Juniper JUNOSE Скачать руководство пользователя страница 319 | Manualshive

Страница: 319 / 738

background image

■

Configure RSVP MD5 authentication to provide hop-by-hop security.

See “Configuring RSVP MD5 Authentication” on page 283.

■

Configure fast reroute extensions to RSVP-TE to create a bypass tunnel.

See “Configuring RSVP-TE Fast Rerouting with RSVP-TE Bypass Tunnels” on
page 284.

■

Configure RSVP-TE peers to exchange hello messages and establish a hello
adjacency.

See “Configuring RSVP-TE Hello Messages to Determine Peer Reachability” on
page 287.

■

Configure RSVP-TE graceful restart to enable routers to maintain MPLS forwarding
state when a link or node failure occurs.

See “Configuring RSVP-TE Graceful Restart” on page 288.

■

Configure the exchange of RSVP-TE node hellos on all RSVP-TE interfaces.

See “Configuring RSVP-TE Hellos Based on Node IDs” on page 289.

■

Configure the BFD Protocol for RSVP-TE.

See “Configuring the BFD Protocol for RSVP-TE” on page 290.

Configuring RSVP MD5 Authentication

RSVP MD5 authentication provides hop-by-hop security against message spoofing
and replay attacks. When authentication is configured, RSVP embeds an integrity
object within secure cleartext RSVP messages sent between peers. The integrity
object includes a key ID unique to the sender, a message sequence number, and
keyed message digest. These attributes enable verification of both packet content
and sender.

For all potential RSVP peers, you configure the same key on the MPLS neighbor major
interfaces, and then enable RSVP authentication on each of these interfaces. When
you enable RSVP authentication on an interface, RSVP creates a security association
that includes the key, key ID, hash algorithm, and other associated attributes. Each
sender and receiver pair maintains the security association for their shared key.

NOTE:

You must enable authentication on both ends of an RSVP interface to protect

the link. Failure to do so can prevent tunnels through the interface from coming up.

Thereafter, RSVP messages sent by a router through the secured interface include
an integrity object that contains a key ID for the security association and an MD5
message digest of the message contents. To protect against message replay attacks,
the sending interface also places a sequence number in the integrity object. Each
sequence number is a unique, monotonically increasing number.

The secured interface expects each received RSVP message to include an integrity
object. The interface drops all RSVP messages that do not contain the object.

Configuring RSVP MD5 Authentication

■

283

Chapter 3: Configuring MPLS

«
...
317
318
319
320
321
...
»

Содержание JUNOSE

Страница 1: ...are for E Series Routing Platforms BGP and MPLS Configuration Guide Release 11 0 x Juniper Networks Inc 1194 North Mathilda Avenue Sunnyvale California 94089 USA 408 745 2000 www juniper net Published...

Страница 2: ...40 6 192 051 6 333 650 6 359 479 6 406 312 6 429 706 6 459 579 6 493 347 6 538 518 6 538 899 6 552 918 6 567 902 6 578 186 and 6 590 785 JUNOSe Software for E Series Routing Platforms BGP and MPLS Con...

Страница 3: ...alms devices links ports or transactions or require the purchase of separate licenses to use particular features functionalities services applications operations or capabilities or provide throughput...

Страница 4: ...n connection with such withholding taxes by promptly providing Juniper with valid tax receipts and other required documentation showing Customer s payment of any withholding taxes completing appropria...

Страница 5: ...nted to in writing by the party to be charged If any portion of this Agreement is held invalid the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement T...

Страница 6: ...vi...

Страница 7: ...Part 3 Layer 2 Services Over MPLS Chapter 6 Layer 2 Services over MPLS Overview 503 Chapter 7 Configuring Layer 2 Services over MPLS 523 Chapter 8 Monitoring Layer 2 Services over MPLS 557 Part 4 Vir...

Страница 8: ...viii JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 9: ...BGP Routing 3 Overview 3 Conventions in This Chapter 3 Autonomous Systems 4 BGP Speaker 5 BGP Peers and Neighbors 5 BGP Session 5 IBGP and EBGP 6 Interior Gateway Protocols 6 BGP Messages 7 BGP Route...

Страница 10: ...GP for Overload Conditions 40 Enabling Route Storage in Adj RIBs Out Tables 41 Effects of Changing Outbound Policies 42 Configuring the Address Family 43 Enabling Lenient Behavior 46 Configuring Promi...

Страница 11: ...mmand 112 Using a Route Map 113 Using an AS Path Access List 113 Configuring the Local Pref Attribute 115 Using the bgp default local preference Command 116 Using a Route Map to Set the Local Preferen...

Страница 12: ...acking 211 MPLS Labels and Label Spaces 212 TTL Processing in the Platform Label Space 213 TTL Processing on Incoming MPLS Packets 214 TTL Processing on Outgoing MPLS Packets 215 MPLS Rules for TTL Ex...

Страница 13: ...and TE Metrics 246 Determining Peer Reachability with RSVP TE Hello Messages 246 Hello Message Objects 247 Hello Message Instances 247 Sequence of Hello Message Exchange 247 Determination That a Peer...

Страница 14: ...uring LDP MD5 Authentication 281 Controlling LDP Label Distribution 282 Additional RSVP TE Configuration Tasks 282 Configuring RSVP MD5 Authentication 283 Configuring RSVP TE Fast Rerouting with RSVP...

Страница 15: ...ission Control Configuration 318 Monitoring Interfaces Configured with Traffic Engineering Bandwidth Accounting 318 Monitoring Virtual Router Configuration 319 Monitoring IP and IPv6 Tunnel Routing Ta...

Страница 16: ...racing the Path of an MPLS Echo Request Packet to a VPLS Instance 365 Packet Flow Examples for Verifying MPLS Connectivity 365 Packet Flow Examples for MPLS LSPs to an IP Prefix 366 Packet Flow Exampl...

Страница 17: ...t and Global Import Maps 421 Characteristics of Export and Global Export Maps 422 Subsequent Distribution of Routes 423 Creating a Map 423 Export Maps 423 Global Export Maps 424 Import Maps 424 Global...

Страница 18: ...tes to a Shared IP Interface 461 Global Export Map 462 Carrier of Carriers IPv4 VPNs 463 Customer Carrier as an Internet Service Provider 464 Configuration Steps 465 Customer Carrier as a VPN Service...

Страница 19: ...atency 512 Control Word Support 513 Unsupported Features 513 HDLC Layer 2 Services over MPLS 513 Interface Stacking 514 Encapsulation 514 Control Word Support 514 Local Cross Connects 514 CE Side MPLS...

Страница 20: ...543 Configuration on CE2 Remote CE Router 544 MPLS L2VPN Tunnel over LAG Configuration Example 545 Configuration on CE1 Local CE Router 546 Configuration on PE1 Local PE Router 546 Configuration on P...

Страница 21: ...riber Policies 590 Modifying Subscriber Policies 591 Considerations for VPLS Network Interfaces 591 Configuring the Loopback Interface and Router ID for VPLS 592 Configuring MPLS LSPs for VPLS 593 Con...

Страница 22: ...oring Bridging Related Settings for VPLS 611 Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance 612 Monitoring VPLS Configuration and Statistics for all VPLS Instances 614 Monit...

Страница 23: ...Configuring BGP Signaling for VPWS 658 Configuring MPLS LSPs for VPWS 659 VPWS Configuration Example 660 Topology Overview 661 Configuration on PE 1 Local PE Router 661 Configuration on PE 2 Remote PE...

Страница 24: ...xxiv Table of Contents JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 25: ...oute When Another Route is Absent 68 Figure 20 Advertising a Default Route When Another Route is Present 70 Figure 21 Filtering with Access Lists 84 Figure 22 Filtering Routes with an Access List 84 F...

Страница 26: ...for All Pushed Labels 257 Figure 61 Simple MPLS Domain 259 Chapter 3 Configuring MPLS 263 Figure 62 FEC Aggregation and Equal Cost Paths 278 Figure 63 Bypass Tunnel 285 Figure 64 Differentiated Servic...

Страница 27: ...oute for Internet Access 457 Figure 102 Fallback Global Option 458 Figure 103 Global Import Map Applied to Routes Imported from VRF BGP RIB 459 Figure 104 BGP Session Between CE Router and Parent VR 4...

Страница 28: ...a SIngle Pseudowire 554 Part 4 Virtual Private LAN Service Chapter 9 VPLS Overview 569 Figure 128 VPLS Sample Topology 570 Chapter 10 Configuring VPLS 583 Figure 129 Topology for VPLS Configuration Ex...

Страница 29: ...Addresses and Default Next Hop Addresses for Various Configurations 31 Table 14 Commands That Create Match and Set Route Maps 71 Table 15 Clauses Supported in BGP Match and Set Route Maps 71 Table 16...

Страница 30: ...Table 50 show mpls next hop Output Fields 348 Table 51 show mpls phb id Output Fields 349 Table 52 show mpls profile Output Fields 350 Table 53 show mpls rsvp Output Fields 351 Table 54 show mpls rsv...

Страница 31: ...Monitoring VPLS Bridging Settings 611 Table 84 show bridge Output Fields 613 Table 85 show bridge groups details Output Fields 615 Table 86 show bridge interface Output Fields 617 Table 87 show bridg...

Страница 32: ...Table 105 show ip bgp l2vpn all next hops Output Fields 672 Table 106 show l2vpn connections Output Fields 675 Table 107 show l2vpn instance Output Fields 677 Table 108 show l2vpn interface Output Fie...

Страница 33: ...ation in the latest release notes differs from the information in the documentation follow the JUNOSe Release Notes To obtain the most current version of all Juniper Networks technical documentation s...

Страница 34: ...f 2 Routing Process OSPF 2 with Router ID 5 5 0 250 Router is an Area Border Router ABR Represents information as displayed on your terminal s screen Fixed width text like this There are two levels of...

Страница 35: ...ware CDs and at http www juniper net Documentation Feedback We encourage you to provide feedback comments and suggestions so that we can improve the documentation to better meet your needs Send your c...

Страница 36: ...se notes http www juniper net customers csc software Search technical bulletins for relevant hardware and software notifications https www juniper net alerts Join and participate in the Juniper Networ...

Страница 37: ...Part 1 Border Gateway Protocol Configuring BGP Routing on page 3 Border Gateway Protocol 1...

Страница 38: ...2 Border Gateway Protocol JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 39: ...on page 133 Detecting Peer Reachability with BFD on page 141 Managing a Large Scale AS on page 143 Configuring BGP Multicasting on page 153 Using BGP Routes for Other Protocols on page 156 Configurin...

Страница 40: ...pref MULTI_EXIT_DISC multiexit discriminator or MED NEW_AS_PATH new as path NEW_AGGREGATOR new aggregator NEXT_HOP next hop or next hop NO_ADVERTISE no advertise NO_EXPORT no export NO_EXPORT_SUBCONF...

Страница 41: ...t of BGP peers with which it exchanges routing information BGP peers do not have to be directly connected to each other in order to share a BGP session Another term for BGP peer is BGP neighbor A BGP...

Страница 42: ...BGP and EBGP sessions but the rules for when to send which message and how to interpret each message differ slightly for this reason some people refer to IBGP and EBGP as two separate protocols IBGP r...

Страница 43: ...ing TCP session has been established is an open message This message contains various bits of information that enable the two BGP peers to determine whether they want to establish a BGP session with e...

Страница 44: ...ely resetting the session 4 Connection Rejected The BGP speaker is rejecting the connection for example because the peer is not configured locally on the speaker after accepting a transport protocol c...

Страница 45: ...of classful addresses such as Class A Class B and Class C in the Internet Classful addresses have an implicit fixed length mask corresponding to the predefined class boundaries For example 192 56 0 0...

Страница 46: ...an one route to the same destination prefix it selects one of those routes to use the best route based on the path attributes BGP as implemented on the Juniper Networks E Series Broadband Services Rou...

Страница 47: ...ot deaggregate the prefix A BGP speaker aggregating routes can include the aggregator attribute to indicate the router and AS where the aggregation was performed Community and extended community ident...

Страница 48: ...the IPv6 address family such as policy based routing redistributing routes to and from other protocols route aggregation route flap dampening and confederations For a description of IPv6 see Configuri...

Страница 49: ...te lookup to the IPv6 address in the IPv6 route table Exchange of IPv6 Routing Information over TCP IPv6 Figure 9 on page 13 illustrates the exchange of IPv6 routing information over a TCP IPv6 connec...

Страница 50: ...e address However the BGP peering does not come up for such a connection Platform Considerations For information about modules that support BGP on the ERX7xx models ERX14xx models and the Juniper Netw...

Страница 51: ...66 BGP Route Reflection An alternative to full mesh IBGP June 1996 RFC 1997 BGP Communities Attribute August 1996 RFC 1998 An Application of the BGP Community Attribute in Multi home Routing August 19...

Страница 52: ...r the latest drafts Features Some of the more important BGP features supported by the E Series router are the following Access lists Advertisement intervals Aggregation BGP MPLS VPNs Communities Confe...

Страница 53: ...ghbors All other basic configuration tasks are optional You can configure certain BGP attributes globally for peer groups or for individual peers The most specific level of configuration takes precede...

Страница 54: ...estart restart time bgp advertise best external to internal bgp graceful restart stalepaths time bgp always compare med bgp log neighbor changes bgp bestpath med confed bgp maxas limit bgp bestpath mi...

Страница 55: ...configure an address family it is not available that is EBGP multihop is not configurable per address family host1 config router neighbor 10 1 3 4 remote as 1234 host1 config router neighbor 10 2 3 4...

Страница 56: ...1 config router af neighbor 1 2 3 4 route map mcast map in host1 config router af exit address family Table 9 Commands Affecting Only the Current Address Family for the Specified Peer or Peer Group ne...

Страница 57: ...hbor advertisement interval neighbor allow neighbor allowas in neighbor description neighbor distribute list neighbor filter list neighbor graceful restart restart time neighbor graceful restart stale...

Страница 58: ...feature is enabled for BGP globally or by default The default version simply unconfigures the feature for the peer or peer group Applied to a peer the default version causes the peer to inherit the st...

Страница 59: ...me timer is 90 seconds host1 config router neighbor eastcoast peer group host1 config router neighbor 10 10 21 23 peer group eastcoast Peer group eastcoast and peer 10 10 21 23 both have the default t...

Страница 60: ...te neighbor send community neighbor prefix tree out neighbor distribute list out neighbor unsuppress map neighbor remove private as neighbor filter list out neighbor next hop self NOTE This restrictio...

Страница 61: ...come established Consider the simple network structure shown in Figure 10 on page 25 Routers LA and SanJose are IBGP peers within AS 873 Router SanJose has an EBGP peer router Boston in AS 17 Figure 1...

Страница 62: ...of Router Chicago s eastcoast peer group Similarly routers SanFran LA and SanDiego have no knowledge of being members of router Chicago s leftcoast peer group The following commands configure the eas...

Страница 63: ...oup specify an ip address and a peerGroupName of a BGP neighbor that belongs to this group This command takes effect immediately Use the no version to remove a neighbor from a peer group See neighbor...

Страница 64: ...st be in the same AS or if confederations are employed in the same sub AS in the same confederation Use the external keyword to specify that peers must be in a different AS Use the confederation keywo...

Страница 65: ...on the console This command takes effect immediately Example host1 3 config bgp log destination console severity notice host1 3 config router bgp 100 host1 3 config router bgp log neighbor changes NO...

Страница 66: ...r 192 50 30 1 host1 config neighbor 192 50 30 1 update source loopback 2 neighbor update source Use to allow a BGP session to use the IP address of a specific operational interface as the source addre...

Страница 67: ...have an IPv4 address then 0 0 0 0 IPv6 address of the interface If the interface does not have an IPv6 address then the session does not come up Interface name IPv6 neighbor address You can override a...

Страница 68: ...0 host1 config router neighbor 10 7 4 3 remote as 300 host1 config router neighbor 10 7 4 3 ebgp multihop To configure router LA host2 config ip route 10 1 10 0 255 255 255 0 10 7 4 4 host2 config rou...

Страница 69: ...n Example host1 config router neighbor 192 168 32 15 ibgp singlehop Use the no version to restore the default behavior wherein the internal peer cannot be a single hop peer Use the default version to...

Страница 70: ...hoose to conserve AS numbers by assigning private AS numbers to some customers You can assign private AS numbers from the range 64 512 to 65 535 However when BGP advertises prefixes to other ISPs it i...

Страница 71: ...in all received update messages If a received AS path is longer than the specified limit The route is stored in the BGP routing table and therefore is displayed by the show ip bgp commands The route...

Страница 72: ...ers The MD5 authentication feature uses the MD5 algorithm When you specify this command the router generates and checks the MD5 digest on every segment sent on the TCP connection In the following exam...

Страница 73: ...diately and automatically bounces the BGP session Use the no version to disable MD5 authentication See neighbor password Setting the Maximum Size of Update Messages You can use the neighbor maximum up...

Страница 74: ...palive message before declaring a peer not available BGP negotiates the hold time with each neighbor when establishing the BGP connection The peers use the lower of the two configured hold times BGP s...

Страница 75: ...tore the default values on all neighbors 30 seconds for the keepalive timer and 90 seconds for the hold time timer See timers bgp Automatic Summarization of Routes By default all routes redistributed...

Страница 76: ...ory in an overload condition You can have BGP either shut itself down or continue running in the latter case BGP performance might be altered because of the lack of resources overload shutdown Use to...

Страница 77: ...after the application of any outbound policy that is it stores the attributes as they will be advertised BGP does not store a bit to track whether a route was advertised to the peer group Storing the...

Страница 78: ...e outbound policy only for a peer group as a whole or for peers that are not members of a peer group neighbor rib out disable Use to disable storage of routes disable rib out in the specified neighbor...

Страница 79: ...ult You can also configure the router to exchange unicast IPv4 routes in a specified VRF Multicast IPv4 If you specify the multicast IPv4 address family you can use BGP to exchange routing information...

Страница 80: ...outer to exchange layer 2 NLRI for a specified VPWS instance For a description of VPWS see Configuring VPWS on page 651 Any command issued outside the context of an address family applies to the unica...

Страница 81: ...ipv4 unicast vrf vr2 host1 vr1 config router address family vpn4 unicast host1 vr1 config router address family ipv6 unicast Use the no version to disable the exchange of a type of prefix See address...

