Page 1 JUNOSe Software for E Series Routing Platforms BGP and MPLS Configuration Guide Release 11.0.x Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 408-745-2000 www.juniper.net Published: 2009-12-30...
Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3 AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”)
Page 4 (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 http://www.gnu.org/licenses/gpl.html...
Page 5 agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein.
Page 7 Abbreviated Table of Contents About the Documentation xxxiii Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Part 2 Multiprotocol Layer Switching Chapter 2 MPLS Overview Chapter 3 Configuring MPLS Chapter 4 Monitoring MPLS Chapter 5 Configuring BGP-MPLS Applications Part 3 Layer 2 Services Over MPLS Chapter 6...
Page 8 JUNOSe 11.0.x BGP and MPLS Configuration Guide viii...
Page 9: Table Of Contents
Table of Contents About the Documentation xxxiii E Series and JUNOSe Documentation and Release Notes ......xxxiii Audience ....................xxxiii E Series and JUNOSe Text and Syntax Conventions ........xxxiii Obtaining Documentation .................xxxv Documentation Feedback ................xxxv Requesting Technical Support ..............xxxv Self-Help Online Tools and Resources ..........xxxvi Opening a Case with JTAC ..............xxxvi Part 1 Border Gateway Protocol...
Page 10 JUNOSe 11.0.x BGP and MPLS Configuration Guide Basic Configuration ..................17 Enabling BGP Routing ................17 Understanding BGP Command Scope .............18 Inheritance of Configuration Values ............20 Limitations on Inheritance ..............24 Setting the BGP Identifier ................24 Configuring Neighbors ................25 Configuring BGP Peer Groups ................26 Setting the Peer Type ................28 Assigning a Description ................28 Logging Neighbor State Changes .............29...
Page 11 Table of Contents Configuring BGP Routing Policy ..............70 Types of BGP Route Maps ...............71 Applying Table Maps ................81 Access Lists .....................83 Filtering Prefixes ................83 Filtering AS Paths with a Filter List ...........87 Filtering AS Paths with a Route Map ..........90 Configuring the Community Attribute .............92 Community Lists ..................95 Resetting a BGP Connection ..............98...
Page 12 JUNOSe 11.0.x BGP and MPLS Configuration Guide Managing a Large-Scale AS ................143 Configuring a Confederation ..............144 Configuring Route Reflectors ..............148 Route Reflection and Redundancy ..........149 Route Reflection and Looping ............150 Configuring BGP Multicasting ..............153 Monitoring BGP Multicast Services ............156 Using BGP Routes for Other Protocols ............156 Configuring BGP/MPLS VPNs ...............157 Testing BGP Policies ..................157 Monitoring BGP ...................158...
Page 13 Table of Contents ECMP Labels for MPLS ................233 MPLS Connectivity and ECMP ...............233 Supported TLVs ..................234 MPLS Connectivity Verification and Troubleshooting Methods ....235 LDP Discovery Mechanisms ................236 LDP Basic Discovery Mechanism ............237 LDP Extended Discovery Mechanism ............237 MPLS Traffic Engineering ................238 LSP Backup ...................238 Path Option ..................238 Reoptimization ..................239...
Page 14 JUNOSe 11.0.x BGP and MPLS Configuration Guide Chapter 3 Configuring MPLS Basic MPLS Configuration Tasks ..............264 MPLS Global Configuration Tasks ..............265 MPLS Global Tasks ................265 LDP Global Tasks ..................266 RSVP-TE Global Tasks ................268 LDP and RSVP-TE Interface Profile Configuration Tasks ......269 LDP Interface Profile Configuration Tasks and Commands ....269 RSVP-TE Interface Profile Configuration Tasks and Commands ....269 MPLS Interface Configuration Tasks ............270...
Page 15 Table of Contents Example Traffic Class Configuration for Differentiated Services ....304 Configuration on the Ingress Router .............306 Configuration on the Ingress and Transit Routers .........307 Configuration on the Transit and Egress Routers ........308 Chapter 4 Monitoring MPLS Setting the Baseline for MPLS Statistics ............312 Setting a Baseline for MPLS Major Interface Statistics ......312 Enabling and Setting a Baseline for MPLS Forwarding Table Statistics ..................313...
Page 16 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring RSVP-TE Interface Counters ............356 Monitoring RSVP-TE Graceful Restart ............358 Monitoring RSVP-TE Hello Adjacency Instances ..........359 Monitoring Status and Configuration for MPLS Tunnels .......361 Verifying and Troubleshooting MPLS Connectivity ........363 Sending an MPLS Echo Request Packet to an IP or IPv6 Address ..364 Tracing the Path of an MPLS Echo Request Packet to an IP or IPv6 Address ..................364 Sending an MPLS Echo Request Packet to a Martini Circuit ....364...
Page 17 Table of Contents Inter-AS Option C ..................396 Inter-AS Option C with Route Reflectors ..........398 Providing IPv6 VPN Services Across Multiple Autonomous Systems ....399 Using Route Targets to Configure VPN Topologies ........400 Full-Mesh VPNs ..................400 Hub-and-Spoke VPNs ................401 Overlapping VPNs .................402 Constraining Route Distribution with Route-Target Filtering ......404 Exchanging Route-Target Membership Information ......405 Receiving and Sending RT-MEM-NLRI Routing Updates ......406...
Page 18 JUNOSe 11.0.x BGP and MPLS Configuration Guide Deleting Routes for a VRF ..............447 Enabling VRF–to–VR Peering ..............448 Achieving Fast Reconvergence in VPN Networks ........449 Fast Reconvergence with Unique RDs ..........450 Fast Reconvergence by Means of Reachability Checking ....451 Configuring BGP to Send Labeled and Unlabeled Unicast Routes ..452 BGP Next-Hop-Self ................453 BGP Processing of Received Routes ............454 Labeled Unicast Routes ..............454...
Page 19 Table of Contents Monitoring BGP/MPLS VPNs ................481 Part 3 Layer 2 Services Over MPLS Chapter 6 Layer 2 Services over MPLS Overview Layer 2 Services over MPLS Overview ............503 Layer 2 Services over MPLS Platform Considerations ........504 Module Requirements ................504 Interface Specifiers ................505 Layer 2 Services over MPLS References ............505 Layer 2 Services over MPLS Implementation ..........506...
Page 20 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring S-VLAN Tunnels for Layer 2 Services ........526 Configuring Local Cross-Connects Between Ethernet/VLAN Interfaces ..527 Configuring Local ATM Cross-Connects with AAL5 Encapsulation ....528 Configuring an MPLS Pseudowire with VCC Cell Relay Encapsulation ..530 Configuring HDLC Layer 2 Services .............532 Configuring Local Cross-Connects for HDLC Layer 2 Services ....533 Configuring CE-Side Load Balancing for Martini Layer 2 Transport ....534...
Page 21 Table of Contents VPLS Edge Devices ................571 VPLS and Transparent Bridging ..............571 BGP Signaling for VPLS ................573 LDP Signaling for VPLS ................573 Targeted Sessions .................573 PWid FEC Element TLV .................574 BGP Multihoming for VPLS ................574 Selecting the Designated VE Device for a Multihomed Site ....576 Multihoming Reaction to Failures in the Network .........578 VPLS Supported Features ................579 VPLS Platform Considerations ..............579...
Page 22 JUNOSe 11.0.x BGP and MPLS Configuration Guide Setting a Baseline for the VPLS Virtual Core Interface Associated with a VPLS Instance .................608 Clearing Dynamic MAC Addresses from the VPLS Forwarding Table ...609 Clearing All Dynamic MAC Addresses from the VPLS Forwarding Table ....................609 Clearing a Specific Dynamic MAC Address from the VPLS Forwarding Table ....................609...
Page 23 Table of Contents BGP Multihoming for VPWS ................644 Selecting the Designated VE Device for a Multihomed Site ....646 Multihoming Reaction to Failures in the Network .........648 VPWS Supported Features ................649 VPWS Platform Considerations ..............649 Module Requirements ................649 Interface Specifiers ................650 VPWS References ..................650 Chapter 13 Configuring VPWS...
Page 24 JUNOSe 11.0.x BGP and MPLS Configuration Guide xxiv Table of Contents...
Page 25 List of Figures Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Figure 1: BGP Peers ..................5 Figure 2: Internal and External BGP ..............6 Figure 3: Interior Gateway Protocols ...............7 Figure 4: Routing Without CIDR ..............10 Figure 5: Routing with CIDR ................10 Figure 6: Transit Service ................12 Figure 7: Nontransit Service ................12 Figure 8: IPv6 Routing over TCP IPv4 ............13...
Page 26 JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 41: A Fully Meshed Autonomous System ..........145 Figure 42: A Confederation of Subautonomous Systems ......146 Figure 43: Simple Route Reflection .............149 Figure 44: Route Reflection: Logical Redundancy ........149 Figure 45: Route Reflection: Physical and Logical Redundancy ....150 Figure 46: BGP Route Reflection ..............151 Part 2 Multiprotocol Layer Switching...
Page 27 List of Figures Figure 82: Site Connectivity in a Full-Mesh VPN ..........400 Figure 83: Route Target Configuration for a Full-Mesh VPN ......401 Figure 84: Site Connectivity in a Hub-and-Spoke VPN .........401 Figure 85: Route Target Configuration for a Hub-and-Spoke VPN ....402 Figure 86: Site Connectivity in an Overlapping VPN ........402 Figure 87: Route Target Configuration for an Overlapping VPN ....403 Figure 88: Overlapping VPNs on a Single PE ..........403...
Page 28 JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 122: MPLS L2VPN Tunnel over VLAN over LAG Configuration Example ....................542 Figure 123: MPLS L2VPN Tunnel over LAG Configuration Example .....545 Figure 124: MPLS L2VPN Tunnel over LAG Configuration Example .....549 Figure 125: Ethernet Packet Distribution over Martini Circuits ....550 Figure 126: Martini Circuit with Two Pseudowires Between PE-Facing Routers ....................552 Figure 127: Martini Circuit Deployment for Transmission of Multiple ATM...
Page 29 List of Tables About the Documentation xxxiii Table 1: Notice Icons ................xxxiv Table 2: Text and Syntax Conventions ............xxxiv Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Table 3: Conventions for BGP Terms ...............4 Table 4: Cease Notification Message Subcodes ..........8 Table 5: Commands Affecting BGP Globally ..........18 Table 6: Commands Affecting All Address Families in a VRF ......18 Table 7: Commands Affecting the Current Address Family ......19...
Page 30 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 28: Incoming L-LSP PHB Determination ..........299 Table 29: Examples of Incoming L-LSP PHB Determination ......300 Table 30: Outgoing L-LSP PHB Determination ..........300 Table 31: Differentiated Services Mapping ..........305 Chapter 4 Monitoring MPLS Table 32: show atm vc Output Fields ............317 Table 33: show cac interface Output Fields ..........318 Table 34: show ip tunnel route and show ipv6 tunnel-route Output...
Page 31 List of Tables Table 69: show atm subinterface Output Fields ...........559 Table 70: show mpls cross-connects atm Output Fields ......560 Table 71: show mpls forwarding Output Fields ...........562 Table 72: show mpls interface and show mpls l2transport interface Output Fields ....................564 Part 4 Virtual Private LAN Service Chapter 9...
Page 32 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 103: Commands for Monitoring BGP Settings for the VPWS Address Family ....................667 Table 104: show ip bgp l2vpn Output Fields ..........670 Table 105: show ip bgp l2vpn all next-hops Output Fields ......672 Table 106: show l2vpn connections Output Fields ........675 Table 107: show l2vpn instance Output Fields ..........677 Table 108: show l2vpn interface Output Fields ..........678...
Page 33: About The Documentation
If the information in the latest release notes differs from the information in the documentation, follow the JUNOSe Release Notes. To obtain the most current version of all Juniper Networks® technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/...
Page 34: Table 1: Notice Icons
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 1: Notice Icons Icon Meaning Description Informational note Indicates important features or instructions. Caution Indicates a situation that might result in loss of data or hardware damage. Warning Alerts you to the risk of personal injury or death. Laser warning Alerts you to the risk of personal injury from a laser.
Page 35: About The Documentation
{ permit | deny } { in | out } { clusterId | ipAddress } Obtaining Documentation To obtain the most current version of all Juniper Networks technical documentation, see the products documentation page on the Juniper Networks Web site at http://www.juniper.net/...
Page 36: Self-Help Online Tools And Resources
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
Page 37: Part 1 Border Gateway Protocol
Part 1 Border Gateway Protocol Configuring BGP Routing on page 3 Border Gateway Protocol...
Page 38: Border Gateway Protocol
JUNOSe 11.0.x BGP and MPLS Configuration Guide Border Gateway Protocol...
Page 39: Configuring Bgp Routing
Chapter 1 Configuring BGP Routing This chapter contains the following sections: Overview on page 3 Platform Considerations on page 14 References on page 14 Features on page 16 Before You Configure BGP on page 17 Configuration Tasks on page 17 Basic Configuration on page 17 Configuring BGP Peer Groups on page 26 Advertising Routes on page 50...
Page 40: Autonomous Systems
JUNOSe 11.0.x BGP and MPLS Configuration Guide those terms are represented in lowercase in this chapter. Table 3 on page 4 lists the terms and their variant spellings. Table 3: Conventions for BGP Terms In This Chapter In RFCs aggregator AGGREGATOR AS-confed-set AS_CONFED_SET...
Page 41: Bgp Speaker
Chapter 1: Configuring BGP Routing (IGPs) such as RIP, OSPF, and IS-IS within its boundaries. ASs use exterior gateway protocols (EGPs) to exchange routing information with other ASs. BGP is an EGP. The outside world views an AS as a single entity, even though it can be a collection of IGPs working together to provide routing within its interior.
Page 42: Ibgp And Ebgp
JUNOSe 11.0.x BGP and MPLS Configuration Guide Because BGP relies on TCP to provide reliable and flow-controlled transmission of routing information, the BGP protocol itself is very simple. However it also implies that two routers can be BGP peers of each other only if they are reachable from each other in the sense that they can exchange IP packets.
Page 43: Bgp Messages
Chapter 1: Configuring BGP Routing Intermediate System-to-Intermediate System (IS-IS) Open Shortest Path First (OSPF) Routing Information Protocol (RIP) Figure 3 on page 7 shows that the routers in AS 53 all communicate with each other using an IGP. Routing information internal to AS 53 is redistributed from the IGP into BGP at router Chicago.
Page 44: Bgp Route
JUNOSe 11.0.x BGP and MPLS Configuration Guide If the session is being terminated for a nonfatal error, the notification messages includes the error code cease. Subcodes sent in the notification message can inform network operators about peering problems and help them better understand network events.
Page 45: Prefixes And Cidr
Chapter 1: Configuring BGP Routing Adj-RIBs-In store unprocessed routes learned from update messages received by the BGP speaker. Loc-RIB contains local routes resulting from the BGP speaker applying its local policies to the routes contained in its Adj-RIBs-In. Adj-RIBs-Out store routes that the BGP speaker will advertise to its peers in the update messages it sends.
Page 46: Path Attributes
(the “ best” route) based on the path attributes. BGP as implemented on the Juniper Networks E Series Broadband Services Router specifies detailed and complex criteria for picking the best route; this helps ensure that all routers will converge to the same routing table, a necessary behavior to avoid routing loops.
Page 47: Transit And Nontransit Service
Chapter 1: Configuring BGP Routing The following are some of the most important path attributes: AS-path specifies the sequence of autonomous systems that must be crossed to reach a certain destination. This path attribute is used to avoid routing loops and to prefer shorter routes over longer routes.
Page 48: Ipv6 Bgp Support
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 6: Transit Service Each ISP provides nontransit service to other ISPs. For example, Figure 7 on page 12 shows that ISP 1 does not permit traffic between ISP 2 and ISP 3 to cross its backbone. If ISP 1 permits such traffic, it squanders its own resources with no benefit to its customers or itself.
Page 49: Exchange Of Ipv6 Routing Information Over Tcp Ipv6
Chapter 1: Configuring BGP Routing Figure 8: IPv6 Routing over TCP IPv4 The E Series router’s MP-BGP implementation uses BGP update messages to announce the feasible routes to an associated IPv6 BGP next hop and also to announce the nonfeasible routes that need to be withdrawn from the peer. The E Series router announces only IPv6 global addresses as the BGP next-hop address;...
Page 50: Platform Considerations
See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP. For information about modules that support BGP on Juniper Networks E120 and E320 Broadband Services Routers: See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications.
Page 51 Chapter 1: Configuring BGP Routing Cooperative Route Filtering Capability for BGP-4 draft-ietf-idr-route-filter-09.txt (February 2003 expiration) Dynamic Capability for BGP-4 draft-ietf-idr-dynamic-cap-04.txt (February 2004 expiration) JUNOSe Release Notes, Appendix A, System Maximums Refer to the Release Notes corresponding to your software release for information about maximum values. RFC 1657 Definitions of Managed Objects for the Fourth Version of the Border Gateway Protocol (BGP-4) using SMIv2 (July 1997) RFC 1745 BGP4/IDRP for IP OSPF Interaction (December 1994)
Page 52: Features
JUNOSe 11.0.x BGP and MPLS Configuration Guide RFC 4721 Graceful Restart Mechanism for BGP (January 2007) RFC 4893 BGP Support for Four-octet AS Number Space (May 2007) Subcodes for BGP Cease Notification Message draft-ietf-idr-cease-subcode-05.txt (March 2004 expiration) NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress.
Page 53: Before You Configure Bgp
Chapter 1: Configuring BGP Routing Before You Configure BGP Before you attempt to configure BGP, ensure that you have TCP/IP reachability to the BGP peers with which you want your router to communicate. This may include tasks such as setting up interfaces and creating routes. See the JUNOSe Link Layer Configuration Guide and JUNOSe Physical Layer Configuration Guide for information about how to configure appropriate interfaces.
Page 54: Understanding Bgp Command Scope
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to remove the BGP process. See router bgp. Understanding BGP Command Scope BGP commands can be sorted into the following categories, each of which has a different scope; that is, each configures parameters within a different area of applicability.
Page 55: Table 7: Commands Affecting The Current Address Family
Chapter 1: Configuring BGP Routing The commands listed in Table 7 on page 19 configure parameters only for the current address family context. Table 7: Commands Affecting the Current Address Family address family disable-dynamic-redistribute aggregate-address external-paths auto-summary ip route-type bgp dampening maximum-paths bgp wait-on-end-of-rib network...
Page 56: Inheritance Of Configuration Values
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 8: Commands Affecting All Address Families for the Specified Peer or Peer Group (continued) neighbor ibgp-singlehop neighbor update-source neighbor lenient neighbor weight The commands listed in Table 9 on page 20 configure parameters separately for each address family exchanged over the BGP session.
Page 57: Table 10: Behavior Of Neighbor Commands
Chapter 1: Configuring BGP Routing from the peer group. However, attributes configured on a peer override values inherited from the peer group of which it is a member. The neighbor commands enable you to control features or set parameters for individual peers or for peer groups.
Page 58: Table 11: Inheritance From Other Commands
JUNOSe 11.0.x BGP and MPLS Configuration Guide Some of the commands in Table 10 on page 21 inherit global values set by other commands. Table 11 on page 22 describes the relationship between these commands. Table 11: Inheritance from Other Commands Category B Command Inherits Global Values Set By neighbor default-originate...
Page 59 Chapter 1: Configuring BGP Routing The no command disables inbound soft-reconfiguration for peer 10.19.7.8, overriding the configuration of the peer group to which the peer 10.19.7.8 belongs. The configuration of an individual peer takes precedence over the configuration of the peer group to which the peer belongs.
Page 60: Limitations On Inheritance
JUNOSe 11.0.x BGP and MPLS Configuration Guide Limitations on Inheritance All BGP peers that are members of the same peer group must send essentially the same updates. Accordingly, all members of a peer group must be the same kind of peer;...
Page 61: Configuring Neighbors
Chapter 1: Configuring BGP Routing host1(config-router)#bgp router-id 10.25.1.1 The new BGP identifier is used in open messages sent after you issue the command. To use the new BGP identifier for sessions already in the established state, you must use the clear ip bgp command to perform a hard clear. Use the no version to restore the router ID as the BGP identifier.
Page 62: Configuring Bgp Peer Groups
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to add an entry to the BGP neighbor table. Specifying a neighbor with an AS number that matches the AS number specified in the router bgp command identifies the neighbor as internal to the local AS. Otherwise, the neighbor is treated as an external neighbor.
Page 63: Figure 11: Bgp Peer Groups
Chapter 1: Configuring BGP Routing The multiprotocol extensions to BGP enable the exchange of information within different types of address families. By default, peers and peer groups exist in the unicast IPv4 address family and exchange unicast IPv4 addresses. For information on configuring and activating BGP peer groups within address families, see “Configuring the Address Family”...
Page 64: Setting The Peer Type
JUNOSe 11.0.x BGP and MPLS Configuration Guide Setting the Peer Type Each peer group must have a peer type before any BGP sessions for members of that peer group are allowed to come up and before the Adj-RIBs-Out table of that peer group can be filled.
Page 65: Logging Neighbor State Changes
Chapter 1: Configuring BGP Routing Use to associate a textual description of up to 80 characters with a BGP neighbor or peer group. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 66: Specifying A Source Address For A Bgp Session
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to stop logging. See bgp log-neighbor-changes Specifying a Source Address for a BGP Session By default, BGP uses the IP address of the outgoing interface toward the peer as the source IP address for the TCP connection over which the BGP session runs.
Page 67: Specifying Peers That Are Not Directly Connected
Chapter 1: Configuring BGP Routing Table 13: Source Addresses and Default Next Hop Addresses for Various Configurations Source Address used Configured Neighbor Configured Update for TCPv4 and TCPv6 Default Next Hop Default Next Hop Address Source Address Connection Value for IPv4 Prefixes Value for IPv6 Prefixes IPv4 neighbor address IPv4 source address...
Page 68: Figure 12: Using Ebgp-Multihop
JUNOSe 11.0.x BGP and MPLS Configuration Guide configure multihop connections. By default, the one-hop limitation per EBGP peers is enforced by the time-to-live attribute. You can override this default limit by using the ttl variable to specify the maximum number of hops to the peer. In Figure 12 on page 32, router Boston and router LA are connected together through router NY, rather than by a direct connection.
Page 69: Specifying A Single-Hop Connection For Ibgp Peers
Chapter 1: Configuring BGP Routing This command takes effect immediately and automatically bounces the BGP session. Use the no version to return BGP to halt acceptance of such routers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration.
Page 70: Removing Private As Numbers From Updates
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config)#router bgp 100 host1(config-router)#neighbor 2.2.2.2 maximum-prefix 1000 neighbor maximum-prefix Use to control how many prefixes can be received from a neighbor. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 71: Checking As Path Length
Chapter 1: Configuring BGP Routing Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 72: Enabling Md5 Authentication On A Tcp Connection
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:3# show ip bgp fields intro best peer loc-pref as-path Local router ID 13.13.13.3, local AS 200 10 paths, 5 distinct prefixes (520 bytes used) 6 paths selected for route table installation 14 path attribute entries (1943 bytes used) Status codes: >...
Page 73: Setting The Maximum Size Of Update Messages
Chapter 1: Configuring BGP Routing Use to enable MD5 authentication on a TCP connection between two BGP peers. If you configure a password for a neighbor, an existing session is torn down and a new one established. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 74: Setting Automatic Fallover
JUNOSe 11.0.x BGP and MPLS Configuration Guide Setting Automatic Fallover You can use the bgp fast-external-fallover command to specify that in the event of the failure of a link to any adjacent external peer, the BGP session is immediately and automatically brought down rather than waiting for the TCP connection to fail or for the hold timer to expire.
Page 75: Automatic Summarization Of Routes
Chapter 1: Configuring BGP Routing Use the no version to restore the default values on the specified neighbor or peer group 30 seconds for the keepalive timer and 90 seconds for the hold-time timer. See neighbor timers. timers bgp Use to set the keepalive and hold-time timers for all neighbors. If you set the keepalive timer to 0, BGP does not send any keepalive messages.
Page 76: Configuring Bgp For Overload Conditions
JUNOSe 11.0.x BGP and MPLS Configuration Guide bgp shutdown Use to shut down BGP globally. This command takes effect immediately. Example host1(config-router)#bgp shutdown Use the no version to reenable BGP. See bgp shutdown. neighbor shutdown Use to shut down a neighbor or peer group without removing their configuration. This command takes effect immediately.
Page 77: Enabling Route Storage In Adj-Ribs-Out Tables
Chapter 1: Configuring BGP Routing host1#show ip bgp summary Local router ID 10.1.0.1, local AS 1 Administrative state is Start Operational state is Down due to transition from Overload state Shutdown in overload state is enabled Default local preference is 100 Enabling Route Storage in Adj-RIBs-Out Tables By default, a BGP speaker does not store a copy of each route it sends to a BGP peer in the Adj-RIBs-Out table for that peer.
Page 78: Effects Of Changing Outbound Policies
JUNOSe 11.0.x BGP and MPLS Configuration Guide BGP cannot compare them with the attributes in the new update message. Consequently, BGP cannot determine whether the update contains new attributes or the same attributes as those previously advertised, and might send superfluous advertisements to peers.
Page 79: Configuring The Address Family
Chapter 1: Configuring BGP Routing Use the no version to enable the route storage. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor rib-out disable. rib-out disable Use to disable storage of routes in the Adj-RIBs-Out tables (disable rib-out) for all BGP peers.
Page 80 JUNOSe 11.0.x BGP and MPLS Configuration Guide VPN IPv6 If you specify the VPN-IPv6 address family, you can configure the router to provide IPv6 VPN services over an MPLS backbone. These VPNs are often referred to as BGP/MPLS VPNs. L2VPN If you specify the L2VPN address family, you can configure the PE router for VPLS L2VPNs or VPWS L2VPNs to exchange layer 2 network layer reachability information (NLRI) for all VPLS or VPWS instances.
Page 81 Chapter 1: Configuring BGP Routing From within the address family, configure BGP parameters for the address family. Exit Address Family Configuration mode. host1:vr1(config-router-af)#exit-address-family address-family Use to configure the router or VRF to exchange IPv4 or IPv6 addresses by creating the specified address family. IPv4 and IPv6 addresses can be exchanged in unicast, multicast, or VPN mode.
Page 82: Enabling Lenient Behavior
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:vr1(config-router-af)#exit-address-family There is no no version. See exit-address-family. neighbor activate Use to specify a peer or peer group with which routes of the current address family are exchanged. A peer or peer group can be activated in more than one address family. By default, a peer is activated only for the IPv4 unicast address family.
Page 83: Configuring Promiscuous Peers And Dynamic Peering
Chapter 1: Configuring BGP Routing BGP speaker to send a notification message to the peer generating the error and to terminate the session. By default, lenient behavior is disabled. neighbor lenient Use to enable a BGP speaker to be more tolerant of some errors generated by a peer, such as malformed BGP messages or finite state machine errors.
Page 84 JUNOSe 11.0.x BGP and MPLS Configuration Guide When the BGP speaker receives an open message from a dynamic peer, the remote AS number must match one of the following criteria; the connection is closed if it does not: If the peer group has a configured remote AS number, then the received AS number must be the same as the configured remote AS number.
Page 85: Configuring Passive Peers
Chapter 1: Configuring BGP Routing Example host1#clear ip bgp 192.168.1.158 vrf boston5 dynamic-peers There is no no version. See clear bgp ipv6 dynamic-peers. See clear ip bgp dynamic-peers. neighbor allow Use to configure a peer group to accept incoming BGP connections from any remote address that matches the specified access list.
Page 86: Advertising Routes
JUNOSe 11.0.x BGP and MPLS Configuration Guide If instead you initially configure the router as passive for those peers, BGP will not attempt to establish sessions to those peers but will wait until these remote peers initiate a session, thus conserving CPU resources. If you configure both sides of a BGP session as passive, then the session can never come up because neither side can initiate the connection.
Page 87: Figure 13: Prefixes Originating In An As
Chapter 1: Configuring BGP Routing Figure 13: Prefixes Originating in an AS The following commands configure router NY: host1(config)#router bgp 300 host1(config-router)#neighbor 10.2.25.1 remote-as 100 host1(config-router)#neighbor 10.4.4.1 remote-as 400 host1(config-router)#network 192.168.33.0 mask 255.255.255.0 The following commands configure router Boston: host2(config)#router bgp 100 host2(config-router)#neighbor 10.2.25.2 remote-as 300 host2(config-router)#neighbor 10.3.3.1 remote-as 400 host2(config-router)#network 172.19.0.0...
Page 88: Advertising Best Routes
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the backdoor keyword to lower the preference of an EBGP route to the specified prefix by setting the administrative distance to that of an internal BGP route, 200. Use this option to favor an IGP backdoor route over an EBGP route to a specific network.
Page 89: Redistributing Routes Into Bgp
Chapter 1: Configuring BGP Routing received from an internal peer, no route to the destination is advertised to the internal peers. See bgp advertise-best-external-to-internal. Redistributing Routes into BGP BGP can learn about routes from sources other than BGP updates from peers. Routes known to other protocols can be redistributed into BGP.
Page 90: Redistributing Routes From Bgp
JUNOSe 11.0.x BGP and MPLS Configuration Guide disable-dynamic-redistribute Use to halt the dynamic redistribution of routes that are initiated by changes to a route map. Dynamic redistribution is enabled by default. This command takes effect immediately. Example host1(config-router)#disable-dynamic-redistribute Use the no version to reenable dynamic redistribution. See disable-dynamic-redistribute.
Page 91: Configuring A Default Route
Chapter 1: Configuring BGP Routing NOTE: This default behavior does not apply to VPN routes. Redistribution of IBGP routes (routes received from an internal BGP peer) in a VRF is always enabled. You do not have to issue this command to enable redistribution of internal BGP routes in a VRF.
Page 92: Redistributing Default Routes
JUNOSe 11.0.x BGP and MPLS Configuration Guide If you issue the neighbor default-originate command, BGP sends the default route to that neighbor regardless of whether the default route exists in the IP forwarding table. In Figure 15 on page 56, router NY originates the default route 0.0.0.0/0 to router Albany only.
Page 93: Setting A Static Default Route
Chapter 1: Configuring BGP Routing Policy specified by a route map with the default-information originate command is applied at the same time as the policy for redistributed routes, before any outbound policy for peers. Example host1(config)#router bgp 100 host1(config-router)#default-information originate Use the no version to restore the default, preventing the redistribution of default routes.
Page 94: Setting The Minimum Interval Between Routing Updates
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 16: Setting a Static Default Route ip route Use to establish static routes. Use the no version to remove static routes. See ip route. Use to cause a BGP speaker (the local router) to send the default route 0.0.0.0/0 neighbor to a neighbor for use as a default route.
Page 95: Aggregating Routes
Chapter 1: Configuring BGP Routing Use to set the minimum interval between the sending of BGP updates for a given prefix. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 96 JUNOSe 11.0.x BGP and MPLS Configuration Guide host2(config-router)#aggregate-address 172.24.0.0 255.255.224.0 As configured above, router SanJose advertises the more specific routes as well as the aggregate route to router Boston. Alternatively, you can use the summary-only option to configure router SanJose to suppress the more specific routes and advertise only the aggregate route: host2(config)#router bgp 873 host2(config-router)#neighbor 10.2.2.3 remote-as 873...
Page 97 Chapter 1: Configuring BGP Routing passed along to router SanJose and preserved when the aggregate route is created. As a result, the aggregate route is not advertised outside the AS. The following commands demonstrate how to configure router SanJose to prevent the aggregate from not being advertised: host2(config)#router bgp 873 host2(config-router)#neighbor 10.2.2.3 remote-as 873...
Page 98: Advertising Inactive Routes
JUNOSe 11.0.x BGP and MPLS Configuration Guide This command takes effect immediately. Use the no version to remove the aggregate route entry from the routing table. See aggregate-address. Advertising Inactive Routes Under normal circumstances, routes that are not being used to forward traffic inactive routes are not advertised to peers unless synchronization is enabled.
Page 99: Advertising Ipv4 Routes Between Ipv6 Bgp Peers
Chapter 1: Configuring BGP Routing bgp enforce-first-as Use to cause BGP to determine whether the first AS in the AS path of a route received from an EBGP peer matches the remote AS number of that peer. If the AS does not match, BGP sends a notification to the peer with the error code “...
Page 100 JUNOSe 11.0.x BGP and MPLS Configuration Guide when that route is not in the routing table. BGP conditional advertisement enables you to control route advertisement without having to rely on only the best routes. For example, in a multi-homed network, you might want to advertise certain prefixes to one of the providers when a failure occurs in the peering session with a different provider, or when there is only partial reachability to that peer.
Page 101 Chapter 1: Configuring BGP Routing route map you specify with the non-exist-map keyword references multiple routes, all of those routes must be absent to trigger the conditional advertisement. You can optionally specify a sequence number for the advertise route map that matches the determining route.
Page 102: Advertising A Route Only When Another Route Is Present
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-router-af)#neighbor 192.168.2.2 advertise-map advertiseroutes exist-map matchroute sequence 10 Use the no version to remove the conditions set for advertising to the peer or peer group the routes specified by the route map. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration.
