page 141 Managing a Large Scale AS on page 143 Configuring BGP Multicasting on page 153 Using BGP Routes for Other Protocols on page 156 Configurin...

Page 40: ...pref MULTI_EXIT_DISC multiexit discriminator or MED NEW_AS_PATH new as path NEW_AGGREGATOR new aggregator NEXT_HOP next hop or next hop NO_ADVERTISE no advertise NO_EXPORT no export NO_EXPORT_SUBCONF...

Page 41: ...t of BGP peers with which it exchanges routing information BGP peers do not have to be directly connected to each other in order to share a BGP session Another term for BGP peer is BGP neighbor A BGP...

Page 42: ...BGP and EBGP sessions but the rules for when to send which message and how to interpret each message differ slightly for this reason some people refer to IBGP and EBGP as two separate protocols IBGP r...

Page 43: ...ing TCP session has been established is an open message This message contains various bits of information that enable the two BGP peers to determine whether they want to establish a BGP session with e...

Page 44: ...ely resetting the session 4 Connection Rejected The BGP speaker is rejecting the connection for example because the peer is not configured locally on the speaker after accepting a transport protocol c...

Page 45: ...of classful addresses such as Class A Class B and Class C in the Internet Classful addresses have an implicit fixed length mask corresponding to the predefined class boundaries For example 192 56 0 0...

Page 46: ...an one route to the same destination prefix it selects one of those routes to use the best route based on the path attributes BGP as implemented on the Juniper Networks E Series Broadband Services Rou...

Page 47: ...ot deaggregate the prefix A BGP speaker aggregating routes can include the aggregator attribute to indicate the router and AS where the aggregation was performed Community and extended community ident...

Page 48: ...the IPv6 address family such as policy based routing redistributing routes to and from other protocols route aggregation route flap dampening and confederations For a description of IPv6 see Configuri...

Page 49: ...te lookup to the IPv6 address in the IPv6 route table Exchange of IPv6 Routing Information over TCP IPv6 Figure 9 on page 13 illustrates the exchange of IPv6 routing information over a TCP IPv6 connec...

Page 50: ...e address However the BGP peering does not come up for such a connection Platform Considerations For information about modules that support BGP on the ERX7xx models ERX14xx models and the Juniper Netw...

Page 51: ...66 BGP Route Reflection An alternative to full mesh IBGP June 1996 RFC 1997 BGP Communities Attribute August 1996 RFC 1998 An Application of the BGP Community Attribute in Multi home Routing August 19...

Page 52: ...r the latest drafts Features Some of the more important BGP features supported by the E Series router are the following Access lists Advertisement intervals Aggregation BGP MPLS VPNs Communities Confe...

Page 53: ...ghbors All other basic configuration tasks are optional You can configure certain BGP attributes globally for peer groups or for individual peers The most specific level of configuration takes precede...

Page 54: ...estart restart time bgp advertise best external to internal bgp graceful restart stalepaths time bgp always compare med bgp log neighbor changes bgp bestpath med confed bgp maxas limit bgp bestpath mi...

Page 55: ...configure an address family it is not available that is EBGP multihop is not configurable per address family host1 config router neighbor 10 1 3 4 remote as 1234 host1 config router neighbor 10 2 3 4...

Page 56: ...1 config router af neighbor 1 2 3 4 route map mcast map in host1 config router af exit address family Table 9 Commands Affecting Only the Current Address Family for the Specified Peer or Peer Group ne...

Page 57: ...hbor advertisement interval neighbor allow neighbor allowas in neighbor description neighbor distribute list neighbor filter list neighbor graceful restart restart time neighbor graceful restart stale...

Page 58: ...feature is enabled for BGP globally or by default The default version simply unconfigures the feature for the peer or peer group Applied to a peer the default version causes the peer to inherit the st...

Page 59: ...me timer is 90 seconds host1 config router neighbor eastcoast peer group host1 config router neighbor 10 10 21 23 peer group eastcoast Peer group eastcoast and peer 10 10 21 23 both have the default t...

Page 60: ...te neighbor send community neighbor prefix tree out neighbor distribute list out neighbor unsuppress map neighbor remove private as neighbor filter list out neighbor next hop self NOTE This restrictio...

Page 61: ...come established Consider the simple network structure shown in Figure 10 on page 25 Routers LA and SanJose are IBGP peers within AS 873 Router SanJose has an EBGP peer router Boston in AS 17 Figure 1...

Page 62: ...of Router Chicago s eastcoast peer group Similarly routers SanFran LA and SanDiego have no knowledge of being members of router Chicago s leftcoast peer group The following commands configure the eas...

Page 63: ...oup specify an ip address and a peerGroupName of a BGP neighbor that belongs to this group This command takes effect immediately Use the no version to remove a neighbor from a peer group See neighbor...

Page 64: ...st be in the same AS or if confederations are employed in the same sub AS in the same confederation Use the external keyword to specify that peers must be in a different AS Use the confederation keywo...

Page 65: ...on the console This command takes effect immediately Example host1 3 config bgp log destination console severity notice host1 3 config router bgp 100 host1 3 config router bgp log neighbor changes NO...

Page 66: ...r 192 50 30 1 host1 config neighbor 192 50 30 1 update source loopback 2 neighbor update source Use to allow a BGP session to use the IP address of a specific operational interface as the source addre...

Page 67: ...have an IPv4 address then 0 0 0 0 IPv6 address of the interface If the interface does not have an IPv6 address then the session does not come up Interface name IPv6 neighbor address You can override a...

Page 68: ...0 host1 config router neighbor 10 7 4 3 remote as 300 host1 config router neighbor 10 7 4 3 ebgp multihop To configure router LA host2 config ip route 10 1 10 0 255 255 255 0 10 7 4 4 host2 config rou...

Page 69: ...n Example host1 config router neighbor 192 168 32 15 ibgp singlehop Use the no version to restore the default behavior wherein the internal peer cannot be a single hop peer Use the default version to...

Page 70: ...hoose to conserve AS numbers by assigning private AS numbers to some customers You can assign private AS numbers from the range 64 512 to 65 535 However when BGP advertises prefixes to other ISPs it i...

Page 71: ...in all received update messages If a received AS path is longer than the specified limit The route is stored in the BGP routing table and therefore is displayed by the show ip bgp commands The route...

Page 72: ...ers The MD5 authentication feature uses the MD5 algorithm When you specify this command the router generates and checks the MD5 digest on every segment sent on the TCP connection In the following exam...

Page 73: ...diately and automatically bounces the BGP session Use the no version to disable MD5 authentication See neighbor password Setting the Maximum Size of Update Messages You can use the neighbor maximum up...

Page 74: ...palive message before declaring a peer not available BGP negotiates the hold time with each neighbor when establishing the BGP connection The peers use the lower of the two configured hold times BGP s...

Page 75: ...tore the default values on all neighbors 30 seconds for the keepalive timer and 90 seconds for the hold time timer See timers bgp Automatic Summarization of Routes By default all routes redistributed...

Page 76: ...ory in an overload condition You can have BGP either shut itself down or continue running in the latter case BGP performance might be altered because of the lack of resources overload shutdown Use to...

Page 77: ...after the application of any outbound policy that is it stores the attributes as they will be advertised BGP does not store a bit to track whether a route was advertised to the peer group Storing the...

Page 78: ...e outbound policy only for a peer group as a whole or for peers that are not members of a peer group neighbor rib out disable Use to disable storage of routes disable rib out in the specified neighbor...

Page 79: ...ult You can also configure the router to exchange unicast IPv4 routes in a specified VRF Multicast IPv4 If you specify the multicast IPv4 address family you can use BGP to exchange routing information...

Page 80: ...outer to exchange layer 2 NLRI for a specified VPWS instance For a description of VPWS see Configuring VPWS on page 651 Any command issued outside the context of an address family applies to the unica...

Page 81: ...ipv4 unicast vrf vr2 host1 vr1 config router address family vpn4 unicast host1 vr1 config router address family ipv6 unicast Use the no version to disable the exchange of a type of prefix See address...

Page 82: ...e peer BGP sends a capability message to the peer to advertise or withdraw the multiprotocol capability for the address family in which this command is issued If a neighbor is activated BGP also sends...

Page 83: ...criber is assigned dynamically from a local pool or by using RADIUS or some other method BGP automatically creates a dynamic peer when a peer group member accepts the incoming BGP connection Dynamic p...

Page 84: ...absence of a specified maximum the number of dynamic peers allowed is determined by the available memory and CPU Dynamic peers consume about the same resources as static peers When the maximum number...

Page 85: ...are removed automatically and immediately Preexisting dynamic peers that are still allowed by the new configuration are not affected All the members of the peer group inherit the characteristic config...

Page 86: ...gured with this command unless it is overridden for a specific peer Example host1 config router neighbor 10 12 3 5 passive Use the no version to restore the default condition permitting the initiation...

Page 87: ...0 host3 config router neighbor 10 3 3 2 remote as 100 host3 config router neighbor 10 4 4 2 remote as 300 host3 config router network 172 28 8 0 mask 255 255 248 0 network Use to specify the prefixes...

Page 88: ...as advertised to the speaker s external peers You can issue the bgp advertise external to internal command to cause BGP to revert to advertising two potentially different routes to its peers See Selec...

Page 89: ...ree static routes on router Boston and configure router Boston to redistribute the static routes and routes from OSPF into BGP for the network structure shown in Figure 14 on page 53 host2 config ip r...

Page 90: ...GP If you do not specify the route map option all routes are redistributed Use the metric keyword to set the multiexit discriminator MED for routes redistributed into BGP The default MED is the value...

Page 91: ...t use the clear ip bgp command this command will bounce the BGP sessions or the clear ip routes command to reinstall BGP routes in the IP routing table Use the no version to restore the default of per...

Page 92: ...lt the redistribute command does not permit a default route to be redistributed into BGP You can use the default information originate command to override this behavior and permit the redistribution o...

Page 93: ...ecific static route when multiple entries exist for the same route Suppose that in Figure 16 on page 58 router KC has been configured to advertise a default route to router Chicago host1 config router...

Page 94: ...utes that are advertised because of the neighbor default originate command This command takes effect immediately Use the no version to prevent the default route from being advertised by BGP Use the de...

Page 95: ...ecifying the aggregate IP address and IPv6 routes by specifying the aggregate IPv6 prefix Figure 17 on page 59 illustrates an IPv4 network structure where you might use aggregation The following comma...

Page 96: ...egate the routes while preserving the path information host2 config router bgp 873 host2 config router neighbor 10 2 2 3 remote as 873 host2 config router neighbor 10 5 5 1 remote as 17 host2 config r...

Page 97: ...routes NOTE Do not use the as set keyword when you have many paths to aggregate If you do the aggregated route is continually withdrawn and reupdated as AS path reachability information changes for t...

Page 98: ...routes bgp advertise inactive Use to enable the BGP speaker to advertise inactive routes best routes in the IP forwarding table that are not being used to forward traffic This feature is disabled by...

Page 99: ...rtise IPv6 routes between two IPv4 peers over their BGP session Configure the peers by using IPv6 addresses within the IPv4 unicast address family You can set the IPv4 next hop with a static route or...

Page 100: ...d in only the following address families Unicast IPv4 Unicast IPv6 Multicast IPv4 Multicast IPv6 VPNv4 unicast VPNv6 unicast NOTE For VPNv4 unicast and VPNv6 unicast address families we recommend that...

Page 101: ...ied The route maps referenced by the neighbor advertise map command must include a match ip address clause You can also include additional match clauses All match commands supported by existing outbou...

Page 102: ...1 an advertisement for the route to prefix 10 10 20 0 24 only if router 2 has received a route to prefix 172 24 19 0 24 from router 3 Alternatively if the route to prefix 172 24 20 0 has been installe...

Page 103: ...esent in the BGP routing table Similarly you can impose additional restraints by including any other match clause that is supported by an existing outbound policy In this configuration the condition1...

Page 104: ...ap condition1 sequence 5 host1 config router neighbor peer group1 advertise map alternatetoPG1 non exist map condition2 host1 config router exit host1 config ip as path access list 1 permit 300 Config...

Page 105: ...you might want to control the advertisement of a default route based on the reachability of an IGP prefix Because conditional advertisement tracks the BGP routing table rather than the IP routing tab...

Page 106: ...2 2 remote as 300 host1 config router network 172 55 55 0 24 host1 config router aggregate address 172 55 0 0 16 summary only host1 config router neighbor 10 12 12 2 advertise map default exist map te...

Page 107: ...ypes those that support both match and set clauses and those that support only match clauses The match and set route maps consist of the route maps configured with any of the commands listed in Table...

Page 108: ...te advertise map BGP does not support the clauses listed in Table 17 on page 72 However see Applying Table Maps on page 81 for exceptions for route maps applied with the table map command Table 17 Cla...

Page 109: ...You can specify one or more extended community list names in a match clause If you specify more than one extended community list the lists are logical ORed Example host1 config route map nyc1 permit...

Page 110: ...sion to delete the match clause from a route map or a specified value from the match clause See match level match metric Use to match a route for the specified metric value Example host1 config route...

Page 111: ...only the received routes that match at least one section of the route map The nonmatching routes are rejected from entering the local BGP RIB and no further processing takes place A clause with multip...

Page 112: ...nds are set Use route maps when you wish to have detailed control over how routes are redistributed between routing processes The destination routing protocol is the one you specify with the router co...

Page 113: ...ompares each list entry with the community attribute A match is found for the list entry 231 10 and this community is deleted from the community attribute Similarly a match is found for the list entry...

Page 114: ...ibutes in a route map for BGP updates You can specify a site of origin soo extended community and a route target rt extended community at the same time in a set clause without overwriting the other Ex...

Page 115: ...acted from the metric of any routes matching the route map The relative metric value can be in the range 0 4294967295 Example host1 config route map nyc1 permit 10 host1 config route map set metric 25...

Page 116: ...rigin egp Use the no version to delete the set clause from a route map See set origin set tag Use to set the tag value of the destination routing protocol Example host1 config route map nyc1 permit 10...

Page 117: ...used to establish preference between routes to the same prefix to identify the best route to that prefix Setting distance in any other circumstance has no effect Example host1 config route map set di...

Page 118: ...es currently in the table have a variety of values for these attributes host1 show ip route bgp Protocol Route type codes I1 ISIS level 1 I2 ISIS level2 I route type intra IA route type inter E route...

Page 119: ...ply the list to routes received from or passed to a neighbor with the neighbor prefix list command Define a prefix tree with the ip prefix tree command and apply the list to routes received from or pa...

Page 120: ...er the network shown in Figure 22 on page 84 Router NY originates network 10 16 22 0 23 and advertises it to router LA Suppose you do not want router LA to advertise that network to router Boston You...

Page 121: ...elected prefixes as specified in an access list Using distribute lists is one of three ways to filter BGP advertisements The other ways are as follows Use AS path filters with the ip as path access li...

Page 122: ...sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes that are already present in the BGP routing table you must use the clear ip bgp command t...

Page 123: ...S path attribute Whenever a BGP route passes through an AS BGP prepends its AS number to the AS path attribute The AS path attribute is the list of ASs that a route has passed through to reach a desti...

Page 124: ...te as 435 host1 config router neighbor 10 2 7 2 filter list 3 out host1 config router exit host1 config ip as path access list 1 deny 621_11 host1 config ip as path access list 1 permit host1 config i...

Page 125: ...in with 32 ip as path access list Use to define an AS path access list to permit or deny routes based on the AS path Each access list is a set of permit or deny conditions for routes based on matching...

Page 126: ...d policies configured for peer groups for which you have enabled Adj RIBs Out If you change the outbound policy for such a peer group and want to fill the Adj RIBs Out table for that peer group with t...

Page 127: ...ost1 config ip as path access list dog1 permit _837 host1 config route map alpha permit 20 host1 config route map match as path dog2 host1 config route map exit host1 config ip as path access list dog...

Page 128: ...f its community attribute Table 19 Action Based on Well Known Community Membership BGP Speaker Action Well Known Community Does not advertise the route to any EBGP peers does not advertise the route b...

Page 129: ...ty host1 config router neighbor 10 72 4 3 route map setcomm out host1 config router exit host1 config ip as path access list 1 permit host1 config route map setcomm permit 10 host1 config route map ma...

Page 130: ...umber that identifies the autonomous system and NN is a number that identifies the community within the autonomous system Use the no version to restore the default display See ip bgp community new for...

Page 131: ...ement to any peer no export Prevents advertisement beyond the BGP confederation boundary Alternatively you can use the list keyword to specify the name of a community list that you previously created...

Page 132: ...ch community 1 host1 config route map set metric 20 host1 config route map exit host1 config route map commtrc permit 2 host1 config route map match community 2 host1 config route map set metric 75 ho...

Page 133: ...ommunity list unrelated to the community list that uses regular expressions BGP speakers can use the new extended community attribute to control routes similarly to the way it uses the community attri...