Страница 82: ...e peer BGP sends a capability message to the peer to advertise or withdraw the multiprotocol capability for the address family in which this command is issued If a neighbor is activated BGP also sends...

Страница 83: ...criber is assigned dynamically from a local pool or by using RADIUS or some other method BGP automatically creates a dynamic peer when a peer group member accepts the incoming BGP connection Dynamic p...

Страница 84: ...absence of a specified maximum the number of dynamic peers allowed is determined by the available memory and CPU Dynamic peers consume about the same resources as static peers When the maximum number...

Страница 85: ...are removed automatically and immediately Preexisting dynamic peers that are still allowed by the new configuration are not affected All the members of the peer group inherit the characteristic config...

Страница 86: ...gured with this command unless it is overridden for a specific peer Example host1 config router neighbor 10 12 3 5 passive Use the no version to restore the default condition permitting the initiation...

Страница 87: ...0 host3 config router neighbor 10 3 3 2 remote as 100 host3 config router neighbor 10 4 4 2 remote as 300 host3 config router network 172 28 8 0 mask 255 255 248 0 network Use to specify the prefixes...

Страница 88: ...as advertised to the speaker s external peers You can issue the bgp advertise external to internal command to cause BGP to revert to advertising two potentially different routes to its peers See Selec...

Страница 89: ...ree static routes on router Boston and configure router Boston to redistribute the static routes and routes from OSPF into BGP for the network structure shown in Figure 14 on page 53 host2 config ip r...

Страница 90: ...GP If you do not specify the route map option all routes are redistributed Use the metric keyword to set the multiexit discriminator MED for routes redistributed into BGP The default MED is the value...

Страница 91: ...t use the clear ip bgp command this command will bounce the BGP sessions or the clear ip routes command to reinstall BGP routes in the IP routing table Use the no version to restore the default of per...

Страница 92: ...lt the redistribute command does not permit a default route to be redistributed into BGP You can use the default information originate command to override this behavior and permit the redistribution o...

Страница 93: ...ecific static route when multiple entries exist for the same route Suppose that in Figure 16 on page 58 router KC has been configured to advertise a default route to router Chicago host1 config router...

Страница 94: ...utes that are advertised because of the neighbor default originate command This command takes effect immediately Use the no version to prevent the default route from being advertised by BGP Use the de...

Страница 95: ...ecifying the aggregate IP address and IPv6 routes by specifying the aggregate IPv6 prefix Figure 17 on page 59 illustrates an IPv4 network structure where you might use aggregation The following comma...

Страница 96: ...egate the routes while preserving the path information host2 config router bgp 873 host2 config router neighbor 10 2 2 3 remote as 873 host2 config router neighbor 10 5 5 1 remote as 17 host2 config r...

Страница 97: ...routes NOTE Do not use the as set keyword when you have many paths to aggregate If you do the aggregated route is continually withdrawn and reupdated as AS path reachability information changes for t...

Страница 98: ...routes bgp advertise inactive Use to enable the BGP speaker to advertise inactive routes best routes in the IP forwarding table that are not being used to forward traffic This feature is disabled by...

Страница 99: ...rtise IPv6 routes between two IPv4 peers over their BGP session Configure the peers by using IPv6 addresses within the IPv4 unicast address family You can set the IPv4 next hop with a static route or...

Страница 100: ...d in only the following address families Unicast IPv4 Unicast IPv6 Multicast IPv4 Multicast IPv6 VPNv4 unicast VPNv6 unicast NOTE For VPNv4 unicast and VPNv6 unicast address families we recommend that...

Страница 101: ...ied The route maps referenced by the neighbor advertise map command must include a match ip address clause You can also include additional match clauses All match commands supported by existing outbou...

Страница 102: ...1 an advertisement for the route to prefix 10 10 20 0 24 only if router 2 has received a route to prefix 172 24 19 0 24 from router 3 Alternatively if the route to prefix 172 24 20 0 has been installe...

Страница 103: ...esent in the BGP routing table Similarly you can impose additional restraints by including any other match clause that is supported by an existing outbound policy In this configuration the condition1...

Страница 104: ...ap condition1 sequence 5 host1 config router neighbor peer group1 advertise map alternatetoPG1 non exist map condition2 host1 config router exit host1 config ip as path access list 1 permit 300 Config...

Страница 105: ...you might want to control the advertisement of a default route based on the reachability of an IGP prefix Because conditional advertisement tracks the BGP routing table rather than the IP routing tab...

Страница 106: ...2 2 remote as 300 host1 config router network 172 55 55 0 24 host1 config router aggregate address 172 55 0 0 16 summary only host1 config router neighbor 10 12 12 2 advertise map default exist map te...

Страница 107: ...ypes those that support both match and set clauses and those that support only match clauses The match and set route maps consist of the route maps configured with any of the commands listed in Table...

Страница 108: ...te advertise map BGP does not support the clauses listed in Table 17 on page 72 However see Applying Table Maps on page 81 for exceptions for route maps applied with the table map command Table 17 Cla...

Страница 109: ...You can specify one or more extended community list names in a match clause If you specify more than one extended community list the lists are logical ORed Example host1 config route map nyc1 permit...

Страница 110: ...sion to delete the match clause from a route map or a specified value from the match clause See match level match metric Use to match a route for the specified metric value Example host1 config route...

Страница 111: ...only the received routes that match at least one section of the route map The nonmatching routes are rejected from entering the local BGP RIB and no further processing takes place A clause with multip...

Страница 112: ...nds are set Use route maps when you wish to have detailed control over how routes are redistributed between routing processes The destination routing protocol is the one you specify with the router co...

Страница 113: ...ompares each list entry with the community attribute A match is found for the list entry 231 10 and this community is deleted from the community attribute Similarly a match is found for the list entry...

Страница 114: ...ibutes in a route map for BGP updates You can specify a site of origin soo extended community and a route target rt extended community at the same time in a set clause without overwriting the other Ex...

Страница 115: ...acted from the metric of any routes matching the route map The relative metric value can be in the range 0 4294967295 Example host1 config route map nyc1 permit 10 host1 config route map set metric 25...

Страница 116: ...rigin egp Use the no version to delete the set clause from a route map See set origin set tag Use to set the tag value of the destination routing protocol Example host1 config route map nyc1 permit 10...

Страница 117: ...used to establish preference between routes to the same prefix to identify the best route to that prefix Setting distance in any other circumstance has no effect Example host1 config route map set di...

Страница 118: ...es currently in the table have a variety of values for these attributes host1 show ip route bgp Protocol Route type codes I1 ISIS level 1 I2 ISIS level2 I route type intra IA route type inter E route...

Страница 119: ...ply the list to routes received from or passed to a neighbor with the neighbor prefix list command Define a prefix tree with the ip prefix tree command and apply the list to routes received from or pa...

Страница 120: ...er the network shown in Figure 22 on page 84 Router NY originates network 10 16 22 0 23 and advertises it to router LA Suppose you do not want router LA to advertise that network to router Boston You...

Страница 121: ...elected prefixes as specified in an access list Using distribute lists is one of three ways to filter BGP advertisements The other ways are as follows Use AS path filters with the ip as path access li...

Страница 122: ...sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes that are already present in the BGP routing table you must use the clear ip bgp command t...

Страница 123: ...S path attribute Whenever a BGP route passes through an AS BGP prepends its AS number to the AS path attribute The AS path attribute is the list of ASs that a route has passed through to reach a desti...

Страница 124: ...te as 435 host1 config router neighbor 10 2 7 2 filter list 3 out host1 config router exit host1 config ip as path access list 1 deny 621_11 host1 config ip as path access list 1 permit host1 config i...

Страница 125: ...in with 32 ip as path access list Use to define an AS path access list to permit or deny routes based on the AS path Each access list is a set of permit or deny conditions for routes based on matching...

Страница 126: ...d policies configured for peer groups for which you have enabled Adj RIBs Out If you change the outbound policy for such a peer group and want to fill the Adj RIBs Out table for that peer group with t...

Страница 127: ...ost1 config ip as path access list dog1 permit _837 host1 config route map alpha permit 20 host1 config route map match as path dog2 host1 config route map exit host1 config ip as path access list dog...

Страница 128: ...f its community attribute Table 19 Action Based on Well Known Community Membership BGP Speaker Action Well Known Community Does not advertise the route to any EBGP peers does not advertise the route b...

Страница 129: ...ty host1 config router neighbor 10 72 4 3 route map setcomm out host1 config router exit host1 config ip as path access list 1 permit host1 config route map setcomm permit 10 host1 config route map ma...

Страница 130: ...umber that identifies the autonomous system and NN is a number that identifies the community within the autonomous system Use the no version to restore the default display See ip bgp community new for...

Страница 131: ...ement to any peer no export Prevents advertisement beyond the BGP confederation boundary Alternatively you can use the list keyword to specify the name of a community list that you previously created...

Страница 132: ...ch community 1 host1 config route map set metric 20 host1 config route map exit host1 config route map commtrc permit 2 host1 config route map match community 2 host1 config route map set metric 75 ho...

Страница 133: ...ommunity list unrelated to the community list that uses regular expressions BGP speakers can use the new extended community attribute to control routes similarly to the way it uses the community attri...

Страница 134: ...ection is slightly different when you change outbound policies for peer groups for which you have enabled Adj RIBs Out You cannot merely perform a hard clear or outbound soft clear for individual peer...

Страница 135: ...issuing the clear ip bgp soft in command neighbor soft reconfiguration inbound Use to initiate the storage of copies of routes received from the specified IP address or from all members of the specif...

Страница 136: ...but it also supports nonstandard implementations Cooperative Route Filtering If a BGP speaker negotiates the cooperative route filtering capability with a peer then the speaker can transfer inbound r...

Страница 137: ...2 168 1 158 maximum orf entries 125000 Use the no version to restore the default value of no limits See neighbor maximum orf entries neighbor prefix list Use to assign an inbound or outbound prefix li...

Страница 138: ...lude the route as a forwarding entry and does not advertise the route to BGP peers The penalty decrements by 50 percent for each half life interval that passes The half life interval resets when the r...

Страница 139: ...utes Dampening applies only to routes learned by means of EBGP The new dampening parameters are applied in future flaps Changing the dampening parameters does not affect the Figure of Merit that has b...

Страница 140: ...route map 21 permit 5 host1 config route map match as path 1 host1 config route map set dampening 5 1000 1500 45 15 host1 config route map exit host1 config ip as path access list 1 permit 300_ Acces...

Страница 141: ...ig route map nyc1 permit 10 host1 config route map set dampening 5 1000 1500 45 15 Use the no version to delete the set clause from a route map See set dampening Policy Testing You can analyze and che...

Страница 142: ...sharing the address and mask to be considered Specifying only an address causes a best match to be performed for the route If you completely specify a route with IP address mask and route distinguish...

Страница 143: ...f IBGP 9 Select the path with the lowest IGP cost to the next hop 10 Select the path with the shortest route reflection cluster list Routes without a cluster list are treated as having a cluster list...

Страница 144: ...xt hop of 10 2 2 1 Router Jackson advertises the same network externally to router Topeka with a next hop of 10 1 13 1 Figure 28 Configuring Next Hop Processing Router Memphis advertises 172 24 160 19...

Страница 145: ...ure router Topeka host3 config router bgp 25 host3 config router neighbor 10 1 13 1 remote as 604 host3 config router network 172 31 64 0 mask 255 255 192 0 Additional configuration is required for ro...

Страница 146: ...sed prefix If router Barcelona can reach router Madrid then it should be able to reach router Toledo Router Madrid therefore advertises 192 168 22 0 23 to router Barcelona with a next hop attribute of...

Страница 147: ...ber of the peer group New policy values are applied to all routes that are sent outbound policy or received inbound policy after you issue the command To apply the new policy to routes that are alread...

Страница 148: ...nfigure router LA so that the weight of routes coming from router Boston are higher more preferred than the routes coming from router NY Router LA subsequently prefers routes received from router Bost...

Страница 149: ...oute map route map 20 host1 config route map set weight 500 See JUNOSe IP Services Configuration Guide for more information about using route maps Using an AS Path Access List The following commands a...

Страница 150: ...list neighbor filter list Use to apply an AS path access list to advertisements inbound from or outbound to the specified neighbor or to assign a weight to incoming routes that match the AS path acces...

Страница 151: ...w policy to routes that are already present in the BGP routing table you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session Behavior is different for ou...

Страница 152: ...fig router bgp default local preference 200 Router LA sets the local preference for all updates from AS 32 to 125 Router SanJose sets the local preference for all updates from AS 17 to 200 Because rou...

Страница 153: ...ermit 10 host2 config route map match as path 1 host2 config route map set local preference 200 host2 config route map exit host2 config route map 10 permit 20 Router SanJose sets the local pref attri...

Страница 154: ...static The following commands configure router NY host2 config router bgp 100 host2 config router neighbor 10 4 4 1 remote as 100 host2 config router neighbor 10 2 25 2 remote as 100 host2 config rout...

Страница 155: ...ows this for all the routes known to routers NY and LA Table 20 Origin and AS Path for Routes Viewed on Different Routers AS Path Origin Router Route 300 IGP Albany 192 168 204 0 22 300 IGP Boston 192...

Страница 156: ...ver a route enters an AS BGP prepends the AS number to the AS path attribute This feature enables network operators to track routes but it also enables the detection and prevention of routing loops Co...

Страница 157: ...ring in the event the ASs are merged neighbor local as Use to assign a local AS to the given BGP peer or peer group If you specify a BGP peer group by using the peerGroupName argument all the members...

Страница 158: ...MED on the sending router by using the set metric command in an outbound route map Unless configured otherwise a receiving router compares MED attributes only for paths from external neighbors that ar...

Страница 159: ...255 255 255 0 host4 config router exit host4 config route map 10 permit 10 host4 config route map set metric 25 Router London receives updates regarding route 192 168 33 0 24 from both router Nice and...

Страница 160: ...al neighbors that are in the same AS The BGP path decision algorithm selects a lower MED value over a higher one Unlike local preferences the MED attribute is exchanged between ASs but does not leave...

Страница 161: ...ar of the current BGP session Use the no version to restore the default condition where a missing MED value is set to 0 the most preferred value See bgp bestpath missing as worst Comparing MED Values...

Страница 162: ...into account the MED when comparing Route 1 with Route 2 However BGP does not take into account the MED when comparing Route 3 with either Route 1 or Route 2 because Route 3 originates outside the con...

Страница 163: ...dard and Cisco proprietary orf messages Dynamic Capability Negotiation If both peers acknowledge support of dynamic capability negotiation then at any subsequent point after the session is established...

Страница 164: ...s these stale routes for a limited time and continues to use these routes to forward traffic Any existing stale routes from that peer are deleted to account for consecutive restarts When the restartin...

Страница 165: ...A receiving peer starts the timer as soon as it recognizes that the session with the restarting peer has transitioned to down The receiving peer also has a configurable timer that starts when it recog...

Страница 166: ...ault value 120 seconds See bgp graceful restart path selection defer time limit bgp graceful restart restart time Use to set the time BGP advertises to all peers within which it expects to reestablish...

Страница 167: ...r capability negotiation command prevents the advertisement of all BGP capabilities including graceful restart to the specified peers but does not affect global advertisement of the graceful restart c...

Страница 168: ...ill prefer to use the standard route refresh messages neighbor capability Use to control the advertisement of BGP capabilities to peers Capability negotiation and advertisement of all capabilities are...

Страница 169: ...BGP and IGPs Interactions between BGP and an interior gateway protocol are more likely to occur in an enterprise topology than in a service provider topology You can also encounter interactions when...

Страница 170: ...Figure 36 on page 134 router NY checks its IGP routing table for a route to 192 56 0 0 16 when it learns about the prefix from the IBGP session with router Boston If the route is not present the prefi...

Страница 171: ...also enables router Boston to put the route to 192 30 0 0 16 in its IP routing table and advertise it to router LA without learning about 192 30 00 16 from router Albany To configure router Boston ho...

Страница 172: ...Setting the Administrative Distance for a Route The administrative distance is an integer in the range 0 255 that is associated with each route known to a router The distance represents how reliable t...

Страница 173: ...lt value is 200 local Administrative distance for BGP local routes Local routes are those routes locally originated by BGP BGP can locally originate routes if you issue the network command if you conf...

Страница 174: ...show ip route command on router Chicago the BGP route does not appear Instead only the connected route is displayed Both routes are in the IP routing table but the show ip route command displays only...

Страница 175: ...n router Boston the router has both an IBGP route and a RIP route to the same prefix Even though the RIP route has a better administrative distance the IBGP route is propagated to router Philly becaus...

Страница 176: ...hange in value results in the backdoor OSPF being more preferred as a way to reach prefix 172 19 0 0 16 network backdoor Use to cause a backdoor IGP route to be preferred over an EBGP route to the sam...

Страница 177: ...5 Use the no version to restore the default value 1 See maximum paths Detecting Peer Reachability with BFD You can configure a Bidirectional Forwarding Detection BFD session with a BGP neighbor or pee...

Страница 178: ...config router neighbor 10 25 43 1 bfd liveness detection minimum interval 450 neighbor bfd liveness detection Use to enable BGP to detect whether a neighbor is unreachable by means of a BFD protocol s...

Страница 179: ...tion See neighbor bfd liveness detection BFD and BGP Graceful Restart So that BFD can maintain its BFD protocol sessions across a BGP graceful restart BGP requests that BFD set the C bit to 1 in trans...

Страница 180: ...u can reduce the IBGP mesh inside an AS by subdividing the AS into a confederation of sub ASs Each sub AS must be fully meshed internally but the sub ASs do not have to be fully meshed with each other...

Страница 181: ...535 to identify each sub AS AS 29 is now a confederation of three sub ASs AS 64720 AS 64721 and AS 64722 Each sub AS consists of fully meshed IBGP peers A slightly modified version of EBGP runs betwee...

Страница 182: ...fies that sub AS 64721 and sub AS 64722 are members of the same confederation as the sub AS that includes router Salem The neighbor remote as commands specify the IBGP connection with a neighbor in su...

Страница 183: ...MED and next hop attributes You can specify one or more individual sub AS numbers or you can issue the filter list keyword and an AS path access list which is based on regular expressions to specify...

Страница 184: ...eflectors peer with clients and other route reflectors within the cluster outside the cluster they peer with other reflectors and other routers that are neither clients nor reflectors Route reflectors...