Page 103: Advertising A Route Only When Another Route Is Absent
Chapter 1: Configuring BGP Routing host1(config)#access-list 77 permit 10.10.20.0 0.0.0.255 host1(config)#route-map advertisetoR1 permit 10 host1(config-route-map)#match ip address 77 host1(config-route-map)#exit !Configure route map to match one trigger route from R3 host1(config)#ip as-path access-list 1 permit ^300 host1(config)#access-list 70 permit 172.24.19.0 0.0.0.255 host1(config)#route-map trigger1 permit 10 host1(config-route-map)#match ip address 70 host1(config-route-map)#match as-path 1...
Page 104: Figure 19: Advertising A Route When Another Route Is Absent
JUNOSe 11.0.x BGP and MPLS Configuration Guide advertises neither of the routes to router R2. Consequently, router R2 advertises both 10.10.20.0/24 and 10.10.30.0/24 to peergroup1. Figure 19: Advertising a Route When Another Route is Absent The following commands configure router R2: host1(config)#router bgp 200 host1(config-router)#neighbor peergroup1 peer-group host1(config-router)#neighbor peergroup1 remote-as 100...
Page 105: Advertising A Default Route Only When Another Route Is Present
Chapter 1: Configuring BGP Routing host1(config)#route-map alternatetoPG1 permit 10 host1(config-route-map)#match ip address allow host1(config-route-map)#exit !Configure route map to match an alternate trigger route host1(config)#access-list test permit 172.21.30.0 0.0.0.255 host1(config)#route-map condition2 permit 10 host1(config-route-map)#match ip address test host1(config-route-map)#match as-path 1 host1(config-route-map)#exit In this configuration, the condition1 route map has a sequence number of five, placing it high in the list of all configured advertise route maps for this peer group within the same address family.
Page 106: Configuring Bgp Routing Policy
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 20: Advertising a Default Route When Another Route is Present The following commands configure router R2: host1(config)#ip prefix-list default permit 0.0.0.0/0 host1(config)#route-map default permit 10 host1(config-route-map)#match ip address prefix-list default host1(config-route-map)#exit host1(config)#ip prefix-list test-default permit 172.55.0.0/16 host1(config)#route-map test permit 10 host1(config-route-map)#match ip address prefix-list test-default host1(config-route-map)#exit...
Page 107: Types Of Bgp Route Maps
Chapter 1: Configuring BGP Routing Prefix trees Route maps The remainder of this section provides detailed information about using these features with BGP. Before proceeding, please see JUNOSe IP Services Configuration Guide, for a thorough background on how these features work in general. Types of BGP Route Maps A route map consists of match clauses and set clauses.
Page 108: Table 16: Commands That Create Match-Only Route Maps
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 15: Clauses Supported in BGP Match-and-Set Route Maps (continued) match metric set metric match metric-type set metric-type match route-type set origin match tag set tag set weight The match-only route maps consist of the route maps configured with any of the commands listed in Table 16 on page 72.
Page 109 Chapter 1: Configuring BGP Routing Use to match a community list. Supported for inbound and outbound route maps. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match community comm5 Use the no version to delete the match clause from a route map or a specified value from the match clause.
Page 110 JUNOSe 11.0.x BGP and MPLS Configuration Guide match ip next-hop Use to match any routes that have a next-hop router address passed by the specified access list, prefix list, or prefix tree. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match ip next-hop 5 192.54.24.1 Use the no version to delete the match clause from a route map or a specified value from the match clause.
Page 111 Chapter 1: Configuring BGP Routing Use to match a route for the specified route type. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match route-type level-1 Use the no version to delete the match clause from a route map or a specified value from the match clause. See match route-type.
Page 112 JUNOSe 11.0.x BGP and MPLS Configuration Guide results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 113 Chapter 1: Configuring BGP Routing host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set as-path prepend list list10 Use the no version to delete the set clause from a route map. See set as-path prepend. set comm-list delete Use to remove communities specified by the community list from the community attribute of routes matching the route map.
Page 114 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to delete the set clause from a route map. See set community. set dampening Use to enable BGP route flap dampening only on routes that pass the match clauses of, and are redistributed by, a particular route map. BGP creates a dampening parameter block for each unique set of dampening parameters such as suppress threshold and reuse threshold used by BGP.
Page 115 Chapter 1: Configuring BGP Routing host1(config-route-map)#set ip next-hop 192.56.32.1 Use the no version to delete the set clause from a route map. See set ip next-hop. set local-preference Use to specify a preference value for the AS path. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set local-preference 200 Use the no version to delete the set clause from a route map.
Page 116 JUNOSe 11.0.x BGP and MPLS Configuration Guide For BGP, you can specify the following: external Reverts to the normal BGP rules for propagating the MED; this is the BGP default internal Sets the MED of a received route that is being propagated to an external peer equal to the IGP cost of the indirect next hop Example host1(config)#route-map nyc1 permit 10...
Page 117: Applying Table Maps
Chapter 1: Configuring BGP Routing Applying Table Maps You can use the table-map command on a per-address-family basis to apply a route map to modify IP attributes of BGP routes that are about to be added to the IP routing table.
Page 118 JUNOSe 11.0.x BGP and MPLS Configuration Guide table-map Use to apply a policy to BGP routes about to be added to the IP routing table. The route map can include any of the clauses listed in Table 18 on page 81. The new route map is applied to all routes that are subsequently placed in the IP routing table.
Page 119: Access Lists
Chapter 1: Configuring BGP Routing I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 Prefix/Length Type...
Page 120: Figure 21: Filtering With Access Lists
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 21: Filtering with Access Lists The following commands configure router Boston to apply access list reject1 to routes inbound from router SanJose. Access list reject1 rejects routes matching 172.24.160.0/19. host3(config)#router bgp 17 host3(config-router)#neighbor 10.5.5.4 remote-as 873 host3(config-router)#neighbor 10.5.5.4 distribute-list reject1 in host3(config-router)#exit...
Page 121 Chapter 1: Configuring BGP Routing host2(config-router)#exit host2(config)#access-list 1 deny 10.16.22.0 0.254.255.255 access-list Use to define an IP access list to permit or deny routes based on the prefix. Each access list is a set of permit or deny conditions for routes based on matching a route’s prefix.
Page 122 JUNOSe 11.0.x BGP and MPLS Configuration Guide Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 123: Filtering As Paths With A Filter List
Chapter 1: Configuring BGP Routing host1(config-router)#neighbor 192.168.1.158 prefix-tree newyork out New policy values are applied to all routes that are sent (outbound policy) or received (inbound policy) after you issue the command. To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session.
Page 124: Figure 23: Filtering With As-Path Access Lists
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 23: Filtering with AS-Path Access Lists Suppose you want router London to behave in the following way: Accept routes originated in AS 621 only if they pass directly to router London Accept routes originated in AS 11 only if they pass directly to router London Forward routes from AS 282 to AS 435 only if they pass through either AS 621 or AS 11, but not both AS 621 and AS 11 The following commands configure router London to apply filters based on the AS...
Page 125: Figure 24: Assigning A Filter List
Chapter 1: Configuring BGP Routing Consider the following commands used to configure router Chicago in Figure 24 on Example 2 page 89: host1(config)#router bgp 293 host1(config-router)#neighbor 10.5.5.2 remote-as 32 host1(config-router)#neighbor 10.5.5.2 filter-list 1 in host1(config-router)#neighbor 10.2.2.4 remote-as 17 host1(config-router)#exit host1(config)#ip as-path access-list 1 deny ^32$ Figure 24: Assigning a Filter List Access list 1 denies routes that originate in AS 32 and therefore routes originated by router NY because the AS-path attribute for these routes begins with (and indeed...
Page 126: Filtering As Paths With A Route Map
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to assign an AS-path access list to matching inbound or outbound routes with the in or out keywords. You can specify an optional weight value with the weight keyword to assign a relative importance to incoming routes matching the AS-path access list.
Page 127: Figure 25: Route Map Filtering
Chapter 1: Configuring BGP Routing Figure 25: Route Map Filtering Routes learned from router Boston have a weight of 150, whereas those learned from router NY have a weight of 50. Router Chicago therefore prefers all routes learned from router Boston to those learned from router NY. Based on this configuration, router Chicago prefers routes to prefixes originating in AS 837 or originating in AS 32 that pass through router Boston over routes to those same prefixes that pass through router NY.
Page 128: Configuring The Community Attribute
JUNOSe 11.0.x BGP and MPLS Configuration Guide Refer to the commands and guidelines in the section “Types of BGP Route Maps” on page 71 for more information about configuring route maps. Configuring the Community Attribute A community is a logical group of prefixes that share some common attribute. Community members can be on different networks and in different autonomous systems.
Page 129: Figure 26: Communities
Chapter 1: Configuring BGP Routing Use the set community command in route maps to configure the community attributes. By default, the community attribute is not sent to BGP peers. To send the community attribute to a neighbor, use the neighbor send-community command. Consider the network structure shown in Figure 26 on page 93.
Page 130 JUNOSe 11.0.x BGP and MPLS Configuration Guide The following commands configure router Boston to apply route map 5 to routes going out to 10.5.5.4. If the destination IP address of such a route matches instance 10 of the route map, router Boston sets the community attribute of the route to no-export.
Page 131: Community Lists
Chapter 1: Configuring BGP Routing Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 132: Figure 27: Community Lists
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 27: Community Lists Suppose you want router Albany to set metrics for routes that it forwards to router Boston based on the communities to which the routes belong. You can create community lists and filter the routes with a route map that matches on the community list.
Page 133 Chapter 1: Configuring BGP Routing Use to create a standard or a regular expression community list for BGP and controls access to it. A route can belong to any number of communities, so a community list can have many entries comprising many communities. You can specify one or more community values when you create a community list.
Page 134: Resetting A Bgp Connection
JUNOSe 11.0.x BGP and MPLS Configuration Guide A route matches this community list only if it belongs to at least all three communities in extended community list boston1: Communities 100:2, 100:3, and 100:4. Use the no version to remove a single extended community list entry if permit or deny and a path-expression are specified.
Page 135: Changing Policies Without Disruption
Chapter 1: Configuring BGP Routing Use the soft out option to reapply outbound policy and resend routes without clearing the BGP session. This command takes effect immediately. There is no no version. See clear bgp ipv6. See clear ip bgp. Changing Policies Without Disruption Changing policies can cause major network disruptions when you bring down sessions to reapply the modified policies.
Page 136: Route-Refresh Capability
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to disable storage of the route copies. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor soft-reconfiguration inbound.
Page 137 Chapter 1: Configuring BGP Routing Use to negotiate the exchange of inbound route filters and their installation as ORFs by specifying the orf keyword, an ORF type, and the direction of the capability. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 138: Configuring Route Flap Dampening
JUNOSe 11.0.x BGP and MPLS Configuration Guide results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 139 Chapter 1: Configuring BGP Routing Use to enable BGP route flap dampening on all BGP routes or routes matching a specified route map. You can specify a complete set of values that determine how routes are dampened. If you choose to do so, you must specify the entire set: half-life—...
Page 140: Policy-Based Route Flap Dampening
JUNOSe 11.0.x BGP and MPLS Configuration Guide To clear IPv4 dampening information for all routes in VRF dogwood: host1#clear ip bgp ipv4 dogwood dampening To clear IPv4 dampening information for all non-VRF routes in the IPv4 unicast address family: host1#clear ip bgp vrf unicast dampening To clear IPv4 dampening information for a specific route: host1#clear ip bgp dampening 192.168.5.0 255.255.255.0 To clear IPv4 dampening information for the most specific route matching an...
Page 141: Policy Testing
Chapter 1: Configuring BGP Routing Routes previously suppressed by a route map that are unsuppressed by this command are not automatically advertised; you must use the clear ip bgp command to perform a hard clear or outbound soft clear. Example host1(config-router)#neighbor berlin5 unsuppress-map inmap3 Use the no version to restore the default values.
Page 142: Selecting The Best Path
JUNOSe 11.0.x BGP and MPLS Configuration Guide test ip bgp neighbor Use to test the effect of BGP policies on a router without implementing the policy. You can apply the test to routes advertised to peers or received from peers. You can test the following kinds of policies: distribute lists, filter lists, prefix lists, prefix trees, or route maps.
Page 143: Bgp Path Decision Algorithm
Chapter 1: Configuring BGP Routing If only one route exists to a particular destination, BGP installs that route. If multiple routes exist for a destination, BGP uses tie-breaking rules to decide which one of the routes to install in the BGP routing table. BGP Path Decision Algorithm BGP determines the best path to each destination for a BGP speaker by comparing path attributes according to the following selection sequence:...
Page 144: Next Hops
JUNOSe 11.0.x BGP and MPLS Configuration Guide If the route originated inside the AS, the next hop is the IP address of the peer that advertised the route. If the route originated outside the AS that is, it was injected into the AS by means of an EBGP session the next hop is the IP address of the external BGP speaker that advertised the route.
Page 145 Chapter 1: Configuring BGP Routing because the next-hop address is not accessible. Router Memphis does a lookup in its IP routing table to determine how to reach 10.1.13.2: Destination Next Hop 10.1.13.0/24 10.2.2.1 The next hop is reachable through router Jackson, and the traffic can be forwarded. The following commands configure the routers as shown in Figure 28 on page 108: To configure router Jackson: host1(config)#router bgp 604...
Page 146: Next-Hop-Self
JUNOSe 11.0.x BGP and MPLS Configuration Guide Next-Hop-Self In some circumstances, using a third-party next hop causes routing problems. These configurations typically involve nonbroadcast multiaccess (NBMA) media. To better understand this situation, first consider a broadcast multiaccess (BMA) media network, as shown in Figure 29 on page 110.
Page 147 Chapter 1: Configuring BGP Routing You can use the neighbor next-hop-self command to correct this routing problem. If you use this command to configure router Madrid, the third-party next hop advertised by router Toledo is not advertised to router Barcelona. Instead, router Madrid advertises 192.168.22.0/23 with the next-hop attribute set to its own IP address, 10.19.7.7.
Page 148: Assigning A Weight To A Route
JUNOSe 11.0.x BGP and MPLS Configuration Guide Assigning a Weight to a Route You can assign a weight to a route when more than one route exists to the same destination. A weight indicates a preference for that particular route over the other routes to that destination.
Page 149: Using A Route Map
Chapter 1: Configuring BGP Routing host1(config-router)#neighbor 10.72.4.2 remote-as 300 host1(config-router)#neighbor 10.72.4.2 weight 500 Router LA sends traffic through router Boston in preference to router NY. Using a Route Map A route map instance is a set of conditions with an assigned number. The number after the permit keyword designates an instance of a route map.
Page 150 JUNOSe 11.0.x BGP and MPLS Configuration Guide The neighbor filter-list commands assign a weight attribute of 1000 to routes passing through router Boston and a weight attribute of 500 to routes passing through router NY. Regardless of the origin of the route, routes learned through router Boston are preferred.
Page 151: Configuring The Local-Pref Attribute
Chapter 1: Configuring BGP Routing results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 152: Using The Bgp Default Local-Preference Command
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use a route map to set the local-pref attribute. Using the bgp default local-preference Command In Figure 32 on page 116, AS 873 receives updates for network 192.168.5.0/24 from AS 32 and AS 17. Figure 32: Configuring the Local-Preference Attribute The following commands configure router LA: host1(config-router)#router bgp 873...
Page 153: Using A Route Map To Set The Local Preference
Chapter 1: Configuring BGP Routing To force BGP to run the decision process on routes already received, you must use the clear ip bgp command to perform an inbound soft clear or hard clear of the current BGP session. Use the no version to restore the default value, 100. See bgp default local-preference.
Page 154: Figure 33: The Origin Attribute
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 33: The Origin Attribute Consider the sample topology shown in Figure 33 on page 118. Because routers Albany and Boston are not directly connected, they learn the path to each other by means of an IGP (not illustrated).
Page 155: Table 20: Origin And As Path For Routes Viewed On Different Routers
Chapter 1: Configuring BGP Routing Consider how route 172.21.10.0/23 is passed along to the routers in Figure 33 on page 118: IS-IS injects route 172.21.10.0/23 from router Chicago into BGP on router LA. BGP sets the origin attribute to Incomplete (because it is a redistributed route) to indicate how BGP originally became aware of the route.
Page 156: Understanding The As-Path Attribute
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 20: Origin and AS Path for Routes Viewed on Different Routers (continued) Route Router Origin AS Path 172.19.0.0/16 empty 172.19.0.0/16 192.168.330/24 Albany empty 192.168.330/24 Boston empty 192.168.330/24 empty 192.168.330/24 As a matter of routing policy, you can specify an origin for a route with a set origin clause in a redistribution route map.
Page 157: Configuring A Local As
Chapter 1: Configuring BGP Routing Figure 34: AS-Path Attributes A routing loop exists if router London accepts the route from router Berlin. Router London can choose not to accept the route from router Berlin because it recognizes from the AS-path attribute (11 621 47) that the route originated in its own AS 47. As a matter of routing policy, you can prepend additional AS numbers to the AS-path attribute for a route with a set as-path prepend clause in an outbound route map.
Page 158: Configuring The Med Attribute
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring the MED Attribute If two ASs connect to each other in more than one place, one link or path might be a better choice to reach a particular prefix within or behind one of the ASs. The MED value is a metric expressing a degree of preference for a particular path.
Page 159 Chapter 1: Configuring BGP Routing host2(config-router)#neighbor 10.4.4.1 remote-as 303 host2(config-router)#neighbor 10.4.4.1 route-map 10 out host2(config-router)#neighbor 10.2.25.1 remote-as 73 host2(config-router)#neighbor 10.6.6.1 remote-as 4 host2(config-router)#neighbor 10.6.6.1 route-map 10 out host2(config-router)#network 192.168.33.0 mask 255.255.255.0 host2(config-router)#exit host2(config)#route-map 10 permit 10 host2(config-route-map)#set metric 50 The following commands configure router Nice: host3(config)#router bgp 73 host3(config-router)#neighbor 10.3.3.1 remote-as 303 host3(config-router)#neighbor 10.3.3.1 route-map 10 out...
Page 160 JUNOSe 11.0.x BGP and MPLS Configuration Guide Router Dublin advertises a MED of 25 for route 192.168.33.0/24, which is lower more preferred than the MED advertised by router Paris or router Nice. However, the AS path for the route through router Dublin is longer than that through router Paris.
Page 161: Missing Med Values
Chapter 1: Configuring BGP Routing Use the no version to delete the set clause from a route map. See set metric. Missing MED Values By default, a route that arrives with no MED value is treated as if it had a MED of 0, the most preferred value.
Page 162: Capability Negotiation
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-router)#bgp bestpath med confed Changes apply automatically whenever BGP subsequently runs the best-path decision process for a destination prefix; that is, whenever a best route is picked for a given prefix. To force BGP to run the decision process on routes already received, you must use the clear ip bgp command to perform an inbound soft clear or hard clear of the current BGP session.
Page 163: Cooperative Route Filtering
Chapter 1: Configuring BGP Routing The router advertises these capabilities except for the cooperative route filtering capability by default. You can prevent the advertisement of specific capabilities with the no neighbor capability command. You can also use this command to prevent all capability negotiation with the specified peer.
Page 164: Four-Octet As Numbers
JUNOSe 11.0.x BGP and MPLS Configuration Guide Four-Octet AS Numbers BGP speakers that support four-octet AS and sub-AS numbers are sometimes referred to as “ new” speakers. The four-octet AS numbers are employed by the AS-path and aggregator attributes. “ Old” speakers are those that do not support the four-octet numbers.
Page 165 Chapter 1: Configuring BGP Routing By waiting for all restarted peers to send the End-of-RIB marker, BGP risks delaying the initiation of the best path decision process indefinitely due to a single very slow peer. For a specific peer, you can avoid this delay by hard clearing the peer or issuing the clear ip bgp wait-end-of-rib command.
Page 166 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to enable the BGP graceful restart capability. Advertisement of the graceful restart capability is enabled by default. The no neighbor capability negotiation command prevents the advertisement of all BGP capabilities, including graceful restart, to the specified peers. This command takes effect immediately and automatically bounces the session.
Page 167 Chapter 1: Configuring BGP Routing This command takes effect immediately and automatically bounces the session. Example host1(config-router)#bgp graceful-restart stalepaths-time 480 Use the no version to restore the default value, 360 seconds. See bgp graceful-restart stalepaths-time. clear ip bgp wait-end-of-rib Use to clear a peer or peer group from the set of peers for which BGP is waiting to receive an End-of-RIB marker after a peer restart.
Page 168: Route Refresh
JUNOSe 11.0.x BGP and MPLS Configuration Guide Example host1(config-router)#neighbor graceful-restart restart-time 240 Use the no version to restore the default value, 120 seconds. See neighbor graceful-restart restart-time. neighbor graceful-restart stalepaths-time Use to set the maximum time BGP waits to receive an End-of-RIB marker from the specified restarted peer or peer group before flushing all remaining stale routes from that peer.
Page 169: Interactions Between Bgp And Igps
Chapter 1: Configuring BGP Routing If you issue the deprecated-dynamic-capability-negotiation, dynamic-capability-negotiation, four-octet-as-numbers, negotiation, or orf keywords, the command takes effect immediately and bounces the session. If the BGP speaker receives a capability message for a capability that BGP did not previously advertise in the dynamic capability negotiation capability, BGP sends a notification to the peer with the error code “...
Page 170: Disabling Synchronization
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 36: Synchronization Synchronization solves this problem by preventing a BGP speaker from advertising a route over an EBGP session until all routers within the speaker’s AS have learned about the route. If the AS contains routers connected by means of an IGP, the BGP speaker cannot propagate a BGP route that it learned from a peer until an IGP route to the prefix has been installed in the BGP speaker’s IP routing table.
Page 171: Figure 37: Disabling Synchronization
Chapter 1: Configuring BGP Routing a result, all the routers receive updates learned by the area border routers from external BGP speakers. Figure 37: Disabling Synchronization If synchronization is disabled, a BGP speaker propagates a BGP route learned from a peer only if it is the best route to the prefix in the IP routing table. However, the speaker does advertise the routes that it originates.
Page 172: Setting The Administrative Distance For A Route
JUNOSe 11.0.x BGP and MPLS Configuration Guide To configure router Chicago: host4(config)#router bgp 200 host4(config-router)#neighbor 3.3.3.1 remote-as 100 To configure router LA: host5(config)#router bgp 300 host5(config-router)#neighbor 1.1.1.1 remote-as 100 host5(config-router)#network 192.56.0.0 synchronization Use to enable and disable synchronization between BGP and an IGP. Synchronization is enabled by default.
Page 173 Chapter 1: Configuring BGP Routing If the IP routing table contains several routes to the same prefix for example, an OSPF route and an IBGP route the route with the lowest administrative distance is used for forwarding. By default, BGP propagates received BGP routes to EBGP routes only if the BGP route is used for forwarding traffic that is, if it is the route with the lowest administrative distance in the IP forwarding table.
Page 174: Figure 38: Administrative Distances
JUNOSe 11.0.x BGP and MPLS Configuration Guide local-distance—Administrative distance for local routes in the range 1–255. The default is 200. The default value is 20 for external routes, 200 for internal route, and 200 for local routes. The new distance is applied to all routes that are subsequently placed in the IP routing table.
Page 175: Configuring Backdoor Routes
Chapter 1: Configuring BGP Routing In this example, both router Albany and router Boston have synchronization turned on. When synchronization is on, BGP propagates a received route to EBGP peers, even if the IP forwarding table contains a non-BGP route with a better administrative distance than the BGP route.
Page 176: Setting The Maximum Number Of Equal-Cost Multipaths
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 40: Backdoor Route You can modify this behavior by issuing the network backdoor command on router host1(config)#router bgp 300 host1(config-router)#neighbor 10.4.4.1 remote-as 400 host1(config-router)#network 172.19.0.0 backdoor Unlike the typical network command, network backdoor does not cause the BGP speaker to advertise the specified prefix.
Page 177: Detecting Peer Reachability With Bfd
Chapter 1: Configuring BGP Routing If you set the value to 1, the router installs the single best route in the IP routing table. If you set the value greater than 1, the router installs that number of parallel routes. maximum-paths Use to set the maximum number of equal-cost multipaths.
Page 178 JUNOSe 11.0.x BGP and MPLS Configuration Guide the BFD protocol session goes down, BGP immediately brings down the BGP session and takes all associated actions. Whenever a BGP session leaves the established state, BGP requests BFD to stop the BFD protocol session. BGP also requests BFD to bring the BFD protocol session down and inform BGP if the local interface goes down.
Page 179: Bfd And Bgp Graceful Restart
Chapter 1: Configuring BGP Routing You can change the BFD liveness detection parameters at any time without stopping or restarting the existing session; BFD automatically adjusts to the new parameter value. However, no changes to BFD parameters take place until the values resynchronize with each peer.
Page 180: Configuring A Confederation
JUNOSe 11.0.x BGP and MPLS Configuration Guide For example, in an AS with 9 BGP peers, the peers can conduct 36 sessions: BGP provides the following two alternative configuration strategies to reduce the number of fully meshed peers: Configure confederations. Configure route reflectors.
Page 181: Figure 41: A Fully Meshed Autonomous System
Chapter 1: Configuring BGP Routing Figure 41: A Fully Meshed Autonomous System Figure 42 on page 146 illustrates how you can create three sub-ASs within AS 29 to greatly reduce the number of peering sessions. According to common practice, use a number from the private range of AS numbers from 64512 to 65535 to identify each sub-AS.
Page 182: Figure 42: A Confederation Of Subautonomous Systems
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 42: A Confederation of Subautonomous Systems The following commands partially configure router Salem: host1(config)#router bgp 64720 host1(config-router)#bgp confederation identifier 29 host1(config-router)#bgp confederation peers 64721 64722 host1(config-router)#neighbor 10.2.25.4 remote-as 64720 host1(config-router)#neighbor 10.2.25.8 remote-as 64721 host1(config-router)#neighbor 10.2.25.2 remote-as 325 The bgp confederation identifier command establishes router Salem as a member of Confederation 29.
Page 183 Chapter 1: Configuring BGP Routing host3(config-router)#neighbor 10.2.25.6 remote-as 29 From router Mason’s perspective, router Boston is simply a member of AS 29: host4(config)#router bgp 413 host4(config-router)#neighbor 10.3.3.2 remote-as 29 bgp confederation identifier Use to establish a router as a member of the specified BGP confederation. To routers outside the confederation, the confederation appears as an autonomous system with an AS number the same as the confederation identifier.
Page 184: Configuring Route Reflectors
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring Route Reflectors Router reflection is an alternative to confederations as a strategy to reduce IBGP meshing. BGP specifies that a BGP speaker cannot advertise routes to an IBGP neighbor if the speaker learned the route from a different IBGP neighbor. A route reflector is a BGP speaker that advertises routes learned from each of its IBGP neighbors to its other IBGP neighbors;...
Page 185: Route Reflection And Redundancy
Chapter 1: Configuring BGP Routing Figure 43: Simple Route Reflection Route Reflection and Redundancy Reliability and redundancy are important issues when using route reflection because the members of a cluster are not fully meshed. For example, if router Harvard in Figure 43 on page 149 goes down, all of its clients are isolated from networks outside the cluster.
Page 186: Route Reflection And Looping
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 45: Route Reflection: Physical and Logical Redundancy Route Reflection and Looping BGP prevents looping between ASs by evaluating the AS-path attribute to determine a route’s origin. Border routers reject routes they receive from external neighbors if the AS path indicates that the route originated within the border router’s AS.
Page 187: Figure 46: Bgp Route Reflection
Chapter 1: Configuring BGP Routing You do not configure a cluster ID, because router Salem is the only route reflector in this cluster. Figure 46: BGP Route Reflection To configure router Concord as a route reflector: host2(config)#router bgp 29 host2(config-router)#neighbor 10.7.1.3 remote-as 29 host2(config-router)#neighbor 10.7.1.3 route-reflector-client host2(config-router)#neighbor 10.7.1.4 remote-as 29 host2(config-router)#neighbor 10.7.1.4 route-reflector-client...
Page 188 JUNOSe 11.0.x BGP and MPLS Configuration Guide You must configure a cluster ID, because router Acton and router Harvard are both route reflectors in this cluster. To configure router Harvard as a route reflector: host4(config)#router bgp 29 host4(config)#bgp cluster-id 23 host4(config-router)#neighbor 10.3.1.2 remote-as 29 host4(config-router)#neighbor 10.3.1.2 route-reflector-client host4(config-router)#neighbor 10.1.2.1 remote-as 29...
Page 189: Configuring Bgp Multicasting
Chapter 1: Configuring BGP Routing Use to configure the local router as the route reflector and the specified neighbor as one of its clients. The reflector and its clients constitute a cluster. BGP neighbors that are not specified as clients are nonclients. Route reflectors pass routes among the client routers.
Page 190 JUNOSe 11.0.x BGP and MPLS Configuration Guide Multicast IPv6 If you specify the multicast IPv6 address family, you can use BGP to exchange routing information about how to reach an IPv6 multicast source instead of an IPv6 unicast destination. For a general description of multicasting, see JUNOSe Multicast Routing Configuration Guide.
Page 191 Chapter 1: Configuring BGP Routing The default setting is to exchange IPv4 addresses in unicast mode from the default router. This command takes effect immediately. Examples host1:vr1(config-router)#address-family ipv4 multicast host1:vr1(config-router)#address-family vpnv4 host1:vr1(config-router)#address-family ipv4 unicast vrf vr2 Use the no version to disable the exchange of a type of prefix. See address-family.
Page 192: Monitoring Bgp Multicast Services
JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to indicate that routes of the current address family must not be exchanged with the peer. See neighbor activate. Monitoring BGP Multicast Services To display values from the BGP multicast routing table, use the show BGP commands with the ipv4 multicast keyword.
Page 193: Configuring Bgp/Mpls Vpns
Chapter 1: Configuring BGP Routing host1(config-router-af)#ip route-type both Use the no version to restore the default value, unicast. See ip route-type. See ipv6 route-type. Configuring BGP/MPLS VPNs The BGP multiprotocol extensions enable the exchange of BGP information within different types of address families. The VPN IPv4 address family enables you to configure the router to provide IPv4 VPN services over an MPLS backbone.
Page 194: Monitoring Bgp
JUNOSe 11.0.x BGP and MPLS Configuration Guide The following three items apply to the test ip bgp neighbor command only: The address-family identifier for the route is the same as is used for identifying the neighbor. If you do not specify a route, the test is performed for all routes associated with the address-family identifier.
Page 195 Chapter 1: Configuring BGP Routing Use to set the baseline on all BGP statistics as the current values. For example, if you issue the baseline ip bgp command, all the current values of BGP statistics become the baseline values. If the current value of the Total message sent parameter is 105, and the value goes up to 120 messages, the new value is displayed as 15.
Page 196 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to specify fields that are displayed by default by any subsequently issued show ip bgp command that displays BGP routes. Use the intro keyword to enable the display of introductory information about BGP attributes.
Page 197 Chapter 1: Configuring BGP Routing Use to display the BGP routing table. If you specify an IP address, displays the route that best matches the specified IP address. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop.
Page 198 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:pe1#show ip bgp 10.88.88.1 BGP route information for prefix 10.88.88.1/32 Network route (best route Advertised to both internal and external peers Address Family Identifier (AFI) is ip-v4 Subsequent Address Family Identifier (SAFI) is unicast Next hop IP address is 0.0.0.0 (metric 2) Multi-exit discriminator is 1 Local preference is not present...
Page 199 Chapter 1: Configuring BGP Routing Reference count is 1 Example 5 Displays information about routes in the route-target address family host1# show ip bgp route-target signaling Local BGP identifier 13.13.13.13, local AS 100 4 routes (240 bytes) 3 destinations (228 bytes) of which 3 have a route 3 routes selected for route tables installation 0 unicast/multicast routes selected for route table installation 0 unicast/multicast tunnel-usable routes selected for route table...
Page 200 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:pe1#show ip bgp route-target signaling network Prefix Weight Route-map Backdoor 102:111:34/96 1111111111:23:1/96 host1:pe1#show ip bgp route-target signaling network 102:111:34 Prefix Weight Route-map Backdoor 102:111:34/96 Example 8 Error message generated when a prefix less than 32 or greater than 96 is specified for the RT-MEM-NLRI host1#show ip bgp route-target signaling 100:100:1/31 % Invalid route-target membership NLRI...
Page 201 Chapter 1: Configuring BGP Routing Local BGP identifier BGP router ID of the local router routes Total number of routes stored in the BGP routing table and amount of memory consumed by routes. If several peers have advertised a route to the same prefix, all routes are included in this count.
Page 202 JUNOSe 11.0.x BGP and MPLS Configuration Guide 0 tunnel-only routes selected for tunnel-route table installation 35097 path attribute entries (5334744 bytes) Local-RIB version 20969483. FIB version 20969483. Statistics baseline set WED JUL 12 2006 10:31:53 METDST See show ip bgp. See show bgp ipv6.
Page 203 Chapter 1: Configuring BGP Routing MED Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route Example host1#show ip bgp neighbors 5.72.116.1 advertised-routes Local BGP identifier 2.2.2.2, local AS 2222 0 routes (0 bytes used), 0 distinct destinations (0 bytes used) 0 routes selected for route table installation 0 path attribute entries (0 bytes used)
Page 204 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to display information about routes that have nonnatural network masks. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 205 Chapter 1: Configuring BGP Routing show ip bgp community show bgp ipv6 community Use to display all routes that are members of the specified BGP community. Does not accept regular expressions. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop.