Page 134: ...ection is slightly different when you change outbound policies for peer groups for which you have enabled Adj RIBs Out You cannot merely perform a hard clear or outbound soft clear for individual peer...

Page 135: ...issuing the clear ip bgp soft in command neighbor soft reconfiguration inbound Use to initiate the storage of copies of routes received from the specified IP address or from all members of the specif...

Page 136: ...but it also supports nonstandard implementations Cooperative Route Filtering If a BGP speaker negotiates the cooperative route filtering capability with a peer then the speaker can transfer inbound r...

Page 137: ...2 168 1 158 maximum orf entries 125000 Use the no version to restore the default value of no limits See neighbor maximum orf entries neighbor prefix list Use to assign an inbound or outbound prefix li...

Page 138: ...lude the route as a forwarding entry and does not advertise the route to BGP peers The penalty decrements by 50 percent for each half life interval that passes The half life interval resets when the r...

Page 139: ...utes Dampening applies only to routes learned by means of EBGP The new dampening parameters are applied in future flaps Changing the dampening parameters does not affect the Figure of Merit that has b...

Page 140: ...route map 21 permit 5 host1 config route map match as path 1 host1 config route map set dampening 5 1000 1500 45 15 host1 config route map exit host1 config ip as path access list 1 permit 300_ Acces...

Page 141: ...ig route map nyc1 permit 10 host1 config route map set dampening 5 1000 1500 45 15 Use the no version to delete the set clause from a route map See set dampening Policy Testing You can analyze and che...

Page 142: ...sharing the address and mask to be considered Specifying only an address causes a best match to be performed for the route If you completely specify a route with IP address mask and route distinguish...

Page 143: ...f IBGP 9 Select the path with the lowest IGP cost to the next hop 10 Select the path with the shortest route reflection cluster list Routes without a cluster list are treated as having a cluster list...

Page 144: ...xt hop of 10 2 2 1 Router Jackson advertises the same network externally to router Topeka with a next hop of 10 1 13 1 Figure 28 Configuring Next Hop Processing Router Memphis advertises 172 24 160 19...

Page 145: ...ure router Topeka host3 config router bgp 25 host3 config router neighbor 10 1 13 1 remote as 604 host3 config router network 172 31 64 0 mask 255 255 192 0 Additional configuration is required for ro...

Page 146: ...sed prefix If router Barcelona can reach router Madrid then it should be able to reach router Toledo Router Madrid therefore advertises 192 168 22 0 23 to router Barcelona with a next hop attribute of...

Page 147: ...ber of the peer group New policy values are applied to all routes that are sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes that are alread...

Page 148: ...nfigure router LA so that the weight of routes coming from router Boston are higher more preferred than the routes coming from router NY Router LA subsequently prefers routes received from router Bost...

Page 149: ...oute map route map 20 host1 config route map set weight 500 See JUNOSe IP Services Configuration Guide for more information about using route maps Using an AS Path Access List The following commands a...

Page 150: ...list neighbor filter list Use to apply an AS path access list to advertisements inbound from or outbound to the specified neighbor or to assign a weight to incoming routes that match the AS path acces...

Page 151: ...w policy to routes that are already present in the BGP routing table you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session Behavior is different for ou...

Page 152: ...fig router bgp default local preference 200 Router LA sets the local preference for all updates from AS 32 to 125 Router SanJose sets the local preference for all updates from AS 17 to 200 Because rou...

Page 153: ...ermit 10 host2 config route map match as path 1 host2 config route map set local preference 200 host2 config route map exit host2 config route map 10 permit 20 Router SanJose sets the local pref attri...

Page 154: ...static The following commands configure router NY host2 config router bgp 100 host2 config router neighbor 10 4 4 1 remote as 100 host2 config router neighbor 10 2 25 2 remote as 100 host2 config rout...

Page 155: ...ows this for all the routes known to routers NY and LA Table 20 Origin and AS Path for Routes Viewed on Different Routers AS Path Origin Router Route 300 IGP Albany 192 168 204 0 22 300 IGP Boston 192...

Page 156: ...ver a route enters an AS BGP prepends the AS number to the AS path attribute This feature enables network operators to track routes but it also enables the detection and prevention of routing loops Co...

Page 157: ...ring in the event the ASs are merged neighbor local as Use to assign a local AS to the given BGP peer or peer group If you specify a BGP peer group by using the peerGroupName argument all the members...

Page 158: ...MED on the sending router by using the set metric command in an outbound route map Unless configured otherwise a receiving router compares MED attributes only for paths from external neighbors that ar...

Page 159: ...255 255 255 0 host4 config router exit host4 config route map 10 permit 10 host4 config route map set metric 25 Router London receives updates regarding route 192 168 33 0 24 from both router Nice and...

Page 160: ...al neighbors that are in the same AS The BGP path decision algorithm selects a lower MED value over a higher one Unlike local preferences the MED attribute is exchanged between ASs but does not leave...

Page 161: ...ar of the current BGP session Use the no version to restore the default condition where a missing MED value is set to 0 the most preferred value See bgp bestpath missing as worst Comparing MED Values...

Page 162: ...into account the MED when comparing Route 1 with Route 2 However BGP does not take into account the MED when comparing Route 3 with either Route 1 or Route 2 because Route 3 originates outside the con...

Page 163: ...dard and Cisco proprietary orf messages Dynamic Capability Negotiation If both peers acknowledge support of dynamic capability negotiation then at any subsequent point after the session is established...

Page 164: ...s these stale routes for a limited time and continues to use these routes to forward traffic Any existing stale routes from that peer are deleted to account for consecutive restarts When the restartin...

Page 165: ...A receiving peer starts the timer as soon as it recognizes that the session with the restarting peer has transitioned to down The receiving peer also has a configurable timer that starts when it recog...

Page 166: ...ault value 120 seconds See bgp graceful restart path selection defer time limit bgp graceful restart restart time Use to set the time BGP advertises to all peers within which it expects to reestablish...

Page 167: ...r capability negotiation command prevents the advertisement of all BGP capabilities including graceful restart to the specified peers but does not affect global advertisement of the graceful restart c...

Page 168: ...ill prefer to use the standard route refresh messages neighbor capability Use to control the advertisement of BGP capabilities to peers Capability negotiation and advertisement of all capabilities are...

Page 169: ...BGP and IGPs Interactions between BGP and an interior gateway protocol are more likely to occur in an enterprise topology than in a service provider topology You can also encounter interactions when...

Page 170: ...Figure 36 on page 134 router NY checks its IGP routing table for a route to 192 56 0 0 16 when it learns about the prefix from the IBGP session with router Boston If the route is not present the prefi...

Page 171: ...also enables router Boston to put the route to 192 30 0 0 16 in its IP routing table and advertise it to router LA without learning about 192 30 00 16 from router Albany To configure router Boston ho...

Page 172: ...Setting the Administrative Distance for a Route The administrative distance is an integer in the range 0 255 that is associated with each route known to a router The distance represents how reliable t...

Page 173: ...lt value is 200 local Administrative distance for BGP local routes Local routes are those routes locally originated by BGP BGP can locally originate routes if you issue the network command if you conf...

Page 174: ...show ip route command on router Chicago the BGP route does not appear Instead only the connected route is displayed Both routes are in the IP routing table but the show ip route command displays only...

Page 175: ...n router Boston the router has both an IBGP route and a RIP route to the same prefix Even though the RIP route has a better administrative distance the IBGP route is propagated to router Philly becaus...

Page 176: ...hange in value results in the backdoor OSPF being more preferred as a way to reach prefix 172 19 0 0 16 network backdoor Use to cause a backdoor IGP route to be preferred over an EBGP route to the sam...

Page 177: ...5 Use the no version to restore the default value 1 See maximum paths Detecting Peer Reachability with BFD You can configure a Bidirectional Forwarding Detection BFD session with a BGP neighbor or pee...

Page 178: ...config router neighbor 10 25 43 1 bfd liveness detection minimum interval 450 neighbor bfd liveness detection Use to enable BGP to detect whether a neighbor is unreachable by means of a BFD protocol s...

Page 179: ...tion See neighbor bfd liveness detection BFD and BGP Graceful Restart So that BFD can maintain its BFD protocol sessions across a BGP graceful restart BGP requests that BFD set the C bit to 1 in trans...

Page 180: ...u can reduce the IBGP mesh inside an AS by subdividing the AS into a confederation of sub ASs Each sub AS must be fully meshed internally but the sub ASs do not have to be fully meshed with each other...

Page 181: ...535 to identify each sub AS AS 29 is now a confederation of three sub ASs AS 64720 AS 64721 and AS 64722 Each sub AS consists of fully meshed IBGP peers A slightly modified version of EBGP runs betwee...

Page 182: ...fies that sub AS 64721 and sub AS 64722 are members of the same confederation as the sub AS that includes router Salem The neighbor remote as commands specify the IBGP connection with a neighbor in su...

Page 183: ...MED and next hop attributes You can specify one or more individual sub AS numbers or you can issue the filter list keyword and an AS path access list which is based on regular expressions to specify...

Page 184: ...eflectors peer with clients and other route reflectors within the cluster outside the cluster they peer with other reflectors and other routers that are neither clients nor reflectors Route reflectors...

Page 185: ...der the cluster shown in Figure 44 on page 149 The operator has attempted to provide redundancy in Cluster 9 by configuring two route reflectors router Acton and router Westford Unfortunately router H...

Page 186: ...er ID of each cluster traversed by a route When a route reflector passes a route from a client to a nonclient router outside the cluster the reflector appends the cluster ID to the list When a route r...

Page 187: ...nfig router neighbor 10 7 6 2 remote as 29 You do not configure a cluster ID because router Concord is the only route reflector in this cluster To configure router Acton as a route reflector host3 con...

Page 188: ...rs of a peer group Example host1 config router no bgp client to client reflection Changes apply automatically to any routes received after you issue the command To advertise or withdraw routes that ar...

Page 189: ...asting The BGP multiprotocol extensions MP BGP enable BGP to carry IP multicast routes used by the Protocol Independent Multicast PIM to build data distribution trees See JUNOSe Multicast Routing Conf...

Page 190: ...VPWS on page 651 As discussed in Understanding BGP Command Scope on page 18 BGP configuration commands fall into five categories If you specify the multicast address family from within the Address Fam...

Page 191: ...activate it in another address family If you specify a BGP peer group by using the peerGroupName argument all the members of the peer group inherit the characteristic configured with this command unl...

Page 192: ...differs from that for unicast networks However you might use this command if you do not want to run multicast MP BGP or if you are running BGP between CE routers in a given BGP MPLS VPN the current s...

Page 193: ...this command to work properly If you run the policy test on incoming routes soft reconfiguration configured with the neighbor soft reconfiguration in command must be in effect NOTE You can use the sta...

Page 194: ...command unless it is overridden for a specific peer You can set a weight value for inbound routes filtered with a filter list Example host1 test ip bgp neighbor 10 12 54 21 advertised routes distribut...

Page 195: ...iously enabled with the debug ip bgp command See debug ip bgp default fields peer Use to specify fields that are displayed by default by a subsequently issued show ip bgp summary command Use the intro...

Page 196: ...e installation 6 path attribute entries 936 bytes Local RIB version 74 FIB version 74 Prefix Next hop MED LocPrf Weight AS path 99 99 99 11 32 1 1 1 1 1 100 0 65011 99 99 99 12 32 1 1 1 1 0 100 0 empt...

Page 197: ...ith the route Originator ID Router ID of the router in the local AS that originated the route Cluster ID list List of cluster IDs through which the route has been advertised Stale Route has gone stale...

Page 198: ...is unicast MPLS in label is none MPLS out label is 17 Next hop IP address is ffff 2 2 2 2 metric 3 Multi exit discriminator is 0 Local preference is 100 Weight is 0 Origin is IGP AS path is 65021 Exam...

Page 199: ...ation for routes in the route target address family corresponding to the specified RT MEM NLRI host1 show ip bgp route target signaling 100 100 1 96 BGP route information for prefix 100 100 1 96 Recei...

Page 200: ...4 4 Unreachable 22 22 22 22 32 3 3 3 3 3 3 3 3 Unreachable 22 22 22 22 32 4 4 4 4 4 4 4 4 Unreachable 33 33 33 33 32 3 3 3 3 3 3 3 3 Unreachable 44 44 44 44 32 4 4 4 4 4 4 4 4 Unreachable 55 55 55 55...

Page 201: ...nel only routes selected for tunnel route table installation Number of routes in the BGP routing table that have been inserted into the IP tunnel routing table path attribute entries Number of distinc...

Page 202: ...the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for descriptions of the fields displayed by this keyword Field descriptio...

Page 203: ...2768 inc 33 0 0 0 24 0 0 0 0 5 72 1 1 1 32768 inc 44 44 0 0 16 5 72 116 1 5 72 1 1 0 inc See show ip bgp advertised routes See show bgp ipv6 advertised routes show ip bgp aggregate address show bgp ip...

Page 204: ...uting table that have been inserted into the IP routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for di...

Page 205: ...ed a route to the same prefix all routes are included in this count distinct prefixes Number of routes to unique prefixes stored in the BGP routing table If several peers have advertised a route to th...

Page 206: ...s keyword Field descriptions Local router ID BGP router ID of the local router local AS Local autonomous system number paths Total number of routes stored in the BGP routing table If several peers hav...

Page 207: ...next hop of a route is unreachable if not displays the IGP cost to the indirect next hop If you filter the display with field options the usual introductory information about BGP attributes is displa...

Page 208: ...hable 2681 00 17 00 128 192 0 0 16 10 2 1 48 Available 1997 00 15 08 148 161 0 0 16 10 2 1 48 Available 1997 00 15 10 164 81 0 0 16 10 2 1 48 Available 1997 00 15 11 192 29 60 0 24 10 2 1 48 Available...

Page 209: ...P routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for different prefixes but with identical path attri...

Page 210: ...lt decay half life Time in minutes after which a penalty is decreased After the route has been assigned a penalty the penalty is decreased by half after the half life period which is 15 minutes by def...

Page 211: ...f you filter the display with field options the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for descriptions of the field...

Page 212: ...indirect next hop of a route is unreachable if not displays the IGP cost to the indirect next hop If you filter the display with field options the usual introductory information about BGP attributes i...

Page 213: ...llation 21685 path attribute entries 2965327 bytes used Prefix Peer Next hop MED CalPrf Weight Origin 12 2 6 0 24 10 5 0 48 10 5 0 48 100 100 IGP 12 2 7 0 24 10 5 0 48 10 5 0 48 100 100 IGP 12 2 76 0...

Page 214: ...if configured Outgoing update distribute list Distribute list for outgoing routes if configured Incoming update filter list Update filter list for incoming routes if configured Outgoing update filter...

Page 215: ...lity per address family and whether it is advertised configured or received Maximum number of ORF entries Limit of ORF entries that will be accepted from the neighbor Capability advertisement Lists wh...

Page 216: ...router ID is 172 31 1 48 negotiated BGP version is 4 Administrative status is Start connection state is Established Reason for last reset was tcp connection error TCP error code 60 Connection timed ou...

Page 217: ...nds Remaining time for the peer to come back up is 117 seconds Remaining time for keeping stale routes from the peer is 357 seconds Fields relevant during reconvergence after the peer has restarted Gr...

Page 218: ...00 50 Negotiated detection time is 900 ms Fields relevant to conditional advertisement Advertise map is advertisetoR1 Condition map trigger1 Sequence 5 Status Withdraw Advertise map is alternatetoR1 C...

Page 219: ...the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route Example host1 show ip bgp neighbors 192 168 1 158 dampened routes Local BGP identifier 192 168 1...

Page 220: ...nt Origin Next hop AS path 0xC384BD0 1 IGP 192 168 1 1 11488 701 2853 5515 764 0xC384C40 1 IGP 192 168 1 1 11488 701 4183 0xC384CB0 1 IGP 192 168 1 1 11488 701 1239 1833 1833 1833 1299 8308 0xC384D20...

Page 221: ...elds displayed by this keyword Field descriptions Prefix Prefix for the routing table entry Peer IP address of BGP peer Next hop IP address of the next hop MED Multiexit discriminator for the route Lo...

Page 222: ...een inserted into the IP routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for different prefixes but wi...

Page 223: ...mation about BGP attributes is displayed only if you issue the intro fields option See show ip bgp show ip bgp on page 160 for descriptions of the fields displayed by this keyword Example host1 show b...

Page 224: ...ly maintains additional attributes that are not displayed for example the MED local preference and communities attributes Field descriptions Address Hexadecimal number that uniquely identifies the pat...

Page 225: ...can be missed before declaring BFD session down Next hop self Status of next hop self information for the peer group Peers are route reflector clients BGP peer group is configured as a route reflector...

Page 226: ...dministrative status is Start EBGP multi hop is disabled IBGP single hop is disabled BFD is enabled Single hop IPv4 BFD session Minimum transmit interval is 300 ms Minimum receive interval is 300 ms M...

Page 227: ...ect next hop If you filter the display with field options the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for description...