Страница 185: ...der the cluster shown in Figure 44 on page 149 The operator has attempted to provide redundancy in Cluster 9 by configuring two route reflectors router Acton and router Westford Unfortunately router H...

Страница 186: ...er ID of each cluster traversed by a route When a route reflector passes a route from a client to a nonclient router outside the cluster the reflector appends the cluster ID to the list When a route r...

Страница 187: ...nfig router neighbor 10 7 6 2 remote as 29 You do not configure a cluster ID because router Concord is the only route reflector in this cluster To configure router Acton as a route reflector host3 con...

Страница 188: ...rs of a peer group Example host1 config router no bgp client to client reflection Changes apply automatically to any routes received after you issue the command To advertise or withdraw routes that ar...

Страница 189: ...asting The BGP multiprotocol extensions MP BGP enable BGP to carry IP multicast routes used by the Protocol Independent Multicast PIM to build data distribution trees See JUNOSe Multicast Routing Conf...

Страница 190: ...VPWS on page 651 As discussed in Understanding BGP Command Scope on page 18 BGP configuration commands fall into five categories If you specify the multicast address family from within the Address Fam...

Страница 191: ...activate it in another address family If you specify a BGP peer group by using the peerGroupName argument all the members of the peer group inherit the characteristic configured with this command unl...

Страница 192: ...differs from that for unicast networks However you might use this command if you do not want to run multicast MP BGP or if you are running BGP between CE routers in a given BGP MPLS VPN the current s...

Страница 193: ...this command to work properly If you run the policy test on incoming routes soft reconfiguration configured with the neighbor soft reconfiguration in command must be in effect NOTE You can use the sta...

Страница 194: ...command unless it is overridden for a specific peer You can set a weight value for inbound routes filtered with a filter list Example host1 test ip bgp neighbor 10 12 54 21 advertised routes distribut...

Страница 195: ...iously enabled with the debug ip bgp command See debug ip bgp default fields peer Use to specify fields that are displayed by default by a subsequently issued show ip bgp summary command Use the intro...

Страница 196: ...e installation 6 path attribute entries 936 bytes Local RIB version 74 FIB version 74 Prefix Next hop MED LocPrf Weight AS path 99 99 99 11 32 1 1 1 1 1 100 0 65011 99 99 99 12 32 1 1 1 1 0 100 0 empt...

Страница 197: ...ith the route Originator ID Router ID of the router in the local AS that originated the route Cluster ID list List of cluster IDs through which the route has been advertised Stale Route has gone stale...

Страница 198: ...is unicast MPLS in label is none MPLS out label is 17 Next hop IP address is ffff 2 2 2 2 metric 3 Multi exit discriminator is 0 Local preference is 100 Weight is 0 Origin is IGP AS path is 65021 Exam...

Страница 199: ...ation for routes in the route target address family corresponding to the specified RT MEM NLRI host1 show ip bgp route target signaling 100 100 1 96 BGP route information for prefix 100 100 1 96 Recei...

Страница 200: ...4 4 Unreachable 22 22 22 22 32 3 3 3 3 3 3 3 3 Unreachable 22 22 22 22 32 4 4 4 4 4 4 4 4 Unreachable 33 33 33 33 32 3 3 3 3 3 3 3 3 Unreachable 44 44 44 44 32 4 4 4 4 4 4 4 4 Unreachable 55 55 55 55...

Страница 201: ...nel only routes selected for tunnel route table installation Number of routes in the BGP routing table that have been inserted into the IP tunnel routing table path attribute entries Number of distinc...

Страница 202: ...the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for descriptions of the fields displayed by this keyword Field descriptio...

Страница 203: ...2768 inc 33 0 0 0 24 0 0 0 0 5 72 1 1 1 32768 inc 44 44 0 0 16 5 72 116 1 5 72 1 1 0 inc See show ip bgp advertised routes See show bgp ipv6 advertised routes show ip bgp aggregate address show bgp ip...

Страница 204: ...uting table that have been inserted into the IP routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for di...

Страница 205: ...ed a route to the same prefix all routes are included in this count distinct prefixes Number of routes to unique prefixes stored in the BGP routing table If several peers have advertised a route to th...

Страница 206: ...s keyword Field descriptions Local router ID BGP router ID of the local router local AS Local autonomous system number paths Total number of routes stored in the BGP routing table If several peers hav...

Страница 207: ...next hop of a route is unreachable if not displays the IGP cost to the indirect next hop If you filter the display with field options the usual introductory information about BGP attributes is displa...

Страница 208: ...hable 2681 00 17 00 128 192 0 0 16 10 2 1 48 Available 1997 00 15 08 148 161 0 0 16 10 2 1 48 Available 1997 00 15 10 164 81 0 0 16 10 2 1 48 Available 1997 00 15 11 192 29 60 0 24 10 2 1 48 Available...

Страница 209: ...P routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for different prefixes but with identical path attri...

Страница 210: ...lt decay half life Time in minutes after which a penalty is decreased After the route has been assigned a penalty the penalty is decreased by half after the half life period which is 15 minutes by def...

Страница 211: ...f you filter the display with field options the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for descriptions of the field...

Страница 212: ...indirect next hop of a route is unreachable if not displays the IGP cost to the indirect next hop If you filter the display with field options the usual introductory information about BGP attributes i...

Страница 213: ...llation 21685 path attribute entries 2965327 bytes used Prefix Peer Next hop MED CalPrf Weight Origin 12 2 6 0 24 10 5 0 48 10 5 0 48 100 100 IGP 12 2 7 0 24 10 5 0 48 10 5 0 48 100 100 IGP 12 2 76 0...

Страница 214: ...if configured Outgoing update distribute list Distribute list for outgoing routes if configured Incoming update filter list Update filter list for incoming routes if configured Outgoing update filter...

Страница 215: ...lity per address family and whether it is advertised configured or received Maximum number of ORF entries Limit of ORF entries that will be accepted from the neighbor Capability advertisement Lists wh...

Страница 216: ...router ID is 172 31 1 48 negotiated BGP version is 4 Administrative status is Start connection state is Established Reason for last reset was tcp connection error TCP error code 60 Connection timed ou...

Страница 217: ...nds Remaining time for the peer to come back up is 117 seconds Remaining time for keeping stale routes from the peer is 357 seconds Fields relevant during reconvergence after the peer has restarted Gr...

Страница 218: ...00 50 Negotiated detection time is 900 ms Fields relevant to conditional advertisement Advertise map is advertisetoR1 Condition map trigger1 Sequence 5 Status Withdraw Advertise map is alternatetoR1 C...

Страница 219: ...the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route Example host1 show ip bgp neighbors 192 168 1 158 dampened routes Local BGP identifier 192 168 1...

Страница 220: ...nt Origin Next hop AS path 0xC384BD0 1 IGP 192 168 1 1 11488 701 2853 5515 764 0xC384C40 1 IGP 192 168 1 1 11488 701 4183 0xC384CB0 1 IGP 192 168 1 1 11488 701 1239 1833 1833 1833 1299 8308 0xC384D20...

Страница 221: ...elds displayed by this keyword Field descriptions Prefix Prefix for the routing table entry Peer IP address of BGP peer Next hop IP address of the next hop MED Multiexit discriminator for the route Lo...

Страница 222: ...een inserted into the IP routing table path attribute entries Number of distinct path attributes stored in BGP s internal path attributes table If BGP receives two routes for different prefixes but wi...

Страница 223: ...mation about BGP attributes is displayed only if you issue the intro fields option See show ip bgp show ip bgp on page 160 for descriptions of the fields displayed by this keyword Example host1 show b...

Страница 224: ...ly maintains additional attributes that are not displayed for example the MED local preference and communities attributes Field descriptions Address Hexadecimal number that uniquely identifies the pat...

Страница 225: ...can be missed before declaring BFD session down Next hop self Status of next hop self information for the peer group Peers are route reflector clients BGP peer group is configured as a route reflector...

Страница 226: ...dministrative status is Start EBGP multi hop is disabled IBGP single hop is disabled BFD is enabled Single hop IPv4 BFD session Minimum transmit interval is 300 ms Minimum receive interval is 300 ms M...

Страница 227: ...ect next hop If you filter the display with field options the usual introductory information about BGP attributes is displayed only if you issue the intro fields option See show ip bgp for description...

Страница 228: ...AS path 10 99 1 2 32 10 1 1 2 100 100 200 10 99 1 3 32 10 1 1 2 100 100 200 10 10 99 1 4 32 10 1 1 2 100 100 200 10 20 If the regular expression contains one or more spaces you must place quotation m...

Страница 229: ...r command to specify default fields to be displayed by subsequently issued show ip bgp summary commands Field descriptions Local router ID Router ID of the local router Local AS AS number of local rou...

Страница 230: ...nabled or disabled Graceful restart Status enabled or disabled Global graceful restart restart time Time in seconds Global graceful restart stale paths time Time in seconds Graceful restart path selec...

Страница 231: ...the routes in the IP routing table based on changes in the local RIB The FIB version matches the local RIB version when BGP has finished updating the routes in the IP route table The FIB version is le...

Страница 232: ...100 11 Import route map test2 import map Export route map test1 export map can not filter routes Global import route map test3 global import map 103 routes imported from global table max 5000 routes a...

Страница 233: ...11488 1 permit 752877570 11488 2 permit 752877571 11488 3 permit 752877572 11488 4 Community List 2 permit 4294967043 local as See show ip community list undebug ip bgp Use to disable the display of...

Страница 234: ...198 Monitoring BGP JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 235: ...Part 2 Multiprotocol Layer Switching MPLS Overview on page 201 Configuring MPLS on page 263 Monitoring MPLS on page 311 Configuring BGP MPLS Applications on page 373 Multiprotocol Layer Switching 199...

Страница 236: ...200 Multiprotocol Layer Switching JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 237: ...ing and Next Hop Tables on page 224 Spoof Checking MPLS Packets on page 225 IP and IPv6 Tunnel Routing Tables and MPLS Tunnels on page 225 Explicit Routing for MPLS on page 226 MPLS Interfaces and Int...

Страница 238: ...g high bandwidth and stability MPLS enables service providers to provide their customers with the best service available given the provider s resources with or without traffic engineering MPLS is the...

Страница 239: ...nf RESVERR ResvErr resverr RESVTEAR ResvTear resvtear TARGETED_HELLO Targeted Hello targeted hello Related Topics MPLS Terms and Acronyms on page 203 MPLS Terms and Acronyms Table 23 on page 203 defin...

Страница 240: ...rs in an MPLS domain including BGP LDP and RSVP TE This usage is not represented in this text by the acronym LDP Label Distribution Protocol Egress LSRs in a point to multipoint LSP It is also referre...

Страница 241: ...ct Point to multipoint tunnel An RSVP TE LSP with a single ingress LSR and one or more egress LSRs Incoming data is replicated at the branch nodes Point to multipoint LSP PE An LER at the edge of a se...

Страница 242: ...al Private Networks VR based and BGP based Layer 2 Services over MPLS LER functionality LSR functionality Spoof checking LDP graceful restart ECMP Topology driven LSPs LDP including support of LDP ove...

Страница 243: ...Support for information about the modules that support MPLS MPLS References For more information about the MPLS protocol consult the following resources JUNOSe Release Notes Appendix A System Maximums...

Страница 244: ...nformation in BGP 4 May 2001 RFC 3140 Per Hop Behavior Identification Codes June 2001 RFC 3209 RSVP TE Extensions to RSVP for LSP Tunnels December 2001 RFC 3210 Applicability Statement for Extensions...

Страница 245: ...to signal its forwarding peers and distribute its labels to establish an LSP The label distribution protocol enables negotiation with the downstream LSRs to determine what labels are used on the LSP a...

Страница 246: ...PLS can label packets by using the existing layer 2 header or an encapsulation header that carries the MPLS label During LSP negotiation the LSRs in an MPLS domain agree on a labeling method Labels ha...

Страница 247: ...the LER The LER then performs only the lookup for the packet The request to perform PHP is signaled by the LER when it includes an implicit null label in the label mapping message that it sends to its...

Страница 248: ...other interface types always use labels from only the platform label space You cannot configure the range for the platform label space The platform label space is a large single unconfigurable pool of...

Страница 249: ...s used only to carry the TTL bits to the egress and is not visible to intermediate LSRs The ingress node learns the total hop count from signaling and then uses that count to decrement the TTL to the...

Страница 250: ...bels are ignored When an IP packet is exposed after MPLS pops all the labels that should be popped MPLS passes the packet to IP for further processing including TTL checking When the uniform tunnel mo...

Страница 251: ...essing on an LSR On an LSR where an MPLS packet is label switched after processing on the line module the TTL value in the swapped to label is decremented by 1 from the incoming TTL value when the swa...

Страница 252: ...when the local option for the mpls ip propagate ttl command has been configured When the no mpls ip propagate ttl local command has been configured MPLS sets the TTL to 255 When the packet is a forwar...

Страница 253: ...ons when the TTL in a MPLS label of a received MPLS packet expires 1 A TTL expired ICMP packet is constructed 2 The destination address of ICMP packet is set to the source address of the IP packet tha...

Страница 254: ...downstream unsolicited ordered control Downstream on demand means that MPLS devices do not signal a FEC to label binding until requested to do so by an upstream device Upstream is the direction towar...

Страница 255: ...next hop for the destination it is used by BGP or LDP when adjacent peers are configured to use the platform label space Figure 53 LSP Creation Downstream on Demand Ordered Control Independent contro...

Страница 256: ...ve before you create the static routes RSVP TE tunnels are announced to IS IS and OSPF the IGP then uses the tunnels as next hop interfaces for its SPF calculations For this method you must issue the...

Страница 257: ...interface for VPN traffic If this interface is not created then the VPN traffic uses the default IPv4 interface for non VPN traffic Typically you request the creation of separate IPv4 interfaces for V...

Страница 258: ...mands such as show egress queue rate interface ip In the following sample output the statistics of interest are those for the layer 2 interface atm vc ATM9 0 10 Traffic is present as indicated by the...

Страница 259: ...e MPLS major interface ATM9 0 10 ATM circuit type is 1483 LLC encapsulation Administrative state is enabled Operational state is up Operational MTU is 9180 Received 1 packet 136 bytes 0 errors 0 disca...

Страница 260: ...erface is created of each in out segment of a tunnel the purpose of these minor interfaces is to attach QoS and policy to an LSP MPLS forwarding tables consist of the following One forwarding table fo...

Страница 261: ...the following types of spoof checking Router spoof checking MPLS packets are accepted only if they arrive on an MPLS major interface that is in the same virtual router as the MPLS forwarding table Int...

Страница 262: ...ent to the previous node in the path A loose hop is not necessarily directly connected to the previous node whether it is directly connected is unknown The sequence of hops comprising an explicit rout...

Страница 263: ...e label of the received MPLS packet the in label in the MPLS forwarding table that is associated with the major interface For major interfaces using the platform label space the lookup is in the MPLS...

Страница 264: ...the minor interface assigned automatically when the interface is created The operational state of the interface up or down Whether the interface is an ingress MPLS minor interface used to receive tra...

Страница 265: ...bel distribution protocols are sometimes referred to as signaling protocols However label distribution is a more accurate description of their function and is preferred in this text The following prot...

Страница 266: ...aces that use the platform label space default to the LSR router ID for the transport address You can use the mpls ldp discovery transport address command to specify an arbitrary IP address as the tra...

Страница 267: ...it does not use TCP to exchange messages In contrast to LDP a hard state protocol RSVP TE is a soft state protocol meaning that much of the session information is embedded in a state machine on each L...

Страница 268: ...ceiving node returns a message ack object enabling the sending node to determine whether a message was lost and triggering a retransmission as necessary Summary refresh srefresh messages refresh the s...

Страница 269: ...e information on MP BGP extensions NLRIs and BGP MPLS VPNs see Configuring BGP MPLS Applications Related Topics MPLS Label Switching and Packet Forwarding on page 209 MPLS Label Distribution Methodolo...

Страница 270: ...abel Stack object is supported Flag N to treat the packet as a non IP packet is not supported An MPLS LSP trace echo request includes this TLV This TLV contains the downstream address all routers mult...

Страница 271: ...ecific mpls ping and trace mpls commands enable you to target different types of MPLS applications and network topologies The various ping mpls and trace mpls commands send UDP packets known as MPLS e...

Страница 272: ...reply is received from the egress router for the FEC or a TTL of 32 is reached When a TTL expires on an LSR that LSR sends an echo reply packet back to the source For transit routers the echo reply i...

Страница 273: ...ddress to be globally included in link hellos with the mpls ldp discovery transport address command LDP Extended Discovery Mechanism To discover LDP peers that are not directly connected LSRs periodic...

Страница 274: ...uch as required values for bandwidth or required explicit paths You can use RSVP TE as the label distribution protocol for traffic engineering The IGP propagates resource information throughout its ne...

Страница 275: ...ization Finally you can manually force an immediate reoptimization See MPLS Global Configuration Tasks in Configuring MPLS in the JUNOSe BGP and MPLS Configuration Guide for information about configur...

Страница 276: ...l Resource flooding threshold and period The resource flooding threshold and period together control the flooding of the resource information by the IGP protocols IS IS and OSPF Configuring Traffic En...

Страница 277: ...sources Topology Driven LSPs Topology driven LSPs are implemented for best effort hop by hop routing In topology driven LSP mode LDP automatically sets up LSPs for IGP direct and static routes subject...

Страница 278: ...de the address of LSR 5 in the list configured on LSR 2 Related Topics MPLS Label Switching and Packet Forwarding on page 209 MPLS Label Distribution Methodology on page 218 Mapping IP Data Packets on...

Страница 279: ...aceful restart Table 26 Summary of LDP Graceful Restart States Reconnect timeout value sent in TLV FT TLV sent to neighbor Helper mode enabled Graceful restart enabled Nonzero Yes Yes Yes Zero Yes Yes...

Страница 280: ...neighbors that it supports graceful restart might subsequently be unable to do so In such cases the neighbors receive no indication of that change in support unless you bounce the LDP sessions for ex...

Страница 281: ...n completed with the peer on the link or a configured amount of time has passed the holddown period With synchronization configured LDP notifies the IGP to advertise the maximum cost for the link when...