Page 206 JUNOSe 11.0.x BGP and MPLS Configuration Guide 40845 paths, 40845 distinct prefixes (2940840 bytes used) 40845 paths selected for route table installation 13651 path attribute entries (1864908 bytes used) Prefix Peer Next-hop MED CalPrf Weight Origin > 24.0.0.0/12 10.5.0.48 10.5.0.48 >...
Page 207 Chapter 1: Configuring BGP Routing NN Number that identifies the community within the autonomous system Example host1#show ip bgp community-list 1 fields peer communities Local router ID 192.168.1.153, local AS 100 72077 paths, 72077 distinct prefixes (5189544 bytes used) 72077 paths selected for route table installation 21627 path attribute entries (2957324 bytes used) Prefix Peer...
Page 208 JUNOSe 11.0.x BGP and MPLS Configuration Guide route flap history Status of route flap history for route paths Prefix The prefix for the IP address Peer IP address of the BGP peer Status Status of route dampening of the route path Figure of Merit A measure of the route's stability.
Page 209 Chapter 1: Configuring BGP Routing Use to display all routes whose AS-path matches the specified AS-path access list. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 210 JUNOSe 11.0.x BGP and MPLS Configuration Guide > 12.2.109.0/24 10.5.0.48 11488 701 7018 10656 > 12.2.169.0/24 10.5.0.48 11488 701 7018 11806 > 12.4.114.0/24 10.5.0.48 11488 701 7018 14065 > 12.4.119.0/24 10.5.0.48 11488 701 7018 14065 > 12.4.175.0/24 10.5.0.48 11488 701 7018 11895 >...
Page 211 Chapter 1: Configuring BGP Routing host1#show ip bgp flap-statistics Local BGP identifier 192.168.1.232, local AS 100 Route flap dampening is enabled Default decay half-life is 15 minutes Default cutoff threshold is 2000, default reuse threshold is 750 Default maximum hold-down time is 60 minutes 307 paths have active route flap histories (27016 bytes used) 5 paths are suppressed Figure...
Page 212 JUNOSe 11.0.x BGP and MPLS Configuration Guide MED Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route AS-path AS-path through which this route bas been advertised Example host1#show ip bgp inconsistent-as Local BGP identifier 192.168.1.10, local AS 123 0 routes (0 bytes used), 0 distinct destinations (0 bytes used) 0 routes selected for route table installation...
Page 213 Chapter 1: Configuring BGP Routing path attribute entries Number of distinct path attributes stored in BGP's internal path attributes table. If BGP receives two routes for different prefixes but with identical path attributes, BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory.
Page 214 JUNOSe 11.0.x BGP and MPLS Configuration Guide negotiated BGP version BGP version being used to communicate with the neighbor Administrative status Desired state of the peer connection Connection state Current state of the BGP connection Connection has been established Time that TCP connection was established Reason for last reset Reason for last reset of the BGP session TCP error code TCP connection error type Default originate Status of default originate (enabled or disabled)
Page 215 Chapter 1: Configuring BGP Routing Negotiated hold time Negotiated maximum time allowed between received messages Configured update source IP address IP address used when sending update messages Local IP address Local IP address used for TCP communication to this peer Local port Local TCP port number used for TCP communication to this peer Remote IP address Remote IP address used for TCP communication to this peer...
Page 216 JUNOSe 11.0.x BGP and MPLS Configuration Guide Negotiated detection time Interval between BFD packets negotiated by peers Advertise-map Name of route map that specifies routes to be advertised when routes in conditional route maps are matched Condition-map Name of route map that specifies routes to be matched by routes in the BGP routing table Sequence Position of the specified advertise route map in a list of advertise route maps configured for a particular peer within the same address-family.
Page 217 Chapter 1: Configuring BGP Routing For the graceful restart capability, additional information is presented. Fields concerning graceful restart attributes that apply to peers as a whole (for all address families): Graceful restart negotiation: Sent restart time is 120 seconds Sent restart state bit is zero (we are not restarting) Received restart time is 120 seconds Received restart state bit is zero (peer is not restarting) Maximum time for keeping stale paths is 360 seconds...
Page 218 JUNOSe 11.0.x BGP and MPLS Configuration Guide Minimum transmit interval is 300 ms Minimum receive interval is 300 ms Multiplier is 3 Waiting for BGP to become established before initiating BFD session Fields relevant to BFD when BFD is configured, the BGP session is established, but the BFD protocol session is not up: BFD is enabled: Single-hop IPv4 BFD session to 1.2.3.4...
Page 219 Chapter 1: Configuring BGP Routing Local BGP identifier BGP router ID of the local router routes Total number of routes stored in the BGP routing table. If several peers have advertised a route to the same prefix, all routes are included in this count.
Page 220 JUNOSe 11.0.x BGP and MPLS Configuration Guide d63.65.12.0/24 192.168.1.158 192.168.1.1 0 inc. d63.73.12.0/24 192.168.1.158 192.168.1.1 0 IGP See show ip bgp neighbors dampened-routes. See show bgp ipv6 neighbors dampened-routes. show ip bgp neighbors paths show bgp ipv6 neighbors paths Use to display path information for the specified BGP neighbor. This command displays only the most common path attributes.
Page 221 Chapter 1: Configuring BGP Routing host1#show ip bgp neighbors 192.168.1.158 received prefix-filter ip prefix-list filter 192.168.1.158 for address family ipv4:unicast seq 5 permit 10.1.1.1/32 seq 10 permit 10.1.1.2/32 seq 15 permit 10.1.1.3/32 See show ip bgp neighbors received prefix-filter. show ip bgp neighbors received-routes show bgp ipv6 neighbors received-routes Use to display routes originating from the specified BGP neighbor before inbound policy is applied.
Page 222 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to display, after inbound policy is applied, all routes that originate from the specified BGP neighbor. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 223 Chapter 1: Configuring BGP Routing 5 routes (200 bytes) 5 destinations (360 bytes) of which 5 have a route 5 routes selected for route table installation 4 path attribute entries (608 bytes) Local-RIB version 33. FIB version 33. Status codes: > best, * invalid, s suppressed, d dampened, r rejected, a auto-summarized Prefix Peer...
Page 224 JUNOSe 11.0.x BGP and MPLS Configuration Guide Indirect next-hop 5.5.5.5 Reachable (metric 2) Direct next-hop atm2/0.35 (35.35.35.5) Reference count is 3 Indirect next-hop 6.6.6.6 Reachable (metric 3) Direct next-hop atm2/0.34 (34.34.34.4) atm2/0.35 (35.35.35.5) Reference count is 3 Indirect next-hop 13.13.13.1 Not reachable Reference count is 2 See show ip bgp next-hops.
Page 225 Chapter 1: Configuring BGP Routing Use to display information about BGP peer groups. Field descriptions BGP peer group Name of a BGP peer group remote AS Number of the remote AS Description Textual description of the BGP peer group Members IP addresses of the members of the BGP peer group Default originate Status of default origination of the BGP peer group EBGP multi-hop Status of EBGP multihop for the peer group IBGP single-hop Status of IBGP single hop for the peer group...
Page 226 JUNOSe 11.0.x BGP and MPLS Configuration Guide Advertise-map Name of route map that specifies routes to be advertised when routes in conditional route maps are matched Condition-map Name of route map that specifies routes to be matched by routes in the BGP routing table Sequence Position of the specified advertise route map in a list of advertise route maps configured for a particular peer group within the same address-family.
Page 227 Chapter 1: Configuring BGP Routing Status: Withdraw Advertise-map is alternatetoR1 Condition-map: trigger2 Sequence: 10 Status: Advertise See show ip bgp peer-group. See show bgp ipv6 peer-group. show ip bgp quote-regexp show bgp ipv6 quote-regexp Use to display information about BGP routes whose AS-path matches the specified regular expression.
Page 228 JUNOSe 11.0.x BGP and MPLS Configuration Guide If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option. See show ip bgp for descriptions of the fields displayed by this keyword. See show ip bgp regexp.
Page 229 Chapter 1: Configuring BGP Routing host1#show ip bgp regexp ^200 | begin Prefix % invalid regular expression Because the show ip bgp quote-regexp command accepts only one string as an argument to the regular expression, output filtering is possible: host1#show ip bgp quote-regexp ^200 | begin Prefix Prefix Next-hop CalPrf...
Page 230 JUNOSe 11.0.x BGP and MPLS Configuration Guide Route flap dampening Status, enabled or disabled Maximum number of equal-cost EBGP paths Number of paths Maximum number of equal-cost IBGP paths Number of paths Log neighbor changes Status, enabled or disabled Fast External Fallover Status, enabled or disabled No maximum received AS-path length Indicates whether limit is set for AS path length and, if set, the limit BGP administrative distances Distances for external, internal, and local...
Page 231 Chapter 1: Configuring BGP Routing Global import route map Route map associated with the VRF that modifies routes imported to the VRF from the global BGP non-VPN RIB. The map applies to both IPv4 and IPv6 routes, unless the field name is preceded by IPv4 (applies the map to only IPv4 routes) or IPv6 (applies the map to only IPv6 routes).
Page 232 JUNOSe 11.0.x BGP and MPLS Configuration Guide Always compare MED is disabled Compare MED within confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dampening is disabled Maximum number of equal-cost EBGP paths is 2 Maximum number of equal-cost IBGP paths is 2...
Page 233 Chapter 1: Configuring BGP Routing See show ip bgp summary. See show bgp ipv6 summary. show ip community-list Use to display routes that are permitted by a BGP community list. Example host1#show ip community-list Community List 1: permit 752877569 (11488:1) permit 752877570 (11488:2) permit 752877571 (11488:3) permit 752877572 (11488:4)
Page 234 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring BGP...
Page 235: Multiprotocol Layer Switching
Part 2 Multiprotocol Layer Switching MPLS Overview on page 201 Configuring MPLS on page 263 Monitoring MPLS on page 311 Configuring BGP-MPLS Applications on page 373 Multiprotocol Layer Switching...
Page 236: Multiprotocol Layer Switching
JUNOSe 11.0.x BGP and MPLS Configuration Guide Multiprotocol Layer Switching...
Page 237: Mpls Overview
Chapter 2 MPLS Overview This chapter describes Multiprotocol Label Switching (MPLS) and contains the following sections: MPLS Overview on page 202 Conventions for MPLS Topics on page 202 MPLS Terms and Acronyms on page 203 MPLS Features on page 206 MPLS Platform Considerations on page 207 MPLS References on page 207 MPLS Label Switching and Packet Forwarding on page 209...
Page 238: Mpls Overview
JUNOSe 11.0.x BGP and MPLS Configuration Guide Tunneling Model for Differentiated Services Overview on page 253 EXP Bits for Differentiated Services Overview on page 254 Point-to-Multipoint LSPs Overview on page 257 Point-to-Multipoint LSPs Configuration on page 260 MPLS Overview In conventional IP routing, as a packet traverses from one router to the next through a network, each router analyzes the packet’s header and performs a network layer routing table lookup to choose the next hop for the packet.
Page 239: Mpls Terms And Acronyms
Chapter 2: MPLS Overview Table 22: Conventions for MPLS Terms (continued) In This Chapter In RFCs and Other Sources label release Label Release LABEL_RELEASE label request Label Request LABEL_REQUEST label request abort Label Request Abort LABEL_REQUEST_ABORT label withdrawal Label Withdrawal LABEL_WITHDRAWAL message ack message_Ack...
Page 240 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 23: MPLS Terms and Acronyms (continued) Term Definition Branch node An LSR in a point-to-multipoint LSP that is not an ingress node or an egress node. A branch node can be connected to other branch nodes, an ingress node, or an egress node.
Page 241 Chapter 2: MPLS Overview Table 23: MPLS Terms and Acronyms (continued) Term Definition MPLS edge node MPLS node that connects an MPLS domain with a node outside the domain that either does not run MPLS or is in a different domain MPLS egress node MPLS edge node in the role of handling traffic as it leaves an MPLS domain...
Page 242: Mpls Features
JUNOSe 11.0.x BGP and MPLS Configuration Guide Conventions for MPLS Topics on page 202 Related Topics MPLS Features The following major features are currently supported by MPLS: BFD fast failure detection for RSVP-TE adjacencies Differentiated services Interface support ATM AAL5 (RSVP-TE only) ATM1483 (point-to-point AAL5SNAP only) Ethernet/VLAN Multilink PPP...
Page 243: Mpls Platform Considerations
Chapter 2: MPLS Overview Traffic support Layer 2 frames: ATM, Ethernet, Frame Relay, HDLC, PPP, VLAN Layer 3 datagrams: IPv4, IPv6 Point-to-multipoint LSP support Data replication at branch nodes E Series routers as egress LSRs MPLS Platform Considerations For information about modules that support MPLS on the ERX7xx models, ERX14xx models, and the ERX310 Broadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications.
Page 244 JUNOSe 11.0.x BGP and MPLS Configuration Guide RFC 2474 Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers (December 1998) RFC 2475 An Architecture for Differentiated Services (December 1998) RFC 2597 Assured Forwarding PHB Group (June 1999) RFC 2685 Virtual Private Networks Identifier (September 1999) RFC 2702 Requirements for Traffic Engineering over MPLS (September 1999) RFC 2747 RSVP Cryptographic Authentication (January 2000)
Page 245: Mpls Label Switching And Packet Forwarding
Chapter 2: MPLS Overview RFC 4364 BGP/MPLS IP Virtual Private Networks (VPNs) (February 2006) RFC 4379 Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures (February 2006) RFC 4661 Signaling Requirements for Point-to-Multipoint Traffic-Engineered MPLS Label Switched Paths (LSPs) (April 2006) RFC 4875 Extensions to Resource Reservation Protocol - Traffic Engineering (RSVP-TE) for Point-to-Multipoint TE Label Switched Paths (LSPs) (May 2007) NOTE: IETF drafts are valid for only 6 months from the date of issuance.
Page 246: Mpls Lsrs
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 47 on page 210 shows a simple MPLS domain, consisting of multiple LSRs. The LSRs serving as ingress and egress nodes are also referred to as label edge routers (LERs). The ingress router is sometimes referred to as the tunnel head end, or the head-end router.
Page 247: Mpls Label Stacking
Chapter 2: MPLS Overview Figure 48: Label Switching Any packet can carry multiple labels. The labels are stacked in a last-in-first-out order. Each LSR forwards packets based on the outermost (top) label in the stack. An LSR pushes a label onto the stack when it prepends the label to a packet header. It pops the label when it pulls the label off the stack and compares it with the forwarding table.
Page 248: Mpls Labels And Label Spaces
JUNOSe 11.0.x BGP and MPLS Configuration Guide empty stack. Finally, the egress node, LSR 6, removes label z and determines where to forward the packet outside the MPLS domain. Figure 49: Label Stacking The configuration shown in Figure 49 on page 212 is an example of an LSP within an LSP (a tunnel within a tunnel).
Page 249: Ttl Processing In The Platform Label Space
Chapter 2: MPLS Overview When you use the platform label space, the MPLS ingress node places labels in shim headers between the link-layer header and the payload. The shim header includes the following bits (Figure 50 on page 213): Label bits Twenty bits EXP bits Three bits for class of service information;...
Page 250: Ttl Processing On Incoming Mpls Packets
JUNOSe 11.0.x BGP and MPLS Configuration Guide TTL Processing on Incoming MPLS Packets The flow chart on Figure 51 on page 215 illustrates TTL processing on incoming MPLS packets. On a transit LSR or an egress LER, MPLS pops one or more labels and can push one or more labels.
Page 251: Ttl Processing On Outgoing Mpls Packets
Chapter 2: MPLS Overview Figure 51: TTL Processing on Incoming MPLS Packets TTL Processing on Outgoing MPLS Packets The flow chart on Figure 52 on page 217 illustrates TTL processing on outgoing MPLS packets. Rules for Processing on an LSR On an LSR where an MPLS packet is label-switched after processing on the line module the TTL value in the swapped-to label is decremented by 1 from the incoming TTL value when the swapped-to label is not implicit-null.
Page 252 JUNOSe 11.0.x BGP and MPLS Configuration Guide exposed header's TTL is either left unchanged (when the forwarded option for the mpls ip propagate-ttl command has been configured) or is decremented by 1 from the incoming TTL value. If MPLS needs to push more labels, it sets the TTL for each label according to the following LER rules, because for those labels the router effectively is an ingress LER.
Page 253: Mpls Rules For Ttl Expiration
Chapter 2: MPLS Overview Figure 52: TTL Processing on Outgoing MPLS Packets MPLS Rules for TTL Expiration MPLS takes the following actions when the TTL in a MPLS label of a received MPLS packet expires: A TTL-expired ICMP packet is constructed. The destination address of ICMP packet is set to the source address of the IP packet that was encapsulated in the MPLS packet.
Page 254: Mpls Label Distribution Methodology
JUNOSe 11.0.x BGP and MPLS Configuration Guide The source address of ICMP packet is set to the router ID of the router on which the TTL expired. The first 128 bytes of the MPLS packet including the IP payload encapsulated in the MPLS packet are copied into the payload of the ICMP packet, followed by the entire label stack of the original packet.
Page 255: Figure 53: Lsp Creation, Downstream-On-Demand, Ordered Control
Chapter 2: MPLS Overview In Figure 53 on page 219, LSR A sends a label request to LSR C. Before LSR C responds, it sends its own request to LSR D. LSR D in turn makes a request for a label to LSR F.
Page 256: Mapping Ip Data Packets Onto Mpls Lsps
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 54: LSP Creation, Downstream-Unsolicited, Independent Control MPLS Label Switching and Packet Forwarding on page 209 Related Topics MPLS Label Distribution Methodology on page 218 MPLS Label Distribution Protocols on page 229 Topology-Driven LSPs on page 241 Mapping IP Data Packets onto MPLS LSPs IP packets are mapped onto LSPs by one of the following methods: RSVP-TE tunnels can be referenced directly by static routes that you configure.
Page 257 Chapter 2: MPLS Overview When IP packets arrive at the ingress LER, they are looked up in the relevant IP forwarding table and then are forwarded into an LSP. Every IP route eventually points to an IP interface. The IP interface contains IP attributes that affect how the IP packet is forwarded.
Page 258: Statistics For Ip Packets Moving On Or Off Mpls Lsps
JUNOSe 11.0.x BGP and MPLS Configuration Guide MPLS Label Switching and Packet Forwarding on page 209 Related Topics Spoof Checking MPLS Packets on page 225 Statistics for IP Packets Moving On or Off MPLS LSPs on page 222 Topology-Driven LSPs on page 241 Statistics for IP Packets Moving On or Off MPLS LSPs In the earlier architecture, the statistics for IP packets moving onto or off an LSP applied to the IP interface that was stacked on top of the LSP.
Page 259 Chapter 2: MPLS Overview Unicast Packets 29, Bytes 2469 Multicast Packets 49, Bytes 3522 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 78, Bytes 5786 Unicast Packets 78, Bytes 5786 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0...
Page 260: Mpls Forwarding And Next-Hop Tables
JUNOSe 11.0.x BGP and MPLS Configuration Guide Adjacency statistics: 30 hello recv, 29 hello sent, 0 bad hello recv adj setup time = 00:02:19 last hello recv time = 00:00:00, last hello sent time = 00:00:00 queue 0: traffic class best-effort, bound to atm-vc ATM9/0.10 Queue length 0 bytes Forwarded packets 1, bytes 148 Dropped committed packets 0, bytes 0...
Page 261: Spoof Checking Mpls Packets
Chapter 2: MPLS Overview A spoof check field that specifies the type of spoof checking is performed to determine whether the MPLS packet arrived from a legitimate source. See “Spoof Checking MPLS Packets” on page 225 for more information. See Monitoring MPLS on page 311, for information about enabling statistics Related Topics collection for MPLS forwarding table entries.
Page 262: Explicit Routing For Mpls
JUNOSe 11.0.x BGP and MPLS Configuration Guide For example, in a BGP/MPLS VPN topology, LDP or RSVP-TE adds routes to the tunnel routing table for all available tunnels. BGP performs a lookup in the tunnel routing table so that it can resolve indirect next hops. You can clear the routes from the tunnel routing table.
Page 263: Mpls Interfaces And Interface Stacking
Chapter 2: MPLS Overview Figure 55: Explicit Routing in an MPLS Domain MPLS Interfaces and Interface Stacking The JUNOSe implementation of MPLS employs MPLS major, minor, and shim interfaces. MPLS Major Interfaces An MPLS major interface must be stacked on a layer 2 interface to send or receive MPLS packets on that interface.
Page 264: Mpls Minor Interfaces
JUNOSe 11.0.x BGP and MPLS Configuration Guide MPLS Minor Interfaces When you configure an LSP with the interface tunnel mpls command, RSVP-TE creates an MPLS minor interface to represent the head of the LSP. MPLS minor interfaces are also created by RSVP-TE on the transit and tail LSRs when the LSP is signaled.
Page 265: Mpls Label Distribution Protocols
Chapter 2: MPLS Overview Figure 57: MPLS Interface Stacking for the Interface Label Space MPLS Label Switching and Packet Forwarding on page 209 Related Topics MPLS Label Distribution Methodology on page 218 MPLS Label Distribution Protocols on page 229 MPLS Label Distribution Protocols Label distribution protocols create and maintain the label-to-FEC bindings along an LSP from MPLS domain ingress to MPLS domain egress.
Page 266: Ldp Messages And Sessions
JUNOSe 11.0.x BGP and MPLS Configuration Guide engineering (TE) or quality of service (QoS) capabilities, but they also support best-effort LSPs. LDP Messages and Sessions LDP creates reliable sessions by running over TCP. You do not have to explicitly configure LDP peers, because each LSR actively discovers all other LSRs to which it is directly connected.
Page 267: Rsvp-Te Messages And Sessions
Chapter 2: MPLS Overview continued functioning of the LSR. Failure to receive an expected keepalive message causes an LSR to terminate the LDP session. Label mapping and distribution use downstream-unsolicited, independent control. With downstream-unsolicited, independent control, an LSR creates a label binding whenever it learns a new IGP route;...
Page 268: Rsvp-Te State Refresh And Reliability
JUNOSe 11.0.x BGP and MPLS Configuration Guide If a downstream LSR determines that it received an erroneous path message, it sends a patherr message to the sender. If a reservation (label) request fails, the request initiator sends a resverr message to the downstream LSRs. Both of these messages are advisory and do not alter path or resv state.
Page 269: Ecmp Labels For Mpls
Chapter 2: MPLS Overview advertise this capability only to peers for which the neighbor send-label command has been configured. When BGP advertises labeled routes, it adds a label-to-next-hop mapping (cross-connect) to the MPLS forwarding table. This mapping consists of the in label that BGP allocates from the platform label space plus the MPLS next hop information related to the labeled route's next hop.
Page 270: Supported Tlvs
JUNOSe 11.0.x BGP and MPLS Configuration Guide You can use MPLS trace to determine which paths are present on an MPLS LSR. When the TTL expires on an MPLS LSR, the echo reply that is returned includes a downstream mapping TLV. This TLV contains all the downstream mappings of the LSR on which the TTL expired, if that feature is supported by the LSR.
Page 271: Mpls Connectivity Verification And Troubleshooting Methods
Chapter 2: MPLS Overview Table 25: Sub-TLVs Supported for the Target FEC Stack TLV Subtype Number Value Comments LDP IPv4 prefix – LDP IPv6 prefix – RSVP IPv4 LSP – VPN IPv4 prefix – VPN IPv6 prefix – L2 VPN endpoint For VPLS and VPWS FEC 128 pseudowire For Martini encapsulation...
Page 272: Ldp Discovery Mechanisms
JUNOSe 11.0.x BGP and MPLS Configuration Guide the echo replies indicates to the sending router that no label mapping exists on the receiving router.) The ping mpls commands perform a basic connectivity check. When the echo request exits the tunnel at the egress LSR, the LSR sends the packet to the control plane. The egress router validates the FEC stack to determine whether that LSR is the actual egress for the FEC.
Page 273: Ldp Basic Discovery Mechanism
Chapter 2: MPLS Overview LDP uses the basic discovery mechanism to discover directly connected LDP peers. LDP uses the extended discovery mechanism to discover peers that are not directly connected. LDP Basic Discovery Mechanism To discover directly connected peers, LSRs periodically send out LDP link hellos on the interface.
Page 274: Mpls Traffic Engineering
JUNOSe 11.0.x BGP and MPLS Configuration Guide sender, it does so by periodically sending targeted hellos to the initiating LSR. The exchange of targeted hellos constitutes a hello adjacency for the two LSRs. Targeted hello values are configured globally with the mpls ldp targeted-hello holdtime, mpls ldp targeted-hello interval, mpls ldp targeted-hello receive list, and mpls ldp targeted hello send list commands.
Page 275: Reoptimization
Chapter 2: MPLS Overview certain circumstances for example, when a tunnel is preempted by another MPLS first attempts to reroute the tunnel with the current path option. Reoptimization You can use the traffic-engineering reoptimization capability to ensure that the best path is being used.
Page 276: Starting Admission Control
JUNOSe 11.0.x BGP and MPLS Configuration Guide Starting Admission Control Admission control operates on a router-wide basis rather than a per-virtual-router basis. Admission control of resources begins when either of the following occurs: You configure resource-related information about an interface, including bandwidth (either total bandwidth or MPLS reservable bandwidth), flooding frequency, flooding threshold, administrative weight, or attribute flags.
Page 277: Lsp Preemption
Chapter 2: MPLS Overview LSP Preemption You can develop a preemption strategy whereby a new LSP can claim resources from an existing LSP. Each tunnel can be configured with a setup priority and a hold priority. Priority levels range from 0 (highest priority) through 7 (lowest priority). If traffic engineering admission control determines that there are insufficient resources to accept a request to set up a new LSP, the setup priority is evaluated against the hold priority of existing LSPs.
Page 278: Ldp Graceful Restart
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 58: LDP Tunneled Through an RSVP-TE Core In the network topology illustrated in Figure 58 on page 242, the RSVP-TE LSP consists of LSR 2, LSR 3, LSR 4, and LSR 5. The LDP LSP consists of LER 1, LSR 2, LSR 5, and LER 6.
Page 279: Table 26: Summary Of Ldp Graceful Restart States
Chapter 2: MPLS Overview LDP graceful restart if stateful SRP switchover is not configured on the router, the graceful restart capability will not function. You can configure an LSR to restart itself gracefully and to support graceful restart in its neighbors (helper mode), or helper mode alone. In either case, the LSR includes the fault tolerant (FT) session TLV in the LDP initialization messages it sends at session startup.
Page 280: Ldp-Igp Synchronization
JUNOSe 11.0.x BGP and MPLS Configuration Guide the stale mappings from the LSR. The configurable value represents the maximum time that the neighbor waits for the restarting LSR to reestablish the LDP session. This enables the neighbor to avoid having to wait an unreasonably long time set by the reconnect timeout value from the restarting LSR.
Page 281: Synchronization Behavior During Graceful Restart
Chapter 2: MPLS Overview When an LDP hello adjacency or an LDP session with a peer is lost due to some error while the IGP still points to that peer. IP forwarding of traffic continues on the IGP link associated with the LDP peer rather than being shifted to another IGP link with which LDP is synchronized.
Page 282: Synchronization Behavior On Lan Interfaces
JUNOSe 11.0.x BGP and MPLS Configuration Guide During LDP graceful restart, no synchronization operations are done. If the LDP graceful restart is terminated, LDP notifies the IGPs to advertise the links with the maximum metric. Synchronization Behavior on LAN Interfaces LDP-IGP synchronization does not take place on LAN interfaces unless the IGP has a point-to-point connection over the LAN configured on the interface.
Page 283: Hello Message Objects
Chapter 2: MPLS Overview Hello Message Objects Hello messages can contain a hello request object or a hello ack object. These objects provide a way to request an instance value from a peer and to provide an instance value to a peer. Hello requests are sent to establish and confirm an adjacency with a peer.
Page 284: Determination That A Peer Has Reset
JUNOSe 11.0.x BGP and MPLS Configuration Guide Peer A receives the hello ack and sends another hello request to peer B. The request object contains the following: Source instance = 5 (generated by Peer A for this adjacency) Destination instance = 8 (the source instance generated by Peer B for this adjacency) The two peers continue exchanging hello messages until the LSP is torn down.
Page 285: Rsvp-Te Graceful Restart
Chapter 2: MPLS Overview When a peer determines that communication has been lost, it can reinitiate the sending of hello messages. In this case, the peer generates a new source instance different than the one it previously used for communication with its peer. RSVP-TE Graceful Restart RSVP-TE graceful restart enables routers to maintain MPLS forwarding state when a link or node failure occurs.
Page 286: Recovery Behavior
JUNOSe 11.0.x BGP and MPLS Configuration Guide When a neighboring router that has been configured as a graceful restart helper determines that the number of continuous missing hellos has reached the configured hello miss limit, it declares the router to be down. The helper router then waits for a period equal to the restart time that it received from the router and stored before the failure.
Page 287: Preservation Of An Established Lsp Label
Chapter 2: MPLS Overview The helper router removes the stale flag for the RSVP-TE state when it receives the corresponding state in path or resv messages sent by the restarting router. When the recovery period expires, the helper router deletes any RSVP-TE states that still have a stale flag.
Page 288: Bfd Protocol And Rsvp-Te
JUNOSe 11.0.x BGP and MPLS Configuration Guide Node-based hellos are an attractive alternative to link-based hellos for graceful restart when you use bidirectional forwarding detection (BFD) for link monitoring and you have configured node-based hellos on all RSVP-TE peers. Link-based RSVP-TE hellos are used for monitoring RSVP-TE adjacencies with neighboring routers and for providing RSVP-TE graceful restart.
Page 289: Tunneling Model For Differentiated Services Overview
Chapter 2: MPLS Overview At least one RSVP-TE LSP exists between (passes through) a pair of directly connected RSVP-TE major interfaces. Both interfaces are BFD-enabled. Consequently, when the last LSP is torn down between the interfaces, the BFD session is no longer required and is brought down as well. Each adjacent pair of peers negotiates an acceptable transmit interval for BFD packets.
Page 290: Uniform Model
JUNOSe 11.0.x BGP and MPLS Configuration Guide Uniform Model The uniform model of tunneling renders MPLS transparent to the differentiated services operation. From the diff-serv perspective, it is as if MPLS is not used. In the uniform model, if traffic conditioning is applied somewhere along the LSP, the EXP bits of the inner header must be changed at the egress when the inner header becomes the outer header (because of the pop of the outer label).
Page 291: Setting The Exp Bits For Outgoing Traffic
Chapter 2: MPLS Overview Figure 59 on page 256 illustrates how the initial value of the EXP bits is set for the first label pushed. Figure 60 on page 257 illustrates how the EXP bits can be changed for all labels, including the first label, by attached policies or per-VR EXP rules. The following section describes in detail how the EXP bits value is set for outgoing traffic.
Page 292: Figure 59: Flow For Initial Setting Of Exp Bits For The First Label Pushed
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 59: Flow for Initial Setting of EXP Bits for the First Label Pushed Figure 59 on page 256 shows how packet type and configuration determine how the EXP bits are set for the first label pushed. EXP Bits for Differentiated Services Overview...
Page 293: Point-To-Multipoint Lsps Overview
Chapter 2: MPLS Overview Figure 60: Flow for Setting EXP Bits for All Pushed Labels Configuring EXP Bits for Differentiated Services on page 296 Related Topics Configuring MPLS and Differentiated Services on page 295 Point-to-Multipoint LSPs Overview A point-to-multipoint MPLS LSP is an RSVP-TE LSP with a single ingress LSR and one or more egress LSRs.
Page 294: Using E Series Routers As Egress Lsrs
JUNOSe 11.0.x BGP and MPLS Configuration Guide Although you can use point-to-point LSPs to provide point-to-multipoint services, this type of configuration can cause data replication at the ingress LSR or duplicate traffic within the network. You can use the traffic engineering (TE) capability of LSPs to achieve consistent QoS control and efficient use of network resources, and create point-to-multipoint LSPs to deliver data from one ingress LSR to multiple egress LSRs.
Page 295: Figure 61: Simple Mpls Domain
LSR 8 and LSR 1 is an example of this type. NOTE: You cannot use E Series routers as core or ingress LSRs. You need to use Juniper Networks routers running JUNOS software to function as core or ingress LSRs in the point-to-multipoint LSP.
Page 296: Point-To-Multipoint Lsps Configuration
JUNOSe 11.0.x BGP and MPLS Configuration Guide Point-to-Multipoint LSPs Configuration To set up a point-to-multipoint LSP, you configure the primary LSP from the ingress router and the branch LSPs that carry traffic to the egress routers. The configuration of the primary point-to-multipoint LSP is similar to a signaled LSP. In addition to the conventional LSP configuration, you specify a path name on the primary LSP and this same path name on each branch LSP.
Page 297 Chapter 2: MPLS Overview host1(config)#mpls create-dynamic-interfaces ip on-major-interfaces profile dynip For all types of labels that are advertised for the LSR that is the egress router for the prefix, you must complete the following steps, in addition to those detailed earlier, on the E Series router: Enable IGMP on the interface which owns the route to the source by using the ip igmp command.
Page 298 JUNOSe 11.0.x BGP and MPLS Configuration Guide Point-to-Multipoint LSPs Configuration...