Page 228: ...AS path 10 99 1 2 32 10 1 1 2 100 100 200 10 99 1 3 32 10 1 1 2 100 100 200 10 10 99 1 4 32 10 1 1 2 100 100 200 10 20 If the regular expression contains one or more spaces you must place quotation m...

Page 229: ...r command to specify default fields to be displayed by subsequently issued show ip bgp summary commands Field descriptions Local router ID Router ID of the local router Local AS AS number of local rou...

Page 230: ...nabled or disabled Graceful restart Status enabled or disabled Global graceful restart restart time Time in seconds Global graceful restart stale paths time Time in seconds Graceful restart path selec...

Page 231: ...the routes in the IP routing table based on changes in the local RIB The FIB version matches the local RIB version when BGP has finished updating the routes in the IP route table The FIB version is le...

Page 232: ...100 11 Import route map test2 import map Export route map test1 export map can not filter routes Global import route map test3 global import map 103 routes imported from global table max 5000 routes a...

Page 233: ...11488 1 permit 752877570 11488 2 permit 752877571 11488 3 permit 752877572 11488 4 Community List 2 permit 4294967043 local as See show ip community list undebug ip bgp Use to disable the display of...

Page 234: ...198 Monitoring BGP JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 235: ...Part 2 Multiprotocol Layer Switching MPLS Overview on page 201 Configuring MPLS on page 263 Monitoring MPLS on page 311 Configuring BGP MPLS Applications on page 373 Multiprotocol Layer Switching 199...

Page 236: ...200 Multiprotocol Layer Switching JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 237: ...ing and Next Hop Tables on page 224 Spoof Checking MPLS Packets on page 225 IP and IPv6 Tunnel Routing Tables and MPLS Tunnels on page 225 Explicit Routing for MPLS on page 226 MPLS Interfaces and Int...

Page 238: ...g high bandwidth and stability MPLS enables service providers to provide their customers with the best service available given the provider s resources with or without traffic engineering MPLS is the...

Page 239: ...nf RESVERR ResvErr resverr RESVTEAR ResvTear resvtear TARGETED_HELLO Targeted Hello targeted hello Related Topics MPLS Terms and Acronyms on page 203 MPLS Terms and Acronyms Table 23 on page 203 defin...

Page 240: ...rs in an MPLS domain including BGP LDP and RSVP TE This usage is not represented in this text by the acronym LDP Label Distribution Protocol Egress LSRs in a point to multipoint LSP It is also referre...

Page 241: ...ct Point to multipoint tunnel An RSVP TE LSP with a single ingress LSR and one or more egress LSRs Incoming data is replicated at the branch nodes Point to multipoint LSP PE An LER at the edge of a se...

Page 242: ...al Private Networks VR based and BGP based Layer 2 Services over MPLS LER functionality LSR functionality Spoof checking LDP graceful restart ECMP Topology driven LSPs LDP including support of LDP ove...

Page 243: ...Support for information about the modules that support MPLS MPLS References For more information about the MPLS protocol consult the following resources JUNOSe Release Notes Appendix A System Maximums...

Page 244: ...nformation in BGP 4 May 2001 RFC 3140 Per Hop Behavior Identification Codes June 2001 RFC 3209 RSVP TE Extensions to RSVP for LSP Tunnels December 2001 RFC 3210 Applicability Statement for Extensions...

Page 245: ...to signal its forwarding peers and distribute its labels to establish an LSP The label distribution protocol enables negotiation with the downstream LSRs to determine what labels are used on the LSP a...

Page 246: ...PLS can label packets by using the existing layer 2 header or an encapsulation header that carries the MPLS label During LSP negotiation the LSRs in an MPLS domain agree on a labeling method Labels ha...

Page 247: ...the LER The LER then performs only the lookup for the packet The request to perform PHP is signaled by the LER when it includes an implicit null label in the label mapping message that it sends to its...

Page 248: ...other interface types always use labels from only the platform label space You cannot configure the range for the platform label space The platform label space is a large single unconfigurable pool of...

Page 249: ...s used only to carry the TTL bits to the egress and is not visible to intermediate LSRs The ingress node learns the total hop count from signaling and then uses that count to decrement the TTL to the...

Page 250: ...bels are ignored When an IP packet is exposed after MPLS pops all the labels that should be popped MPLS passes the packet to IP for further processing including TTL checking When the uniform tunnel mo...

Page 251: ...essing on an LSR On an LSR where an MPLS packet is label switched after processing on the line module the TTL value in the swapped to label is decremented by 1 from the incoming TTL value when the swa...

Page 252: ...when the local option for the mpls ip propagate ttl command has been configured When the no mpls ip propagate ttl local command has been configured MPLS sets the TTL to 255 When the packet is a forwar...

Page 253: ...ons when the TTL in a MPLS label of a received MPLS packet expires 1 A TTL expired ICMP packet is constructed 2 The destination address of ICMP packet is set to the source address of the IP packet tha...

Page 254: ...downstream unsolicited ordered control Downstream on demand means that MPLS devices do not signal a FEC to label binding until requested to do so by an upstream device Upstream is the direction towar...

Page 255: ...next hop for the destination it is used by BGP or LDP when adjacent peers are configured to use the platform label space Figure 53 LSP Creation Downstream on Demand Ordered Control Independent contro...

Page 256: ...ve before you create the static routes RSVP TE tunnels are announced to IS IS and OSPF the IGP then uses the tunnels as next hop interfaces for its SPF calculations For this method you must issue the...

Page 257: ...interface for VPN traffic If this interface is not created then the VPN traffic uses the default IPv4 interface for non VPN traffic Typically you request the creation of separate IPv4 interfaces for V...

Page 258: ...mands such as show egress queue rate interface ip In the following sample output the statistics of interest are those for the layer 2 interface atm vc ATM9 0 10 Traffic is present as indicated by the...

Page 259: ...e MPLS major interface ATM9 0 10 ATM circuit type is 1483 LLC encapsulation Administrative state is enabled Operational state is up Operational MTU is 9180 Received 1 packet 136 bytes 0 errors 0 disca...

Page 260: ...erface is created of each in out segment of a tunnel the purpose of these minor interfaces is to attach QoS and policy to an LSP MPLS forwarding tables consist of the following One forwarding table fo...

Page 261: ...the following types of spoof checking Router spoof checking MPLS packets are accepted only if they arrive on an MPLS major interface that is in the same virtual router as the MPLS forwarding table Int...

Page 262: ...ent to the previous node in the path A loose hop is not necessarily directly connected to the previous node whether it is directly connected is unknown The sequence of hops comprising an explicit rout...

Page 263: ...e label of the received MPLS packet the in label in the MPLS forwarding table that is associated with the major interface For major interfaces using the platform label space the lookup is in the MPLS...

Page 264: ...the minor interface assigned automatically when the interface is created The operational state of the interface up or down Whether the interface is an ingress MPLS minor interface used to receive tra...

Page 265: ...bel distribution protocols are sometimes referred to as signaling protocols However label distribution is a more accurate description of their function and is preferred in this text The following prot...

Page 266: ...aces that use the platform label space default to the LSR router ID for the transport address You can use the mpls ldp discovery transport address command to specify an arbitrary IP address as the tra...

Page 267: ...it does not use TCP to exchange messages In contrast to LDP a hard state protocol RSVP TE is a soft state protocol meaning that much of the session information is embedded in a state machine on each L...

Page 268: ...ceiving node returns a message ack object enabling the sending node to determine whether a message was lost and triggering a retransmission as necessary Summary refresh srefresh messages refresh the s...

Page 269: ...e information on MP BGP extensions NLRIs and BGP MPLS VPNs see Configuring BGP MPLS Applications Related Topics MPLS Label Switching and Packet Forwarding on page 209 MPLS Label Distribution Methodolo...

Page 270: ...abel Stack object is supported Flag N to treat the packet as a non IP packet is not supported An MPLS LSP trace echo request includes this TLV This TLV contains the downstream address all routers mult...

Page 271: ...ecific mpls ping and trace mpls commands enable you to target different types of MPLS applications and network topologies The various ping mpls and trace mpls commands send UDP packets known as MPLS e...

Page 272: ...reply is received from the egress router for the FEC or a TTL of 32 is reached When a TTL expires on an LSR that LSR sends an echo reply packet back to the source For transit routers the echo reply i...

Page 273: ...ddress to be globally included in link hellos with the mpls ldp discovery transport address command LDP Extended Discovery Mechanism To discover LDP peers that are not directly connected LSRs periodic...

Page 274: ...uch as required values for bandwidth or required explicit paths You can use RSVP TE as the label distribution protocol for traffic engineering The IGP propagates resource information throughout its ne...

Page 275: ...ization Finally you can manually force an immediate reoptimization See MPLS Global Configuration Tasks in Configuring MPLS in the JUNOSe BGP and MPLS Configuration Guide for information about configur...

Page 276: ...l Resource flooding threshold and period The resource flooding threshold and period together control the flooding of the resource information by the IGP protocols IS IS and OSPF Configuring Traffic En...

Page 277: ...sources Topology Driven LSPs Topology driven LSPs are implemented for best effort hop by hop routing In topology driven LSP mode LDP automatically sets up LSPs for IGP direct and static routes subject...

Page 278: ...de the address of LSR 5 in the list configured on LSR 2 Related Topics MPLS Label Switching and Packet Forwarding on page 209 MPLS Label Distribution Methodology on page 218 Mapping IP Data Packets on...

Page 279: ...aceful restart Table 26 Summary of LDP Graceful Restart States Reconnect timeout value sent in TLV FT TLV sent to neighbor Helper mode enabled Graceful restart enabled Nonzero Yes Yes Yes Zero Yes Yes...

Page 280: ...neighbors that it supports graceful restart might subsequently be unable to do so In such cases the neighbors receive no indication of that change in support unless you bounce the LDP sessions for ex...

Page 281: ...n completed with the peer on the link or a configured amount of time has passed the holddown period With synchronization configured LDP notifies the IGP to advertise the maximum cost for the link when...

Page 282: ...tric is explicitly configured or the default value Determining Peer Reachability with RSVP TE Hello Messages RSVP TE hello messages enable the router to detect when an RSVP TE peer is no longer reacha...

Page 283: ...e that the peer transmitted then the peer treats that neighbor as if it has reset In these cases the local peer changes the instance value that it advertises to the neighbor Sequence of Hello Message...

Page 284: ...ng back the requesting peer s source instance If the acknowledging peer advertises a wrong value in the destination instance field of the ack message then the requesting peer treats the acknowledging...

Page 285: ...he graceful restart time and the graceful restart recovery time restart time The sum of how long it takes the sender to restart RSVP TE after a control plane failure plus how long it takes to reestabl...

Page 286: ...riod neighboring helper routers and the restarting router resynchronize the RSVP TE state and MPLS forwarding state During this period MPLS traffic continues to be forwarded The helper router starts t...

Page 287: ...TE graceful restart support between routers running JUNOSe software or for interoperability with routers running JUNOS software Graceful restart must be enabled for node hellos to advertise graceful r...

Page 288: ...RSVP TE links If you are not using BFD then you must use link based hellos for link monitoring and link based hellos then become more practical for graceful restart BFD Protocol and RSVP TE The Bidir...

Page 289: ...olor combination that is applied when traffic goes through the tunnel has no effect on the EXP bits coding in the inner header In other words when traffic exits an LSP when a label is popped or when t...

Page 290: ...and sets the EXP bits for outgoing traffic based on the traffic class color combination Incoming Traffic For incoming MPLS traffic the traffic class color combination is set according to the EXP bits...

Page 291: ...UPC field at the LSP endpoint because the UPC value might have been set by a lower layer policy for a different purpose NOTE For control traffic originated from this router if an attached per LSP poli...

Page 292: ...for the First Label Pushed Figure 59 on page 256 shows how packet type and configuration determine how the EXP bits are set for the first label pushed 256 EXP Bits for Differentiated Services Overview...

Page 293: ...single ingress LSR and one or more egress LSRs You can use point to multipoint LSPs to avoid unnecessary duplication of packets at the ingress router by allowing non ingress LSRs to replicate the inco...

Page 294: ...all the sub LSPs in the tunnel and also because you can create path messages specific to a sub LSP in the tunnel you can use multiple path messages However if you want to minimize the number of contr...

Page 295: ...en LSR 2 and LSR 4 The sub LSP between LSR 2 and LSR 4 is an egress sub LSP that transmits the replicated packet from branch router LSR 2 to egress E Series router LSR 4 Egress LSRs can also be direct...

Page 296: ...to the source must be through an IGMP owned interface Configuring an E Series Router as an Egress Router The configuration of an E Series router as an egress router depends on the type of label advert...

Page 297: ...dynamically we recommend that you enable IGMP on all interfaces of the router or at least on all interfaces that might be the next hop interface to the source 2 Disable the multicast reverse path forw...

Page 298: ...262 Point to Multipoint LSPs Configuration JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 299: ...on page 279 Configuring LDP IGP Synchronization on page 280 Configuring LDP MD5 Authentication on page 281 Controlling LDP Label Distribution on page 282 Additional RSVP TE Configuration Tasks on page...

Page 300: ...PLS tunnels See MPLS Tunnel Profile Configuration Tasks on page 273 Many users find it convenient to configure MPLS by completing the tasks in each set of tasks before moving to the next set However y...

Page 301: ...MPLS Global Tasks In a typical network you perform only the first task You might also perform the optional configuration tasks but typically do not need to do so 1 Enable MPLS on a virtual router host...

Page 302: ...ime 55 host1 config ldp hello interval 10 4 Optional Configure lists of peer addresses that targeted hello messages are sent to or accepted from host1 config mpls ldp targeted hello send list 10 21 5...

Page 303: ...SPs host1 config mpls topology driven lsp 2 Optional Specify filters for the routes and peers to which the labels are advertised host1 config mpls ldp advertise labels host only 3 Optional Specify the...

Page 304: ...s lsp retries 35 host1 config mpls lsp retry time 55 4 Optional Configure retry timer options globally to apply to all tunnels to set up an LSP after a failure due to no available route Specify the nu...

Page 305: ...rface Profile Configuration Tasks and Commands Creating or accessing an LDP interface profile places the CLI in LDP Configuration mode 1 Access LDP profile configuration mode host1 config mpls ldp int...

Page 306: ...n MPLS interface configuration tasks include the following sets of tasks MPLS Interface Tasks on page 270 LDP Interface Tasks on page 271 RSVP TE Interface Tasks on page 271 MPLS Interface Tasks To co...

Page 307: ...pls rsvp profile rsvp4 To disable RSVP TE on the interface host1 config if mpls rsvp disable 2 Optional Configure total bandwidth available on the interface host1 config if bandwidth 262144 3 Optional...

Page 308: ...an IGP in its SPF calculation host1 config if tunnel mpls autoroute metric absolute 100 4 Optional Configure the path options used for the tunnel host1 config if tunnel mpls path option 3 dynamic isi...

Page 309: ...autoroute metric tunnel mpls bandwidth tunnel mpls description tunnel mpls no route retries tunnel mpls no route retry time tunnel mpls path option tunnel mpls priority tunnel mpls retries tunnel mpl...

Page 310: ...7 Optional Configure resource class affinity host1 config tunnelprofile tunnel mpls affinity 0x1100 mask 0xFFFF 8 Optional Configure retry timers options to apply to a specific tunnel to set up an LSP...

Page 311: ...metric tunnel mpls bandwidth tunnel mpls description tunnel mpls no route retries tunnel mpls no route retry time tunnel mpls path option tunnel mpls priority tunnel mpls retries tunnel mpls retry tim...

Page 312: ...fter 5 next address 192 168 47 22 3 Configure a next hop at the end of the MPLS explicit path host1 config expl path next address 10 10 9 2 4 Enable the explicit path host1 config mpls explicit path n...

Page 313: ...depending on your network design See Configuring LDP Autoconfiguration on page 279 Configure LDP IGP synchronization depending on your network design See Configuring LDP IGP Synchronization on page 28...

Page 314: ...o a separate label Issue the mpls ldp deaggregate command host1 config mpls ldp deaggregate Related Topics Basic MPLS Configuration Tasks on page 264 Additional LDP Configuration Tasks on page 277 mpl...

Page 315: ...MPLS Configuration Tasks on page 264 Additional LDP Configuration Tasks on page 277 mpls ldp graceful restart mpls ldp graceful restart reconnect time mpls ldp graceful restart recovery time mpls ldp...

Page 316: ...or which LDP is not fully operational because there is no coupling between the LDP operational state and the IGP When LDP is not fully operational LDP is considered to not be synchronized with the IGP...

Page 317: ...LSR drops the segment and does not send a response to the peer You can optionally enable a strict authentication mode that allows only peers configured with passwords to establish sessions In this mo...

Page 318: ...dvertise labels command one or more times host1 config mpls ldp advertise labels for net25 to euro3 When you do not specify a toAccessList the action is taken for all peers Consider the following exam...