Страница 282: ...tric is explicitly configured or the default value Determining Peer Reachability with RSVP TE Hello Messages RSVP TE hello messages enable the router to detect when an RSVP TE peer is no longer reacha...

Страница 283: ...e that the peer transmitted then the peer treats that neighbor as if it has reset In these cases the local peer changes the instance value that it advertises to the neighbor Sequence of Hello Message...

Страница 284: ...ng back the requesting peer s source instance If the acknowledging peer advertises a wrong value in the destination instance field of the ack message then the requesting peer treats the acknowledging...

Страница 285: ...he graceful restart time and the graceful restart recovery time restart time The sum of how long it takes the sender to restart RSVP TE after a control plane failure plus how long it takes to reestabl...

Страница 286: ...riod neighboring helper routers and the restarting router resynchronize the RSVP TE state and MPLS forwarding state During this period MPLS traffic continues to be forwarded The helper router starts t...

Страница 287: ...TE graceful restart support between routers running JUNOSe software or for interoperability with routers running JUNOS software Graceful restart must be enabled for node hellos to advertise graceful r...

Страница 288: ...RSVP TE links If you are not using BFD then you must use link based hellos for link monitoring and link based hellos then become more practical for graceful restart BFD Protocol and RSVP TE The Bidir...

Страница 289: ...olor combination that is applied when traffic goes through the tunnel has no effect on the EXP bits coding in the inner header In other words when traffic exits an LSP when a label is popped or when t...

Страница 290: ...and sets the EXP bits for outgoing traffic based on the traffic class color combination Incoming Traffic For incoming MPLS traffic the traffic class color combination is set according to the EXP bits...

Страница 291: ...UPC field at the LSP endpoint because the UPC value might have been set by a lower layer policy for a different purpose NOTE For control traffic originated from this router if an attached per LSP poli...

Страница 292: ...for the First Label Pushed Figure 59 on page 256 shows how packet type and configuration determine how the EXP bits are set for the first label pushed 256 EXP Bits for Differentiated Services Overview...

Страница 293: ...single ingress LSR and one or more egress LSRs You can use point to multipoint LSPs to avoid unnecessary duplication of packets at the ingress router by allowing non ingress LSRs to replicate the inco...

Страница 294: ...all the sub LSPs in the tunnel and also because you can create path messages specific to a sub LSP in the tunnel you can use multiple path messages However if you want to minimize the number of contr...

Страница 295: ...en LSR 2 and LSR 4 The sub LSP between LSR 2 and LSR 4 is an egress sub LSP that transmits the replicated packet from branch router LSR 2 to egress E Series router LSR 4 Egress LSRs can also be direct...

Страница 296: ...to the source must be through an IGMP owned interface Configuring an E Series Router as an Egress Router The configuration of an E Series router as an egress router depends on the type of label advert...

Страница 297: ...dynamically we recommend that you enable IGMP on all interfaces of the router or at least on all interfaces that might be the next hop interface to the source 2 Disable the multicast reverse path forw...

Страница 298: ...262 Point to Multipoint LSPs Configuration JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 299: ...on page 279 Configuring LDP IGP Synchronization on page 280 Configuring LDP MD5 Authentication on page 281 Controlling LDP Label Distribution on page 282 Additional RSVP TE Configuration Tasks on page...

Страница 300: ...PLS tunnels See MPLS Tunnel Profile Configuration Tasks on page 273 Many users find it convenient to configure MPLS by completing the tasks in each set of tasks before moving to the next set However y...

Страница 301: ...MPLS Global Tasks In a typical network you perform only the first task You might also perform the optional configuration tasks but typically do not need to do so 1 Enable MPLS on a virtual router host...

Страница 302: ...ime 55 host1 config ldp hello interval 10 4 Optional Configure lists of peer addresses that targeted hello messages are sent to or accepted from host1 config mpls ldp targeted hello send list 10 21 5...

Страница 303: ...SPs host1 config mpls topology driven lsp 2 Optional Specify filters for the routes and peers to which the labels are advertised host1 config mpls ldp advertise labels host only 3 Optional Specify the...

Страница 304: ...s lsp retries 35 host1 config mpls lsp retry time 55 4 Optional Configure retry timer options globally to apply to all tunnels to set up an LSP after a failure due to no available route Specify the nu...

Страница 305: ...rface Profile Configuration Tasks and Commands Creating or accessing an LDP interface profile places the CLI in LDP Configuration mode 1 Access LDP profile configuration mode host1 config mpls ldp int...

Страница 306: ...n MPLS interface configuration tasks include the following sets of tasks MPLS Interface Tasks on page 270 LDP Interface Tasks on page 271 RSVP TE Interface Tasks on page 271 MPLS Interface Tasks To co...

Страница 307: ...pls rsvp profile rsvp4 To disable RSVP TE on the interface host1 config if mpls rsvp disable 2 Optional Configure total bandwidth available on the interface host1 config if bandwidth 262144 3 Optional...

Страница 308: ...an IGP in its SPF calculation host1 config if tunnel mpls autoroute metric absolute 100 4 Optional Configure the path options used for the tunnel host1 config if tunnel mpls path option 3 dynamic isi...

Страница 309: ...autoroute metric tunnel mpls bandwidth tunnel mpls description tunnel mpls no route retries tunnel mpls no route retry time tunnel mpls path option tunnel mpls priority tunnel mpls retries tunnel mpl...

Страница 310: ...7 Optional Configure resource class affinity host1 config tunnelprofile tunnel mpls affinity 0x1100 mask 0xFFFF 8 Optional Configure retry timers options to apply to a specific tunnel to set up an LSP...

Страница 311: ...metric tunnel mpls bandwidth tunnel mpls description tunnel mpls no route retries tunnel mpls no route retry time tunnel mpls path option tunnel mpls priority tunnel mpls retries tunnel mpls retry tim...

Страница 312: ...fter 5 next address 192 168 47 22 3 Configure a next hop at the end of the MPLS explicit path host1 config expl path next address 10 10 9 2 4 Enable the explicit path host1 config mpls explicit path n...

Страница 313: ...depending on your network design See Configuring LDP Autoconfiguration on page 279 Configure LDP IGP synchronization depending on your network design See Configuring LDP IGP Synchronization on page 28...

Страница 314: ...o a separate label Issue the mpls ldp deaggregate command host1 config mpls ldp deaggregate Related Topics Basic MPLS Configuration Tasks on page 264 Additional LDP Configuration Tasks on page 277 mpl...

Страница 315: ...MPLS Configuration Tasks on page 264 Additional LDP Configuration Tasks on page 277 mpls ldp graceful restart mpls ldp graceful restart reconnect time mpls ldp graceful restart recovery time mpls ldp...

Страница 316: ...or which LDP is not fully operational because there is no coupling between the LDP operational state and the IGP When LDP is not fully operational LDP is considered to not be synchronized with the IGP...

Страница 317: ...LSR drops the segment and does not send a response to the peer You can optionally enable a strict authentication mode that allows only peers configured with passwords to establish sessions In this mo...

Страница 318: ...dvertise labels command one or more times host1 config mpls ldp advertise labels for net25 to euro3 When you do not specify a toAccessList the action is taken for all peers Consider the following exam...

Страница 319: ...ID unique to the sender a message sequence number and keyed message digest These attributes enable verification of both packet content and sender For all potential RSVP peers you configure the same k...

Страница 320: ...face host1 config if mpls rsvp authentication To clear the security association on a receiving peer for the specified sending peer Issue the clear mpls rsvp authentication command host1 clear mpls rsv...

Страница 321: ...il traffic is still safely redirected through LSR 5 LSR 8 LSR 6 LSR 9 LSR 7 If you want to protect an LSP that traverses N nodes against a failure in any link then you must configure N 1 bypass tunnel...

Страница 322: ...n the bypass tunnel to the interface being protected host1 config interface atm 4 0 1 host1 config if mpls backup path bypass56 4 On LER 1 the tunnel ingress specify that local protection is required...

Страница 323: ...urations the default hello refresh interval of 10 000 milliseconds a rate of one hello every 10 seconds is more appropriate and typically does not cause performance degradation To configure the RSVP T...

Страница 324: ...ode 1 Enable RSVP TE graceful restart on the current virtual router host1 config mpls rsvp signalling hello graceful restart 2 Optional Configure the recovery time the time within which you want neigh...

Страница 325: ...ed hellos to monitor RSVP TE links and detect link failures To configure the exchange of RSVP TE node hellos on all RSVP TE interfaces in the VR 1 Enable RSVP TE graceful restart host1 vr5 config mpls...

Страница 326: ...nterval keyword to specify the interval at which the local peer proposes to transmit BFD control packets to the remote peer host1 config if mpls rsvp bfd liveness detection minimum transmit interval 4...

Страница 327: ...terface directly connected to the LSP endpoint The IGP can consider the LSP as a potential output interface for the LSP endpoint and for destinations beyond the endpoint In this case the SPF computati...

Страница 328: ...rtest path to a destination by using the shortest path first SPF algorithm The results are represented by the destination node next hop address and output interface where the output interface is a phy...

Страница 329: ...hs have higher metrics Configuring the IGPs for Traffic Engineering For both IGPs you must issue two commands to enable the IGP to support traffic engineering IS IS Enable the flooding of MPLS traffic...

Страница 330: ...f database opaque area command to display information about traffic engineering opaque LSAs Related Topics See JUNOSe IP IPv6 and IGP Configuration Guide for more information about enabling IS IS to s...

Страница 331: ...for differentiated services See Configuring the Tunneling Model for Differentiated Services on page 295 Configure EXP bits for differentiated services See Configuring EXP Bits for Differentiated Serv...

Страница 332: ...pplication and Configuration Figure 64 on page 297 shows an example topology where a service provider offers the following differentiated services to its customers over its MPLS network QoS Internet s...

Страница 333: ...or the IP precedence value in all other cases It is acceptable that fabric queuing is based on the incoming base label s EXP Figure 64 Differentiated Services over an MPLS Network Differentiated Serv...

Страница 334: ...policy output plain service 4 For traffic toward the core configure per VR rules or per LSP policies to set the base EXP bits value according to the traffic class color combination Issue the mpls copy...

Страница 335: ...header to support differentiated services The JUNOSe software supports both statically configured and signaled mapping between the EXP bits and the PHB of traffic In a signaled environment you can co...

Страница 336: ...examples that indicate how the PSC and the EXP field are combined to determine the PHB for traffic on incoming L LSPs Table 29 Examples of Incoming L LSP PHB Determination PHB EXP Field PSC AF22 010 A...

Страница 337: ...lass and color for incoming traffic that matches the specified EXP bits value in the shim header host1 config mpls match exp bits 1 set traffic class bronze color red You can repeat the command to sup...

Страница 338: ...ping signaled by RSVP TE you must configure on each router a mapping association between PHB IDs and the internal traffic class color combinations The JUNOSe software automatically generates and attac...

Страница 339: ...t1 config mpls classifier list be green traffic class best effort color yellow To map the specified PHB ID to the internal traffic class color combination Issue the mpls diff serv phb id traffic class...

Страница 340: ...ight PHB mappings For L LSPs do not use the exp bits keyword If you repeat the command the most recent command overwrites the previous command Preference of per VR Versus per LSP Behavior MPLS always...

Страница 341: ...1 af2 and ef In this example the af1 class has twice as much fabric bandwidth as the best effort class and the af2 class has twice as much fabric bandwidth as the af1 class The expedited forwarding tr...

Страница 342: ...bits The E Series router signals this mapping to all routers on the tunnel You can establish different PHB ID to EXP mappings for different tunnels host1 config interface tunnel mpls example PHB ID t...

Страница 343: ...combination and forwarded into the appropriate queues in the fabric When the packets are sent into the tunnel out of the ingress router the EXP bits are set according to the router generated policy in...

Страница 344: ...fig mpls classifier list af21 packets exp 4 host1 config mpls classifier list af22 packets exp 5 host1 config mpls classifier list af22 packets exp 6 host1 config mpls classifier list ef packets exp 7...

Страница 345: ...configured IP policy management applied to their traffic class color combination Related Topics See the JUNOSe Policy Management Configuration Guide for more information about defining policies Config...

Страница 346: ...310 Example Traffic Class Configuration for Differentiated Services JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 347: ...mic Routes in the Tunnel Routing Table on page 315 Clearing and Refreshing IPv6 Dynamic Routes in the Tunnel Routing Table on page 315 Tracing Paths Through the MPLS User Plane on page 316 Monitoring...

Страница 348: ...Verifying and Troubleshooting MPLS Connectivity on page 363 Packet Flow Examples for Verifying MPLS Connectivity on page 365 Setting the Baseline for MPLS Statistics You can use the baseline mpls com...

Страница 349: ...2 Issue the baseline mpls label command for a specific MPLS in label host1 baseline mpls label 123 By default statistics are enabled for incoming labels and RSVP TE or LDP outgoing labels but not for...

Страница 350: ...ackets out packets and bytes There is no no version for the baseline mpls next hop command However you can disable the next hop table statistics To disable the statistics for a specific MPLS next hop...

Страница 351: ...ated to dynamic IPv4 and IPv6 interfaces on top of MPLS major interfaces There is no no version Related Topics clear mpls dynamic interfaces on major interfaces Clearing and Refreshing IPv4 Dynamic Ro...

Страница 352: ...MP destination unreachable and time exceeded messages This sample output shows the label and EXP bits used to switch the ICMP packets Related Topics For more information about using the traceroute com...

Страница 353: ...ce Virtual path identifier VPI Virtual channel identifier VCI Virtual circuit descriptor VCD Type of circuit PVC Type Encapsulation method AUTO AAL5 MUX SNAP ILMI F4 OAM Encap Service type configured...

Страница 354: ...e bw 10 kbps MPLS TE flooding threshold up 15 30 45 60 75 80 85 90 95 96 97 98 99 100 down 100 99 98 97 96 95 90 85 80 75 60 45 30 15 MPLS TE administrative weight 0 MPLS TE attribute flags 0 Availabl...

Страница 355: ...Bandwidth in Kbps that is available at each priority level in the range 0 7 Available BW at 8 priority levels Related Topics show cac interface Monitoring Virtual Router Configuration Purpose Display...

Страница 356: ...pe2 N1 NSSA external type1 N2 NSSA external type2 L MPLS label V VRF via indirect next hop 200 200 200 1 32 Type Ldp Distance 110 Metric 2 Tag 0 Class 0 MPLS next hop 3 label 18 on ATM5 1 1 ip19000003...

Страница 357: ...Numeric tag that identifies route Tag Attribute of a route applied only as a result of set route class clause in a table map Class Related Topics show ip tunnel route show ipv6 tunnel route Monitorin...

Страница 358: ...s session keepalive messages in seconds LDP session keepalive interval LDP targeted hello hold time in seconds LDP targeted hello hold time LDP targeted hello interval in seconds LDP targeted hello in...

Страница 359: ...1 3 Out 27 neighbor 10 9 1 3 VLAN over MPLS vc id 240001 group id 2 In 22 neighbor 10 9 1 3 Out 25 neighbor 10 9 1 3 10 1 1 1 32 In 10001 neighbor 10 3 11 2 Out 20001 neighbor 10 3 11 2 10 2 2 2 32 I...

Страница 360: ...s enabled Helper Mode is enabled Reconnect Time 220 sec Recovery Time 240 sec Max Recovery Time 260 sec Neighbor Liveness Timer 280 sec Peer 80 0 1 1 0 State operational Restarter Mode disabled Helper...

Страница 361: ...zing with LDP or the specified interface that is synchronizing with LDP Action To display information about interfaces synchornizing with LDP host1 show ldp igp sync Atm 0 0 LDP configured SYNC enable...

Страница 362: ...es host1 show ldp interface brief Interface IP Address Protocol ATM6 1 1 192 168 100 21 30 enabled ATM6 1 3 192 168 100 17 30 enabled ATM6 1 5 192 168 100 13 30 enabled ATM6 0 7 172 16 100 1 30 enable...

Страница 363: ...ised to this peer accum label alloc Cumulative total number of labels received from this peer accum label learned Time in hh mm ss since session last restarted last restart time Number of notification...

Страница 364: ...0 3 5 1 host1 show ldp neighbor 10 3 5 1 LDP Neighbor 10 0 2 2 LSR Remote 10 0 2 2 0 local 10 0 1 1 0 Transport address remote 10 0 2 2 local 10 0 1 1 State Operational LDP advertisement Unsolicited U...

Страница 365: ...e password with the show configuration command This command displays the passwords in cleartext unless the service password encryption command has been issued in which case the passwords are displayed...

Страница 366: ...bindings are being exchanged recovering LDP session is up operational IP address of LDP peer Neighbor Number of initialization messages received and sent Initialization Number of keepalive messages r...

Страница 367: ...profile Number of attempts that will be made to set up an MPLS LDP session session retry Related Topics show ldp profile Monitoring LDP Statistics Purpose Display statistics for LDP on the current vi...

Страница 368: ...ceived and sent Initialization Number of keepalive messages received and sent Keepalive Number of notification messages received and sent Notification Number of address messages received and sent Addr...

Страница 369: ...ents Unknown message type Number of inappropriate message events Inappropriate message Number of inappropriate message events Malformed tlv Number of bad TLV value events Bad TLV value Number of missi...

Страница 370: ...sion Monitoring MPLS Status and Configuration Purpose Display status and configuration information about MPLS Action To display information about MPLS Status and configuration host1 show mpls MPLS adm...

Страница 371: ...ds Table 44 show mpls Output Fields Field Description Field Name Status of MPLS administratively enabled or disabled and configuration status MPLS IP address of label switched router LSR ID Frequency...

Страница 372: ...ist or subject to a specified prefix list LSPs used for IP forwarding This field and the following fields are displayed only when RSVP TE is enabled RSVP is enabled IP address of label switched router...

Страница 373: ...ext address 60 60 60 2 2 next address 40 40 40 1 not referenced by any options Meaning Table 45 on page 337 lists the show mpls explicit paths command output fields Table 45 show mpls explicit paths O...

Страница 374: ...terface and the label associated with that interface OutIntf Label Interface type and specifier of the backup interface and the label associated with that interface BackupIntf Label Status of backup p...

Страница 375: ...the label in the forwarding table BGP LDP or RSVP TE Owner Type and location of spoof checking performed on the MPLS packet router or interface Spoof check Action taken for MPLS packets arriving with...