Page 299: Configuring Mpls
Chapter 3 Configuring MPLS This chapter describes how to configure Multiprotocol Label Switching (MPLS) on the router, and contains the following sections: Basic MPLS Configuration Tasks on page 264 MPLS Global Configuration Tasks on page 265 LDP and RSVP-TE Interface Profile Configuration Tasks on page 269 MPLS Interface Configuration Tasks on page 270 MPLS Tunnel Configuration Tasks on page 272 MPLS Tunnel Profile Configuration Tasks on page 273...
Page 300: Basic Mpls Configuration Tasks
JUNOSe 11.0.x BGP and MPLS Configuration Guide Classifying Traffic for Differentiated Services on page 299 Example Traffic Class Configuration for Differentiated Services on page 304 Basic MPLS Configuration Tasks Configuring an MPLS network includes a number of tasks: To configure an MPLS network: Configure settings common to all MPLS usage on a given LSR.
Page 301: Mpls Global Configuration Tasks
Chapter 3: Configuring MPLS To configure LDP and RSVP-TE, depending on your network topology and needs: Configure LDP features depending on your network design. See “Additional LDP Configuration Tasks” on page 277. Configure RSVP-TE features depending on your network design. See “Additional RSVP-TE Configuration Tasks”...
Page 302: Ldp Global Tasks
JUNOSe 11.0.x BGP and MPLS Configuration Guide (Optional) Specify whether to create dynamic IP interfaces on top of MPLS major interfaces and optionally what profile to use for them. host1(config)#mpls create-dynamic-interfaces ip on-major-interfaces profile v4intf LDP Global Tasks Typically, you do not configure anything for LDP at the global level, but you can perform the following optional tasks.
Page 303 Chapter 3: Configuring MPLS host1(config)#mpls ldp session keepalive-time 180 (Optional) Specify an IP address to be advertised to peers as the transport address in discovery hello messages. host1(config)#mpls ldp discovery transport-address 192.168.34.2 (Optional) Configure independent control as the method of label distribution that LDP uses.
Page 304: Rsvp-Te Global Tasks
JUNOSe 11.0.x BGP and MPLS Configuration Guide RSVP-TE Global Tasks Typically, you do not configure anything for RSVP-TE at the global level, but you can perform the following optional tasks. (Optional) Enable RSVP-TE. Any RSVP-TE–related command creates RSVP-TE implicitly, negating the need to issue this command. host1(config)#mpls rsvp (Optional) Configure a global RSVP-TE profile that specifies the timeout period in milliseconds between generation of RSVP refresh messages, the number of...
Page 305: Ldp And Rsvp-Te Interface Profile Configuration Tasks
Chapter 3: Configuring MPLS You can also force an immediate search for better paths for all existing LSPs. host1#mpls reoptimize (Optional) Enable refresh reduction and message bundling. host1(config)#mpls rsvp refresh-reduction host1(config)#mpls rsvp message-bundling (Optional) Configure the egress router to advertise the explicit null label. host1(config)#mpls rsvp egress-label explicit-null LDP and RSVP-TE Interface Profile Configuration Tasks The interface profile configuration tasks are optional tasks you may need to perform...
Page 306: Mpls Interface Configuration Tasks
JUNOSe 11.0.x BGP and MPLS Configuration Guide messages, the number of refresh messages that can be lost before the PATH or RESV state is ended, or both. host1(config-rsvp)#refresh-period 60000 host1(config-rsvp)#cleanup-timeout-factor 9 MPLS Interface Configuration Tasks These tasks are performed at the major interface over which you want to run MPLS. Creating or accessing an interface places the CLI in Interface Configuration mode.
Page 307: Ldp Interface Tasks
Chapter 3: Configuring MPLS LDP Interface Tasks To configure LDP on the interface: Start LDP on the interface. Using the default values (an implicit default profile): host1(config-if)#mpls ldp Using a previously created profile: host1(config-if)#mpls ldp profile ldp5 (Optional) Suppress transmission of link hello messages to all LSRs. host1(config-if)#mpls ldp link-hello disable RSVP-TE Interface Tasks To configure RSVP-TE on the interface:...
Page 308: Mpls Tunnel Configuration Tasks
JUNOSe 11.0.x BGP and MPLS Configuration Guide (Optional) Configure an administrative weight for the interface that overrides the weight assigned by the IGP. host1(config-if)#mpls traffic-eng administrative-weight 25 MPLS Tunnel Configuration Tasks Complete the following tasks to configure a tunnel interface. Configure the tunnel endpoint last;...
Page 309: Mpls Tunnel Profile Configuration Tasks
Chapter 3: Configuring MPLS (Optional) Associate a text description with the tunnel. host1(config-if)#tunnel mpls description southshore Configure the tunnel endpoint. host1(config-if)#tunnel destination 10.12.21.5 MPLS Global Configuration Tasks on page 265 Related Topics MPLS Interface Configuration Tasks on page 270 MPLS Tunnel Configuration Tasks on page 272 MPLS Tunnel Profile Configuration Tasks on page 273 Additional LDP Configuration Tasks on page 277 Additional RSVP-TE Configuration Tasks on page 282...
Page 310 JUNOSe 11.0.x BGP and MPLS Configuration Guide To configure a tunnel profile: Create an MPLS tunnel profile and enter Tunnel Profile Configuration mode. host1(config)#mpls tunnels profile Lisbon (Optional) Configure the LSP to announce its endpoint to an IGP. host1(config-tunnelprofile)#tunnel mpls autoroute announce isis (Optional) Specify a tunnel metric to be used by an IGP in its SPF calculation.
Page 311: Configuring Explicit Routing For Mpls
Chapter 3: Configuring MPLS When an endpoint is dynamically learned from the specified routing protocol, MPLS searches its tunnel profiles for a match. The dynamic tunnel is established using the settings from the first matching profile. MPLS Global Configuration Tasks on page 265 Related Topics MPLS Interface Configuration Tasks on page 270 MPLS Tunnel Configuration Tasks on page 272...
Page 312: Defining Configured Explicit Paths
JUNOSe 11.0.x BGP and MPLS Configuration Guide Defining Configured Explicit Paths You can create explicit routing paths manually by configuring an explicit path with a name and a series of addresses (hops) from ingress to egress. To manually configure explicit routing: Define an explicit path and access Explicit Path Configuration mode.
Page 313: Configuring Dynamic Explicit Paths On A Tunnel
Chapter 3: Configuring MPLS Configuring Dynamic Explicit Paths on a Tunnel You can create explicit routing paths dynamically with a routing protocol. IS-IS and OSPF both currently support explicit routing. To configure dynamic explicit routing: Create an MPLS tunnel. host1(config)#interface tunnel mpls:bilbao5 Set the path option.
Page 314: Configuring Ldp Graceful Restart
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 62: FEC Aggregation and Equal-Cost Paths In this example, LSR 2 uses FEC aggregation, but LSR 3 does not. Consequently, LSR 2 advertises the single label e, mapped to a FEC that includes both prefixes, 10.10.22.0/24 and 10.43.12.0/24.
Page 315: Configuring Ldp Autoconfiguration
Chapter 3: Configuring MPLS Enable LDP graceful restart and graceful restart helper mode. host1(config)#mpls ldp graceful-restart (Optional) Specify the length of time you want the neighbors to wait for the gracefully restarting router to resume sending LDP messages to neighbors after the LDP connection between them fails.
Page 316: Configuring Ldp-Igp Synchronization
JUNOSe 11.0.x BGP and MPLS Configuration Guide To configure LDP autoconfiguration to ensure that LDP is configured on all interfaces running the IGP: Specify whether LDP is created automatically on the current interface or all interfaces: Create LDP on all interfaces in the IGP router context host1(config)#router ospf 1 host1(config-router)#mpls ldp autoconfig area 1 Create LDP on the current interface...
Page 317: Configuring Ldp Md5 Authentication
Chapter 3: Configuring MPLS mpls ldp igp sync holddown mpls ldp sync Configuring LDP MD5 Authentication LDP MD5 authentication provides protection against spoofed TCP segments that can be introduced into the connection streams for LDP sessions. Authentication is configurable for both directly connected and targeted peers. You configure a shared secret (password) on potential LDP peers.
Page 318: Controlling Ldp Label Distribution
JUNOSe 11.0.x BGP and MPLS Configuration Guide Controlling LDP Label Distribution By default, LDP advertises label mappings for all IGP prefixes to all LDP peers. In this case, mappings are not advertised for interface addresses. You can alternatively specify that LDP labels be distributed for a particular interface itself, in addition to the subnet that the interface is on.
Page 319: Configuring Rsvp Md5 Authentication
Chapter 3: Configuring MPLS Configure RSVP MD5 authentication to provide hop-by-hop security. See “Configuring RSVP MD5 Authentication” on page 283. Configure fast reroute extensions to RSVP-TE to create a bypass tunnel. See “Configuring RSVP-TE Fast Rerouting with RSVP-TE Bypass Tunnels” on page 284.
Page 320: Configuring Rsvp-Te Fast Rerouting With Rsvp-Te Bypass Tunnels
JUNOSe 11.0.x BGP and MPLS Configuration Guide The receiver uses the key ID and the sender’s address to determine the relevant security association. The key ID is extracted from the received integrity object. The address of the sending interface is extracted from the rsvp_hop object, if present, or from the packet header if the message does not include the rsvp_hop object.
Page 321: Figure 63: Bypass Tunnel
Chapter 3: Configuring MPLS Each bypass tunnel provides 1:N local protection; that is, each bypass tunnel can protect one or more links depending on where you have configured it. The protected primary LSPs are stacked over the bypass tunnel to redirect their traffic around the failure.
Page 322: Configuration Example
JUNOSe 11.0.x BGP and MPLS Configuration Guide You can use the tunnel mpls path-option command to configure path options on the bypass tunnel. However, the link being protected by the bypass tunnel must not be in the path if you specify an explicit path. Configuration Example The following steps show a partial configuration using the topology in Figure 63 on page 285:...
Page 323: Configuring Rsvp-Te Hello Messages To Determine Peer Reachability
Chapter 3: Configuring MPLS For more information about these commands,see JUNOSe Physical Layer Configuration Guide mpls backup-path tunnel mpls fast-reroute Configuring RSVP-TE Hello Messages to Determine Peer Reachability The RSVP-TE hello feature enables RSVP-TE peers to exchange hello messages and establish a hello adjacency.
Page 324: Configuring Rsvp-Te Graceful Restart
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-if)#mpls rsvp signalling hello refresh misses 5 NOTE: Issuing the refresh interval or the refresh misses keywords only configures the refresh values; this action has no effect on enabling or disabling hellos. Basic MPLS Configuration Tasks on page 264 Related Topics Additional RSVP-TE Configuration Tasks on page 282 mpls rsvp signalling hello...
Page 325: Configuring Rsvp-Te Hellos Based On Node Ids
Chapter 3: Configuring MPLS mpls rsvp signalling hello graceful-restart mpls rsvp signalling hello graceful-restart recovery-time mpls rsvp signalling hello graceful-restart restart-time Configuring RSVP-TE Hellos Based on Node IDs You can configure the exchange of node-ID–based RSVP-TE hellos (node hellos) for interoperability with routers that cannot support RSVP-TE graceful restart with link-based hellos.
Page 326: Configuring The Bfd Protocol For Rsvp-Te
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring the BFD Protocol for RSVP-TE Configure the Bidirectional Forwarding Detection (BFD) protocol for RSVP-TE to more rapidly detect failures in a network and enable faster rerouting around the failures. You can modify the BFD timers for more or less aggressive failure detection. When configured, BFD liveness detection is established with all BFD-enabled RSVP-TE peers associated with that RSVP-TE major interface.
Page 327: Configuring Igps And Mpls
Chapter 3: Configuring MPLS NOTE: You can change the BFD liveness detection parameters at any time without stopping or restarting the existing session; BFD automatically adjusts to the new parameter value. However, no changes to BFD parameters take place until the values resynchronize with each peer.
Page 328: Configuring Igps And Mpls
JUNOSe 11.0.x BGP and MPLS Configuration Guide The following commands announce the tunnel to OSPF and specify a relative metric Example 1 of -2: host1(config-if)#tunnel mpls autoroute announce ospf host1(config-if)#tunnel mpls autoroute metric relative -2 By default, the LSP is preferred to reach the tunnel endpoint. OSPF will treat this LSP as having a metric of 2 less than the shortest path metric it has calculated.
Page 329: Configuring The Igps For Traffic Engineering
Chapter 3: Configuring MPLS The tunnel metric can be absolute or relative. An absolute metric indicates there is no relationship to the underlying IGP cost. A relative metric is added to or subtracted from the underlying IGP shortest path cost. The following commands announce the tunnel to OSPF and specify a relative metric Example 1 of -2:...
Page 330 JUNOSe 11.0.x BGP and MPLS Configuration Guide When you configure a node as the downstream endpoint of an LSP, you must provide a stable interface as the router ID for the endpoint. Typically you select a loopback interface because of its inherent stability. Use the mpls traffic-eng router-id command to designate the router as traffic engineering capable and to specify the router ID.
Page 331: Configuring Mpls And Differentiated Services
Chapter 3: Configuring MPLS Configuring MPLS and Differentiated Services TIP: Before you read this section, we recommend you be thoroughly familiar with the concepts of the JUNOSe QoS application. MPLS employs several strategies to manage different kinds of data streams based on service plans and priority: Different conceptual models of diff-serv tunneling that either conceal intermediate LSP nodes from diff-serv operations or render the MPLS network transparent to...
Page 332: Configuring Exp Bits For Differentiated Services
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring MPLS and Differentiated Services on page 295 Example Differentiated Services Application and Configuration on page 296 Configuring EXP Bits for Differentiated Services To set the initial value of the EXP bits to the UPC value associated with the packets: Issue the mpls copy-upc-to-exp command.
Page 333: Differentiated Services Configuration Example
Chapter 3: Configuring MPLS egress queuing is based on the IP precedence value. This action takes place on the egress line module. Plain VPN service For CE-to-PE traffic, the VPN EXP bits are set to 000 when the PE router pushes VPN stacked labels. For PE-to-CE traffic, IP policy on the PE router resets the traffic-class/color combination to the default value, best-effort/green, so that packets are queued as best-effort.
Page 334 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-policy-list-classifier-group)#traffic-class class1 host1(config-policy-list-classifier-group)#color green host1(config)#interface atm 3/0.1 host1(config-subif)#ip policy input qos-service Create and attach an IP input policy for the plain Internet service to CE interfaces on the PE router for incoming traffic. All traffic is treated as best effort, so no classifier group is necessary.
Page 335: Classifying Traffic For Differentiated Services
Chapter 3: Configuring MPLS host1(config-policy-list-classifier-group)#color green host1(config)#interface pos 0/0 host1(config-subif)ip policy output core-ip-policy For traffic from the core, configure per-VR rules or per-LSP policies to set the traffic-class/color combination and therefore shape the egress traffic queue according to the value of the EXP bits in the base label. This action causes host1(config)#mpls match exp-bits <value>...
Page 336: Table 29: Examples Of Incoming L-Lsp Phb Determination
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 28: Incoming L-LSP PHB Determination (continued) EXP Field AFn1 AFn2 AFn3 For nonstandard PHBs (any that are not listed in Table 28 on page 299), the JUNOSe software uses mapping similar to AFn mapping; EXP 001 is mapped to color green, EXP 010 is mapped to yellow, and EXP 011 is mapped to red.
Page 337: Configuring Static Exp-To-Phb Mapping
Chapter 3: Configuring MPLS For nonstandard PHBs, the mapping is similar to AFn mapping. Red color maps to 011, yellow maps to 010, and green maps to 001. Tasks to perform static configuration and signaled mapping between the EXP bits and the PHB of traffic include the following sets of tasks: Configuring Static EXP-to-PHB Mapping on page 301 Signaled Mapping for RSVP-TE Tunnels on page 301...
Page 338: Figure 65: Associations Between Phb Id, Exp Bits, And Traffic
JUNOSe 11.0.x BGP and MPLS Configuration Guide For transit routers and egress routers along the path of the LSP, the incoming EXP bits are matched to determine the traffic class and drop preference (color red, yellow, or green). This matching is accomplished by means of a policy corresponding to the signaled EXP-to-PHB mapping that is created and attached when the LSP is established.
Page 339: Figure 66: Signaled Mapping
Chapter 3: Configuring MPLS Figure 66: Signaled Mapping To define a policy rule that sets the EXP bits in packets to which the policy is applied: Issue the mark-exp command. host1(config-policy-list)#mark-exp 5 classifier-group claclEXP precedence 32 To create or modify an MPLS classifier control list to match on traffic class/color combination or EXP bits: Issue the mpls classifier-listcommand.
Page 340: Preference Of Per-Vr Versus Per-Lsp Behavior
JUNOSe 11.0.x BGP and MPLS Configuration Guide Issue the mpls policy-statistics command. host1#mpls policy-statistics boston2dc Policy statistics are displayed when you issue the show mpls forwarding or show mpls tunnel command, if a policy is attached and policy statistics are enabled. To specify the traffic class for which LSP-level queues are created and the scheduler profile to be used with the queues: Issue the mpls traffic-class command.
Page 341: Table 31: Differentiated Services Mapping
Chapter 3: Configuring MPLS Table 31: Differentiated Services Mapping PHB ID 6-bit PHB ID Traffic Class/Color 0x0000 best-effort/green AF11 0x2800 af1/green AF12 0x3000 af1/yellow AF13 0x3800 af1/red AF21 0x4800 af2/green AF22 0x5000 af2/yellow AF23 0x5800 af2/red 0xb800 ef/green NOTE: This example includes both MPLS and policy configuration commands, and assumes that you are thoroughly familiar with the information and commands presented in the JUNOSe Policy Management Configuration Guide.
Page 342: Configuration On The Ingress Router
JUNOSe 11.0.x BGP and MPLS Configuration Guide [Queue configuration omitted] host1(config)#queue-profile af2-queues [Queue configuration omitted] host1(config)#queue-profile ef-queues [Queue configuration omitted] The scheduler and queue profiles are referenced in QoS profiles. For example, you can create a QoS profile for port-based per-class queuing or for LSP-level per-class queuing (configuration omitted).
Page 343: Configuration On The Ingress And Transit Routers
Chapter 3: Configuring MPLS host1(config)#classifier-list af2-packets host1(config)#classifier-list ef-packets Define a policy that maps the selected packets into traffic classes. For the assured forwarding classes, this example uses rate limit profiles to set the colors. host1(config)#policy-list classify-packets host1(config-policy-list)#traffic-class best-effort classifier-group bf-packets host1(config-policy-list)#traffic-class ef classifier-group ef-packets host1(config-policy-list)#traffic-class af1 classifier-group af1-packets host1(config-policy-list)#traffic-class af2 classifier-group af2-packets...
Page 344: Configuration On The Transit And Egress Routers
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-policy-list)#mark 1 classifier-group af1-green host1(config-policy-list)#mark 2 classifier-group af1-yellow host1(config-policy-list)#mark 3 classifier-group af1-red host1(config-policy-list)#mark 4 classifier-group af2-green host1(config-policy-list)#mark 5 classifier-group af2-yellow host1(config-policy-list)#mark 6 classifier-group af2-red host1(config-policy-list)#mark 7 classifier-group ef-green NOTE: For a topology-driven LSP, you have to configure and apply the classifier list and policy list manually.
Page 345 Chapter 3: Configuring MPLS The packets are forwarded to the appropriate fabric queue according to the traffic class/color combination. On a transit router, when the packet is forwarded out of the tunnel, the router-generated output policy then sets the EXP bits back according to the traffic class/color combination.
Page 346 JUNOSe 11.0.x BGP and MPLS Configuration Guide Example Traffic Class Configuration for Differentiated Services...
Page 347: Chapter 4 Monitoring Mpls
Chapter 4 Monitoring MPLS This chapter describes the commands you can use to monitor and troubleshoot Multiprotocol Label Switching (MPLS) on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 348 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring LDP Targeted Hello Receive and Send Lists on page 333 Monitoring MPLS Status and Configuration on page 334 Monitoring MPLS Explicit Paths on page 337 Monitoring the RSVP-TE Bypass Tunnels on page 337 Monitoring MPLS Labels Used for Forwarding on page 338 Monitoring MPLS Interfaces on page 339 Monitoring MPLS Minor Interfaces on page 345...
Page 349 Chapter 4: Monitoring MPLS host1#baseline mpls interface boston5 There is no no version. The following statistics are maintained for each MPLS major interface: receive packets and transmit packets and octets octets receive discarded packets transmit discarded packets receive error packets transmit error packets failed label lookups Enabling and Setting a Baseline for MPLS Forwarding Table Statistics...
Page 350 JUNOSe 11.0.x BGP and MPLS Configuration Guide Enabling and Setting a Baseline for MPLS Next-Hop Table Statistics To enable and set a statistics baseline for MPLS next-hop table entries: Issue the mpls statistics next-hop command to enable the statistics for a specific MPLS next hop.
Page 351 Chapter 4: Monitoring MPLS Statistics are not stored in NVS. When enabled, the following statistics are maintained for each policy: packets and bytes classifier group EXP bits value To disable collection of policy statistics for a specific MPLS tunnel: Issue the no mpls statistics policy command. host1#no mpls statistics policy tunnel5 Clearing and Re-Creating Dynamic Interfaces from MPLS Major Interfaces To remove and re-create dynamic IPv4 interfaces and dynamic IPv6 interfaces from...
Page 352: Tracing Paths Through The Mpls User Plane
JUNOSe 11.0.x BGP and MPLS Configuration Guide Issue the clear ipv6 tunnel-routes command. host1(config)#clear ipv6 tunnel-routes * There is no no version. This command takes effect immediately. clear ipv6 tunnel-routes Related Topics Tracing Paths Through the MPLS User Plane To trace paths through the MPLS user plane. Purpose To trace the path that packets follow enroute to the destination IP address Action...
Page 353: Table 32: Show Atm Vc Output Fields
Chapter 4: Monitoring MPLS ATM 3/0.8100 1 8100 8100 PVC SNAP 0 DOWN 8000 circuit(s) found Reserved VCC ranges: Start Start End End Interface VPI VCI --------- ----- ----- --- --- ATM 2/0 2 102 ATM 2/0 3 303 2 reservation(s) found To display a summary of all reserved VC ranges on the router, including those reserved for MPLS use: host1#show atm vc reserved...
Page 354: Table 33: Show Cac Interface Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide show atm vc Related Topics Monitoring Global Call Admission Control Configuration Display global call admission control (CAC) configuration. Purpose To display CAC configuration: Action host1#show cac resource info flood interval 180 show cac Related Topics Monitoring Interfaces Configured with Traffic Engineering Bandwidth Accounting Display interfaces on which traffic engineering bandwidth accounting is configured.
Page 355: Monitoring Virtual Router Configuration
Chapter 4: Monitoring MPLS Table 33: show cac interface Output Fields (continued) Field Name Field Description current total available bw Total bandwidth in Kbps that is available to be reserved MPLS TE flooding threshold Absolute percentages of total reservable bandwidth that trigger the up/down flooding of the new bandwidth value throughout the network;...
Page 356 JUNOSe 11.0.x BGP and MPLS Configuration Guide Prefix/Length Type Next Hop Dst/Met Interface ------------------ --------- --------------- ---------- ---------------------------------------- 200.200.200.1/32 111.111.1.1[L18 110/2 ATM5/1.1 Rsvp 200.200.200.1[L 110/2 ATM5/1.1 To display information about all IPv6 tunnel routes: host1:pe1:pe11# show ipv6 tunnel-route all Protocol/Route type codes: O- OSPF, E1- external type 1, E2- external type2, N1- SSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop...
Page 357: Table 34: Show Ip Tunnel Route And Show Ipv6 Tunnel-Route Output
Chapter 4: Monitoring MPLS Table 34: show ip tunnel route and show ipv6 tunnel-route Output Fields Field Name Field Description Prefix IPv4 or IPv6 address prefix of network destination Length Network mask length for prefix Type Type of route; protocol Next Hop IP address of the next hop to the route, whether it is a local interface or another router;...
Page 358: Table 35: Show Ldp Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide NOTE: The mpls keyword is optional and is provided for compatibility with non–E Series implementations. Table 35 on page 322 lists the show ldp command output fields. Meaning Table 35: show ldp Output Fields Field Name Field Description LSR ID...
Page 359: Monitoring Mpls Label Bindings
Chapter 4: Monitoring MPLS Table 35: show ldp Output Fields (continued) Field Name Field Description totalOutLabels Number of out labels (received from downstream neighbor) totalCrLSPSetup Number of constraint-based routed LSPs set up totalCrLSPDeleted Number of constraint-based routed LSPs deleted show ldp Related Topics Monitoring MPLS Label Bindings Use to display label bindings from the MPLS label information base.
Page 360: Table 36: Show Ldp Binding And Show Mpls Binding Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 36: show ldp binding and show mpls binding Output Fields Field Name Field Description Label sent to upstream neighbor for displayed route Label received from downstream neighbor for displayed route neighbor IP address of neighbor to which the label is sent or received stale Label that indicates neighbor has restarted show ldp binding...
Page 361: Table 38: Show Ldp Igp-Sync Output Fields
Chapter 4: Monitoring MPLS Table 37: show ldp graceful restart Output Fields (continued) Field Name Field Description Reconnect Time Locally configured value for reconnect time, in seconds Recovery Time Locally configured value for recovery time, in seconds Max Recovery Time Locally configured value for max-recovery timer, in seconds Neighbor Liveness Timer Locally configured value for neighbor-liveness timer, in seconds...
Page 362: Table 39: Show Ldp Interface Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide show ldp igp-sync Related Topics Monitoring LDP Interfaces Display information about all LDP interfaces or the specified LDP interface. Purpose To display information about all LDP interfaces: Action host1#show ldp interface Interface ATM6/0.120 Interface address: 192.168.12.1/28 Enabled with profile 'default' Configured hold time: 15...
Page 363 Chapter 4: Monitoring MPLS Table 39: show ldp interface Output Fields (continued) Field Name Field Description Configured hold time Configured period for which a sending LSR maintains a record of link hello messages from the receiving LSR without receipt of another link hello message from that LSR, in seconds Hello interval Negotiated interval between link-hello packets, in seconds...
Page 364: Monitoring Ldp Neighbors
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 39: show ldp interface Output Fields (continued) Field Name Field Description bad hello recv Number of hello messages received bad adj setup time Time in hh:mm:ss since adjacency set up last hello recv time Time in hh:mm:ss since last hello message received last hello sent time Time in hh:mm:ss since last hello message sent...
Page 365: Table 40: Show Ldp Neighbor Output Fields
Chapter 4: Monitoring MPLS Recovery Time: 0 msec State: operational LDP neighbor 10.0.2.2 Graceful Restart is enabled Helper Mode is enabled Reconnect Time: 220000 msec Recovery Time: 0 msec State: operational To display information about LDP statistics for the session with each LDP neighbor: host1#show ldp neighbor statistics LDP Neighbor: 10.0.2.2 Message type...
Page 366: Monitoring Ldp Profiles
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 40: show ldp neighbor Output Fields (continued) Field Name Field Description Time that the adjacency has been up, in hh:mm:ss format Graceful Restart State of graceful restart, enabled or disabled Helper Mode State of graceful restart helper mode, enabled or disabled Reconnect Time Value for reconnect time received from peer in FT TLV, in...
Page 367: Table 41: Show Ldp Profile Output Fields
Chapter 4: Monitoring MPLS To display the default LDP profile: Action host1:pe2#show ldp profile default ldp profile default: used by 2 interfaces session retry: 10 times at interval 10 NOTE: The mpls keyword is optional and is provided for compatibility with non–E Series implementations.
Page 368: Table 42: Show Ldp Statistics Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Topology changes No router id No address No interface No session No adjacency Unknown version Malformed PDU Malformed message Unknown message type Inappropriate message Malformed tlv Bad TLV value Missing TLV PDU too large PDU too small No Memory NOTE: The mpls keyword is optional and is provided for compatibility with non–E...
Page 369: Monitoring Ldp Targeted Hello Receive And Send Lists
Chapter 4: Monitoring MPLS Table 42: show ldp statistics Output Fields (continued) Field Name Field Description Sessions closed Number of session closed events Topology changes Number of topology change events No router id Number of no router ID events No address Number of no address events No interface Number of no interface events...
Page 370: Table 43: Show Ldp Targeted Session Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Targeted session sent to 10.9.1.3 is up Used By: D indirect nexthop index 3, resolved Targeted session sent to 10.9.1.6 is up Used By: S indirect nexthop index 206, resolved Table 43 on page 334 lists the show ldp targeted session command output fields. Meaning Table 43: show ldp targeted session Output Fields Field Name...
Page 371: Table 44: Show Mpls Output Fields
Chapter 4: Monitoring MPLS Topology Driven LSP enabled LSPs used for IP forwarding for host addresses only Additional detail is shown when RSVP-TE is enabled: RSVP is enabled LSRID 10.1.1.1 Re-optimization timer is 3600 Tunnel retry forever at interval 5 if route is available Tunnel retry forever at interval 5 if no route is available Refresh reduction is OFF Message bundling is OFF...
Page 372 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 44: show mpls Output Fields (continued) Field Name Field Description LDP session retry Interval in seconds between attempts to set up an MPLS LDP session LDP session hold time Period in seconds for which an LSR maintains the session with its LDP peer without receipt of any LDP message from that peer LDP session keepalive Interval at which LDP sends session keepalive messages, in seconds...
Page 373: Table 45: Show Mpls Explicit-Paths Output Fields
Chapter 4: Monitoring MPLS show mpls Related Topics Monitoring MPLS Explicit Paths Display MPLS explicit paths. Purpose To display information about all MPLS explicit paths: Action host1:pe2#show mpls explicit-paths path name/identifier rx1-path enabled 1: next-address 70.70.70.2 2: next-address 30.30.30.1 not referenced by any options path name/identifier rx1-path2 enabled 1: next-address 60.60.60.2 2: next-address 40.40.40.1...
Page 374: Table 46: Show Mpls Fast-Reroute Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Role Name / Label BackupIntf / Label Status ---- --------------- ------------- ---------------------- ----------- Core LSP 10.1.1.1:6 ATM4/0.2 / 21 tun mpls:bypass23 / 21 Established Core LSP 10.1.1.1:7 ATM4/0.2 / 26 tun mpls:bypass23 / 26 Established Example on a tunnel ingress router OutIntf...
Page 375: Table 47: Show Mpls Forwarding Output Fields
Chapter 4: Monitoring MPLS host1:vr2# show mpls forwarding brief Platform label space In Label Owner Action -------- -------- -------------------------------------- lookup on inner header/label swap to 20 on ATM2/0.10, nbr 10.10.10.2 lookup on inner header/label swap to 22 on ATM2/0.10, nbr 10.10.10.2 swap to 23 on ATM2/0.10, nbr 10.10.10.2 Table 47 on page 339 lists the show mpls forwarding command output fields.
Page 376 JUNOSe 11.0.x BGP and MPLS Configuration Guide Administrative state is enabled Operational state is up Operational MTU is 9180 Received: 0 packets 0 bytes 0 errors 0 discards 0 failed label lookups Sent: 0 packets 0 bytes 0 errors 0 discards LDP information: 10.1.1.2/24 enabled with profile 'default'...
Page 377 Chapter 4: Monitoring MPLS To display information about MPLS interface atm 2/0.60: host1:pe2#show mpls interface atm 2/0.60 Interface atm2/0.60 Up RSVP not configured LDP enabled with profile default IP interfaces on this MPLS interface: 60.60.60.1/16 Session to 4.4.4.4 is operational (active) Session statistics: 12 label alloc, 12 label learned, 12 accum label alloc, 12 accum label learned,...
Page 378 JUNOSe 11.0.x BGP and MPLS Configuration Guide RSVP Enabled with profile default Authentication is disabled Authentication key: <none> Hellos are on with an interval of 10000 and miss limit of 4 Hello settings are not inherited To display detailed information about MPLS interfaces: host1:pe1#show mpls interface detail MPLS major interface ATM2/0.10 ATM circuit type is 1483 LLC encapsulation...
Page 379: Table 48: Show Mpls Interface Output Fields
IP address of IP interfaces and session status interface Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. label alloc Number of labels allocated and advertised to this peer label learned...
Page 380 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 48: show mpls interface Output Fields (continued) Field Name Field Description accum label alloc Cumulative total number of labels allocated and advertised to this peer accum label learned Cumulative total number of labels received from this peer notf Number of notification messages received or received bad or sent mapping...
Page 381: Monitoring Mpls Minor Interfaces
Chapter 4: Monitoring MPLS Table 48: show mpls interface Output Fields (continued) Field Name Field Description hcpkts Number of high-capacity (64-bit) packets received or sent errors Number of packets that are dropped for some reason at receipt or before being sent discards Number of packets that are discarded due to lack of buffer space at receipt or before being sent...
Page 382 JUNOSe 11.0.x BGP and MPLS Configuration Guide Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 MPLS minor interface lsp-02020202-1-4 (receive) Stacked on MPLS major ATM2/0.10 Operational state is up Statistics not enabled for this interface To display detailed information about MPLS minor interfaces: host1:pe1#show mpls minor-interface detail MPLS minor interface pe1-to-pe2 (transmit)
Page 383: Table 49: Show Mpls Minor-Interface Output Fields
Chapter 4: Monitoring MPLS To display summary information about MPLS minor interfaces: host1:pe1#show mpls minor-interface brief Lower Oper Interface MplsMajor state Direction ---------------- --------- ----- --------- pe1-to-pe2 ATM2/0.10 transmit lsp-02020202-1-4 ATM2/0.10 receive ERX-01-0c-d7:pe1# Table 49 on page 347 lists the show mpls minor-interface command output fields. Meaning Table 49: show mpls minor-interface Output Fields Field Name...