Page 319: ...ID unique to the sender a message sequence number and keyed message digest These attributes enable verification of both packet content and sender For all potential RSVP peers you configure the same k...

Page 320: ...face host1 config if mpls rsvp authentication To clear the security association on a receiving peer for the specified sending peer Issue the clear mpls rsvp authentication command host1 clear mpls rsv...

Page 321: ...il traffic is still safely redirected through LSR 5 LSR 8 LSR 6 LSR 9 LSR 7 If you want to protect an LSP that traverses N nodes against a failure in any link then you must configure N 1 bypass tunnel...

Page 322: ...n the bypass tunnel to the interface being protected host1 config interface atm 4 0 1 host1 config if mpls backup path bypass56 4 On LER 1 the tunnel ingress specify that local protection is required...

Page 323: ...urations the default hello refresh interval of 10 000 milliseconds a rate of one hello every 10 seconds is more appropriate and typically does not cause performance degradation To configure the RSVP T...

Page 324: ...ode 1 Enable RSVP TE graceful restart on the current virtual router host1 config mpls rsvp signalling hello graceful restart 2 Optional Configure the recovery time the time within which you want neigh...

Page 325: ...ed hellos to monitor RSVP TE links and detect link failures To configure the exchange of RSVP TE node hellos on all RSVP TE interfaces in the VR 1 Enable RSVP TE graceful restart host1 vr5 config mpls...

Page 326: ...nterval keyword to specify the interval at which the local peer proposes to transmit BFD control packets to the remote peer host1 config if mpls rsvp bfd liveness detection minimum transmit interval 4...

Page 327: ...terface directly connected to the LSP endpoint The IGP can consider the LSP as a potential output interface for the LSP endpoint and for destinations beyond the endpoint In this case the SPF computati...

Page 328: ...rtest path to a destination by using the shortest path first SPF algorithm The results are represented by the destination node next hop address and output interface where the output interface is a phy...

Page 329: ...hs have higher metrics Configuring the IGPs for Traffic Engineering For both IGPs you must issue two commands to enable the IGP to support traffic engineering IS IS Enable the flooding of MPLS traffic...

Page 330: ...f database opaque area command to display information about traffic engineering opaque LSAs Related Topics See JUNOSe IP IPv6 and IGP Configuration Guide for more information about enabling IS IS to s...

Page 331: ...for differentiated services See Configuring the Tunneling Model for Differentiated Services on page 295 Configure EXP bits for differentiated services See Configuring EXP Bits for Differentiated Serv...

Page 332: ...pplication and Configuration Figure 64 on page 297 shows an example topology where a service provider offers the following differentiated services to its customers over its MPLS network QoS Internet s...

Page 333: ...or the IP precedence value in all other cases It is acceptable that fabric queuing is based on the incoming base label s EXP Figure 64 Differentiated Services over an MPLS Network Differentiated Serv...

Page 334: ...policy output plain service 4 For traffic toward the core configure per VR rules or per LSP policies to set the base EXP bits value according to the traffic class color combination Issue the mpls copy...

Page 335: ...header to support differentiated services The JUNOSe software supports both statically configured and signaled mapping between the EXP bits and the PHB of traffic In a signaled environment you can co...

Page 336: ...examples that indicate how the PSC and the EXP field are combined to determine the PHB for traffic on incoming L LSPs Table 29 Examples of Incoming L LSP PHB Determination PHB EXP Field PSC AF22 010 A...

Page 337: ...lass and color for incoming traffic that matches the specified EXP bits value in the shim header host1 config mpls match exp bits 1 set traffic class bronze color red You can repeat the command to sup...

Page 338: ...ping signaled by RSVP TE you must configure on each router a mapping association between PHB IDs and the internal traffic class color combinations The JUNOSe software automatically generates and attac...

Page 339: ...t1 config mpls classifier list be green traffic class best effort color yellow To map the specified PHB ID to the internal traffic class color combination Issue the mpls diff serv phb id traffic class...

Page 340: ...ight PHB mappings For L LSPs do not use the exp bits keyword If you repeat the command the most recent command overwrites the previous command Preference of per VR Versus per LSP Behavior MPLS always...

Page 341: ...1 af2 and ef In this example the af1 class has twice as much fabric bandwidth as the best effort class and the af2 class has twice as much fabric bandwidth as the af1 class The expedited forwarding tr...

Page 342: ...bits The E Series router signals this mapping to all routers on the tunnel You can establish different PHB ID to EXP mappings for different tunnels host1 config interface tunnel mpls example PHB ID t...

Page 343: ...combination and forwarded into the appropriate queues in the fabric When the packets are sent into the tunnel out of the ingress router the EXP bits are set according to the router generated policy in...

Page 344: ...fig mpls classifier list af21 packets exp 4 host1 config mpls classifier list af22 packets exp 5 host1 config mpls classifier list af22 packets exp 6 host1 config mpls classifier list ef packets exp 7...

Page 345: ...configured IP policy management applied to their traffic class color combination Related Topics See the JUNOSe Policy Management Configuration Guide for more information about defining policies Config...

Page 346: ...310 Example Traffic Class Configuration for Differentiated Services JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 347: ...mic Routes in the Tunnel Routing Table on page 315 Clearing and Refreshing IPv6 Dynamic Routes in the Tunnel Routing Table on page 315 Tracing Paths Through the MPLS User Plane on page 316 Monitoring...

Page 348: ...Verifying and Troubleshooting MPLS Connectivity on page 363 Packet Flow Examples for Verifying MPLS Connectivity on page 365 Setting the Baseline for MPLS Statistics You can use the baseline mpls com...

Page 349: ...2 Issue the baseline mpls label command for a specific MPLS in label host1 baseline mpls label 123 By default statistics are enabled for incoming labels and RSVP TE or LDP outgoing labels but not for...

Page 350: ...ackets out packets and bytes There is no no version for the baseline mpls next hop command However you can disable the next hop table statistics To disable the statistics for a specific MPLS next hop...

Page 351: ...ated to dynamic IPv4 and IPv6 interfaces on top of MPLS major interfaces There is no no version Related Topics clear mpls dynamic interfaces on major interfaces Clearing and Refreshing IPv4 Dynamic Ro...

Page 352: ...MP destination unreachable and time exceeded messages This sample output shows the label and EXP bits used to switch the ICMP packets Related Topics For more information about using the traceroute com...

Page 353: ...ce Virtual path identifier VPI Virtual channel identifier VCI Virtual circuit descriptor VCD Type of circuit PVC Type Encapsulation method AUTO AAL5 MUX SNAP ILMI F4 OAM Encap Service type configured...

Page 354: ...e bw 10 kbps MPLS TE flooding threshold up 15 30 45 60 75 80 85 90 95 96 97 98 99 100 down 100 99 98 97 96 95 90 85 80 75 60 45 30 15 MPLS TE administrative weight 0 MPLS TE attribute flags 0 Availabl...

Page 355: ...Bandwidth in Kbps that is available at each priority level in the range 0 7 Available BW at 8 priority levels Related Topics show cac interface Monitoring Virtual Router Configuration Purpose Display...

Page 356: ...pe2 N1 NSSA external type1 N2 NSSA external type2 L MPLS label V VRF via indirect next hop 200 200 200 1 32 Type Ldp Distance 110 Metric 2 Tag 0 Class 0 MPLS next hop 3 label 18 on ATM5 1 1 ip19000003...

Page 357: ...Numeric tag that identifies route Tag Attribute of a route applied only as a result of set route class clause in a table map Class Related Topics show ip tunnel route show ipv6 tunnel route Monitorin...

Page 358: ...s session keepalive messages in seconds LDP session keepalive interval LDP targeted hello hold time in seconds LDP targeted hello hold time LDP targeted hello interval in seconds LDP targeted hello in...

Page 359: ...1 3 Out 27 neighbor 10 9 1 3 VLAN over MPLS vc id 240001 group id 2 In 22 neighbor 10 9 1 3 Out 25 neighbor 10 9 1 3 10 1 1 1 32 In 10001 neighbor 10 3 11 2 Out 20001 neighbor 10 3 11 2 10 2 2 2 32 I...

Page 360: ...s enabled Helper Mode is enabled Reconnect Time 220 sec Recovery Time 240 sec Max Recovery Time 260 sec Neighbor Liveness Timer 280 sec Peer 80 0 1 1 0 State operational Restarter Mode disabled Helper...

Page 361: ...zing with LDP or the specified interface that is synchronizing with LDP Action To display information about interfaces synchornizing with LDP host1 show ldp igp sync Atm 0 0 LDP configured SYNC enable...

Page 362: ...es host1 show ldp interface brief Interface IP Address Protocol ATM6 1 1 192 168 100 21 30 enabled ATM6 1 3 192 168 100 17 30 enabled ATM6 1 5 192 168 100 13 30 enabled ATM6 0 7 172 16 100 1 30 enable...

Page 363: ...ised to this peer accum label alloc Cumulative total number of labels received from this peer accum label learned Time in hh mm ss since session last restarted last restart time Number of notification...

Page 364: ...0 3 5 1 host1 show ldp neighbor 10 3 5 1 LDP Neighbor 10 0 2 2 LSR Remote 10 0 2 2 0 local 10 0 1 1 0 Transport address remote 10 0 2 2 local 10 0 1 1 State Operational LDP advertisement Unsolicited U...

Page 365: ...e password with the show configuration command This command displays the passwords in cleartext unless the service password encryption command has been issued in which case the passwords are displayed...

Page 366: ...bindings are being exchanged recovering LDP session is up operational IP address of LDP peer Neighbor Number of initialization messages received and sent Initialization Number of keepalive messages r...

Page 367: ...profile Number of attempts that will be made to set up an MPLS LDP session session retry Related Topics show ldp profile Monitoring LDP Statistics Purpose Display statistics for LDP on the current vi...

Page 368: ...ceived and sent Initialization Number of keepalive messages received and sent Keepalive Number of notification messages received and sent Notification Number of address messages received and sent Addr...

Page 369: ...ents Unknown message type Number of inappropriate message events Inappropriate message Number of inappropriate message events Malformed tlv Number of bad TLV value events Bad TLV value Number of missi...

Page 370: ...sion Monitoring MPLS Status and Configuration Purpose Display status and configuration information about MPLS Action To display information about MPLS Status and configuration host1 show mpls MPLS adm...

Page 371: ...ds Table 44 show mpls Output Fields Field Description Field Name Status of MPLS administratively enabled or disabled and configuration status MPLS IP address of label switched router LSR ID Frequency...

Page 372: ...ist or subject to a specified prefix list LSPs used for IP forwarding This field and the following fields are displayed only when RSVP TE is enabled RSVP is enabled IP address of label switched router...

Page 373: ...ext address 60 60 60 2 2 next address 40 40 40 1 not referenced by any options Meaning Table 45 on page 337 lists the show mpls explicit paths command output fields Table 45 show mpls explicit paths O...

Page 374: ...terface and the label associated with that interface OutIntf Label Interface type and specifier of the backup interface and the label associated with that interface BackupIntf Label Status of backup p...

Page 375: ...the label in the forwarding table BGP LDP or RSVP TE Owner Type and location of spoof checking performed on the MPLS packet router or interface Spoof check Action taken for MPLS packets arriving with...

Page 376: ...es Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packets 0 bytes 0 Dropped exceeded packets 0 bytes 0 MPLS minor interface lsp 02020202 1 4 receive Stacked on MPLS...

Page 377: ...hello recv 57 hello sent 0 bad hello recv adj setup time 00 04 44 last hello recv time 00 00 05 last hello sent time 00 00 05 MPLS Statistics Rcvd 0 failed lbl lookup 0 octets 0 hcOctets 0 pkts 0 hcPk...

Page 378: ...ndensed location is 0x00020000 Received 0 packets 0 bytes 0 errors 0 discards 0 failed label lookups Sent 0 packets 0 bytes 0 errors 0 discards RSVP Enabled with profile default Authentication is disa...

Page 379: ...Interface MplsMajor state Direction pe1 to pe2 ATM2 0 10 up transmit lsp 02020202 1 4 ATM2 0 10 up receive ERX 01 0c d7 pe1 Meaning Table 48 on page 343 lists the show mpls interface command output f...

Page 380: ...ages received or received bad or sent addr Number of address withdraw messages received or received bad or sent addr withdraw Number of message IDs received or sent msgId Number or unknown message typ...

Page 381: ...n Number of hello messages received hello recv Number of hello messages sent hello sent Number of hello messages rejected hello rej Number of adjacencies set up adj setup Number of adjacencies deleted...

Page 382: ...e is up MPLS minor interface UID is 0x1a000001 Lower MPLS major interface UID is 0x19000001 Sent 0 packets 0 bytes queue 0 traffic class best effort bound to atm vc ATM2 0 10 Queue length 0 bytes Forw...

Page 383: ...ops host1 vr2 show mpls next hop MPLS next hop index 1 lookup on inner header label Statistics are not collected for MPLS switch context next hops MPLS next hop index 2 lookup in router pe1 Statistics...

Page 384: ...toring the Configured Mapping between PHB IDs and Traffic Class Color Combinations Purpose Display the configured mapping between PHB IDs and traffic class color combinations PHB IDs used for L LSPs d...

Page 385: ...es Action To display the default RSVP TE profile host1 pe2 show mpls rsvp profile default RSVP profile default used by 0 interfaces refresh period 30000 ms timeout factor 3 To display all MPLS tunnel...

Page 386: ...outer egress session Terminating on the router transit session Travelling through the router Action To display path state control blocks for an ingress session host1 show mpls rsvp psb PSB Sender 223...

Page 387: ...strict OUT ERO IPv4 hop 122 1 1 1 strict SES ATTR Setup Pri 4 Hold Pri 4 name Flags IngressReRoute TTC Policy Object Unknown Objects Flags InUse PathRefreshSent RSB Timeout 157500 label 16 Associated...

Page 388: ...c parameters for the sender SenderTSpec Sender s description of generated traffic in kbps Token Bucket Rate Sender s description of generated traffic in kbps Token Bucket Size Lender s peak traffic ge...

Page 389: ...received PSB Flag RouteChangeNotify Explicit route object changed PSB Flag EroChanged Next hop has changed PSB Flag NextHopChanged Routing table next hop changed PSB Flag RtNextHopChanged PSB egress...

Page 390: ...authentication Mpls interface FastEthernet2 4 RSVP Authentication Secure Association with peer 10 2 2 2 Receive Sequence Number 4592798942692985943 RSVP Authentication Secure Association with peer 10...

Page 391: ...BFD is enabled host1 show mpls rsvp bfd interfaces Bfd Enabled RSVP interfaces Minimum Minimum Minimum Interface Interval Rx Interval Tx Interval Multiplier ATM2 0 1 300 300 300 3 Meaning Table 55 on...

Page 392: ...0 Resv Conf Sent 0 Resv Conf Rcvd 0 SRefresh Sent 0 SRefresh Rcvd 0 Ack Sent 0 Ack Rcvd 0 Nack Objects Sent 0 Nack Objects Rcvd 0 Msg Bundles Sent 0 Msg Bundles Rcvd 0 Error Msgs Rcvd 0 Misordered Me...

Page 393: ...esh Conf Rcvd Number of resvconf messages sent on the interface Ack Conf Sent Number of resvconf messages received on the interface Ack Conf Rcvd Number of nack objects sent on the interface Nack Obje...

Page 394: ...TE graceful restart Action To display information about RSVP TE graceful restart host1 show mpls rsvp hello graceful restart Graceful restart is ON Warning Graceful restart is NOT active Warning Hello...

Page 395: ...hello instance Up neighbor is up GR graceful restart is in progress Peer Address Interface Interval Miss Limit State 10 1 1 2 any 10000 4 Up 10 3 1 2 any 10000 4 GR 11 2 3 1 Atm3 1 3 10000 4 GR To dis...

Page 396: ...sequence number has changed The router declares the peer to be up if hellos are seen from the peer and its sequence number has not changed AdjLost Hellos were received from the peer but have timed ou...

Page 397: ...Hellos Suppressed Number of acknowledgments sent in response to hello requests received Hellos Acks Sent Number of acknowledgments received in response to hello requests sent Hellos Acks Received Rel...

Page 398: ...protocol To display a summary of all MPLS tunnels for the current router context host1 pe2 show mpls tunnels brief name id destination metric state label intf vpnEgressLabel3 0 0 0 0 R0 Incoming 10485...

Page 399: ...nnectivity In IP networks you can use the ping and traceroute commands to verify network connectivity and find broken links or loops In an MPLS enabled network you can use the mpls ping and trace mpls...

Page 400: ...S Echo Request Packet to a Martini Circuit To send an MPLS echo request packet to the specified layer 2 cross connect virtual Martini circuit Issue the ping mpls l2transport command host1 pe1 ping mpl...

Page 401: ...ls rsvp tunnel west1 detail Sending an MPLS Echo Request Packet to a VPLS Instance To send an MPLS echo request packet to the specified VPLS instance Issue the ping mpls vpls command host1 pe1 ping mp...