Страница 376: ...es Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packets 0 bytes 0 Dropped exceeded packets 0 bytes 0 MPLS minor interface lsp 02020202 1 4 receive Stacked on MPLS...

Страница 377: ...hello recv 57 hello sent 0 bad hello recv adj setup time 00 04 44 last hello recv time 00 00 05 last hello sent time 00 00 05 MPLS Statistics Rcvd 0 failed lbl lookup 0 octets 0 hcOctets 0 pkts 0 hcPk...

Страница 378: ...ndensed location is 0x00020000 Received 0 packets 0 bytes 0 errors 0 discards 0 failed label lookups Sent 0 packets 0 bytes 0 errors 0 discards RSVP Enabled with profile default Authentication is disa...

Страница 379: ...Interface MplsMajor state Direction pe1 to pe2 ATM2 0 10 up transmit lsp 02020202 1 4 ATM2 0 10 up receive ERX 01 0c d7 pe1 Meaning Table 48 on page 343 lists the show mpls interface command output f...

Страница 380: ...ages received or received bad or sent addr Number of address withdraw messages received or received bad or sent addr withdraw Number of message IDs received or sent msgId Number or unknown message typ...

Страница 381: ...n Number of hello messages received hello recv Number of hello messages sent hello sent Number of hello messages rejected hello rej Number of adjacencies set up adj setup Number of adjacencies deleted...

Страница 382: ...e is up MPLS minor interface UID is 0x1a000001 Lower MPLS major interface UID is 0x19000001 Sent 0 packets 0 bytes queue 0 traffic class best effort bound to atm vc ATM2 0 10 Queue length 0 bytes Forw...

Страница 383: ...ops host1 vr2 show mpls next hop MPLS next hop index 1 lookup on inner header label Statistics are not collected for MPLS switch context next hops MPLS next hop index 2 lookup in router pe1 Statistics...

Страница 384: ...toring the Configured Mapping between PHB IDs and Traffic Class Color Combinations Purpose Display the configured mapping between PHB IDs and traffic class color combinations PHB IDs used for L LSPs d...

Страница 385: ...es Action To display the default RSVP TE profile host1 pe2 show mpls rsvp profile default RSVP profile default used by 0 interfaces refresh period 30000 ms timeout factor 3 To display all MPLS tunnel...

Страница 386: ...outer egress session Terminating on the router transit session Travelling through the router Action To display path state control blocks for an ingress session host1 show mpls rsvp psb PSB Sender 223...

Страница 387: ...strict OUT ERO IPv4 hop 122 1 1 1 strict SES ATTR Setup Pri 4 Hold Pri 4 name Flags IngressReRoute TTC Policy Object Unknown Objects Flags InUse PathRefreshSent RSB Timeout 157500 label 16 Associated...

Страница 388: ...c parameters for the sender SenderTSpec Sender s description of generated traffic in kbps Token Bucket Rate Sender s description of generated traffic in kbps Token Bucket Size Lender s peak traffic ge...

Страница 389: ...received PSB Flag RouteChangeNotify Explicit route object changed PSB Flag EroChanged Next hop has changed PSB Flag NextHopChanged Routing table next hop changed PSB Flag RtNextHopChanged PSB egress...

Страница 390: ...authentication Mpls interface FastEthernet2 4 RSVP Authentication Secure Association with peer 10 2 2 2 Receive Sequence Number 4592798942692985943 RSVP Authentication Secure Association with peer 10...

Страница 391: ...BFD is enabled host1 show mpls rsvp bfd interfaces Bfd Enabled RSVP interfaces Minimum Minimum Minimum Interface Interval Rx Interval Tx Interval Multiplier ATM2 0 1 300 300 300 3 Meaning Table 55 on...

Страница 392: ...0 Resv Conf Sent 0 Resv Conf Rcvd 0 SRefresh Sent 0 SRefresh Rcvd 0 Ack Sent 0 Ack Rcvd 0 Nack Objects Sent 0 Nack Objects Rcvd 0 Msg Bundles Sent 0 Msg Bundles Rcvd 0 Error Msgs Rcvd 0 Misordered Me...

Страница 393: ...esh Conf Rcvd Number of resvconf messages sent on the interface Ack Conf Sent Number of resvconf messages received on the interface Ack Conf Rcvd Number of nack objects sent on the interface Nack Obje...

Страница 394: ...TE graceful restart Action To display information about RSVP TE graceful restart host1 show mpls rsvp hello graceful restart Graceful restart is ON Warning Graceful restart is NOT active Warning Hello...

Страница 395: ...hello instance Up neighbor is up GR graceful restart is in progress Peer Address Interface Interval Miss Limit State 10 1 1 2 any 10000 4 Up 10 3 1 2 any 10000 4 GR 11 2 3 1 Atm3 1 3 10000 4 GR To dis...

Страница 396: ...sequence number has changed The router declares the peer to be up if hellos are seen from the peer and its sequence number has not changed AdjLost Hellos were received from the peer but have timed ou...

Страница 397: ...Hellos Suppressed Number of acknowledgments sent in response to hello requests received Hellos Acks Sent Number of acknowledgments received in response to hello requests sent Hellos Acks Received Rel...

Страница 398: ...protocol To display a summary of all MPLS tunnels for the current router context host1 pe2 show mpls tunnels brief name id destination metric state label intf vpnEgressLabel3 0 0 0 0 R0 Incoming 10485...

Страница 399: ...nnectivity In IP networks you can use the ping and traceroute commands to verify network connectivity and find broken links or loops In an MPLS enabled network you can use the mpls ping and trace mpls...

Страница 400: ...S Echo Request Packet to a Martini Circuit To send an MPLS echo request packet to the specified layer 2 cross connect virtual Martini circuit Issue the ping mpls l2transport command host1 pe1 ping mpl...

Страница 401: ...ls rsvp tunnel west1 detail Sending an MPLS Echo Request Packet to a VPLS Instance To send an MPLS echo request packet to the specified VPLS instance Issue the ping mpls vpls command host1 pe1 ping mp...

Страница 402: ...specify a VRF name the LSP to the specified prefix must originate from the VRF because the ping is generated from the specified VRF Packet Flow Example for the ping mpls Command The following example...

Страница 403: ...eturn code of 3 which means that the replying router is an egress for the FEC at stack depth The echo reply packet includes the Interface and Label Stack TLV to indicate both the interface on which th...

Страница 404: ...for the trace mpls Command The following example illustrates the packet flow that results when you issue the trace mpls ip command from router PE 1 10 1 1 1 to router PE 2 10 2 2 2 over an LDP base t...

Страница 405: ...both the interface on which the request packet was received and the incoming label stack The Downstream Mapping TLV is not included in the echo reply packet 6 When PE 2 s echo reply packet reaches ro...

Страница 406: ...o request The echo reply packet has a return code of 3 which means that the replying router is an egress for the FEC at stack depth The echo reply packet includes the Interface and Label Stack TLV to...

Страница 407: ...ix timeout 2 sec Max TTL 32 Handle 1921136 MplsNextHopIndex 78 L68 L34 1 0ms 10 33 33 33 Label switched at stack depth 2 TLV Pad 20 bytes TLV Interface and Label stack 20 bytes Router 10 33 33 33 Intf...

Страница 408: ...xcept that the echo request packets and echo reply packets contain the VPN IPv6 sub TLV instead of the VPN IPv4 sub TLV Related Topics Verifying and Troubleshooting MPLS Connectivity on page 363 ping...

Страница 409: ...ning Route Distribution with Route Target Filtering on page 404 Multicast Services over VPNs on page 412 Configuring BGP VPN Services on page 412 Providing Internet Access to and from VPNs on page 455...

Страница 410: ...you specify the IPv6 unicast address family you can configure the router to exchange unicast IPv6 routes or unicast IPv6 routes in a specified VRF For a description of IPv6 see IPv6 Overview in the JU...

Страница 411: ...ecalculating the set of viable routes as soon as it is notified of the failure When the recalculation has finished the protocol then updates the routing table with the new routes From the time the pat...

Страница 412: ...ip V pe1 nbr 10 3 1 2 If the connection to PE 2 fails BGP marks the MPLS next hop 729 as a failed indirect next hop as soon as BGP is notified of the loss of connectivity However some traffic continu...

Страница 413: ...exchanging routing information for the public Internet or implementing route reflectors The P routes do not need to contain any information about customer sites PE routers communicate with customer si...

Страница 414: ...o which Customer Site 3 belongs VRFs exist within the context of a virtual router VR A given virtual router can have zero or more VRFs in addition to its global routing table which is not associated w...

Страница 415: ...the configuration of your network For example if each VRF always belongs to only one VPN you might use a single RD for all VRFs that belong to a particular VPN Route Targets A route target extended c...

Страница 416: ...extended community information and MPLS labels required for BGP MPLS VPNs Consider the simple example shown in Figure 71 on page 380 The customer edge devices are connected with their associated prov...

Страница 417: ...s as advertised by CE 1 thus creating labeled VPN IPv4 prefixes The prepended information consists of a route distinguisher and an MPLS label Because the CE router uses IPv4 addresses from the VPN s p...

Страница 418: ...s no meaning in the service provider core In addition PE 2 must have PE 1 s address so that it can establish an LSP back to PE 1 The next hop address must also be carried in the MP Reach NLRI attribut...

Страница 419: ...ands across IPv4 Clouds with BGP draft ietf ngtrans bgp tunnel 04 txt July 2002 expiration JUNOSe Release Notes Appendix A System Maximums Refer to the Release Notes corresponding to your software rel...

Страница 420: ...ceived BGP receives routes with an associated out label the out label is the label sent with MPLS traffic Consider the network shown in Figure 73 on page 384 If you display the in label on PE 1 you se...

Страница 421: ...on address in the IP packet that is encapsulated in the MPLS packet The egress PE router then forwards the IP packet without the MPLS header to the appropriate customer site The inner labels themselve...

Страница 422: ...label 46 for the P 2 to PE 2 link PE 1 can forward data packets along the LSP to PE 2 and its customer sites Similarly the PE 2 PE 1 LSP carries traffic only from PE 2 to PE 1 using label 58 for the...

Страница 423: ...packet to router P 1 Label 21 is prepended to label 16 the labels are stacked Label 21 becomes the outermost label and is assigned to the first segment PE 1 P 1 in the label switched path from PE 1 t...

Страница 424: ...ot currently supported MPLS base tunnels to IPv6 destinations as tunnel endpoints are not supported so you cannot establish an MPLS IPv6 backbone NOTE You must configure an IPv6 interface in the paren...

Страница 425: ...v4 backbone The base MPLS tunnels are established in the IPv4 core network with either of the MPLS signaling protocols LDP or RSVP The ingress PE router pushes the LSP tunnel label directly onto the l...

Страница 426: ...for PE 2 it is FFFF 2 2 2 2 128 The BGP next hop that is advertised in the MP BGP update includes the following A VPN IPV6 address with the RD set to zero The 16 byte IPv6 address encoded as an IPv4...

Страница 427: ...om CE 2 destined for the 6001 0430 48 network the router detects a native IPv6 packet on its link to CE 2 PE 2 does a lookup in its VRF B IPv6 routing table prepends labels L2 and L1 to the IPv6 heade...

Страница 428: ...on the AS boundary routers You must configure VRFs on each AS boundary router MPLS tunnels are unidirectional Figure 77 on page 392 shows only the tunnels established to carry traffic from ASBR 2 to P...

Страница 429: ...1 advertises a route to prefix 10 10 10 11 32 to its external BGP peer PE 1 10 2 2 2 in VRF A PE 1 associates the label 16 with this route an extended update message sent to internal MP BGP peer ASBR...

Страница 430: ...p index 5 Reachable metric 0 Number of direct next hops is 1 Direct next hop ATM6 0 21 10 5 5 5 Resolution in IP tunnel route table of VR MPLS indirect next hop index 14 Reachable metric 0 Number of d...

Страница 431: ...ops is 1 Direct next hop MPLS next hop 22 Reference count is 1 Indirect next hop 10 5 5 50 Resolution in IP route table of VR IP indirect next hop index 4 Reachable metric 0 Number of direct next hops...

Страница 432: ...ng autonomous systems Inter AS option C uses BGP as the label distribution protocol In an inter AS option C network ASBRs do not maintain or distribute VPN IPv4 routes Each ASBR maintains labeled IPv4...

Страница 433: ...ns label L6 to the route to the loopback address on PE 2 and changes the next hop address to its own address 6 ASBR 1 then uses an MP IBGP session to advertise that address to PE 1 PE 1 therefore has...

Страница 434: ...P labels within the AS and BGP labels across the AS boundary For a two label stack scenario to work you must issue the mpls ldp redistribute bgp command on the ASBRs This command enables the BGP prefi...

Страница 435: ...ross Multiple Autonomous Systems The JUNOSe software supports inter AS services for IPv6 VPNs in addition to IPv4 VPNs See Providing IPv4 VPN Services Across Multiple Autonomous Systems on page 391 fo...

Страница 436: ...ight also configure the IPv6 backbone type of BGP next hop encoding by configuring route maps that use native IPv6 addresses for the BGP next hop Using Route Targets to Configure VPN Topologies You ca...

Страница 437: ...route target 100 12 The hub VRF has its import route target set to 100 12 so it accepts only routes from the spoke VRFs Each spoke VRF has the same import route target 100 11 Every route advertised by...

Страница 438: ...hanism Figure 86 Site Connectivity in an Overlapping VPN Figure 87 on page 403 shows how to configure the VRF import and export route targets to build an overlapping VPN In this example the export and...

Страница 439: ...t of another VRF for example the VPN A VRF then BGP routes are exported from one VRF to the other VRF in this case from the VPN AB VRF to the VPN A VRF Consequently traffic that arrives in one VRF is...

Страница 440: ...se the MP_REACH_NLRI and MP_UNREACH_NLRI attributes in BGP updates to exchange information about each router s route target membership The PE router subsequently advertises VPN NLRI the routing inform...

Страница 441: ...is invalid However the prefix for the Default RT MEM NLRI attribute is an exception to this rule For the Default RT MEM NLRI attribute 0 is a valid prefix length For example 100 100 53 36 is a valid R...

Страница 442: ...ge it re evaluates the advertisement status of VPN routes that match the corresponding route target in the peer s Adj RIBS Out table This can result in an incremental update that advertises or withdra...

Страница 443: ...the nonclient peer when the best path route is advertised by a nonclient but an alternative route from a client exists This behavior signals the client s interest in the route target routes that were...

Страница 444: ...e maximum number of prefixes See neighbor maximum prefix Conditions for Advertising RT MEM NLRI Routes The following conditions must be met for routes in the route target address family to be advertis...

Страница 445: ...command change the new route map may or may not take effect immediately If the disable dynamic redistribute command has been configured you must issue the clear ip bgp redistribution command to apply...

Страница 446: ...ystems The selection is based on the AS path and other MP NLRI path attributes attached to the route The route target membership information which includes the route target and the originator AS numbe...

Страница 447: ...MEM NLRI attribute with peer routers Optionally you can use the signaling keyword with the address family command when you configure the route target address family to specify BGP signaling of reacha...

Страница 448: ...e Configuring BGP VPN Services To configure a router to provide BGP VPN services you must perform some tasks once per PE router and some tasks for each VRF on the PE router VRF Configuration Tasks To...

Страница 449: ...1 1 host1 vr1 config vrf ip route vrf vrfA 10 12 0 0 255 255 0 0 10 1 1 1 or host1 config virtual router vr1 vrfA host1 vr1 vrfA config ip route 10 3 0 0 255 255 0 0 10 1 1 1 host1 vr1 vrfA config ip...

Страница 450: ...1 config router af neighbor 192 168 1 158 activate host1 vr1 config router af exit address family d Optional Enable the BGP speaker to check the reachability of indirect next hops when selecting the b...

Страница 451: ...ate a VRF or access VRF Configuration mode to configure a VRF You must specify a route distinguisher after you create a VRF Otherwise the VRF will not operate Example host1 vr1 config ip vrf vrfA Use...

Страница 452: ...route from this VRF s forwarding table it associates the list of export route targets with the route and includes this attribute in the update message that advertises the route You also configure a ro...

Страница 453: ...get extended community only routes that have at least one matching route target in their associated export list can be installed into the VRF s forwarding table If the import and export lists are iden...

Страница 454: ...te target configuration on PE 1 host1 config virtual router newyork host1 newyork config ip vrf vrfA host1 newyork config vrf route target both 777 1 host1 newyork config vrf exit host1 newyork config...

Страница 455: ...the hub customer 1 through VRF C Customer Site 3 can reach only the hub customer 1 through VRF E BGP sessions exist between PE 1 and PE 2 and between PE 1 and PE 3 In most situations BGP itself is fu...

Страница 456: ...rget of 25 Routes from PE 2 have a route target of 50 and cannot be installed Similarly when VRF C on PE 2 receives an update message from PE 1 BGP installs the advertised route only if it has a route...

Страница 457: ...when suppressed by an aggregate or auto summary route the more specific routes are distributed Aggregation and auto summarization take place in each VRF independently For example a route that is impo...

Страница 458: ...utes and auto summary routes Yes Yes Imports both best and non best routes The best route selection including the decision to use or not use ECMP is made in the VRF after the routes are imported Chara...

Страница 459: ...n import or export map see Configuring BGP Routing on page 3 The following example shows how to apply the route map routemap5 to the VRF vpnA configured on the virtual router boston host1 config virtu...

Страница 460: ...on VPN RIB Routes that are imported into the VRF cannot be exported again As a consequence VPN routes can be injected only into the global IP routing table on the PE router that is directly connected...

Страница 461: ...mber of routes to DNS servers content servers management stations and so on If instead you import the full Internet routing table into one or more VPNs too much memory will be consumed because this ac...

Страница 462: ...list to disallow the export of IPv4 prefixes to the global IPv4 RIB host1 config access list nothing v4 deny ip any any Configure a route map to permit global export of IPv6 VPN routes to the global...

Страница 463: ...tial routing table lookup does not yield results Forwarding the interface removes the IP configuration from the interface You must reassign an IP address to the interface after you issue this command...

Страница 464: ...condary routing table lookup host1 vr1 config if ip vrf forwarding vrfA fallback global host1 vr1 vrfA config if ip address 10 12 4 5 255 255 255 0 To specify from inside the VRF context that an inter...

Страница 465: ...he interface are deleted from the interface You must then reconfigure the IP attributes in the context of the VRF after issuing the command Example host1 vr1 config if ip vrf forwarding vrfA host1 vr1...