Page 384: Table 50: Show Mpls Next-Hop Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide MPLS next-hop: index 25, label 18, resolved by MPLS nextHop index 10 MPLS next-hop: index 10, resolved by MPLS nextHop index 14, peer address 10.1.1.1 MPLS next-hop: index 14, ECMP next-hop, leg count 2 MPLS next-hop: index 12, label 32 on FastEthernet1/1.120, neighbor 10.120.120.1 MPLS next-hop: index 13, label 32 on ATM2/1.20, neighbor 10.20.20.1...
Page 385: Table 51: Show Mpls Phb-Id Output Fields
Chapter 4: Monitoring MPLS standard phb-id traffic-class color standard phb-id traffic-class color Table 51 on page 349 lists the show mpls phb-id command output fields. Meaning Table 51: show mpls phb-id Output Fields Field Name Field Description phb-id Per-hop behavior ID for which a traffic class/color combination is displayed traffic-class Traffic class associated with traffic...
Page 386: Table 52: Show Mpls Profile Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 52: show mpls profile Output Fields Field Name Field Description profile Number of interfaces that use the profile refresh-period Timeout period in seconds between generation of refresh messages timeout factor Number of refresh messages that can be lost before the session is ended show mpls profile Related Topics...
Page 387: Table 53: Show Mpls Rsvp Output Fields
Chapter 4: Monitoring MPLS To display RSVP-TE session information: host1:two#show mpls rsvp sessions Destination 222.9.3.1 TunnelId 1 Extended Tunnel Id 223.10.1.1 PSB: Sender 223.10.1.1 LSPId 1 timeout 157500 InLabel 17 Associated Minor Interface: Tunnel 223.10.1.1:1 PHopIntf ATM2/0.1 IncomingIntf ATM2/1.1 OutgoingIntf ATM2/0.3 PHopAddr 221.1.1.2 m_ipNextHopAddr 122.1.1.1 NextHop 122.1.1.1/255.255.255.255 (strict) LabelRange (generic) min 0 max 1048575...
Page 388 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 53: show mpls rsvp Output Fields (continued) Field Name Field Description timeout Period of time in milliseconds before PSB/RSB times out if no refresh arrives. InLabel Incoming label information Associated tunnel Tunnel identifier for minor interface for which the RSVP information is displayed PHopIntf Penultimate hop interface...
Page 389 Chapter 4: Monitoring MPLS Table 53: show mpls rsvp Output Fields (continued) Field Name Field Description Flags One or more of the IngressReRoute (the ingress router can reroute the LSP), Local Protection (routers can use local repair mechanism to fix the LSP; this fix might violate the explicit route object associated with the LSP), and MergingPermitted (LSPs can be merged) flags Indicates presence of the traffic trunk classifier object...
Page 390: Table 54: Show Mpls Rsvp Authentication Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 53: show mpls rsvp Output Fields (continued) Field Name Field Description RSB Flag InUse RSB in use RSB Flag Deleted RSB deleted RSB Flag RcvdAck Acknowledgment received RSB Flag StyleConverted Reservation style converted to shared explicit RSB Flag IsPathTrigger Reservation refresh triggered Destination...
Page 391: Table 55: Show Mpls Rsvp Bfd Interfaces Output Fields
Chapter 4: Monitoring MPLS Table 54: show mpls rsvp authentication Output Fields (continued) Field Name Field Description Receive Sequence Number Sequence number of first authenticated packet from peer; subsequent packets from the peer must be greater than this base number show mpls rsvp authentication Related Topics Monitoring RSVP-TE Interfaces Where BFD is Enabled...
Page 392: Table 56: Show Mpls Rsvp Counters Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 55: show mpls rsvp bfd interfaces Output Fields (continued) Field Name Field Description Multiplier Detection multiplier value; roughly equivalent to the number of packets that can be missed before the BFD session is declared to be down show mpls rsvp bfd interfaces Related Topics...
Page 393 Chapter 4: Monitoring MPLS Table 56: show mpls rsvp counters Output Fields (continued) Field Name Field Description Path Tear Sent Number of pathtear messages sent on the interface Path Tear Rcvd Number of pathtear messages received on the interface Resv Sent Number of resv messages sent on the interface Resv Rcvd Number of resv messages received on the interface...
Page 394: Table 57: Show Mpls Rsvp Hello Graceful Restart Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 56: show mpls rsvp counters Output Fields (continued) Field Name Field Description Hello Ack Rcvd Number of acknowledgments received in response to hello requests sent Hello Discarded Number of hello messages discarded Hello Ack Discarded Number of hello ack messages discarded Hello Suppressed...
Page 395: Monitoring Rsvp-Te Hello Adjacency Instances
Chapter 4: Monitoring MPLS show mpls rsvp hello graceful restart Related Topics Monitoring RSVP-TE Hello Adjacency Instances Display summary or detailed information about RSVP-TE hello adjacency instances. Purpose To display summary information about RSVP-TE hello adjacency instances: Action host1#show mpls rsvp hello instance neighbor is up graceful restart is in progress Peer...
Page 396: Table 58: Show Mpls Rsvp Hello Instance Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 58: show mpls rsvp hello instance Output Fields Field Name Field Description Peer Address Address of the peer in the RSVP-TE hello adjacency Interface Specifier and status of each interface Identifies an RSVP-TE node hello peer Interval Interval at which hellos are sent to the neighbor, in milliseconds Miss Limit...
Page 397: Monitoring Status And Configuration For Mpls Tunnels
Chapter 4: Monitoring MPLS Table 58: show mpls rsvp hello instance Output Fields (continued) Field Name Field Description SrcInstance Nonzero 32-bit value that represents the sender's hello instance. The value is maintained on a per-neighbor basis. This instance value changes only when the sending peer resets, when the sender’s router reboots, or when communication is lost between the hello adjacency peers.
Page 398: Table 59: Show Mpls Tunnels Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide tunnel not announced to any IGP (Global) Retry forever at (Global) interval 5 during Lsp setup if there is route (Global) Retry forever at (Global) interval 5 during Lsp setup if there is no route metric is relative 0 phb-id 2 path option 2...
Page 399: Verifying And Troubleshooting Mpls Connectivity
Chapter 4: Monitoring MPLS Table 59: show mpls tunnels Output Fields (continued) Field Name Field Description pkts Number of packets sent across tunnel hcPkts Number of high-capacity (64-bit) packets sent across tunnel octets Number of octets sent across tunnel hcOctets Number of high-capacity (64-bit) octets sent across tunnel errors Number of packets that are dropped for some reason before being...
Page 400 JUNOSe 11.0.x BGP and MPLS Configuration Guide Tracing the Path of an MPLS Echo Request Packet to an RSVP-TE Tunnel on page 365 Sending an MPLS Echo Request Packet to a VPLS Instance on page 365 Tracing the Path of an MPLS Echo Request Packet to a VPLS Instance on page 365 Sending an MPLS Echo Request Packet to an IP or IPv6 Address To send an MPLS echo request packet to the specified IP or IPv6 address: Issue the ping mpls command.
Page 401 Chapter 4: Monitoring MPLS Tracing the Path of an MPLS Echo Request Packet to an L3VPN IP or IPv6 Prefix To send MPLS echo request packets to discover and examine the path MPLS packets follow to the L3VPN IP or IPv6 prefix: Issue the trace mpls l3vpn command.
Page 402: Figure 67: Sample Mpls L3Vpn Topology
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 67: Sample MPLS L3VPN Topology Packet Flow Examples for MPLS LSPs to an IP Prefix Use the ping mpls ip and trace mpls ip commands for MPLS LSPs that are configured to use LDP; labeled BGP; or a combination of LDP, BGP, and RSVP-TE (as for inter-AS and carrier-of-carriers topologies).
Page 403 Chapter 4: Monitoring MPLS PE 1 sends an MPLS echo request UDP packet that contains an LDP IPv4 sub-TLV. The packet is sent as a labeled packet over the target LSP. The packet has the following attributes: Source address 10.1.1.1 Destination address 127.0.0.0/8 UDP port...
Page 404: Packet Flow Example For The Trace Mpls Command
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:pe1#ping mpls ip 10.2.2.2/32 detail Sending 5 UDP echo requests for LDP IPv4 prefix, timeout = 2 sec MplsNextHopIndex 32 handle 8073311 '!' - success, 'Q' - request not transmitted, '.' - timeout, 'U' - unreachable, 'R' - downstream router but not destination 'M' - malformed request, 'N' - downstream router has no mapping Sending MPLS ping echo request, handle 8073311 seq 21241...
Page 405: Packet Flows For Ping And Trace To L3Vpn Ipv4 Prefixes
Chapter 4: Monitoring MPLS in the echo reply packet. The MPLS echo reply packet is sent back as a labeled UDP packet with the following attributes: Source address 10.3.3.3 Destination address 10.1.1.1 UDP port 3503 When the MPLS echo reply reaches router PE 1, the router matches the sender’s handle and the sequence number to the echo request packet that PE 1 sent.
Page 406 JUNOSe 11.0.x BGP and MPLS Configuration Guide An MPLS echo request packet containing a single VPN IPv4 sub-TLV is sent from PE 1 with the following attributes: Source address 10.1.1.1 Destination address 127.0.0.0/8 UDP port 3503 Sender’s handle Randomly generated 32-bit number used to match the reply Sequence number Integer that is incremented for each echo request packet The VPN IPv4 sub-TLV has the route distinguisher set to that of the VRF and the...
Page 407: Inter-As Topology
Chapter 4: Monitoring MPLS host1:pe1:pe11#ip8:pe1#trace mpls l3vpn 10.99.99.21/32 detail Tracing VPN IPv4 prefix, timeout = 2 sec, Max TTL 32 MplsNextHopIndex 73 handle 8073322 1 0ms 10.33.33.33 Label switched at stack-depth/2 TLV Interface and Label stack 20 bytes Router 10.33.33.33 Intf 10.10.10.2 [L34 EXP 0 TTL 1] [L68 EXP 0 S TTL 1] TLV Downstream mapping 24 bytes Router 10.31.31.2 Intf 10.31.31.1 mtu 9180...
Page 408 JUNOSe 11.0.x BGP and MPLS Configuration Guide topology, this behavior might result in premature termination of the ping or trace. You can use the bottom-label-ttl keyword to avoid this problem. Packet Flows to L3VPN IPv6 Prefixes Packet flow for an MPLS ping and trace to an L3VPN IPv6 prefix is the same as for an IPv4 prefix except that the echo request packets and echo reply packets contain the VPN IPv6 sub-TLV instead of the VPN IPv4 sub-TLV.
Page 409: Chapter 5 Configuring Bgp-Mpls Applications
Chapter 5 Configuring BGP-MPLS Applications This chapter contains the following sections: Overview on page 373 Platform Considerations on page 383 References on page 383 Transporting Packets Across an IP Backbone with MPLS on page 384 Configuring IPv6 VPNs on page 388 Intra-AS IPv6 VPNs on page 389 Providing IPv4 VPN Services Across Multiple Autonomous Systems on page 391 Providing IPv6 VPN Services Across Multiple Autonomous Systems on page 399...
Page 410 JUNOSe 11.0.x BGP and MPLS Configuration Guide The BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP multicast and BGP/MPLS virtual private networks (VPNs). BGP/MPLS VPNs are sometimes known as RFC 2547bis VPNs. Some of the applications for which you might use BGP/MPLS VPNs are to transport packets across an IP backbone, enable overlapping VPNs, operate inter-AS VPNs, enable multicast across VPNs, and provide carrier-of-carriers VPNs.
Page 411 Chapter 5: Configuring BGP-MPLS Applications VPLS If you specify the VPLS address family, you can configure the router to exchange layer 2 NLRI for a specified VPLS instance. For a description of VPLS, see “Configuring VPLS” on page 583. VPWS If you specify the VPWS address family, you can configure the PE router to exchange layer 2 NLRI for a specified VPWS instance.
Page 412: Figure 68: Ecmp Bgp/Mpls Vpn Scenario
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 68: ECMP BGP/MPLS VPN Scenario With respect to PE 1, this network has an ECMP set of two equal-cost legs for the VPN prefix of CE 2, 192.168.0.1/32: PE 1 -> P 1 -> PE 2 -> CE 2 PE 1 ->...
Page 413: Figure 69: Bgp/Mpls Vpn Scenario
Chapter 5: Configuring BGP-MPLS Applications PE routers are situated at the edge of the service provider core and connect directly to customer sites. These routers must run BGP-4, including the BGP/MPLS VPN extensions. They must also be able to originate and terminate MPLS LSPs. (See “Configuring MPLS”...
Page 414: Figure 70: Bgp/Mpls Vpn Components
JUNOSe 11.0.x BGP and MPLS Configuration Guide A customer site is a network that can communicate with other networks in the same VPN. A customer site can belong to more than one VPN. Two sites can exchange IP packets with each other only if they have at least one VPN in common. Each customer site that is connected to a particular PE router is also associated with a VPN routing and forwarding instance (VRF).
Page 415 Chapter 5: Configuring BGP-MPLS Applications VPN-IPv4 Addresses Because each VPN has its own private address space, the same IP address might be used in several VPNs. To provide for more than one route to a given IPv4 address (each route unique to a single VPN), BGP/MPLS VPNs use route distinguishers (RDs) followed by an IPv4 address to create unique VPN-IPv4 addresses.
Page 416: Figure 71: Route And Label Distribution
JUNOSe 11.0.x BGP and MPLS Configuration Guide A route-target import list is applied before any inbound routing policy (route map) is applied. If an inbound route map contains a set extcommunity clause, the clause replaces all extended communities in the received route. BGP applies the default route-target export list associated with the VRF if the route does not have any route-target extended-community attributes after the inbound policy has been applied.
Page 417 Chapter 5: Configuring BGP-MPLS Applications In this example the two customer sites use different AS numbers, which simplifies configuration. Alternatively, the same AS numbers can be used. Customer site 1 has two networks that need to be reachable from customer site 3 10.3.0.0/16 and 10.12.0.0/16 and uses BGP to announce these prefixes to PE 1.
Page 418: Figure 72: Standard And Extended Bgp Update Messages
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 72: Standard and Extended BGP Update Messages Using the next-hop-self option on PE 1 causes PE 1 to set the next-hop attribute to its own address, 172.32.12.1. Doing so is necessary because the next hop provided by CE 1 is from VPN A’s private address space and has no meaning in the service provider core.
Page 419 Chapter 5: Configuring BGP-MPLS Applications Platform Considerations For information about modules that support BGP/MPLS VPNs on the ERX7xx models, ERX14xx models, and the ERX310 Broadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP/MPLS VPNs.
Page 420: Figure 73: Bgp/Mpls Vpn Route Exchange
JUNOSe 11.0.x BGP and MPLS Configuration Guide Transporting Packets Across an IP Backbone with MPLS As described in the previous section, PE 1 and PE 2 exchange routing information, including MPLS labels for their customer sites, by means of a BGP session established between them across the service provider core.
Page 421 Chapter 5: Configuring BGP-MPLS Applications host2:pe2#show ip bgp vpn all field in-label Prefix In-label 10.12.0.0/16 none 10.24.0.0/16 On PE 1, you see that MP-BGP receives a labeled VPN-IPv4 prefix of 10.24.0.0/16 with an out label of 16. MP-BGP on PE 2 advertised this label with the prefix. In the data plane, MPLS traffic is sent by PE 1 to PE 2 with this label.
Page 422: Figure 74: Lsp Creation For Bgp/Mpls Vpn
JUNOSe 11.0.x BGP and MPLS Configuration Guide Each LSP is unidirectional for data traffic, so you must establish LSPs in both directions for two-way data transport. Figure 74 on page 386 shows that two LSPs have been created between PE 1 and PE 2. PE 1 and PE 2 have an MP-BGP session as shown previously in Figure 73 on page 384.
Page 423: Figure 75: Traffic Across The Mpls Backbone Of A Bgp/Mpls Vpn
Chapter 5: Configuring BGP-MPLS Applications Figure 75: Traffic Across the MPLS Backbone of a BGP/MPLS VPN Host 1 constructs an IP packet with the address of Host 2 as the final destination, and sends the packet to router CE 1. CE 1 encapsulates the packet appropriately and forwards it to PE 1.
Page 424 JUNOSe 11.0.x BGP and MPLS Configuration Guide CE 6 receives the IP packet from PE 2 and looks up the destination address Host 2. Subsequent forwarding to Host 2 occurs by means of the IGP in the customer site. The network structure shown in Figure 75 on page 387 consists of two VPNs, A and B.
Page 425 Chapter 5: Configuring BGP-MPLS Applications Use to configure the router or VRF to exchange IPv4 or IPv6 addresses by creating the specified address family. IPv4 and IPv6 addresses can be exchanged in unicast, multicast, or VPN mode. The default setting is to exchange IPv4 addresses in unicast mode from the default router.
Page 426: Figure 76: Ipv6 Vpn Services Over Ipv4 Mpls
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 76: IPv6 VPN Services over IPv4 MPLS The PE routers use an MP-BGP session over TCPv4 to advertise the IPv6 routes from the CE devices to the remote PE routers. The IPv6 routes are advertised as labeled VPNv6 routes with a BGP next hop set to the base tunnel endpoint destination address.
Page 427 Chapter 5: Configuring BGP-MPLS Applications RIB with the stacked label L1, which MPLS allocated for this prefix. The default IPv6 VRF label is L1. PE PE Behavior PE 1 advertises the VPNv6 prefixes in the MP_REACH_NLRI attribute of the update messages sent to its MP-IBGP peer, PE 2.
Page 428: Figure 77: Inter-As Topology With Vrfs On Each As Boundary Router
JUNOSe 11.0.x BGP and MPLS Configuration Guide preferred to option A. For inter-AS options B and C, you must explicitly configure MPLS on all the inter-AS links. Inter-AS Option A Figure 77 on page 392 illustrates the first method, where you create a VRF for each VPN on each AS boundary router.
Page 429: Figure 78: Inter-As Topology With End-To-End Stacked Mpls Tunnels
Chapter 5: Configuring BGP-MPLS Applications Figure 78: Inter-AS Topology with End-to-End Stacked MPLS Tunnels PE 1 assigns labels for routes to the customer sites, and distributes both the label assignments and the VPN-IPv4 routes throughout AS 42 in extended BGP update messages by means of internal MP-BGP.
Page 430 JUNOSe 11.0.x BGP and MPLS Configuration Guide ASBR 2 receives MPLS frames with label 44 (the in label) from ASBR 3 and sends MPLS frames with label 16 (the out label) to PE 1. The inter-AS next hop shows label 44 as the label advertised to inter-AS peer ASBR 3. Label 44 was generated for the indirect next hop PE router/label pair, 10.2.2.2 (PE 1) and 16.
Page 431 Chapter 5: Configuring BGP-MPLS Applications 0 in errors 0 in discard pkts ASBR 3 in turn generates a new label, 50, to advertise with the VPN-IPv4 prefix to its internal MP-BGP peer inside its autonomous system, AS 35. Indirect next hop 4.4.4.4 is for the MP-IBGP peering between PE 4 (loopback address 4.4.4.4) and ASBR 3.
Page 432: Figure 79: Topology For Three-Label Stack Configuration For Inter-As Option
JUNOSe 11.0.x BGP and MPLS Configuration Guide The labels that are generated to be sent to the inter-AS BGP peers are generated for each next-hop PE router/received label tuple. Scaling is improved when all routes advertised from a given VRF have the same label; this is the default E Series router behavior.
Page 433 Chapter 5: Configuring BGP-MPLS Applications In this topology, you can use either LDP or RSVP-TE to establish an LSP between each ASBR router and the PE router in an autonomous system. A labeled MP-IBGP session exists between the ASBR and the PE router in each autonomous system. A labeled MP-EBGP session exists between the two ASBR routers.
Page 434: Figure 80: Topology For Inter-As Option C With Route Reflectors
JUNOSe 11.0.x BGP and MPLS Configuration Guide While the packet travels across the VPN from ingress router PE 1, labels are swapped as follows: P 1 swaps outermost label L5 for L7 to get to its next hop, ASBR 1. ASBR 1 pops outermost label L7 and swaps the middle label L6 for L4 to get to ASBR 2.
Page 435: Figure 81: Inter-As Ipv6 Vpn Services
Chapter 5: Configuring BGP-MPLS Applications Use to prevent BGP from modifying the next hop sent to the BGP peer. Outbound route maps take precedence over this command, enabling prefixes that match the route map to be modified, regardless of this command. Takes effect immediately.
Page 436: Figure 82: Site Connectivity In A Full-Mesh Vpn
JUNOSe 11.0.x BGP and MPLS Configuration Guide In Figure 81 on page 399, the base tunnels between the PE routers are established in the IPv4 core networks with LDP or RSVP. The PE routers advertise IPv6 prefixes from the CE devices within their respective ASs as VPNv6 prefixes with MP-IBGP. For example, PE 1 advertises the CE 1 prefix 6001:0430::/48 over to PE 2 in its MP_REACH_NLRI attribute.
Page 437: Figure 83: Route Target Configuration For A Full-Mesh Vpn
Chapter 5: Configuring BGP-MPLS Applications Figure 83: Route Target Configuration for a Full-Mesh VPN Hub-and-Spoke VPNs In a hub-and-spoke VPN, the spoke sites in the VPN can communicate only with the hub sites; they cannot communicate with other spoke sites, as shown in Figure 84 on page 401.
Page 438: Figure 85: Route Target Configuration For A Hub-And-Spoke Vpn
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 85: Route Target Configuration for a Hub-and-Spoke VPN Overlapping VPNs In an overlapping VPN, a site is a member of more than one VPN. For example, in Figure 86 on page 402, the middle site is a member of both VPN A and VPN B. In other words, that site can communicate with all other VPN A sites and all other VPN B sites.
Page 439: Figure 87: Route Target Configuration For An Overlapping Vpn
Chapter 5: Configuring BGP-MPLS Applications Figure 87: Route Target Configuration for an Overlapping VPN An interesting special case of an overlapping VPN is when two VRFs on the same PE router belong to the same VPN as shown in Figure 88 on page 403. The configuration of the VRF import and export route targets is the same as for the example in Figure 87 on page 403.
Page 440 JUNOSe 11.0.x BGP and MPLS Configuration Guide If the next-hop interface is in the same VRF and the interface is numbered, the router uses the source address of the interface. If the next-hop interface is in the same VRF and the interface is unnumbered, the router uses either the source address of the interface it is pointing to or the router ID of the VRF.
Page 441 Chapter 5: Configuring BGP-MPLS Applications Exchanging Route-Target Membership Information BGP peers exchange route-target membership information in the following sequence: When the BGP peers negotiate the BGP multiprotocol extensions capability during the establishment of a BGP session, they indicate support for the route-target address family by including the (AFI, SAFI) value pair for the route-target membership NLRI (RT-MEM-NLRI) attribute.
Page 442: Table 60: Route-Target Filtering Advertisement Rules For Routes Received From Peers
JUNOSe 11.0.x BGP and MPLS Configuration Guide The usefulness of BGP VPN route-target filtering depends on the sparseness of route target membership among the VPN sites. In configurations where VPNs are members of many route target communities that is, route target membership is dense the amount of VPN NLRI exchange traffic is about the same regardless of whether route-target filtering is configured.
Page 443 Chapter 5: Configuring BGP-MPLS Applications Table 60: Route-Target Filtering Advertisement Rules for Routes Received from Peers (continued) Advertise to Advertise to IBGP Route IBGP Route Advertise Advertise to EBGP Reflector Reflector to EBGP Confederation Routes Received From Client? Nonclient? Peer? Peer? IBGP route reflector nonclient...
Page 444 JUNOSe 11.0.x BGP and MPLS Configuration Guide neighbor maximum-prefix Use to control how many prefixes can be received from a neighbor. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 445 Chapter 5: Configuring BGP-MPLS Applications When you configure the default route, the RT-MEM-NLRI attribute contains 0:0:0/0 as the Default-RT-MEM-NLRI. This 4-byte prefix contains only the local (origin) AS number field, set to zero. By default, BGP does not generate or advertise the Default-RT-MEM-NLRI route. You can use the default-information originate command to generate the Default-RT-MEM-NLRI route and send it to all peers.
Page 446 JUNOSe 11.0.x BGP and MPLS Configuration Guide command. You cannot override the characteristic for a specific member of the peer group. Outbound policy configured for the neighbor (using the neighbor route-map out command) is not applied to default routes that are advertised because of the neighbor default-originate command.
Page 447 Chapter 5: Configuring BGP-MPLS Applications You can control the maximum number of received EBGP best paths that are considered for path selection. The external-paths command limits external route target membership, thus controlling the number of EBGP peers that receive the route target VPN routes referenced by the RT-MEM-NLRI route.
Page 448 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use to set the maximum number of received external BGP best paths allowed for route-target signaling. Specify a value in the range 1–255; the default value is 1. This command takes effect immediately; it does not bounce the session. This command applies to only the route-target address family.
Page 449 Chapter 5: Configuring BGP-MPLS Applications Assign interfaces for PE-to-CE links to the VRF from outside or inside the VRF context: host1:vr1(config)#interface gigabitEthernet 1/0 host1:vr1(config-if)#ip vrf forwarding vrfA host1:vr1:vrfA(config-if)#ip address 10.16.2.77 255.255.255.0 host1:vr1:vrfA(config-if)#exit host1:vr1(config)#virtual-router :vrfA host1:vr1:vrfA(config)#interface gigabitEthernet 1/0 NOTE: You can also use the ip vrf forwarding command to specify secondary route lookup at the parent (global) level, in the event the original lookup does not yield any results.
Page 450 JUNOSe 11.0.x BGP and MPLS Configuration Guide PE Router Configuration Tasks To configure a PE router to provide BGP VPN services: Configure PE-to-PE LSPs. See “Configuring MPLS” on page 263, for information about configuring LSPs. Enable BGP routing. host1:vr1(config)#router bgp 100 (Optional) Disable automatic route-target filtering.
Page 451 Chapter 5: Configuring BGP-MPLS Applications Use network commands or the redistribute static command to make BGP advertise static routes to customers. host1:vr1(config-router)#network 10.3.0.0 mask 255.255.0.0 host1:vr1(config-router)#redistribute static Use redistribute commands to make BGP advertise IGP routes to customers. host1:vr1(config-router)#redistribute ospf (Optional) Configure an AS override.
Page 452 JUNOSe 11.0.x BGP and MPLS Configuration Guide Specifying a Route Distinguisher The route distinguisher enables you to establish unique VPN-IPv4 addresses to accommodate the possibility that more than one VPN might use the same IP address from their private address spaces. Use to specify a route distinguisher to a VRF.
Page 453 Chapter 5: Configuring BGP-MPLS Applications If the import and export lists are identical, you can use the both keyword to define the lists simultaneously: host1:vr1(config-vrf)#route-target both 777:105 A route-target export list can be modified on the sending PE router by an export map or outbound routing policy.
Page 454: Figure 89: Fully Meshed Vpns
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 89: Fully Meshed VPNs BGP sessions exist between PE 1 and PE 2, PE 2 and PE 3, and PE 3 and PE 1. The MPLS paths through the service provider core are omitted for clarity. To configure route targets for this fully meshed scenario, you specify the same route target for the import list and export list on all VRFs in VPN A.
Page 455 Chapter 5: Configuring BGP-MPLS Applications host3(config)#ip vrf vrfE host3(config-vrf)#route-target both 777:1 host3(config-vrf)#exit host3(config)#ip vrf vrfF host3(config-vrf)#route-target both 777:2 In one type of a hub-and-spoke design, only the hub site can reach every site in the Example: Hub-and-Spoke VPN. All other sites spokes can reach only the hub site. (More complex hub-and-spoke designs are possible, but require additional configuration and route targets to achieve.) In Figure 90 on page 420, Customer Site 1 is the hub site for VPN A.
Page 456: Figure 90: Hub-And-Spoke Vpn
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 90: Hub-and-Spoke VPN Route-target configuration on PE 2: host2(config)#virtual-router boston host2:boston(config)#ip vrf vrfC host2:boston(config-vrf)#route-target export 777:50 host2:boston(config-vrf)#route-target import 777:25 Route-target configuration on PE 3: host3(config)#ip vrf vrfE host3(config-vrf)#route-target export 777:50 host3(config-vrf)#route-target import 777:25 This configuration ensures that when VRF E on PE 3 receives an update message from PE 1, BGP installs the advertised route only if it has a route target of 25.
Page 457: Figure 91: Import And Export Maps
Chapter 5: Configuring BGP-MPLS Applications can provide finer-grained control of route distribution by associating any combination of export, import, global export, and global import maps with VRFs. As shown in Figure 91 on page 421, a route is distributed (leaked) between RIBs and its attributes are changed as specified in the route map when the map returns an accept message.
Page 458: Table 61: Characteristics Of Import And Global Import Maps
JUNOSe 11.0.x BGP and MPLS Configuration Guide forwarding works. The global VPN RIB never contains unlabeled routes, so the issue is moot for import maps. When a route that was previously imported into the local VRF RIB is modified in the global BGP RIB (VPN or non-VPN) such that it no longer matches the import or global import map, that route is removed from the local VRF RIB.
Page 459 Chapter 5: Configuring BGP-MPLS Applications Table 62: Characteristics of Export and Global Export Maps (continued) Characteristic Export Global Export Exports both best and non-best routes. The best route selection is made again in the core after the export. Subsequent Distribution of Routes Routes that are imported from the global BGP non-VPN RIB (with a global import map) into a VRF RIB are never exported again.
Page 460 JUNOSe 11.0.x BGP and MPLS Configuration Guide export map Use to apply a route map to a VRF to modify or filter routes exported from the VRF to the global BGP VPN RIB in the parent VR. You can specify that only IPv4 or only IPv6 routes are exported. By default, both types of routes are exported.
Page 461 Chapter 5: Configuring BGP-MPLS Applications routes. If you associate an import map with a VRF, that VRF then accepts only received routes that pass the import map (and match the import route target list). import map Use to apply an import route map to a VRF to modify and filter routes imported to the BGP RIB of the VRF from the global BGP VPN RIB in the parent VR.
Page 462 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:boston(config-vrf)#global import map routemap22 max-routes 512 Use the no version to disable the importing of routes from the global BGP non-VPN RIB to the BGP RIB of the VRF. See global import map. Global Export of IPv6 VPN Routes into the Global BGP IPv6 RIB VPNv6 routes can be exported from the BGP RIB of an IPv6 VRF to the global IPv6 BGP RIB based on policy by means of a route map and the global export map...
Page 463 Chapter 5: Configuring BGP-MPLS Applications Select the interface. Specify the VRF to associate with the interface. host1:vr1(config)#interface gigabitEthernet 1/0 host1:vr1(config-if)#ip vrf forwarding vrfA Assign an IP address to the interface because forwarding the interface from the VR to the VRF removes the existing IP configuration from the interface. host1:vr1:vrfA(config-if)#ip address 10.16.2.77 255.255.255.0 To assign an interface to a VRF from inside the VRF context: Select the interface.
Page 464 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to remove the interface assignment or discontinue secondary routing table lookup. See ip vrf forwarding. Defining Secondary Routing Table Lookup You can enable secondary routing table lookup on the virtual router routing table of the parent (global) virtual router.
Page 465 Chapter 5: Configuring BGP-MPLS Applications Use to assign a VRF to an interface or subinterface by forwarding the interface from the VR to the VRF. This command also enables you to specify secondary routing table lookup for a VRF if an initial routing table lookup is unsuccessful. Forwarding the interface removes the IP configuration from the interface.
Page 466: Figure 92: Configuring Static Routes
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 92: Configuring Static Routes In Figure 92 on page 430, PE 2 has external BGP connections to CE 3 and CE 4. PE 1 has an EBGP connection to CE 2. However, no BGP (or IGP) connection exists between PE 1 and CE 1.
Page 467 Chapter 5: Configuring BGP-MPLS Applications If you are not in the context of the virtual router that has the VRF, you access the VRF as follows: host1(config)#virtual-router boston:vrfa host1:boston:vrfa(config)# The following commands illustrate one way to configure OSPF; you can configure RIP and IS-IS similarly: host1(config)#ip vrf vrfa host1(config-vrf)#rd 100:5...
Page 468 JUNOSe 11.0.x BGP and MPLS Configuration Guide You must use the no ip vrf command to remove a VRF. Issuing a no version of this command (no virtual-router : vrfName or no virtual-router vrName : vrfName) that specifies an existing VRF only displays the error message: Cannot delete a VRF with this command”...
Page 469 Chapter 5: Configuring BGP-MPLS Applications You can use the ip mpls forwarding-mode label-switched command to configure the router to generate a label for each different FEC that a BGP route points to in the VPN; this is a per-FEC label. Issuing this command enables you to avoid a route lookup for traffic destined for CE routers, because in this mode traffic is label switched to the corresponding next hop over that interface;...
Page 470 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring PE-to-PE LSPs See “Configuring MPLS” on page 263, for information about configuring LSPs. Enabling BGP Routing You must enable the BGP routing process on the router serving as the PE router. router bgp Use to enable the BGP routing protocol and to specify the local AS the AS to which this BGP speaker belongs.