Page 402: ...specify a VRF name the LSP to the specified prefix must originate from the VRF because the ping is generated from the specified VRF Packet Flow Example for the ping mpls Command The following example...

Page 403: ...eturn code of 3 which means that the replying router is an egress for the FEC at stack depth The echo reply packet includes the Interface and Label Stack TLV to indicate both the interface on which th...

Page 404: ...for the trace mpls Command The following example illustrates the packet flow that results when you issue the trace mpls ip command from router PE 1 10 1 1 1 to router PE 2 10 2 2 2 over an LDP base t...

Page 405: ...both the interface on which the request packet was received and the incoming label stack The Downstream Mapping TLV is not included in the echo reply packet 6 When PE 2 s echo reply packet reaches ro...

Page 406: ...o request The echo reply packet has a return code of 3 which means that the replying router is an egress for the FEC at stack depth The echo reply packet includes the Interface and Label Stack TLV to...

Page 407: ...ix timeout 2 sec Max TTL 32 Handle 1921136 MplsNextHopIndex 78 L68 L34 1 0ms 10 33 33 33 Label switched at stack depth 2 TLV Pad 20 bytes TLV Interface and Label stack 20 bytes Router 10 33 33 33 Intf...

Page 408: ...xcept that the echo request packets and echo reply packets contain the VPN IPv6 sub TLV instead of the VPN IPv4 sub TLV Related Topics Verifying and Troubleshooting MPLS Connectivity on page 363 ping...

Page 409: ...ning Route Distribution with Route Target Filtering on page 404 Multicast Services over VPNs on page 412 Configuring BGP VPN Services on page 412 Providing Internet Access to and from VPNs on page 455...

Page 410: ...you specify the IPv6 unicast address family you can configure the router to exchange unicast IPv6 routes or unicast IPv6 routes in a specified VRF For a description of IPv6 see IPv6 Overview in the JU...

Page 411: ...ecalculating the set of viable routes as soon as it is notified of the failure When the recalculation has finished the protocol then updates the routing table with the new routes From the time the pat...

Page 412: ...ip V pe1 nbr 10 3 1 2 If the connection to PE 2 fails BGP marks the MPLS next hop 729 as a failed indirect next hop as soon as BGP is notified of the loss of connectivity However some traffic continu...

Page 413: ...exchanging routing information for the public Internet or implementing route reflectors The P routes do not need to contain any information about customer sites PE routers communicate with customer si...

Page 414: ...o which Customer Site 3 belongs VRFs exist within the context of a virtual router VR A given virtual router can have zero or more VRFs in addition to its global routing table which is not associated w...

Page 415: ...the configuration of your network For example if each VRF always belongs to only one VPN you might use a single RD for all VRFs that belong to a particular VPN Route Targets A route target extended c...

Page 416: ...extended community information and MPLS labels required for BGP MPLS VPNs Consider the simple example shown in Figure 71 on page 380 The customer edge devices are connected with their associated prov...

Page 417: ...s as advertised by CE 1 thus creating labeled VPN IPv4 prefixes The prepended information consists of a route distinguisher and an MPLS label Because the CE router uses IPv4 addresses from the VPN s p...

Page 418: ...s no meaning in the service provider core In addition PE 2 must have PE 1 s address so that it can establish an LSP back to PE 1 The next hop address must also be carried in the MP Reach NLRI attribut...

Page 419: ...ands across IPv4 Clouds with BGP draft ietf ngtrans bgp tunnel 04 txt July 2002 expiration JUNOSe Release Notes Appendix A System Maximums Refer to the Release Notes corresponding to your software rel...

Page 420: ...ceived BGP receives routes with an associated out label the out label is the label sent with MPLS traffic Consider the network shown in Figure 73 on page 384 If you display the in label on PE 1 you se...

Page 421: ...on address in the IP packet that is encapsulated in the MPLS packet The egress PE router then forwards the IP packet without the MPLS header to the appropriate customer site The inner labels themselve...

Page 422: ...label 46 for the P 2 to PE 2 link PE 1 can forward data packets along the LSP to PE 2 and its customer sites Similarly the PE 2 PE 1 LSP carries traffic only from PE 2 to PE 1 using label 58 for the...

Page 423: ...packet to router P 1 Label 21 is prepended to label 16 the labels are stacked Label 21 becomes the outermost label and is assigned to the first segment PE 1 P 1 in the label switched path from PE 1 t...

Page 424: ...ot currently supported MPLS base tunnels to IPv6 destinations as tunnel endpoints are not supported so you cannot establish an MPLS IPv6 backbone NOTE You must configure an IPv6 interface in the paren...

Page 425: ...v4 backbone The base MPLS tunnels are established in the IPv4 core network with either of the MPLS signaling protocols LDP or RSVP The ingress PE router pushes the LSP tunnel label directly onto the l...

Page 426: ...for PE 2 it is FFFF 2 2 2 2 128 The BGP next hop that is advertised in the MP BGP update includes the following A VPN IPV6 address with the RD set to zero The 16 byte IPv6 address encoded as an IPv4...

Page 427: ...om CE 2 destined for the 6001 0430 48 network the router detects a native IPv6 packet on its link to CE 2 PE 2 does a lookup in its VRF B IPv6 routing table prepends labels L2 and L1 to the IPv6 heade...

Page 428: ...on the AS boundary routers You must configure VRFs on each AS boundary router MPLS tunnels are unidirectional Figure 77 on page 392 shows only the tunnels established to carry traffic from ASBR 2 to P...

Page 429: ...1 advertises a route to prefix 10 10 10 11 32 to its external BGP peer PE 1 10 2 2 2 in VRF A PE 1 associates the label 16 with this route an extended update message sent to internal MP BGP peer ASBR...

Page 430: ...p index 5 Reachable metric 0 Number of direct next hops is 1 Direct next hop ATM6 0 21 10 5 5 5 Resolution in IP tunnel route table of VR MPLS indirect next hop index 14 Reachable metric 0 Number of d...

Page 431: ...ops is 1 Direct next hop MPLS next hop 22 Reference count is 1 Indirect next hop 10 5 5 50 Resolution in IP route table of VR IP indirect next hop index 4 Reachable metric 0 Number of direct next hops...

Page 432: ...ng autonomous systems Inter AS option C uses BGP as the label distribution protocol In an inter AS option C network ASBRs do not maintain or distribute VPN IPv4 routes Each ASBR maintains labeled IPv4...

Page 433: ...ns label L6 to the route to the loopback address on PE 2 and changes the next hop address to its own address 6 ASBR 1 then uses an MP IBGP session to advertise that address to PE 1 PE 1 therefore has...

Page 434: ...P labels within the AS and BGP labels across the AS boundary For a two label stack scenario to work you must issue the mpls ldp redistribute bgp command on the ASBRs This command enables the BGP prefi...

Page 435: ...ross Multiple Autonomous Systems The JUNOSe software supports inter AS services for IPv6 VPNs in addition to IPv4 VPNs See Providing IPv4 VPN Services Across Multiple Autonomous Systems on page 391 fo...

Page 436: ...ight also configure the IPv6 backbone type of BGP next hop encoding by configuring route maps that use native IPv6 addresses for the BGP next hop Using Route Targets to Configure VPN Topologies You ca...

Page 437: ...route target 100 12 The hub VRF has its import route target set to 100 12 so it accepts only routes from the spoke VRFs Each spoke VRF has the same import route target 100 11 Every route advertised by...

Page 438: ...hanism Figure 86 Site Connectivity in an Overlapping VPN Figure 87 on page 403 shows how to configure the VRF import and export route targets to build an overlapping VPN In this example the export and...

Page 439: ...t of another VRF for example the VPN A VRF then BGP routes are exported from one VRF to the other VRF in this case from the VPN AB VRF to the VPN A VRF Consequently traffic that arrives in one VRF is...

Page 440: ...se the MP_REACH_NLRI and MP_UNREACH_NLRI attributes in BGP updates to exchange information about each router s route target membership The PE router subsequently advertises VPN NLRI the routing inform...

Page 441: ...is invalid However the prefix for the Default RT MEM NLRI attribute is an exception to this rule For the Default RT MEM NLRI attribute 0 is a valid prefix length For example 100 100 53 36 is a valid R...

Page 442: ...ge it re evaluates the advertisement status of VPN routes that match the corresponding route target in the peer s Adj RIBS Out table This can result in an incremental update that advertises or withdra...

Page 443: ...the nonclient peer when the best path route is advertised by a nonclient but an alternative route from a client exists This behavior signals the client s interest in the route target routes that were...

Page 444: ...e maximum number of prefixes See neighbor maximum prefix Conditions for Advertising RT MEM NLRI Routes The following conditions must be met for routes in the route target address family to be advertis...

Page 445: ...command change the new route map may or may not take effect immediately If the disable dynamic redistribute command has been configured you must issue the clear ip bgp redistribution command to apply...

Page 446: ...ystems The selection is based on the AS path and other MP NLRI path attributes attached to the route The route target membership information which includes the route target and the originator AS numbe...

Page 447: ...MEM NLRI attribute with peer routers Optionally you can use the signaling keyword with the address family command when you configure the route target address family to specify BGP signaling of reacha...

Page 448: ...e Configuring BGP VPN Services To configure a router to provide BGP VPN services you must perform some tasks once per PE router and some tasks for each VRF on the PE router VRF Configuration Tasks To...

Page 449: ...1 1 host1 vr1 config vrf ip route vrf vrfA 10 12 0 0 255 255 0 0 10 1 1 1 or host1 config virtual router vr1 vrfA host1 vr1 vrfA config ip route 10 3 0 0 255 255 0 0 10 1 1 1 host1 vr1 vrfA config ip...

Page 450: ...1 config router af neighbor 192 168 1 158 activate host1 vr1 config router af exit address family d Optional Enable the BGP speaker to check the reachability of indirect next hops when selecting the b...

Page 451: ...ate a VRF or access VRF Configuration mode to configure a VRF You must specify a route distinguisher after you create a VRF Otherwise the VRF will not operate Example host1 vr1 config ip vrf vrfA Use...

Page 452: ...route from this VRF s forwarding table it associates the list of export route targets with the route and includes this attribute in the update message that advertises the route You also configure a ro...

Page 453: ...get extended community only routes that have at least one matching route target in their associated export list can be installed into the VRF s forwarding table If the import and export lists are iden...

Page 454: ...te target configuration on PE 1 host1 config virtual router newyork host1 newyork config ip vrf vrfA host1 newyork config vrf route target both 777 1 host1 newyork config vrf exit host1 newyork config...

Page 455: ...the hub customer 1 through VRF C Customer Site 3 can reach only the hub customer 1 through VRF E BGP sessions exist between PE 1 and PE 2 and between PE 1 and PE 3 In most situations BGP itself is fu...

Page 456: ...rget of 25 Routes from PE 2 have a route target of 50 and cannot be installed Similarly when VRF C on PE 2 receives an update message from PE 1 BGP installs the advertised route only if it has a route...

Page 457: ...when suppressed by an aggregate or auto summary route the more specific routes are distributed Aggregation and auto summarization take place in each VRF independently For example a route that is impo...

Page 458: ...utes and auto summary routes Yes Yes Imports both best and non best routes The best route selection including the decision to use or not use ECMP is made in the VRF after the routes are imported Chara...

Page 459: ...n import or export map see Configuring BGP Routing on page 3 The following example shows how to apply the route map routemap5 to the VRF vpnA configured on the virtual router boston host1 config virtu...

Page 460: ...on VPN RIB Routes that are imported into the VRF cannot be exported again As a consequence VPN routes can be injected only into the global IP routing table on the PE router that is directly connected...

Page 461: ...mber of routes to DNS servers content servers management stations and so on If instead you import the full Internet routing table into one or more VPNs too much memory will be consumed because this ac...

Page 462: ...list to disallow the export of IPv4 prefixes to the global IPv4 RIB host1 config access list nothing v4 deny ip any any Configure a route map to permit global export of IPv6 VPN routes to the global...

Page 463: ...tial routing table lookup does not yield results Forwarding the interface removes the IP configuration from the interface You must reassign an IP address to the interface after you issue this command...

Page 464: ...condary routing table lookup host1 vr1 config if ip vrf forwarding vrfA fallback global host1 vr1 vrfA config if ip address 10 12 4 5 255 255 255 0 To specify from inside the VRF context that an inter...

Page 465: ...he interface are deleted from the interface You must then reconfigure the IP attributes in the context of the VRF after issuing the command Example host1 vr1 config if ip vrf forwarding vrfA host1 vr1...

Page 466: ...xample host1 pe1 config router af ip route vrf vrfA 10 0 0 0 255 0 0 0 192 168 1 1 Use the no version to remove a static route from a VRF See ip route Configuring IGPs on the VRF If you do not configu...

Page 467: ...lete OSPF configuration tasks for VRF A host1 config router ospf 100 vrf vrfa For RIP you create the RIP process specify the address family for the VRF and specify redistribution of BGP routes for VRF...

Page 468: ...oute target filtering is always disabled on route reflectors that have at least one route reflector client You cannot enable automatic route target filtering for such route reflectors bgp default rout...

Page 469: ...forwarding mode label switched host1 config vrf ip route vrf pe11 10 3 4 5 255 255 255 255 fastEthernet 0 1 host1 config vrf ip route vrf pe11 10 1 1 1 255 255 255 255 loopback 1 host1 config vrf exit...

Page 470: ...tes to be included in the list of available equal cost paths You can use the maximum paths command with the ibgp or eibgp keywords to enable ECMP support for BGP MPLS VPNs The eibgp keyword specifies...

Page 471: ...r PE 2 or PE 3 is forwarded as MPLS encapsulated packets PE 2 and PE 3 receive the MPLS encapsulated traffic from PE 1 remove the MPLS encapsulation and then forward the traffic as IP packets by means...

Page 472: ...affic from PE 1 removes the encapsulation and then forwards the traffic as IP packets by means of the EBGP route to CE 2 maximum paths Use to enable ECMP support for BGP MPLS VPNs Specify a value in t...

Page 473: ...es See Configuring BGP Routing on page 3 for information about configuring BGP sessions The section Understanding BGP Command Scope on page 18 has tables that list BGP commands according to their scop...

Page 474: ...st1 vr1 config router af neighbor 192 168 1 158 activate Use the no version to indicate that routes of the current address family should not be exchanged with the peer Use the default version to remov...

Page 475: ...you can configure BGP on the PE router to advertise these static routes to customer sites within the VPN with network commands host1 vr1 config router network 10 3 0 0 host1 vr1 config router network...

Page 476: ...100 host1 vr1 config router address family ipv4 unicast host1 vr1 config router af no neighbor 10 26 5 10 activate host1 vr1 config router af exit address family host1 vr1 config router address famil...

Page 477: ...up by using the peer group name argument all the members of the peer group inherit the characteristic configured with this command You cannot override the characteristic for a specific member of the p...

Page 478: ...f origin extended community attribute enables BGP to filter out such routes to prevent routing loops in this network You can use the set extcommunity command to specify a site of origin and then use t...

Page 479: ...e site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin The result of the following partial configuration is shown in Figure 97 on pag...

Page 480: ...a route If you specify a BGP peer group by using the peer group name argument all the members of the peer group inherit the characteristic configured with this command You cannot override the charact...

Page 481: ...has no effect on the behavior of IBGP peers in this address family This behavior reduces the provisioning overhead for VPNv4 IBGP peers However you must configure the feature on the peer router at th...

Page 482: ...n the VRF s forwarding table With a warning threshold configured the following behavior takes place when the PE router attempts to add a route When adding the route causes the route count to exceed th...

Page 483: ...er limit exceeded message can be generated Messages are logged to ipRouteTable at severity warning The interval timers for the limit and the warning threshold are independent You can use the warning o...

Page 484: ...in the parent VR PE 1 to exchange VPN routes with its peers by means of internal or external MP BGP BGP can also be learning IPv4 unicast Internet routes from one or more of its core facing internal o...

Page 485: ...preference AS path length and other attributes After the route has been imported into a VRF the reachability of the BGP indirect next hop is based on the presence of an MPLS tunnel LDP or RSVP TE to t...

Page 486: ...o be unreachable It then selects the PE 2 route as the best route and installs it in the VRF s IP routing table On the other hand if the VRFs in PE 1 and PE 2 share the same RD the route reflector ref...

Page 487: ...a given prefix Because the route reflector selects only one best path and reflects that single best path toward its clients and nonclients the amount of state in the network is reduced The core of the...

Page 488: ...cast Routes You can issue the neighbor send label command to enable BGP to exchange both labeled and unlabeled unicast routes in the same address family same AFI over the same BGP peering session The...

Page 489: ...as the next hop whether because of an explicit neighbor next hop self configuration or implicitly as a result of participating in an EBGP session BGP allocates a new in label and adds an entry to the...

Page 490: ...the BGP indirect next hop of the route in the IP routing table If the BGP indirect next hop is reachable BGP adds the route to the IP routing table as a U unicast route Resolving IPv6 Indirect Next H...