Страница 466: ...xample host1 pe1 config router af ip route vrf vrfA 10 0 0 0 255 0 0 0 192 168 1 1 Use the no version to remove a static route from a VRF See ip route Configuring IGPs on the VRF If you do not configu...

Страница 467: ...lete OSPF configuration tasks for VRF A host1 config router ospf 100 vrf vrfa For RIP you create the RIP process specify the address family for the VRF and specify redistribution of BGP routes for VRF...

Страница 468: ...oute target filtering is always disabled on route reflectors that have at least one route reflector client You cannot enable automatic route target filtering for such route reflectors bgp default rout...

Страница 469: ...forwarding mode label switched host1 config vrf ip route vrf pe11 10 3 4 5 255 255 255 255 fastEthernet 0 1 host1 config vrf ip route vrf pe11 10 1 1 1 255 255 255 255 loopback 1 host1 config vrf exit...

Страница 470: ...tes to be included in the list of available equal cost paths You can use the maximum paths command with the ibgp or eibgp keywords to enable ECMP support for BGP MPLS VPNs The eibgp keyword specifies...

Страница 471: ...r PE 2 or PE 3 is forwarded as MPLS encapsulated packets PE 2 and PE 3 receive the MPLS encapsulated traffic from PE 1 remove the MPLS encapsulation and then forward the traffic as IP packets by means...

Страница 472: ...affic from PE 1 removes the encapsulation and then forwards the traffic as IP packets by means of the EBGP route to CE 2 maximum paths Use to enable ECMP support for BGP MPLS VPNs Specify a value in t...

Страница 473: ...es See Configuring BGP Routing on page 3 for information about configuring BGP sessions The section Understanding BGP Command Scope on page 18 has tables that list BGP commands according to their scop...

Страница 474: ...st1 vr1 config router af neighbor 192 168 1 158 activate Use the no version to indicate that routes of the current address family should not be exchanged with the peer Use the default version to remov...

Страница 475: ...you can configure BGP on the PE router to advertise these static routes to customer sites within the VPN with network commands host1 vr1 config router network 10 3 0 0 host1 vr1 config router network...

Страница 476: ...100 host1 vr1 config router address family ipv4 unicast host1 vr1 config router af no neighbor 10 26 5 10 activate host1 vr1 config router af exit address family host1 vr1 config router address famil...

Страница 477: ...up by using the peer group name argument all the members of the peer group inherit the characteristic configured with this command You cannot override the characteristic for a specific member of the p...

Страница 478: ...f origin extended community attribute enables BGP to filter out such routes to prevent routing loops in this network You can use the set extcommunity command to specify a site of origin and then use t...

Страница 479: ...e site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin The result of the following partial configuration is shown in Figure 97 on pag...

Страница 480: ...a route If you specify a BGP peer group by using the peer group name argument all the members of the peer group inherit the characteristic configured with this command You cannot override the charact...

Страница 481: ...has no effect on the behavior of IBGP peers in this address family This behavior reduces the provisioning overhead for VPNv4 IBGP peers However you must configure the feature on the peer router at th...

Страница 482: ...n the VRF s forwarding table With a warning threshold configured the following behavior takes place when the PE router attempts to add a route When adding the route causes the route count to exceed th...

Страница 483: ...er limit exceeded message can be generated Messages are logged to ipRouteTable at severity warning The interval timers for the limit and the warning threshold are independent You can use the warning o...

Страница 484: ...in the parent VR PE 1 to exchange VPN routes with its peers by means of internal or external MP BGP BGP can also be learning IPv4 unicast Internet routes from one or more of its core facing internal o...

Страница 485: ...preference AS path length and other attributes After the route has been imported into a VRF the reachability of the BGP indirect next hop is based on the presence of an MPLS tunnel LDP or RSVP TE to t...

Страница 486: ...o be unreachable It then selects the PE 2 route as the best route and installs it in the VRF s IP routing table On the other hand if the VRFs in PE 1 and PE 2 share the same RD the route reflector ref...

Страница 487: ...a given prefix Because the route reflector selects only one best path and reflects that single best path toward its clients and nonclients the amount of state in the network is reduced The core of the...

Страница 488: ...cast Routes You can issue the neighbor send label command to enable BGP to exchange both labeled and unlabeled unicast routes in the same address family same AFI over the same BGP peering session The...

Страница 489: ...as the next hop whether because of an explicit neighbor next hop self configuration or implicitly as a result of participating in an EBGP session BGP allocates a new in label and adds an entry to the...

Страница 490: ...the BGP indirect next hop of the route in the IP routing table If the BGP indirect next hop is reachable BGP adds the route to the IP routing table as a U unicast route Resolving IPv6 Indirect Next H...

Страница 491: ...te SAFI 4 labeled Unlabeled Advertises labeled route SAFI 1 and SAFI 4 unlabeled and labeled Labeled Withdraws unlabeled route SAFI 1 unlabeled Labeled Advertises labeled route SAFI 4 labeled Labeled...

Страница 492: ...a full default free Internet routing table in the VRF The default routes must point to a shared IP interface that you create on top of the layer 2 interface that points to the Internet gateway Config...

Страница 493: ...pe1 pe11 config interface ip internet access host1 pe1 pe11 config if ip share interface atm2 1 3 host1 pe1 pe11 config if ip address 10 1 1 3 255 255 255 255 host1 pe1 pe11 config if exit host1 pe1 p...

Страница 494: ...onfig if ip vrf forwarding pe11 fallback global host1 pe1 pe11 config if atm pvc 11 0 11 aal5snap host1 pe1 pe11 config if ip address 10 11 11 1 255 255 255 0 host1 pe1 pe11 config if exit See Definin...

Страница 495: ...t map globimap1 Creating a BGP Session Between the CE Router and the Parent VR The fallback global option enables traffic that arrives at a VRF from the CE router to be sent out on the uplink determin...

Страница 496: ...ust host1 pe1 config if ip share interface atm2 0 1 host1 pe1 config if ip address 10 1 1 3 255 255 255 255 host1 pe1 config if exit host1 pe1 config ip route 10 4 4 4 255 255 255 255 ip ce1 cust The...

Страница 497: ...figuration is to use a global export map as described in Setting Import and Export Maps for a VRF on page 420 Enabling Traffic Flow from the Internet to the VPN When traffic flows from the Internet to...

Страница 498: ...e1 cust Global Export Map The global export map enables VPN routes to be automatically exported from the BGP RIB table in a VRF to the global BGP RIB table the BGP RIB table of the parent VR based on...

Страница 499: ...ier provides a VPN backbone network for the customer carrier Tier 1 The customer carrier in turn provides layer 3 VPN or Internet services to its end customers Tier 2 This section provides the backgro...

Страница 500: ...carrier Flexibility The VPN backbone can be used to deliver both VPN services and Internet connectivity services The following benefits are provided to the provider carriers Reduced VPN administratio...

Страница 501: ...rriers environment in which the customer carrier provides Internet connectivity services to its customers The figure shows how the labels are added and removed as the traffic traverses the network The...

Страница 502: ...he provider carrier s PE router Customer Carrier as a VPN Service Provider The carrier of carriers VPN can be used to create two tiered hierarchical VPNs In a hierarchical VPN the provider carrier s V...

Страница 503: ...u must complete the following configuration process when the customer carrier provides VPN services for its customers On the provider carrier s PE router 1 Configure MPLS 2 Configure BGP Carrier of Ca...

Страница 504: ...vider carrier creates a backbone VPN that is used by a customer carrier You must enable carrier of carriers support on the VRF of the provider carrier s PE device that connects to the PE device of the...

Страница 505: ...RFs on the PE router or into the core VRFs maintain a routing table only for the customer internal routes Forwarding is accomplished primarily by label switching without a routing table lookup Only cu...

Страница 506: ...ustomer IPv6 networks through the CE IPv6 link You can use any IPv6 enabled routing protocol to access the CE routers Use any MPLS signaling protocol to establish an MPLS base tunnel in the IPv4 core...

Страница 507: ...reach the customer IPv6 island 2001 0430 32 Router PE 2 then uses MP BGP AFI 2 SAFI 1 to advertise to CE 2 its ability to reach this network CE 2 sends native IPv6 packets destined for the 2001 0430...

Страница 508: ...s expected You can easily accomplish this by also configuring an IPv6 address on the core facing interface host1 config interface atm3 0 1 host1 config atm pvc 30 0 30 aal5snap host1 config ip address...

Страница 509: ...e peer group inherit the characteristic configured with this command You cannot override the characteristic for a specific member of the peer group Example host1 config router af neighbor 192 168 5 1...

Страница 510: ...v4 route applies export policy to the route and then propagates the route to a remote PE site by means of the MPLS VPN backbone At the destination PE router MP BGP places each route in the appropriate...

Страница 511: ...4 routes The PE OSPF router becomes the originator of the routes which are either type 5 external routes or type 3 internal routes The PE router can announce the OSPF routes to the appropriate CE rout...

Страница 512: ...F VRF on the PE router with the domain tag command The value of a VPN route tag must be unique within an OSPF domain so that the same external route is not propagated back to the BGP MPLS VPN backbone...

Страница 513: ...r link connects customer site 4 to customer site 5 directly without going through the backbone OSPF uses the backdoor path for traffic flow between these two sites for the following reasons At CE 4 an...

Страница 514: ...e remote PE router Use the ttl command to configure a TTL for the remote neighbor because the neighbor might be more than a single hop away Use the update source command to specify the loopback addres...

Страница 515: ...n the range 1 255 seconds the default value is 1 second Example host1 pe1 config router rn ttl 35 Use the no version to restore the default value 1 second See ttl update source Use to specify the loop...

Страница 516: ...rom other PE routers back into OSPF host1 default ospf2 config router redistribute bgp 6 Create an address family in BGP host1 default config router bgp 100 host1 default config router address family...

Страница 517: ...rred to as L2VPN instances on the router An L2VPN sometimes referred to as Virtual Private Wire Service VPWS is a BGP MPLS application that has much in common with BGP MPLS VPNs L2VPNs employ layer 2...

Страница 518: ...t next hop is resolved the IP routing table the IP tunnel routing table or both and whether this is in a VR or VRF IP indirect next hop index Index number of the IP indirect next hop that this BGP ind...

Страница 519: ...PLS indirect next hop when chains of next hops are in use Reference count Number of label mappings of BGP routes that use this next hop Examples host1 pe2 show ip bgp vpnv4 all next hops Indirect next...

Страница 520: ...face statistics was compromised Router advertisement Whether routes are advertised enabled or disabled Administrative debounce time Configured debounce behavior enabled or disabled If enabled indicate...

Страница 521: ...s Number of committed packets dropped because of out queue threshold limit Out Scheduler Drops Conformed Packets Number of conformed packets dropped because of out queue threshold limit Out Scheduler...

Страница 522: ...Description null0 255 255 255 255 up up atm4 0 77 7 8 7 7 up up See show ip interface vrf show ip protocols Use to display information about the routing protocols associated with the VRF You must spec...

Страница 523: ...OSPF learned routes Redistributing Protocol to which OSPF is redistributing routes Address Summarization Aggregate addresses defined in the routing table for multiple groups of addresses at a given le...

Страница 524: ...3 Routing Protocol is ospf 1 with Router ID 13 13 13 1 Distance is 110 Redistributing bgp Address Summarization None Routing for Networks 13 13 13 0 255 255 255 0 area 0 0 0 0 See show ip protocols sh...

Страница 525: ...te distinguisher for the VRF Interfaces Interfaces configured for the VRF Examples host1 show ip vrf VRF Name Default RD Interfaces vpn1 1 1 null0 atm4 0 77 vpn2 1 3 null0 fastEthernet3 0 atm4 0 21 ho...

Страница 526: ...bal BGP non VPN RIB The map applies to both IPv4 and IPv6 routes unless the field name is preceded by IPv4 applies to only IPv4 routes or IPv6 applies to only IPv6 routes Global Export Route map Route...

Страница 527: ...munities 100 3 No Import Route map No Export Route map No Global Import Route map No Global Export Route map See show ip vrf show ip vrf interfaces Use to display summary information about all interfa...

Страница 528: ...ets generated no routes Number of packets that could not be routed discards Number of packets that could not be routed that were discarded ICMP Statistics Rcvd errors Number of error packets received...

Страница 529: ...and bytes forwarded into an output IP interface In Total Dropped Packets Bytes Total number of packets and bytes discarded on a receive IP interface In Policed Packets Number of packets discarded on a...

Страница 530: ...than a problem with the packet itself Out Fabric Dropped Packets Number of packets dropped because of internal fabric congestion Examples host1 PE1 show ip vrf interfaces Interface IP Address Status P...

Страница 531: ...ast Packets 0 Bytes 0 In Forwarded Packets 0 Bytes 0 In Total Dropped Packets 0 Bytes 0 In Policed Packets 0 In Invalid Source Address Packets 0 In Error Packets 0 In Discarded Packets 0 In Fabric Dro...

Страница 532: ...re pkts Number of packets sent across tunnel hcPkts Number of high capacity 64 bit packets sent across tunnel octets Number of octets sent across tunnel hcOctets Number of high capacity 64 bit octets...

Страница 533: ...eue 0 traffic class best effort bound to atm vc ATM6 0 1 Queue length 0 bytes Forwarded packets 0 bytes 0 Dropped committed packets 0 bytes 0 Dropped conformed packets 0 bytes 0 Dropped exceeded packe...

Страница 534: ...nel octets Number of octets sent across tunnel hcoctets Number of high capacity 64 bit octets sent across tunnel errors Number of packets that are dropped for some reason before being sent discardPkts...

Страница 535: ...There is no no version See undebug ip mbgp Monitoring BGP MPLS VPNs 499 Chapter 5 Configuring BGP MPLS Applications...

Страница 536: ...500 Monitoring BGP MPLS VPNs JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 537: ...Layer 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 503 Configuring Layer 2 Services over MPLS on page 523 Monitoring Layer 2 Services over MPLS on page 557 Layer 2 Services Over MP...

Страница 538: ...502 Layer 2 Services Over MPLS JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 539: ...et service providers offer multiple services such as Frame Relay Asynchronous Transfer Mode ATM Ethernet High Speed Data Link Control HDLC and IP to their customers but are consolidating to a single p...

Страница 540: ...er legacy layer 2 connections to E Series routers are unaware that MPLS tunneling is used Figure 114 Layer 2 Services over a Provider s MPLS Network Layer 2 Services over MPLS Platform Considerations...

Страница 541: ...0 router and the E320 router use the slot adapter port subinterface format which includes an identifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right...

Страница 542: ...Layer Configuration Guide See Configuring Frame Relay in JUNOSe Link Layer Configuration Guide See Configuring Packet over SONET in JUNOSe Link Layer Configuration Guide See Configuring Bridged Ether...

Страница 543: ...layer 2 services over MPLS to transmit data between two layer 2 interfaces that reside on the same E Series router In this configuration which is referred to as a local cross connect traffic that arr...

Страница 544: ...mands Even though you can configure the group ID the JUNOSe software does not currently use it Whether the control word is used configured with the control word and no control word options of the mpls...

Страница 545: ...on When the MPLS shim interface is the only layer stacked above the layer 2 interface as is the case with ATM Frame Relay and HDLC then all traffic is forwarded to the MPLS shim interface and across t...

Страница 546: ...them encapsulates them using Martini encapsulation and forwards them to an MPLS tunnel At the end of the tunnel the packet is de encapsulated segmented back and sent to a selected ATM VC In Figure 117...

Страница 547: ...llowing limitations Only AAL5 packets and OAM cells are forwarded There is no equivalent of VP switching Point to multipoint connections are not supported Automatic connection setup using user to netw...

Страница 548: ...ultiple ATM cells in a single encapsulated packet that is transmitted on the MPLS pseudowire You can use the atm cell packing and atm mcpt timers commands to configure the following parameters that co...

Страница 549: ...S pseudowire Optional Martini one to one cell encapsulation method with cell headers removed Related Topics For information about AAL5 SDU encapsulation see Encapsulation Methods for Transport of ATM...

Страница 550: ...JUNOSe implementation of HDLC layer 2 circuits supports encapsulation of either HDLC frames or PPP frames within MPLS frames By default the router uses VC type HDLC signaling and HDLC encapsulation to...

Страница 551: ...the source and destination IP addresses are used in the hashing rule to determine the distribution criteria for received packets You must a different VLAN for IP packets from the one used for MPLS L2V...

Страница 552: ...devices see Multiple Layer 2 Services over MPLS on page 509 Related Topics MPLS L2VPN Tunnel over VLAN over LAG Configuration Example on page 541 MPLS L2VPN Tunnel over LAG Configuration Example on p...

Страница 553: ...ceived from the pseudowire connection and then transmitting the resulting frame to the attachment circuit You can enable the raw mode configuration only for MPLS shim interfaces stacked on S VLAN inte...

Страница 554: ...u cannot configure a VLAN subinterface with a VLAN ID value if any S VLAN subinterface on the same major VLAN is configured with the same S VLAN ID value C VLAN ID as anyUntagged and Ethertype as 0x81...

Страница 555: ...he single pseudowire To configure the subset of ATM virtual circuits you must configure a VPI VCI range using the new mpls relay atm vpi range vpiStart vpiEnd vci range vciStart vciEnd command in glob...

Страница 556: ...he MPLS Martini circuit configuration on an ATM port you cannot add the interface label space RSVP configuration on the same ATM port Therefore you can configure an ATM port with either the interface...

Страница 557: ...erface on the same ATM port with a VPI VCI value that is not included by the specified range specification and use that interface as an IP interface or subscriber interface If you configured a VPI VCI...

Страница 558: ...alability Considerations Because the support for multiple ATM VCs over a single pseudowire requires one pseudowire per ATM port and the number of ATM ports in a fully populated ERX chassis is in the o...

Страница 559: ...HDLC Layer 2 Services on page 532 Configuring CE Side Load Balancing for Martini Layer 2 Transport on page 534 Frame Relay over MPLS Configuration Example on page 538 MPLS L2VPN Tunnel over VLAN over...

Страница 560: ...ces over MPLS with the RFC 4619 Frame Relay pseudowire type 1 Configure the Frame Relay interface host1 config interface serial 4 1 1 1 host1 config if encapsulation frame relay ietf host1 config if f...