Page 471: Figure 93: Bgp/Mpls Vpn Ibgp Example
Chapter 5: Configuring BGP-MPLS Applications Figure 93: BGP/MPLS VPN IBGP Example The sample BGP/MPLS network connects PE 1, PE 2, and PE 3, which are configured for VPNv4 unicast IBGP peering. CE 1 and CE 2 are configured for EBGP peering with the PE devices.
Page 472: Figure 94: Bgp/Mpls Vpn Eibgp Example
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 94: BGP/MPLS VPN EIBGP Example VRF A has two paths to get to CE 2: the IBGP path through the MPLS network, and the EBGP path by means of regular IP. To support BGP/MPLS ECMP, PE 1 is configured with the maximum-paths eibgp command in the IPv4 unicast VRF A address family.
Page 473 Chapter 5: Configuring BGP-MPLS Applications Use the show ip bgp vpnv4 vrf vrfName summary or show bgp ipv6 vpnv6 vrf vrfName summary command to verify your ECMP configuration. The output includes a line indicating the equal-cost paths: Maximum number of both EBGP and IBGP equal-cost paths is 16 Use the no version to restore the default value, 1.
Page 474: Figure 95: Pe-To-Ce Session
JUNOSe 11.0.x BGP and MPLS Configuration Guide There is no no version. See exit-address-family. neighbor activate Use to specify neighbors to exchange routes with from within the current address family. Takes effect immediately. If dynamic capability negotiation was not negotiated with the peer, the session is automatically bounced so that the exchanged address families can be renegotiated in the open messages when the session comes back up.
Page 475 Chapter 5: Configuring BGP-MPLS Applications You configure the characteristics of VRF A, the global BGP attributes, the address family for the session, and BGP attributes relevant to the VRF or address family. host1(config)#ip vrf vrfa host1(config-vrf)#rd 777:5 host1(config-vrf)#route-target both 777:5 host1(config-vrf)#exit host1(config)#interface gigabitEthernet 1/0 host1(config-if)#ip vrf forwarding vrfA...
Page 476 JUNOSe 11.0.x BGP and MPLS Configuration Guide Disabling the Default Address Family PE routers can exchange routes in the IPv4 address family, VPNv4 address family, or both. Issuing the neighbor remote-as command automatically activates the IPv4 unicast address family, meaning that the PE router exchanges routes in the IPv4 unicast address family with that peer.
Page 477 Chapter 5: Configuring BGP-MPLS Applications Using a Single AS Number for All CE Sites If you want to use the same AS number for all of your CE sites, you can substitute a PE router’s autonomous system number for that of a neighbor by specifying the neighbor’s IP address in the neighbor as-override command.
Page 478 JUNOSe 11.0.x BGP and MPLS Configuration Guide Use the no version to halt the substitution of the AS numbers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor as-override.
Page 479: Figure 96: Network With Potential Routing Loops
Chapter 5: Configuring BGP-MPLS Applications Figure 96: Network with Potential Routing Loops The following commands are relevant to the illustrated network: host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override Now, suppose instead you assign a unique site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin.
Page 480: Figure 97: Preventing Potential Routing Loops In The Network
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 97: Preventing Potential Routing Loops in the Network Use to set a site of origin that is included in the extended community list for neighbor site-of-origin routes received from the specified peer. If you use this command to configure a site of origin for routes from a peer, then routes advertised to that peer that contain this site of origin are filtered out and not advertised.
Page 481: Figure 98: Allowing Local As In Vpnv4 Address Family
Chapter 5: Configuring BGP-MPLS Applications Advertising Prefixes with Duplicate AS Numbers When a BGP speaker receives a route that has the speaker’s AS number in its AS path, the speaker declares that route to be a loop and discards it. However, in some circumstances, as in the implementation of a hub-and-spoke VPN topology, this is not the desired behavior.
Page 482 JUNOSe 11.0.x BGP and MPLS Configuration Guide To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session. Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out.
Page 483 Chapter 5: Configuring BGP-MPLS Applications interval has passed since the last limit-exceeded log entry. This behavior prevents the system log from being flooded with log entries. When you issue the command, the router immediately reevaluates the current number of routes against the new limit. If the current number of routes is greater than the maximum configured limit, the router might remove dynamically learned routes in order to enforce the new limit.
Page 484 JUNOSe 11.0.x BGP and MPLS Configuration Guide There is no no version. See clear ip routes. Enabling VRF to VR Peering In some circumstances you might want a CE router, which connects to the PE router by means of a VRF, to be able to establish an EBGP peering session directly with the parent VR in which the VRF has been configured.
Page 485 Chapter 5: Configuring BGP-MPLS Applications displayed with the show ip interface command. You must use the show ip route or show ip static commands to display the interface. If the interface in the parent VR goes down or is deleted, the static route added in the VRF will continue to exist.
Page 486: Figure 99: Topology For Fast Reconvergence By Means Of Unique Vrf Rds
JUNOSe 11.0.x BGP and MPLS Configuration Guide Fast Reconvergence with Unique RDs You can assign a unique RD for the VRFs in each PE router to avoid the slow reconvergence issue. The route reflectors in the network consider advertised routes with different RDs to be different prefixes and therefore reflect both routes.
Page 487: Figure 100: Topology For Fast Reconvergence By Means Of Reachability
Chapter 5: Configuring BGP-MPLS Applications PE router must be able to choose from all available paths, which in turn requires that each VRF have a unique RD. If each VRF has a unique RD and the ingress PE router has all feasible paths to choose from, you can configure IBGP multipath and ECMP traffic over multiple PE-to-PE MPLS tunnels.
Page 488 JUNOSe 11.0.x BGP and MPLS Configuration Guide When the MPLS tunnel (RSVP-TE or LDP) to the next hop of the best route goes down, the VPNv4 route reflector immediately advertises the next-best route (if any) without waiting for the MP-IBGP session to go down. In this example, that route is through PE 2.
Page 489 Chapter 5: Configuring BGP-MPLS Applications Example host1:pe1(config-route-map)#match mpls-label Use the no version to remove the configuration. See match mpls-label. neighbor send-label Use to configure a BGP peer to distribute an MPLS label with the advertisements for its IPv4 and IPv6 routes. This command enables BGP to dynamically negotiate SAFI 1 and SAFI 4 with this neighbor.
Page 490: Table 63: Resolution Of Indirect Next Hops
JUNOSe 11.0.x BGP and MPLS Configuration Guide BGP Processing of Received Routes BGP processes received routes differently depending on whether the route is labeled or unlabeled, unicast or VPN. Labeled Unicast Routes When BGP receives a labeled route from a directly connected peer, BGP uses the MPLS major interface that is next to the peer IP interface to resolve the route's BGP next hop.
Page 491: Table 64: Advertising Action Taken Following Best Route Selection
Chapter 5: Configuring BGP-MPLS Applications Table 63: Resolution of Indirect Next Hops (continued) Route Type Table in Which BGP Indirect Next Hop Resolves Labeled VPN IP tunnel routing table BGP Advertising Rules for Labeled and Unlabeled Routes with the Same AFI When BGP receives a route to a prefix with the same AFI in both labeled and unlabeled forms, only one of these routes can be selected as the best route.
Page 492 JUNOSe 11.0.x BGP and MPLS Configuration Guide VRF and is used for VPN traffic. The other logical circuit runs between the CE router and the parent VR of the VRF and is used for Internet traffic. These logical circuits are typically FR circuits, ATM circuits, or VLANs. The following sections describe alternative methods of providing Internet access for situations in which having two separate logical circuits is not acceptable or desirable.
Page 493: Figure 101: Static Default Route For Internet Access
Chapter 5: Configuring BGP-MPLS Applications prefix. Because BGP has only a default route in the VRF, it has to point that single default route to a single uplink interface. All the Internet-bound traffic must flow out of that interface. You cannot configure traffic for one prefix to flow out of one uplink interface and traffic to another prefix to flow out of another uplink interface.
Page 494: Figure 102: Fallback Global Option
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 102: Fallback Global Option If BGP finds a route in the VRF context, it uses that route. If BGP does not find a route in the VRF context but does find a route in the VR context, it falls back on the global route in the parent VR.
Page 495: Figure 103: Global Import Map Applied To Routes Imported From Vrf Bgp
Chapter 5: Configuring BGP-MPLS Applications Figure 103: Global Import Map Applied to Routes Imported from VRF BGP RIB The global import map enables global BGP routes to be automatically imported into the BGP RIB table in a VRF. The route map determines which routes are imported and which are not.
Page 496: Figure 104: Bgp Session Between Ce Router And Parent Vr
JUNOSe 11.0.x BGP and MPLS Configuration Guide interface in the parent VR that is used for BGP peering with the CE router. To achieve this configuration, you must do both of the following: In the parent VR, create a shared IP interface for the PE-CE interface and point a static route to the loopback of the CE router to the shared interface.
Page 497 Chapter 5: Configuring BGP-MPLS Applications On host 1, VR PE 1: host1(config)#virtual-router pe1 host1:pe1(config)#router bgp 100 host1:pe1(config-router)#neighbor 10.4.4.4 remote-as 200 host1:pe1(config-router)# neighbor 10.4.4.4 ebgp-multihop host1:pe1(config-router)#neighbor 10.4.4.4 update-source loopback1 host1:pe1(config-router)#exit On host 2, VR CE 1: host2(config)#virtual-router ce1 host2:ce1(config)#interface loopback 1 host2:ce1(config-if)#ip address 10.4.4.4 255.255.255.255 host2:ce1(config-if)#exit host2:ce1(config)#ip route 10.2.2.2 255.255.255.255 atm2/1.1...
Page 498: Figure 105: Static Route To Shared Ip Interface
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 105: Static Route to Shared IP Interface The following commands configure the shared interface and a static route: host1(config)#virtual-router pe1 host1:pe1(config)#interface ip ce1-cust host1:pe1(config-if)#ip share-interface atm2/0.1 host1:pe1(config-if)# ip address 10.1.1.3 255.255.255.0 host1:pe1(config-if)#exit host1:pe1(config)#ip route 10.4.4.4 255.255.255.255 ip ce1-cust Global Export Map The global export map enables VPN routes to be automatically exported from the...
Page 499: Figure 106: Global Export Map Applied To Routes Exported From Vrf Bgp
Chapter 5: Configuring BGP-MPLS Applications Figure 106: Global Export Map Applied to Routes Exported from VRF BGP RIB The following commands configure the route map and global export map: host1(config)#virtual-router pe1 host1:pe1(config)#access-list dot-one permit 0.0.0.1 255.255.255.0 host1:pe1(config)#route-map globxmap1 host1:pe1(config-route-map)#match ip address dot-one host1:pe1(config-route-map)#set local-pref 200 host1:pe1(config-route-map)#exit host1:pe1(config)#ip vrf pe11...
Page 500 JUNOSe 11.0.x BGP and MPLS Configuration Guide because there are multiple tiers of VPNs the tier-1 backbone VPN of the provider carrier and the tier-2 VPNs of the customer carrier. In a hierarchical carrier-of-carriers VPN environment, each carrier (or ISP) maintains the internal routes of its customers in VRF tables on its PE routers.
Page 501: Figure 107: Carrier-Of-Carriers Internet Service
Chapter 5: Configuring BGP-MPLS Applications The customer carrier’s PE routers that connect to the provider’s VPN use LDP to exchange labels for the internal routes between themselves and the provider carrier’s PE router. The customer carrier’s PE routers that connect to the provider’s VPN learn external routes through IBGP sessions among themselves.
Page 502 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configure MPLS. Configure BGP. Configure an IGP. Configure LDP. Configure VRF. Enable carrier-of-carriers support on the VRF; use the mpls topology-driven-lsp command in the context of the VRF virtual router to enable MPLS support. Enable LDP on the interface in the VRF that connects to the customer carrier’s PE router.
Page 503: Figure 108: Carrier-Of-Carriers Vpn Service
Chapter 5: Configuring BGP-MPLS Applications Figure 108: Carrier-of-Carriers VPN Service Configuration Steps You must complete the following configuration process when the customer carrier provides VPN services for its customers. On the provider carrier’s PE router: Configure MPLS. Configure BGP. Carrier-of-Carriers IPv4 VPNs...
Page 504 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configure an IGP. Configure LDP. Configure VRF. Enable carrier-of-carriers support on the VRF; use the mpls topology-driven-lsp command in the context of the VRF virtual router to enable MPLS support. Enable LDP on the interface in the VRF that connects to the customer carrier’s PE router.
Page 505: Figure 109: Carrier-Of-Carrier Ipv6 Vpns
Chapter 5: Configuring BGP-MPLS Applications Carrier-of-Carriers Using BGP as the Label Distribution Protocol You can run BGP instead of LDP as the label distribution protocol on the PE-CE link between the Tier 1 and the Tier 2 carriers in a carrier-of-carriers topology. This capability is available for carriers providing Internet access or VPN service to end users.
Page 506: Figure 110: Ipv6 Tunneled Over Mpls-Ipv4
JUNOSe 11.0.x BGP and MPLS Configuration Guide Connecting IPv6 Islands Across IPv4 Clouds with BGP If you have not upgraded your core to IPv6, you can still provide IPv6 services to customers by connecting remote IPv6 islands across IPv4 clouds by means of MP-BGP and MPLS.
Page 507: Figure 111: Ipv6 Tunneled Across Ipv4 Domains
Chapter 5: Configuring BGP-MPLS Applications Router CE 1 establishes an MP-BGP session over TCPv4 to PE 1 and advertises its ability to reach the IPv6 network 2001:0430::/32. The MP-BGP update message specifies an AFI value of 2 (IPv6) and a SAFI value of 1 (unicast). As the next hop in the MP-REACH-NLRI attribute, CE 1 advertises the IPv6 address of the CE 1 interface that links to PE 1.
Page 508 JUNOSe 11.0.x BGP and MPLS Configuration Guide routers of each domain. Routing between PE 1–ASBR 1 in AS 1 and between PE 2–ASBR 2 in AS 2 is accomplished by means of label-switched paths. IPv6 unlabeled routes are exchanged through the external MP-BGP session between ASBR 1 and ASBR 2.
Page 509 Chapter 5: Configuring BGP-MPLS Applications host1(config-router-af)#neighbor 2.2.2.2 activate d. Configure the MP-BGP PE neighbor to send labeled IPv6 prefixes. host1(config-router-af)#neighbor 2.2.2.2 send-label host1(config-router-af)#neighbor 2.2.2.2 update-source loopback 1 host1(config-router-af)#neighbor 2.2.2.2 next-hop-self host1(config-router-af)#exit-address-family Configure the P router with an IPv4 IGP and an MPLS signaling protocol. Configure the PE 2 router as you did PE 1 in Steps 1–6.
Page 510 JUNOSe 11.0.x BGP and MPLS Configuration Guide BGP/MPLS VPN acts as if it is in an area above the OSPF backbone area. When the PE-CE link is in a nonbackbone area, the BGP/MPLS VPN acts as an OSPF backbone. In either case, the OSPF router configured as a PE router in the BGP/MPLS VPN is always treated as an area border router (ABR) and functions as an area 0 router so that it can distribute interarea routes to the CE router.
Page 511: Table 65: Route Types And Route Origins
Chapter 5: Configuring BGP-MPLS Applications OSPF Route Type Attribute The route type attribute carries the OSPF area ID and LSA type, as indicated in Table 65 on page 475: Table 65: Route Types and Route Origins Type of Route Origin of Route 1 –...
Page 512: Figure 112: Ospf Topology With Backdoor Link
JUNOSe 11.0.x BGP and MPLS Configuration Guide Preventing Routing Loops PE routes disregard OSPF routes received from a CE router if the routes are advertised A type 3 LSA with the most-significant bit set in the LSA options field. A type 5 LSA that has a tag value equal to the VPN route tag associated with the OSPF VRF on that PE router.
Page 513 Chapter 5: Configuring BGP-MPLS Applications a directly connected CE router are installed into the IP routing table of the VRF associated with that CE router. The OSPF routes in the VRF’s IP routing table are then redistributed into MP-BGP and advertised as VPNv4 routes to other PE routers. MP-BGP attaches extended communities to the advertised routes to carry OSPF-specific attributes such as the route type and the domain ID across the backbone.
Page 514: Figure 113: Ospf Sham Link
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 113: OSPF Sham Link Use the remote-neighbor command to configure the OSPF sham link on both VRFs joined by the link. If a BGP route and an OSPF route to the same destination are both installed in the IP routing table, OSPF uses the OSPF route because it has a better administrative distance by definition.
Page 515 Chapter 5: Configuring BGP-MPLS Applications Example host1:pe1(config-router-rn)#dont-install-routes Use the no version to restore the default behavior, which installs these routes in the relevant IP routing table. See dont-install-routes. remote-neighbor Use to configure an OSPF remote neighbor. Example host1:pe1(config-router)#remote-neighbor 10.25.100.14 area 35672 Use the no version to remove the remote neighbor and any attributes configured for the remote neighbor.
Page 516 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config)#ip vrf ospf2 Proceed with new VRF creation? [confirm] host1(config-vrf)#rd 100:85 host1(config-vrf)#exit Start OSPF on the VRF, either from the parent VR or directly from the VRF. From the parent VR: host1(config)#router ospf 5 vrf ospf2 From the VRF: host1(config)#virtual-router :ospf2 host1:default:ospf2(config)#router ospf 5...
Page 517 Chapter 5: Configuring BGP-MPLS Applications domain-tag Use to set the VPN route tag for an OSPF VRF on a PE router. The default value is a 32-bit number based on the AS number of the BGP/MPLS VPN backbone, with the first 16 bits set to 1110 0000 0000 0000, followed by the 16 bits representing the AS number.
Page 518 JUNOSe 11.0.x BGP and MPLS Configuration Guide NOTE: The E120 router and E320 router output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 519 Chapter 5: Configuring BGP-MPLS Applications When it is received from other type of peers, the indirect next hop is reachable if an entry exists in the IP routing table that resolves this indirect next-hop address. For VPN labeled routes in a VRF, the following rules apply: When it is received in a core VRF from a remote multihop IBGP or EBGP VPN peer, the indirect next hop is reachable if an entry exists in the IP tunnel routing table that resolves the next-hop address.
Page 520 JUNOSe 11.0.x BGP and MPLS Configuration Guide Reachable (metric 0) Number of direct next-hops is 1 Direct next-hop ATM4/0.61 (10.61.61.2) Resolution in IP tunnel-route table of VRF pe22 Not reachable Reference count is 2 See show ip bgp next-hops. show ip interface vrf Use to display information about the interfaces associated with the specified VRF.
Page 521 Chapter 5: Configuring BGP-MPLS Applications In Received Packets, Bytes Total number of packets and bytes received on an IP interface Unicast Number of unicast packets and bytes received on an IP interface Multicast Number of multicast packets and bytes received on an IP interface In Policed Packets Number of packets discarded on a receive IP interface because of token bucket limiting...
Page 522 JUNOSe 11.0.x BGP and MPLS Configuration Guide Operational MTU = 9180 Administrative MTU = 0 Operational speed = 155520000 Administrative speed = 0 Discontinuity Time = 0 Router advertisement = disabled Administrative debounce-time = disabled Operational debounce-time = disabled Access routing = disabled Multipath mode = hashed In Received Packets 0, Bytes 0 Unicast Packets 0, Bytes 0...
Page 523 Chapter 5: Configuring BGP-MPLS Applications Neighbor Incoming/Outgoing update prefix list Number of the prefix list for incoming or outgoing routes Neighbor Incoming/Outgoing update prefix tree Number of the prefix tree for incoming or outgoing routes Neighbor Incoming/Outgoing update filter list Number of filter list for incoming routes Routing for Networks The network for which BGP is currently injecting routes...
Page 524 JUNOSe 11.0.x BGP and MPLS Configuration Guide flushed interval Current setting of the flush timer (in seconds) Filter applied to outgoing route update Access list applied to outgoing RIP route updates Filter applied to incoming route update Access list applied to incoming RIP route updates Global route map Route map that specifies all RIP interfaces on the router...
Page 525 Chapter 5: Configuring BGP-MPLS Applications O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 Prefix/Length Type Next Hop Dist/Met Intf --------------- ------- ---------- -------- ------------ 45.5.5.5/32 Connect 45.5.5.5 fastEthernet3/0 56.5.5.0/24 Connect 56.5.5.5 atm4/0.21 See show ip route.
Page 526 JUNOSe 11.0.x BGP and MPLS Configuration Guide Reassemble Timeout Value to time out reassembled packets Interface Configured Interface configured for the VRF Import VPN Route Target Extended Communities List of VPNs from which the VRF accepts routing information Export VPN Route Target Extended Communities List of VPNs to which the VRF sends update messages Import Route-map Route map associated with the VRF that filters and modifies routes imported to the VRF from the global BGP VPN RIB.
Page 527 Chapter 5: Configuring BGP-MPLS Applications VRF IP Router Id: 10.12.12.1 Default TTL: 127 Reassemble Timeout: 30 Interface Configured: null0 ATM2/0.12 tun mpls:vpnEgL18-4 ip dyn-25 Import VPN Route Target Extended Communities: 100:2 Export VPN Route Target Extended Communities: 100:2 Import Route-map : importmap1 Export Route-map : exportmap23 (can filter routes) Global Import Route-map : globalimportmap2 Global Export Route-map : globalexportmap3...
Page 528 JUNOSe 11.0.x BGP and MPLS Configuration Guide IP Statistics Rcvd: local destination Frames with this router as their destination hdr errors Number of packets containing header errors addr errors Number of packets containing addressing errors unkn proto Number of packets received containing unknown protocols discards Number of discarded packets IP Statistics Frags: reasm ok Number of reassembled packets...
Page 529 Chapter 5: Configuring BGP-MPLS Applications ICMP Statistics Sent: errors Number of error packets sent dst unreach Number of packets sent with destination unreachable time excd Number of packets sent with time-to-live exceeded param probs Number of packets sent with parameter errors src quench Number of source quench packets sent redirect Number of send packet redirects timestamp req Number of requests for a timestamp...
Page 530 JUNOSe 11.0.x BGP and MPLS Configuration Guide Multicast Number of multicast packets and bytes forwarded out an IP interface Out Requested Packets, Bytes Number of packets and bytes requested to be forwarded out an IP interface Out Total Dropped Packets, Bytes Total number packets and bytes dropped by an IP interface on output Out Scheduler Drops Committed Packets, Bytes Number of committed packets and bytes dropped because of out queue threshold limit...
Page 531 Chapter 5: Configuring BGP-MPLS Applications 0 param probs, 0 src qnch, 0 redirect 0 timestamp req, 0 timestamp rpy 0 addr mask req, 0 addr mask rpy atm4/0.134 is up, line protocol is up VRF: pe11 Link up/down trap is disabled Internet address is 4.4.4.2/255.255.255.0 IP statistics: Rcvd:...
Page 532 JUNOSe 11.0.x BGP and MPLS Configuration Guide active at a given time, this command does not give a complete picture of the configuration. Use the member-circuits keyword to display circuit information for the group. Field descriptions routed to/base LSP Identifies address of the router at the other end of the tunnel and the base tunnel that is selected to forward the traffic load-balancing group Group number Martini group-id Martini group ID number for the interface...
Page 533 Chapter 5: Configuring BGP-MPLS Applications Interface Interface specifier and status; active indicates it is being used for traffic from the core; if active is not displayed, interface is not currently being used for traffic, but the statistics may be valid member ports Number and type of candidate ports configured for the group, including interface specifiers and state member circuits Number of member circuits configured for each port and...
Page 534 JUNOSe 11.0.x BGP and MPLS Configuration Guide show mpls tunnels Use to display status and configuration for all tunnels or for a specific tunnel in the current router context. A result of Incomplete Configuration in the display indicates either no tunnel endpoint or no label distribution protocol.
Page 535 Chapter 5: Configuring BGP-MPLS Applications There is no no version. See undebug ip mbgp. Monitoring BGP/MPLS VPNs...
Page 536 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring BGP/MPLS VPNs...
Page 537: Layer 2 Services Over Mpls
Part 3 Layer 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 503 Configuring Layer 2 Services over MPLS on page 523 Monitoring Layer 2 Services over MPLS on page 557 Layer 2 Services Over MPLS...
Page 538 JUNOSe 11.0.x BGP and MPLS Configuration Guide Layer 2 Services Over MPLS...
Page 539: Chapter 6 Layer 2 Services Over Mpls Overview
Chapter 6 Layer 2 Services over MPLS Overview This chapter contains the following sections: Layer 2 Services over MPLS Overview on page 503 Layer 2 Services over MPLS Platform Considerations on page 504 Layer 2 Services over MPLS References on page 505 Layer 2 Services over MPLS Implementation on page 506 Local Cross-Connects Between Layer 2 Interfaces Using MPLS on page 507 MPLS Shim Interfaces for Layer 2 Services over MPLS on page 507...
Page 540: Figure 114: Layer 2 Services Over A Provider's Mpls Network
JUNOSe 11.0.x BGP and MPLS Configuration Guide ATM with ATM Adaptation Layer 5 (AAL5) encapsulation ATM with virtual channel connection (VCC) cell relay encapsulation Ethernet (Fast Ethernet, Gigabit Ethernet, 10-Gigabit Ethernet, bridged Ethernet, bridged Ethernet/VLAN, Ethernet/VLAN) NOTE: For the purposes of configuring layer 2 services over MPLS, Ethernet interfaces and bridged Ethernet interfaces function identically, as do Ethernet/VLAN interfaces and bridged Ethernet/VLAN interfaces.
Page 541 Chapter 6: Layer 2 Services over MPLS Overview See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications. See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support the underlying layer 2 service and MPLS. NOTE: In the current release, the E120 and E320 routers supports all layer 2 services over MPLS shown in the bulleted list in “Layer 2 Services over MPLS Overview”...
Page 542 JUNOSe 11.0.x BGP and MPLS Configuration Guide Encapsulation Methods for Transport of PPP/HDLC Over IP and MPLS Networks draft-ietf-pwe3-hdlc-ppp-encap-mpls-03.txt (October 2004 expiration) Framework for Pseudo Wire Emulation Edge-to-Edge (PWE3) draft-ietf-pwe3-arch-06.txt (April 2004 expiration) IEEE 802.3ad (Link Aggregation) Pseudowire Setup and Maintenance Using LDP draft-ietf-pwe3-control-protocol-08.txt (January 2005 expiration) Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3) draft-ietf-pwe3-requirements-08.txt (June 2004 expiration)
Page 543 Chapter 6: Layer 2 Services over MPLS Overview A service-specific control word may be placed between the layer 2 data and the VC label. The control word is used for frame sequencing and carrying service-specific information, such as Frame Relay forward explicit congestion notification (FECN) and backward explicit congestion notification (BECN) information.
Page 544 JUNOSe 11.0.x BGP and MPLS Configuration Guide Each MPLS shim interface points to a single MPLS next hop. When layer 2 frames arrive on the layer 2 interface below the MPLS shim interface, they are encapsulated in an MPLS packet and forwarded to that MPLS next hop. The details of the encapsulation are determined by the attributes of the shim interface.
Page 545: Figure 115: Common Isp Network
Chapter 6: Layer 2 Services over MPLS Overview For information about collecting statistics for the MPLS shim interfaces, see Monitoring Layer 2 Services over MPLS on page 557 Multiple Layer 2 Services over MPLS When you configure an MPLS shim interface over an ATM, Frame Relay, or HDLC layer 2 interface, no other interface (for example, PPP or IP) can be stacked above the layer 2 interface.
Page 546: Figure 116: E Series Router Replacing Remote Atm Switch
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 116: E Series Router Replacing Remote ATM Switch ATM layer 2 services over MPLS supports two encapsulation methods on E Series routers: AAL5 relay encapsulation VCC cell relay encapsulation The following sections describe each of these encapsulation methods. AAL5 Encapsulation JUNOSe software supports the AAL5 relay method of encapsulation that is specified in the Martini draft.
Page 547 Chapter 6: Layer 2 Services over MPLS Overview The router passes the following OAM cells transparently: F5 alarm indication signal (AIS) segment and end-to-end F5 remote defect indication (RDI) segment and end-to-end F5 loopback segment and end-to-end Resource management F5 continuity check segment and end-to-end In addition, F4 OAM cell forwarding is supported.
Page 548 JUNOSe 11.0.x BGP and MPLS Configuration Guide VCC Cell Relay Encapsulation E Series routers support virtual channel connection (VCC) cell relay encapsulation for ATM layer 2 services over MPLS. VCC cell relay encapsulation enables a router to emulate ATM switch behavior by forwarding individual ATM cells over an MPLS pseudowire (also referred to as an MPLS tunnel) created between two ATM VCCs, or as part of a local ATM cross connect between two ATM 1483 subinterfaces on the same router.
Page 549 Chapter 6: Layer 2 Services over MPLS Overview We recommend that for voice-over-ATM configurations, you select timeout values between 6 microseconds and 3 x 6 microseconds. Values within this range are generally low enough to maintain a reasonable cell delay and high enough to take advantage of the cell concatenation mechanism.
Page 550 JUNOSe 11.0.x BGP and MPLS Configuration Guide You can configure an HDLC layer 2 circuit between two serial interfaces, between two packet over SONET (POS) interfaces, or between a serial interface and a POS interface. The interfaces at either end of the circuit can operate at the same speed or at different speeds.
Page 551: Figure 118: Ce-Side Mpls L2Vpn Tunnel Over Lag
Chapter 6: Layer 2 Services over MPLS Overview Configuring HDLC Layer 2 Services on page 532 Related Topics CE-Side MPLS L2VPNs over LAG Overview MPLS L2VPNs over link aggregation groups (LAGs) uses the functionality of both layer 2 services over MPLS and LAG. MPLS L2VPNs (Martini circuits) over LAG enable MPLS Martini circuits to use LAG in the network between the customer edge (CE) devices and the provider edge (PE) routers to distribute traffic arriving from pseudowires across multiple physical Ethernet interfaces.
Page 552 JUNOSe 11.0.x BGP and MPLS Configuration Guide layer 2 processing is required on the remaining layer 2 frames. After PE2 processes the Ethernet layer 2 frames, they are forwarded to CE2. Traffic arriving at PE1 from pseudowires is distributed across all the member links of the LAG.
Page 553 Chapter 6: Layer 2 Services over MPLS Overview Selective removal of only the service-delimiting tag when layer 2 frames were received from the CE devices to be sent to the pseudowire Selective insertion of only the service-delimiting tag when layer 2 frames were received from the pseudowire to be sent to the CE device In this release, you can configure an S-VLAN subinterface to enable the provider edge (PE) device to strip the S-VLAN tag from all packets that enter the MPLS pseudowires...
Page 554 JUNOSe 11.0.x BGP and MPLS Configuration Guide S-VLAN Subinterface with an Untagged C-VLAN ID Overview In previous releases, you could configure an S-VLAN subinterface with a C-VLAN ID in the range 0–4095 or with the any (5001) keyword for the VLAN ID. The single- tagged frames with a valid S-VLAN ID or untagged frames were ignored for the subinterface.
Page 555 Chapter 6: Layer 2 Services over MPLS Overview manual configuration and MPLS signaling protocol (LDP) state that had to be maintained. Now, you can emulate physical connectivity between two ATM ports that are not directly connected. This emulation is made possible by transporting ATM cells belonging to a subset of matching ATM VCs on both the ATM ports over a single pseudowire.
Page 556 JUNOSe 11.0.x BGP and MPLS Configuration Guide You can also specify concatenation of multiple ATM cells to be sent in a single MPLS-labeled packet for efficient usage of the backbone bandwidth. If you do not specify cell concatenation, each individual ATM cell is MPLS-labeled and transmitted on the pseudowire.
Page 557 Chapter 6: Layer 2 Services over MPLS Overview the router does not enable opening of the VP-level OAM circuits to be transported transparently on the pseudowire. Because only a subset of the ATM virtual circuits on an ATM port are carried on the pseudowire, LDP uses the ATM n-to-one VCC cell transport (0x0009) pseudowire (PW) type instead of the ATM transparent cell transport (0x0003) PW type in the signaling messages.
Page 558 JUNOSe 11.0.x BGP and MPLS Configuration Guide When a VPI/VCI range that you enter is a subset of an already defined range, the specified range is not saved and an appropriate message is displayed on the CLI interface. When a VPI/VCI range that you enter encompasses one or more of the previously defined ranges, the configuration attempt fails and an appropriate message is displayed on the CLI interface.
Page 559: Chapter 7 Configuring Layer 2 Services Over Mpls
Chapter 7 Configuring Layer 2 Services over MPLS This chapter describes how to configure layer 2 services over MPLS on the router, and contains the following sections: Before You Configure Layer 2 Services over MPLS on page 523 Configuring Frame Relay Layer 2 Services on page 524 Configuring Interoperation with Legacy Frame Relay Layer 2 Services on page 524 Configuring Ethernet/VLAN Layer 2 Services on page 525 Configuring S-VLAN Tunnels for Layer 2 Services on page 526...
Page 560 JUNOSe 11.0.x BGP and MPLS Configuration Guide NOTE: To provide uninterrupted service during an SRP switchover in a scaled configuration, such as one with 32,000 Martini circuits, set the LDP graceful restart reconnect time to the maximum 300 seconds and set the LDP graceful restart recovery timer to the maximum 600 seconds.
Page 561 Chapter 7: Configuring Layer 2 Services over MPLS host1(config-if)#interface serial 4/1:1/1.1 host1(config-subif)#frame-relay interface-dlci 17 ietf Specify MPLS tunneling by using the appropriate command. host1(config-if)#mpls-relay 10.10.100.2 45 relay-format frame-relay host1(config-if)#route interface tunnel mpls:tunnel6 45 relay-format frame-relay Configure Frame Relay and MPLS on the remote PE router. For information about configuring a more complex Frame Relay over MPLS Related Topics topology, see Frame Relay over MPLS Configuration Example on page 538...