Page 491: ...te SAFI 4 labeled Unlabeled Advertises labeled route SAFI 1 and SAFI 4 unlabeled and labeled Labeled Withdraws unlabeled route SAFI 1 unlabeled Labeled Advertises labeled route SAFI 4 labeled Labeled...

Page 492: ...a full default free Internet routing table in the VRF The default routes must point to a shared IP interface that you create on top of the layer 2 interface that points to the Internet gateway Config...

Page 493: ...pe1 pe11 config interface ip internet access host1 pe1 pe11 config if ip share interface atm2 1 3 host1 pe1 pe11 config if ip address 10 1 1 3 255 255 255 255 host1 pe1 pe11 config if exit host1 pe1 p...

Page 494: ...onfig if ip vrf forwarding pe11 fallback global host1 pe1 pe11 config if atm pvc 11 0 11 aal5snap host1 pe1 pe11 config if ip address 10 11 11 1 255 255 255 0 host1 pe1 pe11 config if exit See Definin...

Page 495: ...t map globimap1 Creating a BGP Session Between the CE Router and the Parent VR The fallback global option enables traffic that arrives at a VRF from the CE router to be sent out on the uplink determin...

Page 496: ...ust host1 pe1 config if ip share interface atm2 0 1 host1 pe1 config if ip address 10 1 1 3 255 255 255 255 host1 pe1 config if exit host1 pe1 config ip route 10 4 4 4 255 255 255 255 ip ce1 cust The...

Page 497: ...figuration is to use a global export map as described in Setting Import and Export Maps for a VRF on page 420 Enabling Traffic Flow from the Internet to the VPN When traffic flows from the Internet to...

Page 498: ...e1 cust Global Export Map The global export map enables VPN routes to be automatically exported from the BGP RIB table in a VRF to the global BGP RIB table the BGP RIB table of the parent VR based on...

Page 499: ...ier provides a VPN backbone network for the customer carrier Tier 1 The customer carrier in turn provides layer 3 VPN or Internet services to its end customers Tier 2 This section provides the backgro...

Page 500: ...carrier Flexibility The VPN backbone can be used to deliver both VPN services and Internet connectivity services The following benefits are provided to the provider carriers Reduced VPN administratio...

Page 501: ...rriers environment in which the customer carrier provides Internet connectivity services to its customers The figure shows how the labels are added and removed as the traffic traverses the network The...

Page 502: ...he provider carrier s PE router Customer Carrier as a VPN Service Provider The carrier of carriers VPN can be used to create two tiered hierarchical VPNs In a hierarchical VPN the provider carrier s V...

Page 503: ...u must complete the following configuration process when the customer carrier provides VPN services for its customers On the provider carrier s PE router 1 Configure MPLS 2 Configure BGP Carrier of Ca...

Page 504: ...vider carrier creates a backbone VPN that is used by a customer carrier You must enable carrier of carriers support on the VRF of the provider carrier s PE device that connects to the PE device of the...

Page 505: ...RFs on the PE router or into the core VRFs maintain a routing table only for the customer internal routes Forwarding is accomplished primarily by label switching without a routing table lookup Only cu...

Page 506: ...ustomer IPv6 networks through the CE IPv6 link You can use any IPv6 enabled routing protocol to access the CE routers Use any MPLS signaling protocol to establish an MPLS base tunnel in the IPv4 core...

Page 507: ...reach the customer IPv6 island 2001 0430 32 Router PE 2 then uses MP BGP AFI 2 SAFI 1 to advertise to CE 2 its ability to reach this network CE 2 sends native IPv6 packets destined for the 2001 0430...

Page 508: ...s expected You can easily accomplish this by also configuring an IPv6 address on the core facing interface host1 config interface atm3 0 1 host1 config atm pvc 30 0 30 aal5snap host1 config ip address...

Page 509: ...e peer group inherit the characteristic configured with this command You cannot override the characteristic for a specific member of the peer group Example host1 config router af neighbor 192 168 5 1...

Page 510: ...v4 route applies export policy to the route and then propagates the route to a remote PE site by means of the MPLS VPN backbone At the destination PE router MP BGP places each route in the appropriate...

Page 511: ...4 routes The PE OSPF router becomes the originator of the routes which are either type 5 external routes or type 3 internal routes The PE router can announce the OSPF routes to the appropriate CE rout...

Page 512: ...F VRF on the PE router with the domain tag command The value of a VPN route tag must be unique within an OSPF domain so that the same external route is not propagated back to the BGP MPLS VPN backbone...

Page 513: ...r link connects customer site 4 to customer site 5 directly without going through the backbone OSPF uses the backdoor path for traffic flow between these two sites for the following reasons At CE 4 an...

Page 514: ...e remote PE router Use the ttl command to configure a TTL for the remote neighbor because the neighbor might be more than a single hop away Use the update source command to specify the loopback addres...

Page 515: ...n the range 1 255 seconds the default value is 1 second Example host1 pe1 config router rn ttl 35 Use the no version to restore the default value 1 second See ttl update source Use to specify the loop...

Page 516: ...rom other PE routers back into OSPF host1 default ospf2 config router redistribute bgp 6 Create an address family in BGP host1 default config router bgp 100 host1 default config router address family...

Page 517: ...rred to as L2VPN instances on the router An L2VPN sometimes referred to as Virtual Private Wire Service VPWS is a BGP MPLS application that has much in common with BGP MPLS VPNs L2VPNs employ layer 2...

Page 518: ...t next hop is resolved the IP routing table the IP tunnel routing table or both and whether this is in a VR or VRF IP indirect next hop index Index number of the IP indirect next hop that this BGP ind...

Page 519: ...PLS indirect next hop when chains of next hops are in use Reference count Number of label mappings of BGP routes that use this next hop Examples host1 pe2 show ip bgp vpnv4 all next hops Indirect next...

Page 520: ...face statistics was compromised Router advertisement Whether routes are advertised enabled or disabled Administrative debounce time Configured debounce behavior enabled or disabled If enabled indicate...

Page 521: ...s Number of committed packets dropped because of out queue threshold limit Out Scheduler Drops Conformed Packets Number of conformed packets dropped because of out queue threshold limit Out Scheduler...

Page 522: ...Description null0 255 255 255 255 up up atm4 0 77 7 8 7 7 up up See show ip interface vrf show ip protocols Use to display information about the routing protocols associated with the VRF You must spec...

Page 523: ...OSPF learned routes Redistributing Protocol to which OSPF is redistributing routes Address Summarization Aggregate addresses defined in the routing table for multiple groups of addresses at a given le...

Page 524: ...3 Routing Protocol is ospf 1 with Router ID 13 13 13 1 Distance is 110 Redistributing bgp Address Summarization None Routing for Networks 13 13 13 0 255 255 255 0 area 0 0 0 0 See show ip protocols sh...

Page 525: ...te distinguisher for the VRF Interfaces Interfaces configured for the VRF Examples host1 show ip vrf VRF Name Default RD Interfaces vpn1 1 1 null0 atm4 0 77 vpn2 1 3 null0 fastEthernet3 0 atm4 0 21 ho...

Page 526: ...bal BGP non VPN RIB The map applies to both IPv4 and IPv6 routes unless the field name is preceded by IPv4 applies to only IPv4 routes or IPv6 applies to only IPv6 routes Global Export Route map Route...

Page 527: ...munities 100 3 No Import Route map No Export Route map No Global Import Route map No Global Export Route map See show ip vrf show ip vrf interfaces Use to display summary information about all interfa...

Page 528: ...ets generated no routes Number of packets that could not be routed discards Number of packets that could not be routed that were discarded ICMP Statistics Rcvd errors Number of error packets received...

Page 529: ...and bytes forwarded into an output IP interface In Total Dropped Packets Bytes Total number of packets and bytes discarded on a receive IP interface In Policed Packets Number of packets discarded on a...

Page 530: ...than a problem with the packet itself Out Fabric Dropped Packets Number of packets dropped because of internal fabric congestion Examples host1 PE1 show ip vrf interfaces Interface IP Address Status P...

Page 531: ...ast Packets 0 Bytes 0 In Forwarded Packets 0 Bytes 0 In Total Dropped Packets 0 Bytes 0 In Policed Packets 0 In Invalid Source Address Packets 0 In Error Packets 0 In Discarded Packets 0 In Fabric Dro...

Page 532: ...re pkts Number of packets sent across tunnel hcPkts Number of high capacity 64 bit packets sent across tunnel octets Number of octets sent across tunnel hcOctets Number of high capacity 64 bit octets...

Page 533: ...eue 0 traffic class best effort bound to atm vc ATM6 0 1 Queue length 0 bytes Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packets 0 bytes 0 Dropped exceeded packe...

Page 534: ...nel octets Number of octets sent across tunnel hcoctets Number of high capacity 64 bit octets sent across tunnel errors Number of packets that are dropped for some reason before being sent discardPkts...

Page 535: ...There is no no version See undebug ip mbgp Monitoring BGP MPLS VPNs 499 Chapter 5 Configuring BGP MPLS Applications...

Page 536: ...500 Monitoring BGP MPLS VPNs JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 537: ...Layer 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 503 Configuring Layer 2 Services over MPLS on page 523 Monitoring Layer 2 Services over MPLS on page 557 Layer 2 Services Over MP...

Page 538: ...502 Layer 2 Services Over MPLS JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 539: ...et service providers offer multiple services such as Frame Relay Asynchronous Transfer Mode ATM Ethernet High Speed Data Link Control HDLC and IP to their customers but are consolidating to a single p...

Page 540: ...er legacy layer 2 connections to E Series routers are unaware that MPLS tunneling is used Figure 114 Layer 2 Services over a Provider s MPLS Network Layer 2 Services over MPLS Platform Considerations...

Page 541: ...0 router and the E320 router use the slot adapter port subinterface format which includes an identifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right...

Page 542: ...Layer Configuration Guide See Configuring Frame Relay in JUNOSe Link Layer Configuration Guide See Configuring Packet over SONET in JUNOSe Link Layer Configuration Guide See Configuring Bridged Ether...

Page 543: ...layer 2 services over MPLS to transmit data between two layer 2 interfaces that reside on the same E Series router In this configuration which is referred to as a local cross connect traffic that arr...

Page 544: ...mands Even though you can configure the group ID the JUNOSe software does not currently use it Whether the control word is used configured with the control word and no control word options of the mpls...

Page 545: ...on When the MPLS shim interface is the only layer stacked above the layer 2 interface as is the case with ATM Frame Relay and HDLC then all traffic is forwarded to the MPLS shim interface and across t...

Page 546: ...them encapsulates them using Martini encapsulation and forwards them to an MPLS tunnel At the end of the tunnel the packet is de encapsulated segmented back and sent to a selected ATM VC In Figure 117...

Page 547: ...llowing limitations Only AAL5 packets and OAM cells are forwarded There is no equivalent of VP switching Point to multipoint connections are not supported Automatic connection setup using user to netw...

Page 548: ...ultiple ATM cells in a single encapsulated packet that is transmitted on the MPLS pseudowire You can use the atm cell packing and atm mcpt timers commands to configure the following parameters that co...

Page 549: ...S pseudowire Optional Martini one to one cell encapsulation method with cell headers removed Related Topics For information about AAL5 SDU encapsulation see Encapsulation Methods for Transport of ATM...

Page 550: ...JUNOSe implementation of HDLC layer 2 circuits supports encapsulation of either HDLC frames or PPP frames within MPLS frames By default the router uses VC type HDLC signaling and HDLC encapsulation to...

Page 551: ...the source and destination IP addresses are used in the hashing rule to determine the distribution criteria for received packets You must a different VLAN for IP packets from the one used for MPLS L2V...

Page 552: ...devices see Multiple Layer 2 Services over MPLS on page 509 Related Topics MPLS L2VPN Tunnel over VLAN over LAG Configuration Example on page 541 MPLS L2VPN Tunnel over LAG Configuration Example on p...

Page 553: ...ceived from the pseudowire connection and then transmitting the resulting frame to the attachment circuit You can enable the raw mode configuration only for MPLS shim interfaces stacked on S VLAN inte...

Page 554: ...u cannot configure a VLAN subinterface with a VLAN ID value if any S VLAN subinterface on the same major VLAN is configured with the same S VLAN ID value C VLAN ID as anyUntagged and Ethertype as 0x81...

Page 555: ...he single pseudowire To configure the subset of ATM virtual circuits you must configure a VPI VCI range using the new mpls relay atm vpi range vpiStart vpiEnd vci range vciStart vciEnd command in glob...

Page 556: ...he MPLS Martini circuit configuration on an ATM port you cannot add the interface label space RSVP configuration on the same ATM port Therefore you can configure an ATM port with either the interface...

Page 557: ...erface on the same ATM port with a VPI VCI value that is not included by the specified range specification and use that interface as an IP interface or subscriber interface If you configured a VPI VCI...

Page 558: ...alability Considerations Because the support for multiple ATM VCs over a single pseudowire requires one pseudowire per ATM port and the number of ATM ports in a fully populated ERX chassis is in the o...

Page 559: ...HDLC Layer 2 Services on page 532 Configuring CE Side Load Balancing for Martini Layer 2 Transport on page 534 Frame Relay over MPLS Configuration Example on page 538 MPLS L2VPN Tunnel over VLAN over...

Page 560: ...ces over MPLS with the RFC 4619 Frame Relay pseudowire type 1 Configure the Frame Relay interface host1 config interface serial 4 1 1 1 host1 config if encapsulation frame relay ietf host1 config if f...

Page 561: ...interface dlci ietf frame relay intf type frame relay lmi type interface serial mpls relay route interface Configuring Ethernet VLAN Layer 2 Services To configure Ethernet VLAN layer 2 services over M...

Page 562: ...config interface fastEthernet 8 1 host1 config if encapsulation vlan host1 config if interface fastEthernet 8 1 1 2 Create the S VLAN tunnel and assign the S VLAN Ethertype For example the following...

Page 563: ...Local Cross Connect Between Ethernet VLAN Interfaces To configure the application shown in Figure 119 on page 527 1 Configure a local IP address You can use any reachable local IP address This example...

Page 564: ...astEthernet 3 1 1 host1 config if vlan id 11 6 Optional If you are configuring a multiservice local cross connect assign an IP address and mask to the Ethernet VLAN interface host1 config if ip addres...

Page 565: ...ingress interface host1 config interface atm 2 0 1 host1 config subif atm pvc 1 0 100 aal5all 3 Create an MPLS relay connection to the loopback interface Include the address of the loopback interface...

Page 566: ...rent routers you can also use AAL0 encapsulation when you configure a local cross connect between two ATM 1483 subinterfaces within the same router To create an MPLS pseudowire connection with VCC cel...

Page 567: ...nfig atm mcpt timers 1500 2500 3500 host2 config interface loopback 0 host2 config if ip address 6 1 1 1 255 255 255 255 host2 config exit host2 config interface atm 4 0 101 host2 config subif atm pvc...

Page 568: ...knownProtocol 0 OutDiscards 0 1 interface s found Related Topics atm cell packing atm mcpt timers atm pvc interface atm interface loopback ip address mpls relay show atm mcpt timers show atm subinterf...

Page 569: ...ptional Attach an MPLS policy to the HDLC layer 2 circuit by using the mpls policy command host1 config if mpls policy input hdlc policy 4 Configure the serial or POS interface and MPLS on the remote...

Page 570: ...eries router to interoperate with an 802 3ad switch You can configure load balancing in two different ways You can configure many shim interfaces with the same peer VC type and VC ID Alternatively you...

Page 571: ...ost1 config interface atm 6 0 101 point to point host1 config subif mpls relay 10 9 1 2 600001 host1 config subif exit host1 config interface atm 6 2 101 point to point host1 config subif mpls relay 1...

Page 572: ...igured on each port Load balancing group 100 includes three Martini circuits one for each pair of subinterfaces on the ports That is three circuits were created one for the pair 2 0 1 and 3 1 10 one f...

Page 573: ...erfaces are entered one by one For example the following commands configure two Martini circuits to different PE routers in the same load balancing group 100 sharing the candidate Ethernet ports 2 0 a...

Page 574: ...change the script for your specific configuration The topology example shown in Figure 121 on page 538 further explains the configuration script NOTE The route interface command is used toward the en...

Page 575: ...psulation frame relay ietf interface serial 4 0 1 1 1 frame relay interface dlci 17 ietf interface serial 4 0 2 1 encapsulation frame relay ietf interface serial 4 0 2 1 1 frame relay interface dlci 1...

Page 576: ...m pvc 2 1 12 aal5snap ip address 10 10 12 3 255 255 255 0 ip router isis mpls mpls ldp router isis net 47 0005 80FF F800 0000 0000 0004 0000 F209 0303 00 mpls traffic eng router id loopback 0 mpls tra...

Page 577: ...e Figure 122 on page 542 shows a sample configuration scenario of an MPLS L2VPN or Martini tunnel over VLAN over LAG The sample topology shows a customer edge router CE1 connected to a provider edge r...