Страница 561: ...interface dlci ietf frame relay intf type frame relay lmi type interface serial mpls relay route interface Configuring Ethernet VLAN Layer 2 Services To configure Ethernet VLAN layer 2 services over M...

Страница 562: ...config interface fastEthernet 8 1 host1 config if encapsulation vlan host1 config if interface fastEthernet 8 1 1 2 Create the S VLAN tunnel and assign the S VLAN Ethertype For example the following...

Страница 563: ...Local Cross Connect Between Ethernet VLAN Interfaces To configure the application shown in Figure 119 on page 527 1 Configure a local IP address You can use any reachable local IP address This example...

Страница 564: ...astEthernet 3 1 1 host1 config if vlan id 11 6 Optional If you are configuring a multiservice local cross connect assign an IP address and mask to the Ethernet VLAN interface host1 config if ip addres...

Страница 565: ...ingress interface host1 config interface atm 2 0 1 host1 config subif atm pvc 1 0 100 aal5all 3 Create an MPLS relay connection to the loopback interface Include the address of the loopback interface...

Страница 566: ...rent routers you can also use AAL0 encapsulation when you configure a local cross connect between two ATM 1483 subinterfaces within the same router To create an MPLS pseudowire connection with VCC cel...

Страница 567: ...nfig atm mcpt timers 1500 2500 3500 host2 config interface loopback 0 host2 config if ip address 6 1 1 1 255 255 255 255 host2 config exit host2 config interface atm 4 0 101 host2 config subif atm pvc...

Страница 568: ...knownProtocol 0 OutDiscards 0 1 interface s found Related Topics atm cell packing atm mcpt timers atm pvc interface atm interface loopback ip address mpls relay show atm mcpt timers show atm subinterf...

Страница 569: ...ptional Attach an MPLS policy to the HDLC layer 2 circuit by using the mpls policy command host1 config if mpls policy input hdlc policy 4 Configure the serial or POS interface and MPLS on the remote...

Страница 570: ...eries router to interoperate with an 802 3ad switch You can configure load balancing in two different ways You can configure many shim interfaces with the same peer VC type and VC ID Alternatively you...

Страница 571: ...ost1 config interface atm 6 0 101 point to point host1 config subif mpls relay 10 9 1 2 600001 host1 config subif exit host1 config interface atm 6 2 101 point to point host1 config subif mpls relay 1...

Страница 572: ...igured on each port Load balancing group 100 includes three Martini circuits one for each pair of subinterfaces on the ports That is three circuits were created one for the pair 2 0 1 and 3 1 10 one f...

Страница 573: ...erfaces are entered one by one For example the following commands configure two Martini circuits to different PE routers in the same load balancing group 100 sharing the candidate Ethernet ports 2 0 a...

Страница 574: ...change the script for your specific configuration The topology example shown in Figure 121 on page 538 further explains the configuration script NOTE The route interface command is used toward the en...

Страница 575: ...psulation frame relay ietf interface serial 4 0 1 1 1 frame relay interface dlci 17 ietf interface serial 4 0 2 1 encapsulation frame relay ietf interface serial 4 0 2 1 1 frame relay interface dlci 1...

Страница 576: ...m pvc 2 1 12 aal5snap ip address 10 10 12 3 255 255 255 0 ip router isis mpls mpls ldp router isis net 47 0005 80FF F800 0000 0000 0004 0000 F209 0303 00 mpls traffic eng router id loopback 0 mpls tra...

Страница 577: ...e Figure 122 on page 542 shows a sample configuration scenario of an MPLS L2VPN or Martini tunnel over VLAN over LAG The sample topology shows a customer edge router CE1 connected to a provider edge r...

Страница 578: ...thernet 2 1 0 host1 ce1 config if member interface gigabitEthernet 2 1 3 Specify VLAN as the encapsulation method for the Ethernet interface host1 ce1 config if encapsulation vlan Specify another subi...

Страница 579: ...e For this subinterface assign a VLAN ID specify the encapsulation method as VLAN configure MPLS and assign an IP address and mask Also enable LDP and topology driven LSP as does any LDP related comma...

Страница 580: ...rnet interface on PE2 and specify VLAN as the encapsulation method host1 pe2 config interface gigabitEthernet 2 1 5 host1 pe2 config if encapsulation vlan Create another Gigabit Ethernet subinterface...

Страница 581: ...er a LAG bundle Because the Martini tunnel is configured directly over LAG in this case only the source and destination MAC addresses are used in the hashing process to determine the physical link for...

Страница 582: ...onfig mpls Configure the LSR to create topology driven LSPs Enabling LDP automatically creates topology driven LSPs host1 pe1 config mpls topology driven lsp On PE1 configure a loopback interface and...

Страница 583: ...LAG shown in Figure 123 on page 545 Configure a virtual router PE2 host1 config virtual router pe1 Enable MPLS on a virtual router in Global Configuration mode host1 pe2 config mpls Configure PE2 to c...

Страница 584: ...rnet 2 1 7 host1 ce2 config subif ip address 7 7 7 8 255 255 255 0 Related Topics MPLS L2VPN Tunnel over VLAN over LAG Configuration Example on page 541 CE Side MPLS L2VPNs over LAG Overview on page 5...

Страница 585: ...owire is configured for raw mode only two cases are supported whether the CE side device is S VLAN aware or not aware Table 66 on page 549 describes the different scenarios in which the Martini circui...

Страница 586: ...kets over a Martini circuit with ES2 4G GE 2 GE FE ES2 10G ES2 10G Uplink and ES2 10G ADV LMs The different processing points inside the PE facing routers are denoted as A B C and D Figure 125 Etherne...

Страница 587: ...ncapsulation header is added to the packet and the egress line module forwards it to the MPLS network This functionality is the same for both ES2 4G LMs ES2 10G LMs ES2 10G Uplink LMs and ES2 10G ADV...

Страница 588: ...VLAN tag based on subinterface configuration PW1 for double tagged traffic Pseudowire PW2 for single tagged traffic X Y tagged for traffic from CPE1 CPE1 CPE2 CVLAN Y Untagged Two customer premise equ...

Страница 589: ...and the C VLAN Ethertype as 0x8100 which helps to uniquely identify the subinterface for all the following traffic patterns Untagged C VLAN tag only S VLAN tag only Both S VLAN and C VLAN tagged The f...

Страница 590: ...1 transmits ATM cells on the ATM port connected to PE1 The transmitted cells contain VPI VCI values that are within the range specified as part of the MPLS Martini configuration on the ATM port of PE1...

Страница 591: ...eudowires for this configuration In such a scenario traffic black holes might occur and rewriting of the ATM cell header takes place In this topology on the PE router configured with an ATM subinterfa...

Страница 592: ...556 Multiple ATM Virtual Circuits over a Single Pseudowire Example JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 593: ...for Layer 2 Services over MPLS on page 560 Monitoring MPLS Forwarding for Layer 2 Services over MPLS on page 561 Monitoring MPLS Layer 2 Interfaces for Layer 2 Services over MPLS on page 562 Setting...

Страница 594: ...1 config show atm mcpt timers ATM Martini cell aggregation timers Timer1 1500microseconds Timer2 2500microseconds Timer3 3500microseconds Meaning Table 68 on page 558 lists the show atm mcpt timers co...

Страница 595: ...lists the show atm subinterface command output fields for a description of the other fields in this display see Monitoring ATM in the JUNOSe Link Layer Configuration Guide Table 69 show atm subinterfa...

Страница 596: ...ing Table 70 on page 560 lists the show mpls cross connects atm command output fields Table 70 show mpls cross connects atm Output Fields Field Description Field Name VC ID number of the connection VC...

Страница 597: ...ldp swap to 30 on ATM5 0 1 nbr 10 10 11 5 19 ldp swap to 32 on ATM5 0 1 nbr 10 10 11 5 20 ldp swap to 34 on ATM5 0 1 nbr 10 10 11 5 21 ldp lookup on inner header label 22 ldp swap to 38 on ATM5 0 1 nb...

Страница 598: ...es Both the show mpls interface shim command and the show mpls l2transport interface command provide the same output The shim keyword displays all shim interfaces The brief keyword displays only limit...

Страница 599: ...l information displayed when a circuit is up host1 show mpls l2transport interface Out Label 49 on tun mpls lsp de090100 24 37 0 pkts 0 hcPkts 0 octets 0 hcOctets 0 errors 0 discardPkts queue 0 traffi...

Страница 600: ...appears instead of this field Displayed for an ATM port ATM AAL5 over ATM major interface ATM cell aggregation maximum cells per packet Identifier 1 2 or 3 of the ATM Martini cell packing timer that d...

Страница 601: ...packets and bytes that exceed the committed access rate but conform to the peak access rate Conformed Number of packets and bytes that exceed the peak access rate Exceeded VC label sent by this router...

Страница 602: ...p associated with the layer 2 Martini transport circuit Load Balancing Group Administrative state of the interface enabled or disabled Admin state Operational state of the interface up or down Oper st...

Страница 603: ...Part 4 Virtual Private LAN Service VPLS Overview on page 569 Configuring VPLS on page 583 Monitoring VPLS on page 607 Virtual Private LAN Service 567...

Страница 604: ...568 Virtual Private LAN Service JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 605: ...g In contrast L2VPNs that enable a virtual private wire service VPWS provide only a point to point traffic forwarding capability VPLS preserves the broadcast and multicast capabilities of the physical...

Страница 606: ...guring VPWS on page 651 VPLS Components As illustrated in Figure 128 on page 570 a typical VPLS topology consists of the following components VPLS Domains Typically a VPLS domain is associated with cu...

Страница 607: ...on page 570depicts two PE routers PE 1 which is the local router and PE 2 which is the remote router located at the other side of the service provider core Each PE router must have a VPLS instance th...

Страница 608: ...that includes the MAC address and associated network interface where the packet was received For traffic on the VPLS virtual core interface the VPLS instance captures additional information that inclu...

Страница 609: ...ity information Currently you can omit the signaling keyword with no adverse effects VPLS The VPLS address family enables you to configure the PE router to exchange layer 2 NLRI for a specified VPLS i...

Страница 610: ...multipoint connectivity between the local and remote VEs The PWid field is a nonzero 32 bit integer that contains the VPLS identifier which is a globally unique identifier for a VPLS domain All VEs th...

Страница 611: ...ck offset label range and route distinguisher can be different for each PE router The BGP path selection process uses the block offset and label range only to determine whether a layer 2 advertisement...

Страница 612: ...attributes The PE routers receiving the advertised routes first run the standard BGP selection process The routes from the connected multihomed PE routers all share the same site ID but can have diffe...

Страница 613: ...ire to the local PE router it verifies whether the prefix is in the range required for the site ID based on the block offset and label range advertised by the designated VE device If the prefix is out...

Страница 614: ...t MPLS connectivity to the BGP next hop is gone BGP then modifies the circuit status vector bit in the MP_REACH_NLRI to indicate that the LSP is down When the bit is modified BGP advertises the route...

Страница 615: ...ignaling using MP BGP to set up and tear down the pseudowires that constitute a VPLS instance VPLS signaling using LDP and the PWid FEC element FEC Type 128 to set up and tear down the pseudowires tha...

Страница 616: ...interface However the interface specifier format that you use depends on the router that you are using For ERX7xx models ERX14xx models and ERX310 routers use the slot port subinterface format For exa...

Страница 617: ...ng the Label Distribution Protocol LDP April 2006 RFC 4762 Virtual Private LAN Service VPLS Using Label Distribution Protocol LDP Signaling January 2007 Virtual Private LAN Service draft ietf l2vpn vp...

Страница 618: ...582 VPLS References JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 619: ...ample with BGP Signaling on page 595 Configuration Tasks for VPLS with LDP Signaling on page 599 Configuring VPLS Instances with LDP Signaling on page 600 Configuring LDP Signaling for VPLS on page 60...

Страница 620: ...onfiguring Optional Attributes for VPLS Instances on page 587 Configuring VPLS Network Interfaces on page 588 Configuring Subscriber Policies for VPLS Network Interfaces on page 589 Configuring the Lo...

Страница 621: ...vpls site range 15 3 Specify a name and unique identifier for the customer site that belongs to the VPLS instance host1 config bridge customer1 vpls site name westford site id 1 The site ID value must...

Страница 622: ...vplsA vpls transport virtual router vr1 host1 config bridge vplsB vpls transport virtual router vr2 host1 config bridge vplsC vpls transport virtual router vr1 Because vplsA and vplsC use the same tr...

Страница 623: ...ferent than the site IDs configured on the remote PE routers in the VPLS network You can configure a different block offset label range and route distinguisher for each connected PE router Related Top...

Страница 624: ...n host1 config bridge vplsB learn 2500 5 Optional Enable SNMP link status processing for all network interfaces associated with the specified VPLS instance host1 config bridge vplsB snmp trap link sta...

Страница 625: ...trunk server interface see Configuring Subscriber Policies for VPLS Network Interfaces on page 589 host1 config if bridge group customer1 subscriber trunk 4 Optional Set the maximum number of MAC add...

Страница 626: ...andles various packet or attribute types as follows For each packet type listed in Table 78 on page 590 the subscriber policy specifies whether the network interface permits forwards or denies filters...

Страница 627: ...ning Table 79 on page 591 lists the commands that you can use to modify subscriber policies for subscriber client interfaces associated with either a VPLS instance or a standard bridge group Table 79...

Страница 628: ...ct if a physical interface goes down The loopback interface sends packets back to the router or access server for local processing Any packets routed from the loopback interface but not destined to th...

Страница 629: ...onfigure the core facing interface on which you want to enable MPLS Label Distribution Protocol LDP and topology driven LSPs host1 config interface atm 5 0 100 host1 config subif atm pvc 100 1 100 aal...

Страница 630: ...ing an entry to the BGP neighbor table host1 config router neighbor 10 4 4 4 remote as 100 3 Use neighbor commands to specify the peers to which BGP advertises routes This example configures only the...

Страница 631: ...s customer2 After you configure MPLS LSPs and BGP signaling the router automatically generates a VPLS virtual core interface for each VPLS instance The VPLS virtual core interface represents all of th...

Страница 632: ...hernet or bridged Ethernet network interface provides a connection to the associated CE device Each VPLS instance maintains its own set of forwarding tables and filters to learn the network topology i...

Страница 633: ...dged Ethernet interface 2 0 12 between PE 1 and CE 2 and assign it to vplsB as a trunk interface host1 config interface atm 2 0 12 point to point host1 config subif atm pvc 12 0 12 aal5snap 0 0 0 host...

Страница 634: ...ls rd 100 21 host2 config bridge vplsA vpls route target both 100 1 Configure VPLS instance vplsB The route target 100 2 matches the route target configured for vplsB on PE 1 host2 config bridge vplsB...

Страница 635: ...ghbor 10 1 1 1 next hop self host2 config router af exit address family host2 config router address family vpls vplsA host2 config router af exit address family host2 config router address family vpls...

Страница 636: ...uring LDP Signaling for VPLS on page 601 Configuring Routing in the Core Network for VPLS on page 602 See VPLS Configuration Example with LDP Signaling on page 602 for a detailed sample configuration...

Страница 637: ...ssed in this section to configure LDP signaling for VPLS Table 81 Commands to Configure LDP Signaling for VPLS mpls ldp vpls vpls id mpls ldp vpls neighbor To configure LDP signaling for VPLS on the P...

Страница 638: ...area 0 0 0 0 host1 config router network 10 10 10 0 0 0 0 255 area 0 0 0 0 This example configures an OSPF routing process with process ID 1 and creates two OSPF interfaces in the backbone area area 0...

Страница 639: ...nce to uniquely identify each VPLS domain In the sample topology in Figure 130 on page 603 instance vplsA is assigned VPLS ID 1 and instance vplsB is assigned VPLS ID 2 on both the local PE router and...

Страница 640: ...hbor 2 2 2 2 Configure a loopback interface on PE 1 and assign it an IP address host1 config interface loopback 0 host1 config if ip address 1 1 1 1 255 255 255 255 host1 config if exit Assign the rou...

Страница 641: ...mpls ldp vpls vplsB vpls id 2 host2 config mpls ldp vpls vplsB neighbor 1 1 1 1 Configure a loopback interface on PE 2 and assign it an IP address host2 config interface loopback 0 host2 config if ip...

Страница 642: ...606 VPLS Configuration Example with LDP Signaling JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 643: ...elated Settings for VPLS on page 611 Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance on page 612 Monitoring VPLS Configuration and Statistics for all VPLS Instances on page 6...

Страница 644: ...e on page 608 Setting a Baseline for the VPLS Virtual Core Interface Associated with a VPLS Instance on page 608 Setting a Baseline for a VPLS Instance To set a statistics baseline for a VPLS instance...

Страница 645: ...PLS Virtual Core Interface Associated with A VPLS Instance on page 610 Clearing All Dynamic MAC Addresses from the VPLS Forwarding Table To clear all dynamic MAC address entries for the VPLS instance...

Страница 646: ...gp commands to remove specific BGP attributes for the L2VPN address family and in one case for the VPLS address family associated with a specific VPLS instance Clearing BGP Reachability Information fo...

Страница 647: ...ait end of rib Related Topics Configuring BGP Routing on page 3 clear ip bgp clear ip bgp dampening clear ip bgp wait end of rib Monitoring Bridging Related Settings for VPLS You can use the show comm...

Страница 648: ...Purpose Display configuration and statistics information for the specified VPLS instance Action To display configuration information for a specified VPLS vplsA host1 show bridge vplsA BridgeGroup vpls...

Страница 649: ...e transport virtual router configured for the VPLS instance Transport Virtual Rtr Unique route distinguisher configured for the VPLS instance Route Distinguisher Site name configured for the VPLS inst...

Страница 650: ...nk Status Snmp Traps Disabled Subscriber Policy default Subscriber Port Count 2 Interface Count 1 Transport Virtual Rtr default Route Distinguisher 1 1 1 1 10 SiteName boston SiteId 1 Multi homed Yes...

Страница 651: ...rts currently configured for the VPLS instance including network interfaces and the VPLS virtual core interface Port Count Number of network interfaces currently configured for the VPLS instance Inter...

Страница 652: ...e interface atm 3 1 10 atm3 1 10 BridgeGroup vplsB Port Number 1 Operational Status Up Admin Status Up Snmp Link Status Trap Disabled Max Learn Unlimited Subscriber Policy default Trunk Statistics In...