Page 562 JUNOSe 11.0.x BGP and MPLS Configuration Guide mpls-relay route interface vlan id Configuring S-VLAN Tunnels for Layer 2 Services When you configure Ethernet or bridged Ethernet layer 2 services over MPLS, you can use the svlan id command with the any keyword to create a stacked VLAN (S-VLAN) tunnel that uses a single interface to tunnel traffic from multiple VLANs across an MPLS network.
Page 563: Figure 119: Local Cross-Connect Between Ethernet/Vlan Interfaces
Chapter 7: Configuring Layer 2 Services over MPLS svlan ethertype svlan id Configuring Local Cross-Connects Between Ethernet/VLAN Interfaces This section provides an example for configuring a local cross-connect that uses MPLS between two Ethernet/VLAN interfaces. NOTE: You must use the mpls-relay command instead of the route interface command to configure a local cross-connect, regardless of the MPLS tunneling method used in the core network.
Page 564 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-if)#vlan id 10 (Optional) If you are configuring a multiservice local cross-connect, assign an IP address and mask to the Ethernet/VLAN interface. host1(config-if)#ip address 10.1.2.3 255.255.255.0 Configure MPLS tunneling on this side of the connection by issuing the mpls-relay command.
Page 565 Chapter 7: Configuring Layer 2 Services over MPLS an MPLS relay connection from the PVCs to the loopback interface. You do not need to configure any other MPLS commands. The following commands create an ATM cross-connect between two ATM subinterfaces on the same router. NOTE: Although this procedure uses AAL5 encapsulation to configure a local cross-connect between two ATM 1483 subinterfaces within the same router, you can also use AAL5 encapsulation when you configure an MPLS pseudowire (tunnel)
Page 566 JUNOSe 11.0.x BGP and MPLS Configuration Guide atm pvc Related Topics interface atm interface loopback ip address mpls-relay show mpls cross-connects atm vlan id Configuring an MPLS Pseudowire with VCC Cell Relay Encapsulation The following commands create an ATM layer 2 services over MPLS pseudowire connection between two ATM 1483 subinterfaces on different routers.
Page 567 Chapter 7: Configuring Layer 2 Services over MPLS Identifier (1, 2, or 3) of the ATM Martini cell packing timer that you want to use to detect timeout of the cell collection threshold host1(config-subif)#atm cell-packing 100 mcpt-timer 2 Create an MPLS relay connection to the loopback interface on the egress router. The VC ID (1 in this example) must be the same on both sides of the connection.
Page 568: Configuring Hdlc Layer 2 Services
JUNOSe 11.0.x BGP and MPLS Configuration Guide OutDiscards: 1 interface(s) found host2#show atm subinterface atm 4/0.101 Circuit Interface Interface ATM-Prot VCD VPI VCI Type Encap MTU Status Type --------- -------- --- --- --- ------- ----- ---- -------------- --------- ATM 4/0.101 ATM/MPLS 101 0 101 PVC AAL0 9180 lowerLayerDown Static...
Page 569 Chapter 7: Configuring Layer 2 Services over MPLS Use one of the following methods to create the HDLC layer 2 circuit over MPLS: Use the mpls-relay or route interface command without the relay-format ppp keywords. This command causes the router to signal VC-type HDLC on the LDP session and use HDLC encapsulation.
Page 570 JUNOSe 11.0.x BGP and MPLS Configuration Guide Local Cross-Connects on page 514 Related Topics For more information about policies and MPLS layer 2 circuits, see Managing Policies on the E Series Router, Creating or Modifying Classifier Control Lists for MPLS Policy Lists, and Creating Policy Lists for MPLS in the JUNOSe Policy Management Configuration Guide interface pos interface serial...
Page 571 Chapter 7: Configuring Layer 2 Services over MPLS In this example, the router advertises a single label, 53, to the remote peer, 10.9.1.3, and receives a single label, 55, from the peer, resulting in the following forwarding table: host1:# show mpls forwarding brief Platform label space In Label Owner...
Page 572: Figure 120: Ce-Side Load-Balancing Topology
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring Load-Balancing Groups Load-balancing groups are a legacy method of configuring CE-side load balancing. It was the only method available before Release 7.1.0. Load-balancing groups enable you to configure attributes for a group that are inherited by the member shim interfaces (Figure 120 on page 536).
Page 573 Chapter 7: Configuring Layer 2 Services over MPLS You configure each circuit for VLAN or S-VLAN subinterfaces that you create across a set of candidate Ethernet ports. The router distributes traffic from the core through the candidate ports used by the load-balancing group. If a port is disabled, traffic is redistributed to a working port.
Page 574: Figure 121: Sample Frame Relay Over Mpls Configuration
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-mpls-l2-group)#no member interface fast 13/0.2 host1()#interface fast 13/0.2 host1(config-subif)#no mpls-relay member interface Related Topics mpls l2transport load-balancing-group Frame Relay over MPLS Configuration Example The script provided in this section is one way to configure Frame Relay services over MPLS.
Page 575 Chapter 7: Configuring Layer 2 Services over MPLS controller t3 4/0 no shutdown clock source internal module cablelength 5 t1 1 clock source internal module t1 1/1 timeslots 1-24 speed 64 t1 2 clock source internal module t1 2/1 timeslots 1-24 speed 64 controller t3 4/1 no shutdown clock source internal module...
Page 576 JUNOSe 11.0.x BGP and MPLS Configuration Guide atm clock inter mod interface atm 2/0.1 atm pvc 1 1 11 aal5snap ip address 10.10.11.2 255.255.255.0 ip router isis mpls mpls ldp router isis net 47.0005.80FF.F800.0000.0000.0004.0000.F209.0202.00 mpls traffic-eng router-id loopback 0 mpls traffic-eng level-1 metric-style wide !-------------------------------------------------------------------------- !Create virtual router three.
Page 577: Mpls L2Vpn Tunnel Over Vlan Over Lag Configuration Example
Chapter 7: Configuring Layer 2 Services over MPLS mpls ldp interface atm 2/1.2 atm pvc 2 1 12 aal5snap ip address 10.10.12.5 255.255.255.0 ip router isis mpls mpls ldp router isis net 47.0005.80FF.F800.0000.0000.0004.0000.F209.0505.00 mpls traffic-eng router-id loopback 0 mpls traffic-eng level-1 metric-style wide !-------------------------------------------------------------------------- !Create MPLS tunnel from VR three to VR two.
Page 578: Figure 122: Mpls L2Vpn Tunnel Over Vlan Over Lag Configuration
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 122: MPLS L2VPN Tunnel over VLAN over LAG Configuration Example CE-Side MPLS L2VPN over LAG 7.7.7.7/24 11.11.11.11/32 22.22.22.22/32 7.7.7.8/24 2/1/0 2/1/1 2/1/4 2/1/5 2/1/6 2/1/7 2/1/3 2/1/2 2.0.0.1/24 2.0.0.2/24 vlan id 20 lag 1 lag 2 svlan 1 1...
Page 579 Chapter 7: Configuring Layer 2 Services over MPLS ! On PE1, configure a loopback interface, and assign an IP address and mask to ! the interface. host1:pe1(config)#interface loopback 0 host1:pe1(config-if)#ip address 11.11.11.11 255.255.255.255 ! Assign the router ID using the IP address you configured for the loopback ! interface.
Page 580: Configuration On Ce2 (Remote Ce Router)
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:pe2(config)#mpls . ! Configure PE2 to create topology-driven LSPs. Enabling LDP automatically creates ! topology-driven LSPs. host1:pe2(config)#mpls topology-driven-lsp ! On PE2, configure a loopback interface, and assign an IP address and mask to ! the interface.
Page 581: Figure 123: Mpls L2Vpn Tunnel Over Lag Configuration Example
Chapter 7: Configuring Layer 2 Services over MPLS ! Configure a virtual router CE2 host1(config)#virtual-router ce2 ! Specify a Gigabit Ethernet interface and assign VLAN as the encapsulation method. host1:ce2(config)#interface gigabitEthernet 2/1/7 host1:ce2(config-if)#encapsulation vlan ! Create a subinterface, assign an S-VLAN ID, and configure an IP address and mask to it.
Page 582 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuration on CE1 (Local CE Router) Use the following commands on the local CE router (CE1) to configure the MPLS L2VPN tunnel over LAG shown in Figure 123 on page 545. ! Configure a virtual router CE1. host1(config)#virtual-router ce1 ! Specify the interface for the LAG bundle lag 1 that groups all Ethernet physical ! interfaces between CE1 and PE1.
Page 583 Chapter 7: Configuring Layer 2 Services over MPLS ! encapsulation method, and configure another subinterface. For this subinterface, ! assign a VLAN ID, specify the encapsulation method as VLAN, configure MPLS, ! and assign an IP address and mask. Also, enable LDP and topology-driven LSP, as ! does any LDP-related command, using an implicit default profile, on this Gigabit ! Ethernet subinterface.
Page 584 JUNOSe 11.0.x BGP and MPLS Configuration Guide ! Create another Gigabit Ethernet subinterface on the main interface. For this ! interface, assign a VLAN ID, specify the encapsulation method as VLAN, configure ! MPLS, and assign an IP address and mask. Also, enable LDP and topology-driven ! LSP, as does any LDP-related command, using an implicit default profile, on this ! Gigabit Ethernet subinterface.
Page 585: Figure 124: Mpls L2Vpn Tunnel Over Lag Configuration Example
Chapter 7: Configuring Layer 2 Services over MPLS PE devices and the configuration of the S-VLAN subinterface on CE-facing devices, a device in the Maritni circuit can be either S-VLAN-aware or S-VLAN-unaware. Figure 124 on page 549 shows a Martini circuit deployment in which the CE-side devices on either side of the network send and receive Ethernet frames.
Page 586: Figure 125: Ethernet Packet Distribution Over Martini Circuits
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 67 on page 550 describes the different scenarios in which the Martini circuit configuration is supported, when Ethernet raw mode encapsulation is configured on the S-VLAN interfaces. Table 67: Martini Circuit Scenarios with Ethernet Raw Mode Whether scenario is MPLS network supported, when raw...
Page 587 Chapter 7: Configuring Layer 2 Services over MPLS 10G LMs, ES2 10G Uplink LMs, and ES2 10G ADV LMs. At point B, the MPLS encapsulation header is added to the packet and the egress line module forwards it to the MPLS network. This functionality is the same for both ES2 4G, ES2 10G, ES2 10G Uplink, and ES2 10G ADV LMs.
Page 588: Figure 126: Martini Circuit With Two Pseudowires Between Pe-Facing
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config-if)#svlan ethertype 8100 The following are the limitations in this setup when the user at the CE-side tags all the packets from the CE-side, including C-VLAN tagged or untagged packets, with an S-VLAN ID to identify a particular user: If the S-VLAN Ethertype is 0x8100, then you must create two sub-interfaces, one for the double-tagged packets, and the other for single-tagged packets to process both these types of packets.
Page 589 Chapter 7: Configuring Layer 2 Services over MPLS host1(config-if)#vlan id X If you configure such a setting, the set of commands that is configured first takes precedence. Consider the following two cases with this configuration: Case 1: Assume that svlan id X any 8100 is configured on the subinterface. In this case, all packets with the outer tag as X and Ethertype as 8100 are matched to the sub-interface.
Page 590: Figure 127: Martini Circuit Deployment For Transmission Of Multiple Atm Vcs Over A Single Pseudowire
JUNOSe 11.0.x BGP and MPLS Configuration Guide Multiple ATM Virtual Circuits over a Single Pseudowire Example Figure 127 on page 554 shows a Martini circuit deployment in which the CE-side devices on either side of the network send and receive ATM cells. An MPLS tunnel that connects two E Series provider edge routers, PE1 and PE2, and ATM cross-connects provide a pseudowire between the ATM VCs on the two routers.
Page 591 Chapter 7: Configuring Layer 2 Services over MPLS NOTE: The support for multiple VCs over a single pseudowire uses the the ATM n-to-one VCC cell transport (0x0009) pseudowire (PW) type in LDP signalling messages. This PW type is also used in the signaling messages by the ATM Martini circuit feature, which enables cell relay encapsulation on an ATM subinterface, that transports ATM cells associated with an ATM subinterface on a single pseudowire.
Page 592 JUNOSe 11.0.x BGP and MPLS Configuration Guide Multiple ATM Virtual Circuits over a Single Pseudowire Example...
Page 593: Chapter 8 Monitoring Layer 2 Services Over Mpls
Chapter 8 Monitoring Layer 2 Services over MPLS This chapter describes the commands you can use to monitor and troubleshoot layer 2 services over MPLS on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 594: Table 68: Show Atm Mcpt-Timers Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide To set a statistics baseline for layer 2 services over MPLS: Issue the baseline mpls interface command: host1#baseline mpls interface There is no no version. baseline mpls interface Related Topics Monitoring ATM Martini Cell Packing Timers for Layer 2 Services over MPLS Display the current systemwide values configured on the router for the three ATM Purpose Martini cell packing timers.
Page 595: Table 69: Show Atm Subinterface Output Fields
Chapter 8: Monitoring Layer 2 Services over MPLS To display the current state of all ATM subinterfaces: Action host1#show atm subinterface Interface ATM-Prot VCD VPI VCI Type Encap MTU Status Address ----------- -------- --- --- --- ---- ----- ---- ------ ------- ATM 2/0.100 ATM/MPLS 100 0 100 PVC AAL0...
Page 596: Table 70: Show Mpls Cross-Connects Atm Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide NOTE: For ATM over MPLS interfaces, the ATM-Prot field displays ATM/MPLS. show atm subinterface Related Topics Monitoring ATM Cross-Connects for Layer 2 Services over MPLS Display all ATM cross-connects (passthrough connections between local subinterfaces). Purpose To display ATM cross-connects: Action...
Page 597: Monitoring Mpls Forwarding For Layer 2 Services Over Mpls
Chapter 8: Monitoring Layer 2 Services over MPLS show mpls cross-connects atm Related Topics Monitoring MPLS Forwarding for Layer 2 Services over MPLS Display configuration and statistics for all label-switched paths (LSPs) or for specific Purpose LSPs configured on the label-switching router (LSR). The brief keyword displays only the the action taken for each in label.
Page 598: Table 71: Show Mpls Forwarding Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 71: show mpls forwarding Output Fields Field Name Field Description name/id Interface specifier destination Destination IP address In label Label sent to upstream neighbor for route Out label Label received from downstream neighbor for route pkts Number of packets sent across tunnel hcPkts...
Page 599 Chapter 8: Monitoring Layer 2 Services over MPLS Received: 0 packets 0 bytes 1 error 0 discards Sent: 0 packets 0 bytes 0 errors 0 discards received mtu 0 queue 0: traffic class best-effort, bound to ethernet FastEthernet2/0 Queue length 0 bytes Forwarded packets 0, bytes 0 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0...
Page 600: Table 72: Show Mpls Interface And Show Mpls L2Transport Interface Output
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 72: show mpls interface and show mpls l2transport interface Output Fields Field Name Field Description MPLS shim interface Interface specifier Remote PE address Address of the remote PE router for the layer 2 circuit Virtual circuit ID VC ID number for the interface Group ID...
Page 601 Chapter 8: Monitoring Layer 2 Services over MPLS Table 72: show mpls interface and show mpls l2transport interface Output Fields (continued) Field Name Field Description Queue length Number of bytes in the queue Forwarded packets, bytes Total number of packets and bytes forwarded by this interface Dropped committed Total number of committed packets and bytes dropped by this packets, bytes...
Page 602 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 72: show mpls interface and show mpls l2transport interface Output Fields (continued) Field Name Field Description Virtual Circuit ID VC ID number for the interface Load Balancing Group Load-balancing group associated with the layer 2 Martini transport circuit Admin state Administrative state of the interface, enabled or disabled...
Page 603: Virtual Private Lan Service
Part 4 Virtual Private LAN Service VPLS Overview on page 569 Configuring VPLS on page 583 Monitoring VPLS on page 607 Virtual Private LAN Service...
Page 604 JUNOSe 11.0.x BGP and MPLS Configuration Guide Virtual Private LAN Service...
Page 605: Chapter 9 Vpls Overview
Chapter 9 VPLS Overview This chapter describes the virtual private LAN service (VPLS), and contains the following sections: VPLS Overview on page 569 VPLS Components on page 570 VPLS and Transparent Bridging on page 571 BGP Signaling for VPLS on page 573 LDP Signaling for VPLS on page 573 BGP Multihoming for VPLS on page 574 VPLS Supported Features on page 579...
Page 606: Figure 128: Vpls Sample Topology
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 128 on page 570 illustrates an example of a simple VPLS topology. The basic topology of a VPLS network is the same regardless of whether BGP signaling or LDP signaling is used. Figure 128: VPLS Sample Topology BGP Signaling for VPLS on page 573 Related Topics...
Page 607 Chapter 9: VPLS Overview Figure 128 on page 570depicts two VPLS domains: VPLS A and VPLS B. The VPLS A domain connects Customer A’s Boston and Chicago offices, and consists of provider edge routers PE 1 and PE 2, each of which runs a VPLS instance named vplsA. Similarly, the VPLS B domain connects Customer B’s Boston and Chicago offices, and consists of provider edge routers PE 1 and PE 2, each of which also runs a VPLS instance named vplsB.
Page 608: Table 73: Vpls Forwarding Table On Pe 1 For Vpls A
JUNOSe 11.0.x BGP and MPLS Configuration Guide effect, a VPLS instance is a new or existing bridge group that has additional VPLS attributes configured. A bridge group is a collection of bridge interfaces stacked on Ethernet layer 2 interfaces to form a broadcast domain. Similarly, a VPLS instance is a collection of network interfaces stacked on Ethernet layer 2 interfaces that transmits packets between the router, or VE device, and the CE device located at the edge of the customer’s network.
Page 609: Table 76: Vpls Forwarding Table On Pe 2 For Vpls B
Chapter 9: VPLS Overview Table 76: VPLS Forwarding Table on PE 2 for VPLS B Interface MAC Address Outgoing Label Received Label Bridged Ethernet 2/0.21 4b4b.4b4b.4b4b – – VPLS virtual core interface 2b2b.2b2b.2b2b BGP Signaling for VPLS BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP/MPLS VPNs, which are sometimes known as RFC 2547bis VPNs.
Page 610 JUNOSe 11.0.x BGP and MPLS Configuration Guide for a local PE router is equal to the total number of other PE routers that participate in the VPLS instances configured on the local PE router. As is the case with Martini encapsulation for Ethernet layer 2 services over MPLS, a targeted session to a remote PE router can have many pseudowires that terminate at the same remote PE router.
Page 611 Chapter 9: VPLS Overview When a CE device connects to multiple PE routers, each of these routers advertises reachability for the multihomed site routes that have the same site ID in the layer2 NLRI. The other PE routers in the network use a BGP path selection process to select only one of the advertising routers to which they send traffic destined for the CE device.
Page 612 JUNOSe 11.0.x BGP and MPLS Configuration Guide The layer 2 multihoming decision process is run only in the non-core VPLS (or VPWS) layer 2 unicast address families. This second decision process treats prefixes with the same site ID but different RDs as a single prefix. When the PE router receives a layer 2 BGP advertisement that has the down bit set, inbound policy sets the local preference attribute to zero.
Page 613 Chapter 9: VPLS Overview The result of this process is the best path to the multihomed customer site through each PE router connected to the site. One best path is selected for each router. The process establishes whether the route advertised by each PE router is suitable for advertising to peer routers.
Page 614 JUNOSe 11.0.x BGP and MPLS Configuration Guide up pseudowires to and from the new designated VE device and tears down the pseudowires to and from the previous designated VE device. If this PE router does not select a best path after running the process, then the local PE router does not consider the remote site to exist.
Page 615 Chapter 9: VPLS Overview To modify their pseudowires, the peer routers correct their MPLS forwarding tables and set up new entries in their pseudowire tables. VPLS Supported Features The JUNOSe implementation of VPLS provides the following features: Single-level VPLS hierarchy within a single autonomous system (AS) using MPLS tunneling technology for the core Support for the following types of network interfaces between the PE router and the CE device:...
Page 616 JUNOSe 11.0.x BGP and MPLS Configuration Guide For information about the modules that support VPLS network interfaces and VPLS virtual core interfaces on ERX14xx models, ERX7xx models, and ERX310 Braoadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications.
Page 617 Chapter 9: VPLS Overview JUNOSe Release Notes, Appendix A, System Maximums Refer to the Release Notes corresponding to your software release for information about the maximum values supported for VPLS configuration. RFC 3036 LDP Specification (January 2001) RFC 4447 Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) (April 2006) RFC 4762 Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling (January 2007)
Page 618 JUNOSe 11.0.x BGP and MPLS Configuration Guide VPLS References...
Page 619: Chapter 10 Configuring Vpls
Chapter 10 Configuring VPLS This chapter describes how to configure the virtual private LAN service (VPLS) on the router, and contains the following sections: Before You Configure VPLS on page 583 Configuration Tasks for VPLS with BGP Signaling on page 584 Configuring VPLS Instances with BGP Signaling on page 584 Configuring BGP Multihoming for VPLS on page 587 Configuring Optional Attributes for VPLS Instances on page 587...
Page 620: Table 77: Commands To Configure Basic Vpls Instances
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuration Tasks for VPLS with BGP Signaling To configure VPLS with BGP signaling on the PE router: Configure a single instance of VPLS, known as a VPLS instance, on the PE router for each VPLS domain in which the router participates. (Optional) Configure BGP multihoming for the customer site.
Page 621 Chapter 10: Configuring VPLS Table 77: Commands to Configure Basic VPLS Instances (continued) bridge vpls site-name site-id To configure a basic VPLS instance with BGP signaling on the PE router: From Global Configuration mode, create the VPLS instance by specifying the transport virtual router for this instance.
Page 622 JUNOSe 11.0.x BGP and MPLS Configuration Guide Create or add a route target to the import and export lists of VPN extended communities for this VPLS instance. host1(config)#bridge customer1 vpls route-target both 100:1 The PE router uses the lists of VPN extended communities to determine which routes are imported by this VPLS instance.
Page 623 Chapter 10: Configuring VPLS Configuring BGP Multihoming for VPLS You can configure BGP multihoming in the VPLS network to provide redundancy in the event of failures such as a PE router-to-CE device link failure, the failure of a PE router, or an MPLS reachability failure between the local PE router and a remote PE router.
Page 624 JUNOSe 11.0.x BGP and MPLS Configuration Guide In this example, the VPLS instance forwards frames destined for the node with MAC address 0090.1a40.4c7c out the specified Gigabit Ethernet interface host1(config)#bridge vplsA address 0090.1a40.4c7c forward gigabitEthernet 3/0.1 In this example, the VPLS instance drops frames sent from or destined for the node with MAC address 1011.22b2.333c host1(config)#bridge vplsB address 1011.22b2.333c discard (Optional) Set the length of time that a dynamic (learned) MAC address entry...
Page 625 Chapter 10: Configuring VPLS 10-Gigabit Ethernet VLAN and S-VLAN subinterfaces over bridged Ethernet, Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet interfaces The requirements and procedures for network interfaces are the same whether you employ BGP or LDP signaling for VPLS. To configure a network interface for a VPLS instance: From Global Configuration mode, select the interface that you want to assign to the VPLS instance.
Page 626: Table 78: Default Subscriber Policies For Vpls Network Interfaces
JUNOSe 11.0.x BGP and MPLS Configuration Guide requirements and procedures for subscriber policies are the same whether you employ BGP or LDP signaling for VPLS. Network Interface Types VPLS instances, like bridge groups, support two types of network interfaces: Subscriber (client) A subscriber (client) interface is downstream from the traffic flow;...
Page 627: Table 79: Commands To Configure Subscriber Policies
Chapter 10: Configuring VPLS Table 78: Default Subscriber Policies for VPLS Network Interfaces (continued) Packet/Attribute Type Default Subscriber Policy Default Trunk Policy Relearn Permit Permit Unicast (user-to-user) Permit Permit Unknown unicast DA Deny Permit Unknown protocol Permit Permit Modifying Subscriber Policies For a network interface configured as a subscriber (client) interface, you can modify the default subscriber policy to change the default permit or deny value for one or more of the packet or attribute types listed in Table 78 on page 590.
Page 628 JUNOSe 11.0.x BGP and MPLS Configuration Guide interface with a VPLS instance named vplsBoston, and configure the interface as a trunk. host1(config)#interface tenGigabitEthernet 4/0/1 host1(config-if)#bridge-group vplsBoston subscriber-trunk If you configure a VPLS network interface as a subscriber (client) interface, use care if you modify the default subscriber policy in effect for that interface.
Page 629 Chapter 10: Configuring VPLS Configuration Tasks for VPLS with BGP Signaling on page 584 Related Topics interface loopback ip address ip router-id Configuring MPLS LSPs for VPLS As part of a VPLS configuration, you must create MPLS label-switched paths (LSPs) to connect the local PE router and the remote PE router through the provider (P) router in the MPLS core.
Page 630: Table 80: Commands To Configure Bgp Signaling For Vpls
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring BGP Signaling for VPLS This section describes one way to configure BGP signaling for VPLS, but does not provide complete details about configuring BGP and BGP/MPLS VPNs. Table 80 on page 594 lists the commands discussed in this section to configure BGP signaling for VPLS.
Page 631 Chapter 10: Configuring VPLS host1(config-router-af)#neighbor 10.4.4.4 activate Use neighbor commands to configure additional address family parameters for the session, then exit the address family. This example configures only the next-hop-self attribute, forcing the BGP speaker to report itself as the next hop for an advertised route that it learned from a neighbor.
Page 632: Figure 129: Topology For Vpls Configuration Example With Bgp
JUNOSe 11.0.x BGP and MPLS Configuration Guide Figure 129: Topology for VPLS Configuration Example with BGP Signaling Topology Overview of VPLS with BGP Signaling The sample topology in Figure 129 on page 596 includes two VPLS domains, VPLS A and VPLS B. VPLS A connects CE 1, at the edge of Customer A’s Boston site, with CE 3, at the edge of Customer A’s Chicago site.
Page 633 Chapter 10: Configuring VPLS Configuration on PE 1 (Local PE Router) Use the following commands on the local PE router (PE 1) to configure the VPLS topology shown in Figure 129 on page 596. ! Configure VPLS instance vplsA. host1(config)#bridge vplsA vpls transport-virtual-router default host1(config)#bridge vplsA vpls site-range 10 host1(config)#bridge vplsA vpls site-name boston site-id 1 host1(config)#bridge vplsA vpls rd 100:11...
Page 634 JUNOSe 11.0.x BGP and MPLS Configuration Guide ! Configure BGP signaling. host1(config)#router bgp 100 host1(config-router)#neighbor 10.2.2.2 remote-as 100 host1(config-router)#neighbor 10.2.2.2 update-source loopback 0 host1(config-router)#neighbor 10.2.2.2 next-hop-self host1(config-router)#address-family l2vpn signaling host1(config-router-af)#neighbor 10.2.2.2 activate host1(config-router-af)#neighbor 10.2.2.2 next-hop-self host1(config-router-af)#exit-address-family host1(config-router)#address-family vpls vplsA host1(config-router-af)#exit-address-family host1(config-router)#address-family vpls vplsB host1(config-router-af)#exit-address-family host1(config-router)#exit...
Page 635 Chapter 10: Configuring VPLS ! Assign the router ID for PE 2 using the IP address of the loopback interface. host2(config)#ip router-id 10.2.2.2 ! Enable MPLS on the default virtual router. host2(config)#mpls ! Configure ATM core-facing interface 3/1.100 between PE 2 and the P router, ! and assign it an IP address.
Page 636 JUNOSe 11.0.x BGP and MPLS Configuration Guide Configure a loopback interface to be associated with the targeted LDP neighbor, and assign a router ID that uses the IP address of the loopback interface. For instructions, see “Configuring the Loopback Interface and Router ID for VPLS” on page 592.
Page 637: Table 81: Commands To Configure Ldp Signaling For Vpls
Chapter 10: Configuring VPLS Configuration Tasks for VPLS with LDP Signaling on page 599 Related Topics bridge vpls transport-virtual-router Configuring LDP Signaling for VPLS LDP signaling establishes targeted sessions to the remote VEs configured at the edge of the service provider’s MPLS core network. To enable LDP to establish these targeted sessions, you issue the mpls ldp vpls-id command to configure a VPLS identifier for the VPLS instance, and the mpls ldp vpls neighbor command to configure a list of neighbor (peer) addresses to which LDP can send or from which LDP can receive...
Page 638: Table 82: Commands To Configure Ospf For A Vpls Network
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configuring Routing in the Core Network for VPLS After you configure the transparent bridging, LDP, and MPLS components of the VPLS network, you must configure an IGP, such as OSPF or IS-IS, on the PE router to set up routing within the core MPLS network.
Page 639: Figure 130: Topology For Vpls Configuration Example With Ldp
Chapter 10: Configuring VPLS Figure 130: Topology for VPLS Configuration Example with LDP Signaling PE 1 PE 2 De fault vi rtual route r De fault vi rtual route r Topology Overview of VPLS with LDP Signaling Because the basic components of a VPLS network are the same regardless of whether BGP signaling or LDP signaling is used, the sample topology shown for LDP signaling in Figure 130 on page 603 is almost identical to the sample topology shown for BGP signaling in Figure 129 on page 596.
Page 640 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config)#bridge vplsA vpls transport-virtual-router default ! Configure VPLS instance vplsB. host1(config)#bridge vplsB vpls transport-virtual-router default ! Configure Fast Ethernet interface 2/1 between PE 1 and CE 1, ! and assign it to vplsA as a trunk interface. host1(config)#interface fastEthernet 2/1 host1(config-if)#bridge-group vplsA subscriber-trunk host1(config-if)#exit...
Page 641 Chapter 10: Configuring VPLS ! Configure VPLS instance vplsA. host2(config)#bridge vplsA vpls transport-virtual-router default ! Configure VPLS instance vplsB. host2(config)#bridge vplsB vpls transport-virtual-router default ! Configure Fast Ethernet interface 2/5 between PE 2 and CE 3, ! and assign it to vplsA as a trunk interface. host2(config)#interface fastEthernet 2/5 host2(config-if)#bridge-group vplsA subscriber-trunk host2(config-if)#exit...
Page 642 JUNOSe 11.0.x BGP and MPLS Configuration Guide VPLS Configuration Example with LDP Signaling...
Page 643: Chapter 11 Monitoring Vpls
Chapter 11 Monitoring VPLS This chapter describes the commands you can use to monitor and troubleshoot the virtual private LAN service (VPLS) on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 644 JUNOSe 11.0.x BGP and MPLS Configuration Guide Setting a Baseline for VPLS Statistics You can use the following baseline commands to set a statistics baseline for a VPLS instance, for a network interface associated with a VPLS instance, or for the VPLS virtual core interface associated with a VPLS instance.
Page 645 Chapter 11: Monitoring VPLS baseline bridge interface baseline bridge interface vpls Clearing Dynamic MAC Addresses from the VPLS Forwarding Table You can use the following clear commands to remove all dynamic (learned) MAC address entries or a specific dynamic MAC address entry from the forwarding table for a VPLS instance.
Page 646 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1#clear bridge interface atm 3/3.2 There is no no version. Clearing All Dynamic MAC Addresses for the VPLS Virtual Core Interface Associated with A VPLS Instance To clear all dynamic MAC address entries for the VPLS virtual core interface associated with a VPLS instance: Issue the clear bridge interface vpls command.
Page 647: Table 83: Commands For Monitoring Vpls Bridging Settings
Chapter 11: Monitoring VPLS There is no no version. Clearing BGP Route Flap Dampening Information for the VPWS Address Family To clear route flap dampening information for the VPLS address family associated with the specified VPLS instance: Issue the clear ip bgp dampening command. host1#clear ip bgp vpls vplsA dampening There is no no version.
Page 648 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance on Related Topics page 612 Monitoring VPLS Configuration and Statistics for all VPLS Instances on page 614 Monitoring Configuration, Statistics, and Status for VPLS Network Interfaces on page 616 Monitoring Configuration, Statistics, and Status for VPLS Core Interfaces on page 619...
Page 649: Table 84: Show Bridge Output Fields
Chapter 11: Monitoring VPLS Table 84: show bridge Output Fields Field Name Field Description BridgeGroup Name of the VPLS instance for which information is displayed Bridge Mode Bridging capability currently enabled; for a VPLS instance, this field always displays default Aging Time Length of time, in seconds, that a MAC address entry can remain in the forwarding table before expiring...
Page 650: Monitoring Vpls Configuration And Statistics For All Vpls Instances
JUNOSe 11.0.x BGP and MPLS Configuration Guide show bridge Related Topics Monitoring VPLS Configuration and Statistics for all VPLS Instances Display configuration and statistics information for all VPLS instances configured on Purpose the router. To display the names of all VPLS instances configured on the router: Action host1#show bridge groups BridgeGroup: vplsA(vpls)
Page 651: Table 85: Show Bridge Groups Details Output Fields
Chapter 11: Monitoring VPLS SiteRange: VPLS Route Targets No Route Targets configured Flood Next Hop: Index 1048578 Table 85 on page 615 lists the show bridge group details command output fields. Meaning Table 85: show bridge groups details Output Fields Field Name Field Description BridgeGroup...
Page 652 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 85: show bridge groups details Output Fields (continued) Field Name Field Description Flood Next Hop Index of the MPLS next hop to which the router floods packets with unknown destination addresses. For more information about displaying MPLS next hops and any available next-hop statistics, see “Monitoring MPLS Next Hops”...
Page 653: Table 86: Show Bridge Interface Output Fields
Chapter 11: Monitoring VPLS Operational Status: Up Admin Status: Up Snmp Link Status Trap: Disabled Max Learn: Unlimited Subscriber Policy: samplepolicy Statistics: In Octets: 3770 In Frames: In Discards: In Errors: Out Octets: 3682 Out Frames: Out Discards: 0 Out Errors: Time since counters last reset: 01:07:08 queue 0: traffic class best-effort, bound to bridge FastEthernet1/1.1 Queue length 0 bytes...
Page 654 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 86: show bridge interface Output Fields (continued) Field Name Field Description Operational Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent Admin Status State of the physical interface: Up, Down Snmp Link Status Trap Whether SNMP link status processing is enabled or disabled for the specified interface...
Page 655: Table 87: Show Bridge Interface Output Fields
Chapter 11: Monitoring VPLS Table 87: show bridge interface Output Fields Field Name Field Description Interface Interface type and specifier associated with the port Port Port number on which this interface resides Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent show bridge interface Related Topics...
Page 656 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 88: show bridge interface vpls Output Fields (continued) Field Name Field Description Operational Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent Admin Status State of the physical interface: Up, Down Snmp Link Status Trap Whether SNMP link status processing is enabled or disabled for the specified interface...
Page 657: Monitoring Configuration, Statistics, And Status For Vpls Ports
Chapter 11: Monitoring VPLS show bridge interface vpls Related Topics Monitoring Configuration, Statistics, and Status for VPLS Ports Display configuration, statistics, and status information for ports (interfaces) associated Purpose with a VPLS instance. To display information for VPLS ports: Action host1#show bridge vplsC port FastEthernet1/1.1 Port Number: 1...
Page 658: Table 89: Show Bridge Port Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1#show bridge vplsTest port brief Port Interface Status ------ ------------------------- ------------ FastEthernet1/1.1 ATM10/1.1.1 vpls vplsTest Table 89 on page 622 lists the show bridge port command output fields. Meaning Table 89: show bridge port Output Fields Field Name Field Description BridgeGroup...
Page 659: Table 90: Show Bridge Port Brief Output Fields
Chapter 11: Monitoring VPLS Table 89: show bridge port Output Fields (continued) Field Name Field Description Dropped committed Number of committed packets and bytes that were dropped packets, bytes Dropped conformed Number of conformed packets and bytes that were dropped packets, bytes Dropped exceeded Number of exceeded packets and bytes that were dropped...
Page 660: Table 91: Show Bridge Table Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 91: show bridge table Output Fields Field Name Field Description Bridge Name of the VPLS instance for which the MAC address table is displayed Address MAC address of the entry Action Specifies how the VPLS instance handles this entry: forward or discard Interface Interface type and specifier on which the entry is forwarded;...
Page 661: Table 92: Show Subscriber-Policy Output Fields
Chapter 11: Monitoring VPLS Unicast : Permit PPPoE : Permit Relearn : Permit Mpls : Permit Subscriber: default Trunk : Permit Broadcast : Permit Multicast : Permit Unknown Destination : Permit : Permit Unknown Protocol : Permit Unicast : Permit PPPoE : Permit Relearn...
Page 662: Table 93: Commands For Monitoring Vpls Bgp Settings
JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 93: Commands for Monitoring VPLS BGP Settings show ip bgp show ip bgp neighbors paths show ip bgp advertised-routes show ip bgp neighbors received-routes show ip bgp community show ip bgp neighbors routes show ip bgp community-list show ip bgp network show ip bgp dampened-paths...
Page 663 Chapter 11: Monitoring VPLS 4 routes (264 bytes) 4 destinations (288 bytes) of which 4 have a route 0 routes selected for route tables installation 0 unicast/multicast routes selected for route table installation 0 unicast/multicast tunnel-usable routes selected for route table installation 0 tunnel-only routes selected for tunnel-route table installation 4 path attribute entries (608 bytes) Local-RIB version 11.
Page 664: Table 94: Show Ip Bgp L2Vpn Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1#show ip bgp l2vpn vpls customer1 site-id 2 block-offset 1 BGP route information for prefix 2:1 Received route learned from internal peer 2.2.2.2 (best route) Leaked route Route placed in IP forwarding table Best to advertise to external peers Address Family Identifier (AFI) is layer2 Subsequent Address Family Identifier (SAFI) is unicast...
Page 665: Monitoring Bgp Next Hops For Vpls
Chapter 11: Monitoring VPLS Table 94: show ip bgp l2vpn Output Fields (continued) Field Name Field Description Status codes Status codes for the route, listed before the Prefix: > best route * invalid route s suppressed route d dampened route r rejected route a auto-summarized route m multihomed backup route;...
Page 666: Table 95: Show Ip Bgp Next-Hops Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Resolution in IP route table of VR IP indirect next-hop index 2 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop ATM2/0.10 (10.10.10.2) Resolution in IP tunnel-route table of VR MPLS indirect next-hop index 19 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop 0000000c...
Page 667: Table 96: Show Ldp Vpls Output Fields
Chapter 11: Monitoring VPLS To display information for all VPLS instances configured on the virtual router: Action host1:ve1#show ldp vpls Vpls Vpls Remote Instance In-label Out-label -------- ---- ------- -------- --------- vpls1 2.2.2.2 vpls2 2.2.2.2 Table 96 on page 631 lists the show ldp vpls command output fields. Meaning Table 96: show ldp vpls Output Fields Field Name...
Page 668: Table 97: Show Mpls Forwarding Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1:ve1#show mpls forwarding brief In-label Owner Action -------- ----- ---------------------------------- Forward to bridge-group customer1 Forward to bridge-group customer2 Table 97 on page 632 lists the show mpls forwarding command output fields. Meaning Table 97: show mpls forwarding Output Fields Field Name Field Description In label...
Page 669 Chapter 11: Monitoring VPLS Multihomed priority: Connections status code: UP = Operational SC = Local and Remote Site Identifier Collision EM = Encapsulation Mismatch OR = Out of Range DN = VC Down because Remote PE Unreachable LD = Local Site Down RD = Remote Site Down AS = Max BGP AS path length exceeded OL = No Out Label...
Page 670: Table 98: Show Vpls Connections Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Learning: Enabled Max Learn: Unlimited Link Status Snmp Traps: Disabled Subscriber Policy: default Subscriber Port Count: Interface Count: Transport Virtual Rtr: Route Distinguisher: 1.1.1.1:10 SiteName: westford SiteId: SiteRange: VPLS Route Targets Route Target: RT:100:2 (both) Flood Next Hop: Index 1048578 MPLS next-hop: 21, label 56, resolved by MPLS next-hop 19 MPLS next-hop: 19, resolved by MPLS next-hop 17, peer 2.2.2.2...
Page 671 Chapter 11: Monitoring VPLS Table 98: show vpls connections Output Fields (continued) Field Name Field Description Port Count Number of ports currently configured for the VPLS instance, including network interfaces and the VPLS virtual core interface Interface Count Number of network interfaces currently configured for the VPLS instance Transport Virtual Rtr Name of the transport virtual router configured for the VPLS...
Page 672 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 98: show vpls connections Output Fields (continued) Field Name Field Description Remote PE IP address of the remote VPLS edge (VE) router, which is analogous to the remote provider edge (PE) router in a BGP/MPLS VPN configuration In-label Incoming MPLS label from the remote site...
Page 673: Virtual Private Wire Service
Part 5 Virtual Private Wire Service VPWS Overview on page 639 Configuring VPWS on page 651 Monitoring VPWS on page 665 Virtual Private Wire Service...
Page 674 JUNOSe 11.0.x BGP and MPLS Configuration Guide Virtual Private Wire Service...
Page 675: Chapter 12 Vpws Overview
Chapter 12 VPWS Overview This chapter describes virtual private wire service (VPWS) L2VPNs, and contains the following sections: VPWS Overview on page 639 BGP Signaling for L2VPNs on page 641 VPWS Components on page 642 VPWS and BGP/MPLS VPNs on page 643 BGP Multihoming for VPWS on page 644 VPWS Supported Features on page 649 VPWS Platform Considerations on page 649...
Page 676: Figure 131: Vpws Sample Topology
JUNOSe 11.0.x BGP and MPLS Configuration Guide VPWS provides the same services as layer 2 over MPLS except for CE-side load-balancing. The main differences between the VPWS and L2 over MPLS services are signaling, autodiscovery, and configuration. A VPWS L2VPN can have either a full-mesh or a hub-and-spoke topology. The tunneling mechanism in the core network typically is MPLS.
Page 677: Table 99: Components Of Vpws Nlri
Chapter 12: VPWS Overview to two different sites configured in the same VPWS instance and on the same PE router. BGP advertises reachability for the VPNs. The BGP configuration is similar to that used for other VPN services, such as layer 3 VPNs and VPLS. MPLS is configured to set up base LSPs to the remote PE routers similarly to the other VPN services.
Page 678: Figure 132: Vpws Components
JUNOSe 11.0.x BGP and MPLS Configuration Guide The VPWS NLRIs must be accompanied by a route-target extended community. PE routers that receive VPN information can filter route advertisements with the route target import lists and export lists. This route filtering enables the PE routers to control CE-to-CE connectivity or full-mesh, hub-and-spoke, and overlapping VPNs as is done in L3VPNs.
Page 679 Chapter 12: VPWS Overview provider core, also known as an MPLS backbone. Each VPWS L2VPN consists of the set of provider edge routers running the corresponding VPWS instance. To provide connectivity for the L2VPN, BGP builds pseudowires between the VPWS instances on the provider edge routers participating in a particular VPWS L2VPN point-to-point connection.
Page 680 JUNOSe 11.0.x BGP and MPLS Configuration Guide The procedures for configuring BGP signaling for BGP/MPLS VPNs and for VPWS L2VPNs are similar except that for VPWS L2VPNs you must configure both of the following address families: L2VPN The L2VPN address family enables you to configure the PE router for VPWS (or VPLS) L2VPNs to exchange layer 2 network layer reachability information (NLRI) for all VPWS (or VPLS) instances.
Page 681 Chapter 12: VPWS Overview You configure the same site ID (sometimes referred to as a VE ID) on these connected PE routers. Each of these routers then advertises reachability for the multihomed site; the VPWS NLRI contains the site ID. The site ID shared by the connected PE routers should be different than the site IDs configured on the remote PE routers in the VPWS network;...
Page 682 JUNOSe 11.0.x BGP and MPLS Configuration Guide to all other RR clients even though only one of these routes is used to trigger the VPWS pseudowire to the multihomed site. Selecting the Designated VE Device for a Multihomed Site BGP on each PE router in the VPWS network determines the best path to the multihomed site by comparing path attributes.
Page 683 Chapter 12: VPWS Overview locally-originated route. These PE router also receive the advertisements from the other connected PE routers. If the multihoming selection process preferred local origination, each of these routers would select itself as the best path. The process does not consider IGP cost in order to prevent improperly designated VE device selection by the remote PE routers.
Page 684 JUNOSe 11.0.x BGP and MPLS Configuration Guide up pseudowires to and from the new designated VE device and tears down the pseudowires to and from the previous designated VE device. If this PE router does not select a best path after running the process, then the local PE router does not consider the remote site to exist.
Page 685 Chapter 12: VPWS Overview To modify their pseudowires, the peer routers correct their MPLS forwarding tables and set up new entries in their pseudowire tables. VPWS Supported Features The JUNOSe software implementation of VPWS provides the following features: Support for the following types of network interfaces between the PE router and the CE device: ATM with ATM Adaptation Layer 5 (AAL5) encapsulation ATM with virtual channel connection (VCC) cell relay encapsulation...
Page 686 JUNOSe 11.0.x BGP and MPLS Configuration Guide See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support VPWS network interfaces and VPWS virtual core interfaces. Interface Specifiers The configuration task examples in this chapter use the slot/port[.subinterface ] format to specify the physical interface on which to configure an VPWS L2VPN network interface.
Page 687: Chapter 13 Configuring Vpws
Chapter 13 Configuring VPWS This chapter describes how to configure virtual private wire service (VPWS) L2VPNs on the router, and contains the following sections: Before You Configure VPWS on page 651 VPWS Configuration Tasks on page 652 Configuring a VPWS Instance on page 653 Configuring BGP Multihoming for VPWS on page 655 Configuring Customer-Facing Interfaces in the VPWS Instance on page 655 Configuring a Local Cross-Connect for VPWS on page 656...
Page 688 JUNOSe 11.0.x BGP and MPLS Configuration Guide VPWS Configuration Tasks To configure a PE router to provide VPWS: Configure an VPWS instance. a. Configure the encapsulation type and create an VPWS instance on the PE router for each VPWS in which the router participates. b.
Page 689: Table 100: Commands To Configure Basic Vpws Instances
Chapter 13: Configuring VPWS d. Activate the neighbors in the L2VPN address family for the PE-to-PE BGP session. e. Create the VPWS address family to configure the router to exchange layer 2 NLRI for each VPWS instance configured on the router. Configure MPLS label-switched paths (LSPs) to connect the local and remote PE routers.
Page 690 JUNOSe 11.0.x BGP and MPLS Configuration Guide Create the VPWS instance by configuring the encapsulation type for all interfaces in the L2VPN. You must issue this command before any other l2vpn commands. host1(config)#l2vpn exampleco encapsulation-type ethernet Configure the maximum number of customer sites that can participate in the L2VPN.
Page 691 Chapter 13: Configuring VPWS Configuring BGP Multihoming for VPWS You can configure BGP multihoming in the VPWS network to provide redundancy in the event of failures such as a PE router-to-CE device link failure, the failure of a PE router, or an MPLS reachability failure between the local PE router and a remote PE router.
Page 692: Figure 133: Vpws Cross-Connects
JUNOSe 11.0.x BGP and MPLS Configuration Guide Access Interface Configuration mode for a layer 2 interface for the VPWS on the PE router. host1(config)#interface fastEthernet 4/0 Configure the local and remote site IDs on the interface to specify the interface as a member of the VPWS L2VPN.
Page 693 Chapter 13: Configuring VPWS To configure a local cross-connect between two local sites: Configure the two local sites. host1(config)#l2vpn exampleco encapsulation-type ethernet host1(config)#l2vpn exampleco site-name westford site-id 1 host1(config)#l2vpn exampleco site-name boston site-id 2 host1(config)#l2vpn exampleco site-range 10 host1(config)#l2vpn exampleco rd 100:11 host1(config)#l2vpn exampleco route-target both 100:1 Configure the correct local and remote site IDs on the two local interfaces that are being cross-connected.
Page 694: Table 101: Commands To Configure Bgp Signaling For Vpws
JUNOSe 11.0.x BGP and MPLS Configuration Guide ip address ip router-id Configuring BGP Signaling for VPWS This section describes one way to configure BGP signaling for VPWS, but does not provide complete details about configuring BGP and BGP/MPLS VPNs.. Table 101 on page 658 lists the commands used in this section to configure BGP signaling for VPWS.
Page 695 Chapter 13: Configuring VPWS Activate the neighbors with which routes of the L2VPN address family are exchanged for this PE-to-PE BGP session. Use the bgp dampening command and BGP neighbor commands to configure additional address family parameters for the session. No other commands are supported in this address family. host1(config-router-af)#neighbor 10.2.2.2 activate host1(config-router-af)#neighbor 10.2.2.2 next-hop-self Exit the address family.
Page 696: Figure 134: Topology For Vpws Configuration Example
JUNOSe 11.0.x BGP and MPLS Configuration Guide Configure the core-facing interface on which you want to enable MPLS, Label Distribution Protocol (LDP), and topology-driven LSPs. host1(config)#interface atm 5/0.100 host1(config-subif)#atm pvc 100 1 100 aal5snap 0 0 0 host1(config-subif)#ip address 192.168.5.5 255.255.255.0 Enable MPLS on the core-facing interface.
Page 697: Topology Overview
Chapter 13: Configuring VPWS Topology Overview The sample topology in Figure 134 on page 660 includes two L2VPNs, L2VPN A and L2VPN B. L2VPN A connects CE 1, at the edge of Customer A’s Boston site, with CE 3, at the edge of Customer A’s Chicago site. Similarly, L2VPN B connects CE 2, at the edge Customer B’s Boston site, with CE 4, at the edge of Customer B’s Chicago site.
Page 698 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1(config)#interface gigabitEthernet 1/1 host1(config-subif)#l2vpn l2vpnB local-site-id 2 remote-site-id 4 host1(config-if)#exit ! Configure a loopback interface on PE 1 and assign it an IP address. host1(config)#interface loopback 0 host1(config-if)#ip address 10.1.1.1 255.255.255.255 host1(config-if)#exit ! Assign the router ID for PE 1 using the IP address of the loopback interface. host1(config)#ip router-id 10.3.3.3 ! Configure BGP signaling.
Page 699 Chapter 13: Configuring VPWS ! matches the route target configured for l2vpnB on PE 1. host2(config)#l2vpn l2vpnB encapsulation-type ethernet host2(config)#l2vpn l2vpnB site-range 20 host2(config)#l2vpn l2vpnB site-name chicago site-id 4 host2(config)#l2vpn l2vpnB rd 100:12 host2(config)#l2vpn l2vpnB route-target both 100:2 host2(config)#l2vpn l2vpnB control-word host2(config)#l2vpn l2vpnB sequencing ! Configure the customer-facing interface between PE 2 and CE 3 ! in L2VPN instance l2vpnA.
Page 700 JUNOSe 11.0.x BGP and MPLS Configuration Guide ! Enable MPLS, LDP, and topology-driven LSPs on the core-facing interface. host1(config-subif)#mpls host1(config-subif)#mpls ldp host1(config-subif)#exit VPWS Configuration Example...
Page 701: Chapter 14 Monitoring Vpws
Chapter 14 Monitoring VPWS This chapter describes the commands you can use to monitor and troubleshoot Virtual Private Wire Service (VPWS) L2VPNs on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 702 JUNOSe 11.0.x BGP and MPLS Configuration Guide Clearing BGP Reachability Information for the L2VPN Address Family To clear BGP reachability information for a specific VPWS instance in the L2VPN address family: Issue the clear ip bgp command and specify l2vpn vpws vpwsName. host1#clear ip bgp l2vpn soft in To clear BGP reachability information for all VPLS and VPWS instances in the L2VPN address family:...
Page 703: Table 102: Commands For Monitoring Bgp Settings For The Vpws Address Family
Chapter 14: Monitoring VPWS Issue the clear ip bgp wait-end-of-rib command and include the l2vpn all keywords. host1#clear ip bgp l2vpn all wait-end-of-rib There is no no version. Configuring BGP Routing on page 3 Related Topics clear ip bgp clear ip bgp dampening clear ip bgp wait-end-of-rib Monitoring BGP-Related Settings for VPWS L2VPNs This section provides examples of some of the show ip bgp commands that you can...
Page 704 JUNOSe 11.0.x BGP and MPLS Configuration Guide Table 103: Commands for Monitoring BGP Settings for the VPWS Address Family (continued) show ip bgp filter-list show ip bgp regexp show ip bgp flap-statistics show ip bgp summary For more information about using the show ip bgp commands that are not described in this section, see “Configuring BGP Routing”...
Page 705 Chapter 14: Monitoring VPWS Always compare MED is disabled Compare MED within confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dampening is disabled Log neighbor changes is disabled Fast External Fallover is disabled...
Page 706: Table 104: Show Ip Bgp L2Vpn Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide Route Distinguisher (RD) is 100:23 Original Route Distinguisher (RD) is 100:23 MPLS in-label is none MPLS in-label block size is 0 MPLS out-label is 106 MPLS out-label block size is 10 Next hop IP address is 2.2.2.2 (metric 3) Multi-exit discriminator is not present Local preference is 100 Weight is 0...
Page 707: Monitoring Bgp Next Hops For Vpws L2Vpns
Chapter 14: Monitoring VPWS Table 104: show ip bgp l2vpn Output Fields (continued) Field Name Field Description Extended communities Description of the L2VPN extended communities that the router uses to determine which routes are imported by the specified VPWS instance. Includes route target, community type, encapsulation, control word and sequencing use, L2VPN link MTU.
Page 708: Table 105: Show Ip Bgp L2Vpn All Next-Hops Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide host1#show ip bgp l2vpn all next-hops 10.2.2.2 Indirect next-hop 10.2.2.2 Resolution in IP route table of VR IP indirect next-hop index 2 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop ATM2/0.10 (10.10.10.2) Resolution in IP tunnel-route table of VR MPLS indirect next-hop index 19 Reachable (metric 3)
Page 709: Monitoring Vpws Connections
Chapter 14: Monitoring VPWS show ip bgp next-hops Related Topics Monitoring VPWS Connections Display configuration and status information for VPWS L2VPN connections configured Purpose on the router. The details keyword displays detailed information about the connections. To display detailed information about connections for all VPWS instances configured Action on the router: host1:pe1# show l2vpn connections details...
Page 710 JUNOSe 11.0.x BGP and MPLS Configuration Guide Admin Oper Interface Local-Site-Id Remote-Site-Id state state ---------- ------------- -------------- ------- ----- ATM2/0.122 enabled ATM2/0.123 enabled ATM2/0.124 enabled ATM2/0.121 enabled Connections status code: UP = Operational SC = Local and Remote Site Identifier Collision EM = Encapsulation Mismatch OR = Out of Range DN = VC Down because Remote PE Unreachable...
Page 711: Table 106: Show L2Vpn Connections Output Fields
Chapter 14: Monitoring VPWS LN = Local Site not Designated RN = Remote Site not Designated Remote MPLS Up-down Site State In-label Out-label NH Idx Time ---- ----- ------- -------- --------- -------- ----------- 2.2.2.2 801024 00000014 1d 08:45:34 2.2.2.2 801028 00000014 1d 08:45:34 Table 106 on page 675 lists the show l2vpn connections command output fields.
Page 712 JUNOSe 11.0.x BGP and MPLS Configuration Guide host1#show l2vpn all L2VPN: l2vpn1 Encapsulation Type Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Site Range 10 Sites: Site Name boston Site Id 1 Route Targets: Route Target: RT:100:1 both L2VPN: l2vpn2 Encapsulation Type ATM AAL5 SDU VCC transport Use of control word is preferred...
Page 713: Table 107: Show L2Vpn Instance Output Fields
Chapter 14: Monitoring VPWS host1#show l2vpn instance l2vpn1 detail L2VPN: l2vpn1 Encapsulation Type ATM AAL5 SDU VCC transport Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Site Range 10 Sites: Site Name westford Site Id 1 Multi-homed: Site-Priority: Route Targets:...
Page 714: Table 108: Show L2Vpn Interface Output Fields
JUNOSe 11.0.x BGP and MPLS Configuration Guide show l2vpn instance Related Topics Monitoring L2VPN Interfaces for VPWS Display configuration and status information for interfaces on the router that are Purpose that are configured to be members of VPWS L2VPNs in the current VR. You can display information for a specific L2VPN interface, for all L2VPN interfaces in the specified VPWS instance, or for all L2VPN interfaces in all VPWS instances.
Page 715 UID automatically assigned to the MPLS major interface when it is created Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. Received Number of packets, bytes, errors and discards received on the...
Page 716: Monitoring Mpls Forwarding Table For Vpws
JUNOSe 11.0.x BGP and MPLS Configuration Guide show l2vpn interface Related Topics Monitoring MPLS Forwarding Table for VPWS Display information about MPLS labels that are being used for forwarding. The brief Purpose keyword displays summary information for the MPLS labels. To display MPLS forwarding information for a particular label: Action host1#show mpls forwarding label 17...
Page 717: Table 109: Show Mpls Forwarding Output Fields
Chapter 14: Monitoring VPWS MPLS next-hop: 9, label 39 on ATM2/0.20, nbr 10.20.20.2 Statistics: Disabled Table 109 on page 681 lists the show mpls forwarding command output fields. Meaning Table 109: show mpls forwarding Output Fields Field Name Field Description In label Label sent to upstream neighbor for route Out label...
Page 718 JUNOSe 11.0.x BGP and MPLS Configuration Guide Monitoring MPLS Forwarding Table for VPWS...
Page 719 Part 6 Index Index on page 685 Index...
Page 720 JUNOSe 11.0.x BGP and MPLS Configuration Guide Index...
Page 721: Index
Index AS-path, BGP access lists, modifying..........72 Symbols attribute..............120 802.3ad switch............534 filtering..............87 as-set keyword (aggregate-address)......61 ATM (Asynchronous Transfer Mode) AAL0 encapsulation..........511 access lists, BGP............83 AAL5 encapsulation..........510 assigning weights to neighbors......112 Martini encapsulation.........510 distributing neighbor information......83 over MPLS............503 access-list command..........83, 85 passthrough for ATM over MPLS....506, 509 address families............374 VCC cell relay encapsulation L2VPN......43, 153, 374, 573, 594, 643...
Page 722 JUNOSe 11.0.x BGP and MPLS Configuration Guide ATM ports transportation of cells from multiple circuits changed to LOS state over a single pseudowire......518 and multiple VCs over a single transportation of multiple ATM cells pseudowire..........520 concatetation..........520 configuring cell concatenation parameters atomic-aggregate, BGP..........11 requirements..........522 attribute-map keyword (aggregate-address)....61...
Page 723 Index Cisco-proprietary route refresh capability...126 promiscuous peers..........43 community lists............95 reapplying BGP policies.........98 community path attribute........11 redistributing BGP routes........53 conditional advertising..........62 reduce the number of meshed peers....143 configuration inheritance........20 remove BGP dynamic peers........43 configuring............17 resetting BGP sessions..........98 default routes..........55 route refresh capability........126 peer groups...........26 route-refresh message..........8 route reflectors..........148...
Page 724 JUNOSe 11.0.x BGP and MPLS Configuration Guide AS number OSPF routes advertising prefixes with duplicate....445 distributing between PEs......473 using for all CE sites........441 distributing from CE to PE......473 BGP advertising rules for routes......455 distributing from PE to CE......473 BGP sessions, configuring........438 OSPF routing information, preserving....473 customer edge device.........376 OSPF routing loops, preventing......473...
Page 725 Index VPNs within an AS clear IPv4.............384 BGP hard..............98 IPv6.............389 BGP soft..............98 VRF..............378 clear bgp ipv6 commands Bidirectional Forwarding Detection. See BFD clear bgp ipv6............98 Border Gateway Protocol. See BGP clear bgp ipv6 dampening........102 bridge commands............611 clear bgp ipv6 dynamic-peers.......43 bridge acquire.............587 clear bgp ipv6 redistribution.........53 bridge address............587...
Page 726 JUNOSe 11.0.x BGP and MPLS Configuration Guide customer edge (CE) device.........376 enable protocols customer support.............xxxv BGP routing............658 contacting JTAC..........xxxv encapsulations ATM AAL0............511 ATM AAL05............510 equal-cost multipath support on MPLS.......233 data path failure Ethernet aggregation and Martini layer 2 detecting RSVP-TE..........252 transport..............534 deaggregation, LDP FEC..........277 Ethernet raw mode encapsulation...
Page 727 Index global export map command........424 Integrated Local Management Interface (ILMI) cells global import map and transmission along with data cells on the use..............424 same pseudowire global import map command........425 same VCI/VPI values as the data cells..520 global import map to import specific routes....458 inter-AS (interprovider) services graceful restart IPv4..............391...
Page 728 JUNOSe 11.0.x BGP and MPLS Configuration Guide interfaces supported...........503 load-balancing keepalive messages adding member interface to group....537 BGP.................7 configuring..........537 group............534 monitoring...........495 topology..........534, 536 L-LSP..............204, 299 local cross-connects....507, 514, 527, 532 L2VPN address family..43, 153, 374, 573, 594, 643 monitoring............557 l2vpn commands MPLS L2VPN over LAG, configuration l2vpn control-word..........653 example............545...
Page 729 Index load balancing match route-type..........72 candidate ports...........537 match tag..............72 group..............534 maximum route limit, BGP/MPLS VPN.......446 local administrative distance, BGP......136 maximum route warning threshold, BGP/MPLS local cross-connects......507, 514, 527, 532 VPN................446 local-pref attribute, BGP..........115 maximum routes command........447 LSP preemption............238 maximum-paths command........436 member interface command........536 meshed peers, reduce BGP.........143 messages, BGP...............7...
Page 730 JUNOSe 11.0.x BGP and MPLS Configuration Guide explicit path resources, configuring.........238 configured...........226 route pinning............238 configuring dynamic........277 RSVP-TE. See RSVP-TE (Resource Reservation defining configured........276 Protocol with traffic engineering extensions) dynamic............226 S bit..............213 explicit routing............226 shim header............213 fast reroute extensions........284 shim interfaces, configuring......509, 528 fast reroute on SONET/SDX interfaces....286 soft-state protocol........229, 231 features, supported..........206...
Page 731 Index mpls policy............532 mpls ldp strict-security........281 mpls policy-list............303 mpls ldp sync.............281 mpls reoptimize..........268 mpls ldp targeted-hello holdtime......266 mpls reoptimize timers frequency......268 mpls ldp targeted-hello interval......266 mpls set-exp-bits..........299 mpls ldp targeted-hello receive list......266 mpls statistics label..........313 mpls ldp targeted-hello send list......266 mpls statistics next-hop........314 mpls ldp vpls commands mpls topology-driven-lsp........266...
Page 732 JUNOSe 11.0.x BGP and MPLS Configuration Guide network commands network..............51 neighbor commands network backdoor..........140 neighbor activate......43, 153, 594, 658 network connections, trace MPLS......235 neighbor advertise-map........62 network prefixes, filtering..........83 neighbor advertisement-interval......58 next hops, check reachability for BGP/MPLS neighbor allow............43 VPNs..............448 neighbor allowas-in..........445 next-address command..........276 neighbor as-override...........441 next-hop processing, BGP..........107...
Page 733 Index peer groups, BGP............3 pseudowires configuring............26 associating an ATM port with monitoring............172 before configuring cell concatenation..522 peer reachability before configuring VCI/VPI ranges....522 RSVP-TE..............246 configuration on both ends of the peer type, set the BGP..........28 matching in the VP/VCI range......519 peers (neighbors), BGP not matching in the VPI/VCI range....519 assigning weights to..........112 failure detection...
Page 734 JUNOSe 11.0.x BGP and MPLS Configuration Guide route maps, BGP............72 graceful restart............249 assigning neighbor weights.........112 announcement of........249 filtering incoming/outgoing routes......90 preserving established LSP labels....249 setting local preferences........117 recovery period...........249 route reachability information, BGP/MPLS VPN..404 recovery time..........249 route reflectors............148 restart time..........249 route target restarting behavior........249 defining BGP/MPLS VPN........416...
Page 735 Index set route-type............81 show ip bgp l2vpn........626, 667 set tag..............72 show ip bgp l2vpn vpls.......626, 667 set weight.............72 show ip bgp longer-prefixes........172 sham link for OSPF and BGP/MPLS VPNs....473 show ip bgp neighbor routes.......172 shim interfaces show ip bgp neighbors........172 configuring VCI/VPI ranges show ip bgp neighbors advertised-routes....160 for transmission of multiple ATM VCs over a...
Page 736 JUNOSe 11.0.x BGP and MPLS Configuration Guide show mpls l2-transport test bgp ipv6 command..........157 load-balancing-group........495 test ip bgp neighbor command......106, 157 show mpls l2transport interface......562 text and syntax conventions........xxxiv verifying cell concatenation configuration for timers bgp command...........39 multiple ATM VCs transport.....562 topology-driven LSPs, MPLS........241 verifying VCI/VPI range for multiple ATM VCs trace mpls commands...
Page 737 Index clear BGP attributes..........610 VCC (virtual channel connection) cell relay BGP reachability..........610 encapsulation, ATM BGP route flap dampening......610 configuring............530 BGP wait for end-of-RIB marker....610 overview.............511 forwarding tables.........609 VCI/VPI ranges LDP attributes..........610 configuration dependent on configure associating the ATM port with the MPLS LSPs...........593 pseudowire..........521 subscriber policies........589...
Page 738 JUNOSe 11.0.x BGP and MPLS Configuration Guide VPN-IPv4 MPLS, configure..........659 address...............378 network interfaces exchanging addresses.........437 overview............643 VPN-IPv4 address family......43, 153, 374 overview.............639 VPN-IPv6 address family......43, 153, 374 PE (provider edge router)........643 VPNs (virtual private networks platform considerations........649 BGP/MPLS hub-and-spoke example.....419 prerequisites............651 VPNs (virtual private networks) references............650...

This manual is also suitable for:

Junose

Juniper JUNOSE SOFTWARE FOR E SERIES 11.0.X - BGP AND MPLS CONFIGURATION GUIDE 2009-12-30 Configuration Manual

Chapter 2 MPLS Overview

Quick Links

Troubleshooting

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.0.X - BGP AND MPLS CONFIGURATION GUIDE 2009-12-30

Summary of Contents for Juniper JUNOSE SOFTWARE FOR E SERIES 11.0.X - BGP AND MPLS CONFIGURATION GUIDE 2009-12-30