Page 578: ...thernet 2 1 0 host1 ce1 config if member interface gigabitEthernet 2 1 3 Specify VLAN as the encapsulation method for the Ethernet interface host1 ce1 config if encapsulation vlan Specify another subi...

Page 579: ...e For this subinterface assign a VLAN ID specify the encapsulation method as VLAN configure MPLS and assign an IP address and mask Also enable LDP and topology driven LSP as does any LDP related comma...

Page 580: ...rnet interface on PE2 and specify VLAN as the encapsulation method host1 pe2 config interface gigabitEthernet 2 1 5 host1 pe2 config if encapsulation vlan Create another Gigabit Ethernet subinterface...

Page 581: ...er a LAG bundle Because the Martini tunnel is configured directly over LAG in this case only the source and destination MAC addresses are used in the hashing process to determine the physical link for...

Page 582: ...onfig mpls Configure the LSR to create topology driven LSPs Enabling LDP automatically creates topology driven LSPs host1 pe1 config mpls topology driven lsp On PE1 configure a loopback interface and...

Page 583: ...LAG shown in Figure 123 on page 545 Configure a virtual router PE2 host1 config virtual router pe1 Enable MPLS on a virtual router in Global Configuration mode host1 pe2 config mpls Configure PE2 to c...

Page 584: ...rnet 2 1 7 host1 ce2 config subif ip address 7 7 7 8 255 255 255 0 Related Topics MPLS L2VPN Tunnel over VLAN over LAG Configuration Example on page 541 CE Side MPLS L2VPNs over LAG Overview on page 5...

Page 585: ...owire is configured for raw mode only two cases are supported whether the CE side device is S VLAN aware or not aware Table 66 on page 549 describes the different scenarios in which the Martini circui...

Page 586: ...kets over a Martini circuit with ES2 4G GE 2 GE FE ES2 10G ES2 10G Uplink and ES2 10G ADV LMs The different processing points inside the PE facing routers are denoted as A B C and D Figure 125 Etherne...

Page 587: ...ncapsulation header is added to the packet and the egress line module forwards it to the MPLS network This functionality is the same for both ES2 4G LMs ES2 10G LMs ES2 10G Uplink LMs and ES2 10G ADV...

Page 588: ...VLAN tag based on subinterface configuration PW1 for double tagged traffic Pseudowire PW2 for single tagged traffic X Y tagged for traffic from CPE1 CPE1 CPE2 CVLAN Y Untagged Two customer premise equ...

Page 589: ...and the C VLAN Ethertype as 0x8100 which helps to uniquely identify the subinterface for all the following traffic patterns Untagged C VLAN tag only S VLAN tag only Both S VLAN and C VLAN tagged The f...

Page 590: ...1 transmits ATM cells on the ATM port connected to PE1 The transmitted cells contain VPI VCI values that are within the range specified as part of the MPLS Martini configuration on the ATM port of PE1...

Page 591: ...eudowires for this configuration In such a scenario traffic black holes might occur and rewriting of the ATM cell header takes place In this topology on the PE router configured with an ATM subinterfa...

Page 592: ...556 Multiple ATM Virtual Circuits over a Single Pseudowire Example JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 593: ...for Layer 2 Services over MPLS on page 560 Monitoring MPLS Forwarding for Layer 2 Services over MPLS on page 561 Monitoring MPLS Layer 2 Interfaces for Layer 2 Services over MPLS on page 562 Setting...

Page 594: ...1 config show atm mcpt timers ATM Martini cell aggregation timers Timer1 1500microseconds Timer2 2500microseconds Timer3 3500microseconds Meaning Table 68 on page 558 lists the show atm mcpt timers co...

Page 595: ...lists the show atm subinterface command output fields for a description of the other fields in this display see Monitoring ATM in the JUNOSe Link Layer Configuration Guide Table 69 show atm subinterfa...

Page 596: ...ing Table 70 on page 560 lists the show mpls cross connects atm command output fields Table 70 show mpls cross connects atm Output Fields Field Description Field Name VC ID number of the connection VC...

Page 597: ...ldp swap to 30 on ATM5 0 1 nbr 10 10 11 5 19 ldp swap to 32 on ATM5 0 1 nbr 10 10 11 5 20 ldp swap to 34 on ATM5 0 1 nbr 10 10 11 5 21 ldp lookup on inner header label 22 ldp swap to 38 on ATM5 0 1 nb...

Page 598: ...es Both the show mpls interface shim command and the show mpls l2transport interface command provide the same output The shim keyword displays all shim interfaces The brief keyword displays only limit...

Page 599: ...l information displayed when a circuit is up host1 show mpls l2transport interface Out Label 49 on tun mpls lsp de090100 24 37 0 pkts 0 hcPkts 0 octets 0 hcOctets 0 errors 0 discardPkts queue 0 traffi...

Page 600: ...appears instead of this field Displayed for an ATM port ATM AAL5 over ATM major interface ATM cell aggregation maximum cells per packet Identifier 1 2 or 3 of the ATM Martini cell packing timer that d...

Page 601: ...packets and bytes that exceed the committed access rate but conform to the peak access rate Conformed Number of packets and bytes that exceed the peak access rate Exceeded VC label sent by this router...

Page 602: ...p associated with the layer 2 Martini transport circuit Load Balancing Group Administrative state of the interface enabled or disabled Admin state Operational state of the interface up or down Oper st...

Page 603: ...Part 4 Virtual Private LAN Service VPLS Overview on page 569 Configuring VPLS on page 583 Monitoring VPLS on page 607 Virtual Private LAN Service 567...

Page 604: ...568 Virtual Private LAN Service JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 605: ...g In contrast L2VPNs that enable a virtual private wire service VPWS provide only a point to point traffic forwarding capability VPLS preserves the broadcast and multicast capabilities of the physical...

Page 606: ...guring VPWS on page 651 VPLS Components As illustrated in Figure 128 on page 570 a typical VPLS topology consists of the following components VPLS Domains Typically a VPLS domain is associated with cu...

Page 607: ...on page 570depicts two PE routers PE 1 which is the local router and PE 2 which is the remote router located at the other side of the service provider core Each PE router must have a VPLS instance th...

Page 608: ...that includes the MAC address and associated network interface where the packet was received For traffic on the VPLS virtual core interface the VPLS instance captures additional information that inclu...

Page 609: ...ity information Currently you can omit the signaling keyword with no adverse effects VPLS The VPLS address family enables you to configure the PE router to exchange layer 2 NLRI for a specified VPLS i...

Page 610: ...multipoint connectivity between the local and remote VEs The PWid field is a nonzero 32 bit integer that contains the VPLS identifier which is a globally unique identifier for a VPLS domain All VEs th...

Page 611: ...ck offset label range and route distinguisher can be different for each PE router The BGP path selection process uses the block offset and label range only to determine whether a layer 2 advertisement...

Page 612: ...attributes The PE routers receiving the advertised routes first run the standard BGP selection process The routes from the connected multihomed PE routers all share the same site ID but can have diffe...

Page 613: ...ire to the local PE router it verifies whether the prefix is in the range required for the site ID based on the block offset and label range advertised by the designated VE device If the prefix is out...

Page 614: ...t MPLS connectivity to the BGP next hop is gone BGP then modifies the circuit status vector bit in the MP_REACH_NLRI to indicate that the LSP is down When the bit is modified BGP advertises the route...

Page 615: ...ignaling using MP BGP to set up and tear down the pseudowires that constitute a VPLS instance VPLS signaling using LDP and the PWid FEC element FEC Type 128 to set up and tear down the pseudowires tha...

Page 616: ...interface However the interface specifier format that you use depends on the router that you are using For ERX7xx models ERX14xx models and ERX310 routers use the slot port subinterface format For exa...

Page 617: ...ng the Label Distribution Protocol LDP April 2006 RFC 4762 Virtual Private LAN Service VPLS Using Label Distribution Protocol LDP Signaling January 2007 Virtual Private LAN Service draft ietf l2vpn vp...

Page 618: ...582 VPLS References JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 619: ...ample with BGP Signaling on page 595 Configuration Tasks for VPLS with LDP Signaling on page 599 Configuring VPLS Instances with LDP Signaling on page 600 Configuring LDP Signaling for VPLS on page 60...

Page 620: ...onfiguring Optional Attributes for VPLS Instances on page 587 Configuring VPLS Network Interfaces on page 588 Configuring Subscriber Policies for VPLS Network Interfaces on page 589 Configuring the Lo...

Page 621: ...vpls site range 15 3 Specify a name and unique identifier for the customer site that belongs to the VPLS instance host1 config bridge customer1 vpls site name westford site id 1 The site ID value must...

Page 622: ...vplsA vpls transport virtual router vr1 host1 config bridge vplsB vpls transport virtual router vr2 host1 config bridge vplsC vpls transport virtual router vr1 Because vplsA and vplsC use the same tr...

Page 623: ...ferent than the site IDs configured on the remote PE routers in the VPLS network You can configure a different block offset label range and route distinguisher for each connected PE router Related Top...

Page 624: ...n host1 config bridge vplsB learn 2500 5 Optional Enable SNMP link status processing for all network interfaces associated with the specified VPLS instance host1 config bridge vplsB snmp trap link sta...

Page 625: ...trunk server interface see Configuring Subscriber Policies for VPLS Network Interfaces on page 589 host1 config if bridge group customer1 subscriber trunk 4 Optional Set the maximum number of MAC add...

Page 626: ...andles various packet or attribute types as follows For each packet type listed in Table 78 on page 590 the subscriber policy specifies whether the network interface permits forwards or denies filters...

Page 627: ...ning Table 79 on page 591 lists the commands that you can use to modify subscriber policies for subscriber client interfaces associated with either a VPLS instance or a standard bridge group Table 79...

Page 628: ...ct if a physical interface goes down The loopback interface sends packets back to the router or access server for local processing Any packets routed from the loopback interface but not destined to th...

Page 629: ...onfigure the core facing interface on which you want to enable MPLS Label Distribution Protocol LDP and topology driven LSPs host1 config interface atm 5 0 100 host1 config subif atm pvc 100 1 100 aal...

Page 630: ...ing an entry to the BGP neighbor table host1 config router neighbor 10 4 4 4 remote as 100 3 Use neighbor commands to specify the peers to which BGP advertises routes This example configures only the...

Page 631: ...s customer2 After you configure MPLS LSPs and BGP signaling the router automatically generates a VPLS virtual core interface for each VPLS instance The VPLS virtual core interface represents all of th...

Page 632: ...hernet or bridged Ethernet network interface provides a connection to the associated CE device Each VPLS instance maintains its own set of forwarding tables and filters to learn the network topology i...

Page 633: ...dged Ethernet interface 2 0 12 between PE 1 and CE 2 and assign it to vplsB as a trunk interface host1 config interface atm 2 0 12 point to point host1 config subif atm pvc 12 0 12 aal5snap 0 0 0 host...

Page 634: ...ls rd 100 21 host2 config bridge vplsA vpls route target both 100 1 Configure VPLS instance vplsB The route target 100 2 matches the route target configured for vplsB on PE 1 host2 config bridge vplsB...

Page 635: ...ghbor 10 1 1 1 next hop self host2 config router af exit address family host2 config router address family vpls vplsA host2 config router af exit address family host2 config router address family vpls...

Page 636: ...uring LDP Signaling for VPLS on page 601 Configuring Routing in the Core Network for VPLS on page 602 See VPLS Configuration Example with LDP Signaling on page 602 for a detailed sample configuration...

Page 637: ...ssed in this section to configure LDP signaling for VPLS Table 81 Commands to Configure LDP Signaling for VPLS mpls ldp vpls vpls id mpls ldp vpls neighbor To configure LDP signaling for VPLS on the P...

Page 638: ...area 0 0 0 0 host1 config router network 10 10 10 0 0 0 0 255 area 0 0 0 0 This example configures an OSPF routing process with process ID 1 and creates two OSPF interfaces in the backbone area area 0...

Page 639: ...nce to uniquely identify each VPLS domain In the sample topology in Figure 130 on page 603 instance vplsA is assigned VPLS ID 1 and instance vplsB is assigned VPLS ID 2 on both the local PE router and...

Page 640: ...hbor 2 2 2 2 Configure a loopback interface on PE 1 and assign it an IP address host1 config interface loopback 0 host1 config if ip address 1 1 1 1 255 255 255 255 host1 config if exit Assign the rou...

Page 641: ...mpls ldp vpls vplsB vpls id 2 host2 config mpls ldp vpls vplsB neighbor 1 1 1 1 Configure a loopback interface on PE 2 and assign it an IP address host2 config interface loopback 0 host2 config if ip...

Page 642: ...606 VPLS Configuration Example with LDP Signaling JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 643: ...elated Settings for VPLS on page 611 Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance on page 612 Monitoring VPLS Configuration and Statistics for all VPLS Instances on page 6...

Page 644: ...e on page 608 Setting a Baseline for the VPLS Virtual Core Interface Associated with a VPLS Instance on page 608 Setting a Baseline for a VPLS Instance To set a statistics baseline for a VPLS instance...

Page 645: ...PLS Virtual Core Interface Associated with A VPLS Instance on page 610 Clearing All Dynamic MAC Addresses from the VPLS Forwarding Table To clear all dynamic MAC address entries for the VPLS instance...

Page 646: ...gp commands to remove specific BGP attributes for the L2VPN address family and in one case for the VPLS address family associated with a specific VPLS instance Clearing BGP Reachability Information fo...

Page 647: ...ait end of rib Related Topics Configuring BGP Routing on page 3 clear ip bgp clear ip bgp dampening clear ip bgp wait end of rib Monitoring Bridging Related Settings for VPLS You can use the show comm...

Page 648: ...Purpose Display configuration and statistics information for the specified VPLS instance Action To display configuration information for a specified VPLS vplsA host1 show bridge vplsA BridgeGroup vpls...

Page 649: ...e transport virtual router configured for the VPLS instance Transport Virtual Rtr Unique route distinguisher configured for the VPLS instance Route Distinguisher Site name configured for the VPLS inst...

Page 650: ...nk Status Snmp Traps Disabled Subscriber Policy default Subscriber Port Count 2 Interface Count 1 Transport Virtual Rtr default Route Distinguisher 1 1 1 1 10 SiteName boston SiteId 1 Multi homed Yes...

Page 651: ...rts currently configured for the VPLS instance including network interfaces and the VPLS virtual core interface Port Count Number of network interfaces currently configured for the VPLS instance Inter...

Page 652: ...e interface atm 3 1 10 atm3 1 10 BridgeGroup vplsB Port Number 1 Operational Status Up Admin Status Up Snmp Link Status Trap Disabled Max Learn Unlimited Subscriber Policy default Trunk Statistics In...

Page 653: ...abled Max Learn Unlimited Subscriber Policy default Trunk Statistics In Octets 0 In Frames 0 In Discards 0 In Errors 0 Out Octets 0 Out Frames 0 Out Discards 40 Out Errors 0 Time since counters last r...

Page 654: ...this interface Out Octets Number of frames transmitted on this interface Out Frames Number of outgoing packets discarded on this interface Out Discards Number of outgoing errors on this interface Out...

Page 655: ...ore interface host1 show bridge interface vpls vplsB vpls vplsB BridgeGroup vplsB Port Number 2 Operational Status Up Admin Status Up Snmp Link Status Trap Disabled Max Learn Unlimited Subscriber Poli...

Page 656: ...ce In Errors Number of octets transmitted on this interface Out Octets Number of frames transmitted on this interface Out Frames Number of outgoing packets discarded on this interface Out Discards Num...

Page 657: ...0 Out Errors 0 Time since counters last reset 00 10 55 queue 0 traffic class best effort bound to bridge FastEthernet1 1 1 Queue length 0 bytes Forwarded packets 14 bytes 2042 Dropped committed packe...

Page 658: ...or the interface Subscriber Policy Displays statistics information for the specified port Statistics Number of octets received on this interface In Octets Number of frames received on this interface I...

Page 659: ...on which this interface resides Port Interface type and specifier associated with the port Interface Operational status of the physical interface Up Down LowerLayerDown NotPresent Status Related Topic...

Page 660: ...ing Subscriber Policy Rules Purpose Display the set of forwarding and filtering rules for all subscriber policies configured on the router or for a specified subscriber policy Action To display the ru...

Page 661: ...policy Subscriber Indicates that the subscriber interface forwards packets of the specified type For the relearn attribute specifies that relearning a MAC address entry on a different interface from t...

Page 662: ...Layer 2 NLRI for VPLS Instances Purpose Display layer 2 NLRI for all VPLS instances in the L2VPN address family for a particular VPLS instance in the L2VPN address family or for a particular VPLS ins...

Page 663: ...confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dam...

Page 664: ...L2VPN address family including the status of the route host1 pe1 show ip bgp l2vpn all fields best rd peer next hop loc pref extended communities next hop cost Prefix Rd Peer Next hop Next hop cost L...

Page 665: ...e route LocPrf Weight of the route Weight Origin of the route Origin AS path through which this route has been advertised AS path Description of the extended communities associated with this route Inc...

Page 666: ...p and its resolution IP indirect next hop index Index number of the MPLS indirect next hop that corresponds to the BGP indirect next hop and its resolution MPLS indirect next hop index Indicates wheth...

Page 667: ...s the PE router Remote PE Incoming MPLS label from the remote site In label Outgoing MPLS label used to reach the remote site Out label Related Topics show ldp vpls Monitoring MPLS Related Settings fo...

Page 668: ...LS packet router or interface Spoof check Action taken for MPLS packets arriving with that label Action Number of packets sent with the label in pkts Number of octets sent with the label in Octets Num...

Page 669: ...ace Count 1 Transport Virtual Rtr pe1 Route Distinguisher 1 1 1 1 10 SiteName westford SiteId 1 SiteRange 10 VPLS Route Targets Route Target RT 100 1 both Flood Next Hop Index 1048577 MPLS next hop 20...

Page 670: ...ed OL No Out Label Site State Remote PE In label Out label MPLS NH Idx Up down Time 2 UP 2 2 2 2 27 56 21 00 02 56 Meaning Table 98 on page 634 lists the show vpls connections command output fields Ta...

Page 671: ...the VPLS domain associated with the VPLS instance SiteRange Extended community identifiers also known as route targets for each VPLS instance configured on the router VPLS Route Targets Index number o...

Page 672: ...figuration Remote PE Incoming MPLS label from the remote site In label Outgoing MPLS label used to reach the remote site Out label MPLS next hop index number that corresponds to the outgoing MPLS labe...

Page 673: ...Part 5 Virtual Private Wire Service VPWS Overview on page 639 Configuring VPWS on page 651 Monitoring VPWS on page 665 Virtual Private Wire Service 637...

Page 674: ...638 Virtual Private Wire Service JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 675: ...VPWS VPWS L2VPNs are sometimes called Kompella L2VPNs You configure a VPWS instance on each associated edge router for each VPWS L2VPN Traditional VPNs over layer 2 circuits require the provisioning a...

Page 676: ...to point links between Westford and Bangalore Customer B needs only a single point to point link between Westford and Sunnyvale The service provider uses BGP and MPLS signaling in the core and create...

Page 677: ...Variable TLVs The local PE router selects a contiguous label block to cover all the remote sites for a given VPWS instance The local PE router then advertises that label block as part of the reachabil...

Page 678: ...If a control word mismatch occurs the pseudowire remains in a down state with a status of control word mismatch A control status vector is sent along with the other NLRI information This vector carri...

Page 679: ...as provider edge devices which are also referred to as PE routers These PE routers perform a similar function to PE routers in a BGP MPLS VPN configuration Figure 132 on page 642 depicts two PE route...

Page 680: ...ed site in the event of a PE router to CE device link failure the failure of a PE router or an MPLS reachability failure between the local PE router and a remote PE router A redundant PE router can be...

Page 681: ...routes advertised for a multihomed site effectively consists of multiple routes to a single prefix distinguished by the site ID alone Therefore the result of the second selection process is the single...

Page 682: ...rned by means of EBGP over one learned by means of IBGP 9 Select the path with the lowest IGP cost to the next hop 10 Select the path with the shortest route reflection cluster list Routes without a c...

Page 683: ...e VPWS network Because some implementations do not support the status vector bit The E Series routers also advertise the down bit in a VPWS network This bit is then used by the other routers to evalua...

Page 684: ...t and site is down The remote PE routers each run the best path selection process again and adjust the VPWS pseudowires as needed Failure of MPLS reachability to the remote PE router BGP on the PE rou...

Page 685: ...an L2VPN instance Multihoming Inter AS option A inter AS option B and inter AS option C services As with VPLS VPWS does not support BGP multipaths VPWS Platform Considerations VPWS is supported on al...

Page 686: ...ifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right IOA bay E120 router and the upper IOA bay E320 router adapter 1 identifies the left IOA bay E120 r...

Page 687: ...fore You Configure VPWS The JUNOSe software implementation of VPWS uses features of BGP MPLS BGP MPLS VPNs and layer 2 services over MPLS We recommend you have a thorough understanding of these protoc...

Page 688: ...ing interfaces in the VPWS instance a Configure the layer 2 interfaces that connect the PE router to each CE device in the L2VPN b Configure each layer 2 interface as a member of an VPWS instance by s...

Page 689: ...Configuring Customer Facing Interfaces in the VPWS Instance on page 655 Configuring the Loopback Interface and Router ID for BGP for VPWS on page 657 Configuring MPLS LSPs for VPWS on page 659 For a d...

Page 690: ...e the first number in the route distinguisher 100 is the number of the autonomous system AS The second number in the route distinguisher 11 uniquely identifies the L2VPN instance within that AS host1...

Page 691: ...multi homed priority 2 You must configure the same site ID on all PE routers connected to the multihomed customer site The site ID shared by the connected PE routers should be different than the site...

Page 692: ...between two local customer sites by first configuring the two local sites and then configuring the correct local and remote site IDs on the two local interfaces that you are cross connecting Figure 13...

Page 693: ...guring the Loopback Interface and Router ID for BGP for VPWS To establish a BGP session BGP uses the IP address of the outgoing interface towards the BGP peer as the update source IP address for the T...

Page 694: ...GP routers host1 config router bgp 738 2 Configure the PE to PE BGP session Use neighbor commands to specify the PE router peers to which BGP advertises routes and to configure additional BGP attribut...

Page 695: ...and separately for each VPWS instance configured on the router host1 config router address family vpws l2vpnA host1 config router address family vpws l2vpnB Related Topics Configuring BGP Routing on p...

Page 696: ...n LSPs on the core facing interface host1 config subif mpls ldp host1 config subif exit Related Topics Configuring MPLS on page 263 atm pvc interface atm ip address mpls mpls ldp VPWS Configuration Ex...

Page 697: ...n both PE 1 and PE 2 to provide signaling for both L2VPNs Configuration on PE 1 Local PE Router Use the following commands on the local PE router PE 1 to configure the VPWS topology shown in Figure 13...

Page 698: ...ter af exit address family Enable MPLS on the default virtual router host1 config mpls Configure ATM core facing interface 2 0 100 between PE 1 and the P router host1 config interface atm 2 0 100 host...

Page 699: ...r ID for PE 2 using the IP address of the loopback interface host2 config ip router id 10 2 2 2 Configure BGP signaling host2 config router bgp 738 host2 config router neighbor 10 2 2 2 remote as 738...

Page 700: ...LDP and topology driven LSPs on the core facing interface host1 config subif mpls host1 config subif mpls ldp host1 config subif exit 664 VPWS Configuration Example JUNOSe 11 0 x BGP and MPLS Configu...

Page 701: ...r VPWS L2VPNs on page 667 Monitoring BGP Next Hops for VPWS L2VPNs on page 671 Monitoring VPWS Connections on page 673 Monitoring VPWS Instances on page 675 Monitoring L2VPN Interfaces for VPWS on pag...

Page 702: ...amily Issue the clear ip bgp dampening command and specify l2vpn vpws vpwsName host1 clear ip bgp l2vpn dampening l2vpn vpws l2vpnBoston To clear route flap dampening information for all VPLS and VPWS...

Page 703: ...gs for the VPWS Address Family show ip bgp neighbors received routes show ip bgp advertised routes show ip bgp neighbors routes show ip bgp l2vpn all show ip bgp peer group show ip bgp neighbors show...

Page 704: ...block offset keywords Action To display information for a particular L2VPN instance in the L2VPN address family host1 pe1 show ip bgp l2vpn vpws l2vpn1 Local BGP identifier 10 1 1 1 local AS 100 2 ro...

Page 705: ...amed customer1 in the VPWS address family host1 show ip bgp l2vpn vpws customer1 site id 2 block offset 1 BGP route information for prefix 2 1 Received route learned from internal peer 10 2 2 2 best r...

Page 706: ...S Version number of the local routing information base Local RIB version Version number of the forwarding information base FIB version Status codes for the route listed before the Prefix best route in...

Page 707: ...show ip bgp community show ip bgp community list show ip bgp dampened paths show ip bgp filter list show ip bgp flap statistics show ip bgp neighbors show ip bgp neighbors dampened routes show ip bgp...

Page 708: ...ther this is in a VR or VRF Resolution Index number of the IP indirect next hop that corresponds to the BGP indirect next hop and its resolution IP indirect next hop index Index number of the MPLS ind...

Page 709: ...ocal Site Id Remote Site Id state state FastEthernet4 1 1 2 enabled up Connections status code UP Operational SC Local and Remote Site Identifier Collision EM Encapsulation Mismatch OR Out of Range DN...

Page 710: ...2d000007 02 24 45 3 2 UP 2 2 2 2 55 86 0000001d 01 50 40 To display detailed information about connections for a specific VPWS instance host1 show l2vpn connections instance l2vpn1 details L2VPN l2vpn...

Page 711: ...e in the VPWS instance Sites Priority of the VPWS instance to serve as the backup PE router for the CE device in the event of a network failure in the multihomed configuration indicates also that the...

Page 712: ...e Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100 11 Site Range 10 Sites Site Name boston Site Id 1 Route Targets Route Target RT 100 1 both Admin Oper Interfac...

Page 713: ...erence for sequence number send or don t send sequence numbers Route distinguisher configured for the VPWS instance Route Distinguisher Maximum number of customer sites allowed in the L2VPN instance S...

Page 714: ...trol word is preferred by default Do send sequence numbers by default Relay format is atm aal5 sdu vcc by default Administrative state is enabled Operational state is up Operational MTU is 9180 MPLS s...

Page 715: ...terface UID UID automatically assigned to the MPLS major interface when it is created Lower interface UID Internal platform dependent 32 bit representation of the interface location used by Juniper Ne...

Page 716: ...p l2transport to ATM2 0 12 26 ldp lookup on inner header label 27 ldp swap to 39 on ATM2 0 20 nbr 20 20 20 2 28 ldp swap to 41 on ATM2 0 20 nbr 20 20 20 2 29 ldp lookup on inner header label 30 ldp sw...

Page 717: ...the forwarding table BGP LDP or RSVP TE Owner Type and location of spoof checking performed on the MPLS packet router or interface Spoof check Action taken for MPLS packets arriving with that label Ac...

Page 718: ...682 Monitoring MPLS Forwarding Table for VPWS JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 719: ...Part 6 Index Index on page 685 Index 683...

Page 720: ...684 Index JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Page 721: ...ion 144 IGP interior gateway protocol 6 managing a large scale 143 AS path filtering 87 AS path BGP access lists modifying 72 attribute 120 filtering 87 as set keyword aggregate address 61 ATM Asynchr...

Page 722: ...multiple cells over a pseudowire and ATM n to one VCC cell transport 0x0009 pseudowire PW type 521 transportation of cells from multiple circuits over a single pseudowire 518 transportation of multipl...

Page 723: ...14 policies soft reconfiguration of 98 promiscuous peers 43 reapplying BGP policies 98 redistributing BGP routes 53 reduce the number of meshed peers 143 remove BGP dynamic peers 43 resetting BGP ses...

Page 724: ...ribute 473 OSPF routes distributing between PEs 473 distributing from CE to PE 473 distributing from PE to CE 473 OSPF routing information preserving 473 OSPF routing loops preventing 473 overriding A...

Page 725: ...ddresses 9 displaying BGP routes 160 cleanout timeout factor command 268 269 clear BGP hard 98 BGP soft 98 clear bgp ipv6 commands clear bgp ipv6 98 clear bgp ipv6 dampening 102 clear bgp ipv6 dynamic...

Page 726: ...h failures in BGP MPLS VPNs 374 pruning failed paths 374 enable a protocol BGP routing 17 432 enable protocols BGP routing 658 encapsulations ATM AAL0 511 ATM AAL05 510 equal cost multipath support on...

Page 727: ...face ILMI cells and transmission along with data cells on the same pseudowire same VCI VPI values as the data cells 520 inter AS interprovider services IPv4 391 IPv6 399 interface commands interface l...

Page 728: ...ported 503 load balancing adding member interface to group 537 configuring 537 group 534 monitoring 495 topology 534 536 local cross connects 507 514 527 532 monitoring 557 MPLS L2VPN over LAG configu...

Page 729: ...metric type 72 match mpls label 452 match route type 72 match tag 72 maximum route limit BGP MPLS VPN 446 maximum route warning threshold BGP MPLS VPN 446 maximum routes command 447 maximum paths comm...

Page 730: ...s 238 resources configuring 238 route pinning 238 RSVP TE See RSVP TE Resource Reservation Protocol with traffic engineering extensions S bit 213 shim header 213 shim interfaces configuring 509 528 so...

Page 731: ...on keepalive interval 266 mpls ldp session retries 266 mpls ldp session retry time 266 mpls ldp strict security 281 mpls ldp sync 281 mpls ldp targeted hello holdtime 266 mpls ldp targeted hello inter...

Page 732: ...172 neighbor weights BGP assign neighbor weights 112 neighbors peers BGP assigning weight to connections 112 distributing information in access lists 83 monitoring 172 network area command 602 network...

Page 733: ...concatenation 522 before configuring VCI VPI ranges 522 configuration on both ends of the matching in the VP VCI range 519 not matching in the VPI VCI range 519 failure detection change of state on t...

Page 734: ...RSVP TE Resource Reservation Protocol with traffic engineering extensions 229 BFD liveness detection and 252 bypass tunnels 284 detecting path failures 252 fast reroute extensions 284 graceful restar...

Page 735: ...170 show ip bgp filter list 172 show ip bgp flap statistics 172 show ip bgp inconsistent as 172 show ip bgp l2vpn 626 667 show ip bgp l2vpn vpls 626 667 show ip bgp longer prefixes 172 show ip bgp nei...

Page 736: ...d discovery 236 targeted sessions for VPLS with LDP signaling 573 technical support contacting JTAC xxxv test bgp ipv6 command 157 test ip bgp neighbor command 106 157 text and syntax conventions xxxi...

Page 737: ...amily 573 594 loopback interface and router ID configuring 592 monitoring BGP related settings 625 sample topology configuring 595 signaling overview 573 VPLS address family 573 594 VPLS instances for...

Page 738: ...flap dampening 666 BGP wait for end of RIB marker 666 components 642 configuration example 660 configure address families 658 BGP signaling 658 L2VPN instances 653 L2VPN interfaces 655 MPLS LSPs 659 s...

Reviews:

No comments

Related manuals for JUNOSE

KAPERSKY ADMINISTRATION KIT 6.0 Administrator'S Manual preview
ADMINISTRATION KIT 6.0
Brand: KAPERSKY Pages: 115
Crestron CRESTRON-APP-SSTV Operations & Installation Manual preview
CRESTRON-APP-SSTV
Brand: Crestron Pages: 28
Garmin Pilot User's Android User Manual preview
Pilot User's Android
Brand: Garmin Pages: 150
Brocade Communications Systems VA-40FC Hardware Reference Manual preview
VA-40FC
Brand: Brocade Communications Systems Pages: 60
Xerox Document centre 490 Color Management Manual preview
Document centre 490
Brand: Xerox Pages: 102
MACROMEDIA FLASH 8-ACTIONSCRIPT 2.0 LANGUAGE Reference preview
FLASH 8-ACTIONSCRIPT 2.0 LANGUAGE
Brand: MACROMEDIA Pages: 1378
eCopy ShareScan 4.2 Installation And Setup Manual preview
ShareScan 4.2
Brand: eCopy Pages: 266
GRASS VALLEY AURORA INGEST 7 Datasheet preview
AURORA INGEST 7
Brand: GRASS VALLEY Pages: 4
GRASS VALLEY Aurora Browse Upgrade Instructions preview
Aurora Browse
Brand: GRASS VALLEY Pages: 42
Dresser 5 Manual preview
5
Brand: Dresser Pages: 57
Bay Networks Event Manager Software Manual preview
Event Manager
Brand: Bay Networks Pages: 20
3Ware OpenSolaris User Manual preview
OpenSolaris
Brand: 3Ware Pages: 11
MACROMEDIA BREEZE-CLUSTERING BREEZE LIVE Manual preview
BREEZE-CLUSTERING BREEZE LIVE
Brand: MACROMEDIA Pages: 10
Ulead PHOTOIMPACT MENU PLUG-IN Manual preview
PHOTOIMPACT MENU PLUG-IN
Brand: Ulead Pages: 11
Xilinx LogiCORE Endpoint v2.4 User Manual preview
LogiCORE Endpoint v2.4
Brand: Xilinx Pages: 172
TC Electronic Intelligent Vocal Harmony Harmony4 Manual preview
Intelligent Vocal Harmony Harmony4
Brand: TC Electronic Pages: 21
Ulead COOL 3D 3.5 Manual preview
COOL 3D 3.5
Brand: Ulead Pages: 8
Ulead HD Plug-in 2.0 Manual preview
HD Plug-in 2.0
Brand: Ulead Pages: 11

Brands by name

Popular brands

Load more brands