Страница 653: ...abled Max Learn Unlimited Subscriber Policy default Trunk Statistics In Octets 0 In Frames 0 In Discards 0 In Errors 0 Out Octets 0 Out Frames 0 Out Discards 40 Out Errors 0 Time since counters last r...

Страница 654: ...this interface Out Octets Number of frames transmitted on this interface Out Frames Number of outgoing packets discarded on this interface Out Discards Number of outgoing errors on this interface Out...

Страница 655: ...ore interface host1 show bridge interface vpls vplsB vpls vplsB BridgeGroup vplsB Port Number 2 Operational Status Up Admin Status Up Snmp Link Status Trap Disabled Max Learn Unlimited Subscriber Poli...

Страница 656: ...ce In Errors Number of octets transmitted on this interface Out Octets Number of frames transmitted on this interface Out Frames Number of outgoing packets discarded on this interface Out Discards Num...

Страница 657: ...0 Out Errors 0 Time since counters last reset 00 10 55 queue 0 traffic class best effort bound to bridge FastEthernet1 1 1 Queue length 0 bytes Forwarded packets 14 bytes 2042 Dropped committed packe...

Страница 658: ...or the interface Subscriber Policy Displays statistics information for the specified port Statistics Number of octets received on this interface In Octets Number of frames received on this interface I...

Страница 659: ...on which this interface resides Port Interface type and specifier associated with the port Interface Operational status of the physical interface Up Down LowerLayerDown NotPresent Status Related Topic...

Страница 660: ...ing Subscriber Policy Rules Purpose Display the set of forwarding and filtering rules for all subscriber policies configured on the router or for a specified subscriber policy Action To display the ru...

Страница 661: ...policy Subscriber Indicates that the subscriber interface forwards packets of the specified type For the relearn attribute specifies that relearning a MAC address entry on a different interface from t...

Страница 662: ...Layer 2 NLRI for VPLS Instances Purpose Display layer 2 NLRI for all VPLS instances in the L2VPN address family for a particular VPLS instance in the L2VPN address family or for a particular VPLS ins...

Страница 663: ...confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dam...

Страница 664: ...L2VPN address family including the status of the route host1 pe1 show ip bgp l2vpn all fields best rd peer next hop loc pref extended communities next hop cost Prefix Rd Peer Next hop Next hop cost L...

Страница 665: ...e route LocPrf Weight of the route Weight Origin of the route Origin AS path through which this route has been advertised AS path Description of the extended communities associated with this route Inc...

Страница 666: ...p and its resolution IP indirect next hop index Index number of the MPLS indirect next hop that corresponds to the BGP indirect next hop and its resolution MPLS indirect next hop index Indicates wheth...

Страница 667: ...s the PE router Remote PE Incoming MPLS label from the remote site In label Outgoing MPLS label used to reach the remote site Out label Related Topics show ldp vpls Monitoring MPLS Related Settings fo...

Страница 668: ...LS packet router or interface Spoof check Action taken for MPLS packets arriving with that label Action Number of packets sent with the label in pkts Number of octets sent with the label in Octets Num...

Страница 669: ...ace Count 1 Transport Virtual Rtr pe1 Route Distinguisher 1 1 1 1 10 SiteName westford SiteId 1 SiteRange 10 VPLS Route Targets Route Target RT 100 1 both Flood Next Hop Index 1048577 MPLS next hop 20...

Страница 670: ...ed OL No Out Label Site State Remote PE In label Out label MPLS NH Idx Up down Time 2 UP 2 2 2 2 27 56 21 00 02 56 Meaning Table 98 on page 634 lists the show vpls connections command output fields Ta...

Страница 671: ...the VPLS domain associated with the VPLS instance SiteRange Extended community identifiers also known as route targets for each VPLS instance configured on the router VPLS Route Targets Index number o...

Страница 672: ...figuration Remote PE Incoming MPLS label from the remote site In label Outgoing MPLS label used to reach the remote site Out label MPLS next hop index number that corresponds to the outgoing MPLS labe...

Страница 673: ...Part 5 Virtual Private Wire Service VPWS Overview on page 639 Configuring VPWS on page 651 Monitoring VPWS on page 665 Virtual Private Wire Service 637...

Страница 674: ...638 Virtual Private Wire Service JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 675: ...VPWS VPWS L2VPNs are sometimes called Kompella L2VPNs You configure a VPWS instance on each associated edge router for each VPWS L2VPN Traditional VPNs over layer 2 circuits require the provisioning a...

Страница 676: ...to point links between Westford and Bangalore Customer B needs only a single point to point link between Westford and Sunnyvale The service provider uses BGP and MPLS signaling in the core and create...

Страница 677: ...Variable TLVs The local PE router selects a contiguous label block to cover all the remote sites for a given VPWS instance The local PE router then advertises that label block as part of the reachabil...

Страница 678: ...If a control word mismatch occurs the pseudowire remains in a down state with a status of control word mismatch A control status vector is sent along with the other NLRI information This vector carri...

Страница 679: ...as provider edge devices which are also referred to as PE routers These PE routers perform a similar function to PE routers in a BGP MPLS VPN configuration Figure 132 on page 642 depicts two PE route...

Страница 680: ...ed site in the event of a PE router to CE device link failure the failure of a PE router or an MPLS reachability failure between the local PE router and a remote PE router A redundant PE router can be...

Страница 681: ...routes advertised for a multihomed site effectively consists of multiple routes to a single prefix distinguished by the site ID alone Therefore the result of the second selection process is the single...

Страница 682: ...rned by means of EBGP over one learned by means of IBGP 9 Select the path with the lowest IGP cost to the next hop 10 Select the path with the shortest route reflection cluster list Routes without a c...

Страница 683: ...e VPWS network Because some implementations do not support the status vector bit The E Series routers also advertise the down bit in a VPWS network This bit is then used by the other routers to evalua...

Страница 684: ...t and site is down The remote PE routers each run the best path selection process again and adjust the VPWS pseudowires as needed Failure of MPLS reachability to the remote PE router BGP on the PE rou...

Страница 685: ...an L2VPN instance Multihoming Inter AS option A inter AS option B and inter AS option C services As with VPLS VPWS does not support BGP multipaths VPWS Platform Considerations VPWS is supported on al...

Страница 686: ...ifier for the bay in which the I O adapter IOA resides In the software adapter 0 identifies the right IOA bay E120 router and the upper IOA bay E320 router adapter 1 identifies the left IOA bay E120 r...

Страница 687: ...fore You Configure VPWS The JUNOSe software implementation of VPWS uses features of BGP MPLS BGP MPLS VPNs and layer 2 services over MPLS We recommend you have a thorough understanding of these protoc...

Страница 688: ...ing interfaces in the VPWS instance a Configure the layer 2 interfaces that connect the PE router to each CE device in the L2VPN b Configure each layer 2 interface as a member of an VPWS instance by s...

Страница 689: ...Configuring Customer Facing Interfaces in the VPWS Instance on page 655 Configuring the Loopback Interface and Router ID for BGP for VPWS on page 657 Configuring MPLS LSPs for VPWS on page 659 For a d...

Страница 690: ...e the first number in the route distinguisher 100 is the number of the autonomous system AS The second number in the route distinguisher 11 uniquely identifies the L2VPN instance within that AS host1...

Страница 691: ...multi homed priority 2 You must configure the same site ID on all PE routers connected to the multihomed customer site The site ID shared by the connected PE routers should be different than the site...

Страница 692: ...between two local customer sites by first configuring the two local sites and then configuring the correct local and remote site IDs on the two local interfaces that you are cross connecting Figure 13...

Страница 693: ...guring the Loopback Interface and Router ID for BGP for VPWS To establish a BGP session BGP uses the IP address of the outgoing interface towards the BGP peer as the update source IP address for the T...

Страница 694: ...GP routers host1 config router bgp 738 2 Configure the PE to PE BGP session Use neighbor commands to specify the PE router peers to which BGP advertises routes and to configure additional BGP attribut...

Страница 695: ...and separately for each VPWS instance configured on the router host1 config router address family vpws l2vpnA host1 config router address family vpws l2vpnB Related Topics Configuring BGP Routing on p...

Страница 696: ...n LSPs on the core facing interface host1 config subif mpls ldp host1 config subif exit Related Topics Configuring MPLS on page 263 atm pvc interface atm ip address mpls mpls ldp VPWS Configuration Ex...

Страница 697: ...n both PE 1 and PE 2 to provide signaling for both L2VPNs Configuration on PE 1 Local PE Router Use the following commands on the local PE router PE 1 to configure the VPWS topology shown in Figure 13...

Страница 698: ...ter af exit address family Enable MPLS on the default virtual router host1 config mpls Configure ATM core facing interface 2 0 100 between PE 1 and the P router host1 config interface atm 2 0 100 host...

Страница 699: ...r ID for PE 2 using the IP address of the loopback interface host2 config ip router id 10 2 2 2 Configure BGP signaling host2 config router bgp 738 host2 config router neighbor 10 2 2 2 remote as 738...

Страница 700: ...LDP and topology driven LSPs on the core facing interface host1 config subif mpls host1 config subif mpls ldp host1 config subif exit 664 VPWS Configuration Example JUNOSe 11 0 x BGP and MPLS Configu...

Страница 701: ...r VPWS L2VPNs on page 667 Monitoring BGP Next Hops for VPWS L2VPNs on page 671 Monitoring VPWS Connections on page 673 Monitoring VPWS Instances on page 675 Monitoring L2VPN Interfaces for VPWS on pag...

Страница 702: ...amily Issue the clear ip bgp dampening command and specify l2vpn vpws vpwsName host1 clear ip bgp l2vpn dampening l2vpn vpws l2vpnBoston To clear route flap dampening information for all VPLS and VPWS...

Страница 703: ...gs for the VPWS Address Family show ip bgp neighbors received routes show ip bgp advertised routes show ip bgp neighbors routes show ip bgp l2vpn all show ip bgp peer group show ip bgp neighbors show...

Страница 704: ...block offset keywords Action To display information for a particular L2VPN instance in the L2VPN address family host1 pe1 show ip bgp l2vpn vpws l2vpn1 Local BGP identifier 10 1 1 1 local AS 100 2 ro...

Страница 705: ...amed customer1 in the VPWS address family host1 show ip bgp l2vpn vpws customer1 site id 2 block offset 1 BGP route information for prefix 2 1 Received route learned from internal peer 10 2 2 2 best r...

Страница 706: ...S Version number of the local routing information base Local RIB version Version number of the forwarding information base FIB version Status codes for the route listed before the Prefix best route in...

Страница 707: ...show ip bgp community show ip bgp community list show ip bgp dampened paths show ip bgp filter list show ip bgp flap statistics show ip bgp neighbors show ip bgp neighbors dampened routes show ip bgp...

Страница 708: ...ther this is in a VR or VRF Resolution Index number of the IP indirect next hop that corresponds to the BGP indirect next hop and its resolution IP indirect next hop index Index number of the MPLS ind...

Страница 709: ...ocal Site Id Remote Site Id state state FastEthernet4 1 1 2 enabled up Connections status code UP Operational SC Local and Remote Site Identifier Collision EM Encapsulation Mismatch OR Out of Range DN...

Страница 710: ...2d000007 02 24 45 3 2 UP 2 2 2 2 55 86 0000001d 01 50 40 To display detailed information about connections for a specific VPWS instance host1 show l2vpn connections instance l2vpn1 details L2VPN l2vpn...

Страница 711: ...e in the VPWS instance Sites Priority of the VPWS instance to serve as the backup PE router for the CE device in the event of a network failure in the multihomed configuration indicates also that the...

Страница 712: ...e Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100 11 Site Range 10 Sites Site Name boston Site Id 1 Route Targets Route Target RT 100 1 both Admin Oper Interfac...

Страница 713: ...erence for sequence number send or don t send sequence numbers Route distinguisher configured for the VPWS instance Route Distinguisher Maximum number of customer sites allowed in the L2VPN instance S...

Страница 714: ...trol word is preferred by default Do send sequence numbers by default Relay format is atm aal5 sdu vcc by default Administrative state is enabled Operational state is up Operational MTU is 9180 MPLS s...

Страница 715: ...terface UID UID automatically assigned to the MPLS major interface when it is created Lower interface UID Internal platform dependent 32 bit representation of the interface location used by Juniper Ne...

Страница 716: ...p l2transport to ATM2 0 12 26 ldp lookup on inner header label 27 ldp swap to 39 on ATM2 0 20 nbr 20 20 20 2 28 ldp swap to 41 on ATM2 0 20 nbr 20 20 20 2 29 ldp lookup on inner header label 30 ldp sw...

Страница 717: ...the forwarding table BGP LDP or RSVP TE Owner Type and location of spoof checking performed on the MPLS packet router or interface Spoof check Action taken for MPLS packets arriving with that label Ac...

Страница 718: ...682 Monitoring MPLS Forwarding Table for VPWS JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 719: ...Part 6 Index Index on page 685 Index 683...

Страница 720: ...684 Index JUNOSe 11 0 x BGP and MPLS Configuration Guide...

Страница 721: ...ion 144 IGP interior gateway protocol 6 managing a large scale 143 AS path filtering 87 AS path BGP access lists modifying 72 attribute 120 filtering 87 as set keyword aggregate address 61 ATM Asynchr...

Страница 722: ...multiple cells over a pseudowire and ATM n to one VCC cell transport 0x0009 pseudowire PW type 521 transportation of cells from multiple circuits over a single pseudowire 518 transportation of multipl...

Страница 723: ...14 policies soft reconfiguration of 98 promiscuous peers 43 reapplying BGP policies 98 redistributing BGP routes 53 reduce the number of meshed peers 143 remove BGP dynamic peers 43 resetting BGP ses...

Страница 724: ...ribute 473 OSPF routes distributing between PEs 473 distributing from CE to PE 473 distributing from PE to CE 473 OSPF routing information preserving 473 OSPF routing loops preventing 473 overriding A...

Страница 725: ...ddresses 9 displaying BGP routes 160 cleanout timeout factor command 268 269 clear BGP hard 98 BGP soft 98 clear bgp ipv6 commands clear bgp ipv6 98 clear bgp ipv6 dampening 102 clear bgp ipv6 dynamic...

Страница 726: ...h failures in BGP MPLS VPNs 374 pruning failed paths 374 enable a protocol BGP routing 17 432 enable protocols BGP routing 658 encapsulations ATM AAL0 511 ATM AAL05 510 equal cost multipath support on...

Страница 727: ...face ILMI cells and transmission along with data cells on the same pseudowire same VCI VPI values as the data cells 520 inter AS interprovider services IPv4 391 IPv6 399 interface commands interface l...

Страница 728: ...ported 503 load balancing adding member interface to group 537 configuring 537 group 534 monitoring 495 topology 534 536 local cross connects 507 514 527 532 monitoring 557 MPLS L2VPN over LAG configu...

Страница 729: ...metric type 72 match mpls label 452 match route type 72 match tag 72 maximum route limit BGP MPLS VPN 446 maximum route warning threshold BGP MPLS VPN 446 maximum routes command 447 maximum paths comm...

Страница 730: ...s 238 resources configuring 238 route pinning 238 RSVP TE See RSVP TE Resource Reservation Protocol with traffic engineering extensions S bit 213 shim header 213 shim interfaces configuring 509 528 so...

Страница 731: ...on keepalive interval 266 mpls ldp session retries 266 mpls ldp session retry time 266 mpls ldp strict security 281 mpls ldp sync 281 mpls ldp targeted hello holdtime 266 mpls ldp targeted hello inter...

Страница 732: ...172 neighbor weights BGP assign neighbor weights 112 neighbors peers BGP assigning weight to connections 112 distributing information in access lists 83 monitoring 172 network area command 602 network...

Страница 733: ...concatenation 522 before configuring VCI VPI ranges 522 configuration on both ends of the matching in the VP VCI range 519 not matching in the VPI VCI range 519 failure detection change of state on t...

Страница 734: ...RSVP TE Resource Reservation Protocol with traffic engineering extensions 229 BFD liveness detection and 252 bypass tunnels 284 detecting path failures 252 fast reroute extensions 284 graceful restar...

Страница 735: ...170 show ip bgp filter list 172 show ip bgp flap statistics 172 show ip bgp inconsistent as 172 show ip bgp l2vpn 626 667 show ip bgp l2vpn vpls 626 667 show ip bgp longer prefixes 172 show ip bgp nei...

Страница 736: ...d discovery 236 targeted sessions for VPLS with LDP signaling 573 technical support contacting JTAC xxxv test bgp ipv6 command 157 test ip bgp neighbor command 106 157 text and syntax conventions xxxi...

Страница 737: ...amily 573 594 loopback interface and router ID configuring 592 monitoring BGP related settings 625 sample topology configuring 595 signaling overview 573 VPLS address family 573 594 VPLS instances for...

Страница 738: ...flap dampening 666 BGP wait for end of RIB marker 666 components 642 configuration example 660 configure address families 658 BGP signaling 658 L2VPN instances 653 L2VPN interfaces 655 MPLS LSPs 659 s...

Отзывы:

Нет отзывов

Похожие инструкции для JUNOSE

PowerShot G10 - Digital Camera - Compact

Бренд: Canon Страницы: 49

CLIENT SECURITY 9.00 - QUICK

Бренд: F-SECURE Страницы: 32

CX-SUPERVISOR V3

Бренд: Omron Страницы: 5

NG Network Access Client SP4

Бренд: Barracuda Networks Страницы: 10

Бренд: AMX Страницы: 12

E16RMLL-I - Tivoli Storage Manager

Бренд: IBM Страницы: 828

GForce M-Tron Pro

Бренд: M-Audio Страницы: 4

DRUM AND BASS RIG

Бренд: M-Audio Страницы: 3

CERTIFICATE SYSTEM 8 - DEPLOYMENT

Бренд: Red Hat Страницы: 132

Бренд: Draytek Страницы: 60

Бренд: Cyber Sciences Страницы: 2

Бренд: Ubiquiti Страницы: 38

Бренд: KAPERSKY Страницы: 298

Бренд: MACROMEDIA Страницы: 10

Бренд: Mackie Страницы: 14

Бренд: Tandem Страницы: 312

Бренд: MACROMEDIA Страницы: 162

USB Connection Kit

Бренд: JVC Страницы: 24

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды