Page 1 JUNOSe Software for E Series Routing Platforms BGP and MPLS Configuration Guide Release 11.1.x Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 408-745-2000 www.juniper.net Published: 2010-03-30...
Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3 AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”)
Page 4 (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 http://www.gnu.org/licenses/gpl.html...
Page 5 agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein.
Page 7 Abbreviated Table of Contents About the Documentation xxxiii Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Part 2 Multiprotocol Layer Switching Chapter 2 MPLS Overview Chapter 3 Configuring MPLS Chapter 4 Monitoring MPLS Chapter 5 Configuring BGP-MPLS Applications Part 3 Layer 2 Services Over MPLS Chapter 6...
Page 8 JUNOSe 11.1.x BGP and MPLS Configuration Guide viii...
Page 9: Table Of Contents
Table of Contents About the Documentation xxxiii E Series and JUNOSe Documentation and Release Notes ......xxxiii Audience ....................xxxiii E Series and JUNOSe Text and Syntax Conventions ........xxxiii Obtaining Documentation .................xxxv Documentation Feedback ................xxxv Requesting Technical Support ..............xxxv Self-Help Online Tools and Resources ..........xxxvi Opening a Case with JTAC ..............xxxvi Part 1 Border Gateway Protocol...
Page 10 JUNOSe 11.1.x BGP and MPLS Configuration Guide Basic Configuration ..................17 Enabling BGP Routing ................17 Understanding BGP Command Scope .............18 Inheritance of Configuration Values ............20 Limitations on Inheritance ..............24 Setting the BGP Identifier ................24 Configuring Neighbors ................25 Configuring BGP Peer Groups ................26 Setting the Peer Type ................28 Assigning a Description ................28 Logging Neighbor State Changes .............29...
Page 11 Table of Contents Configuring BGP Routing Policy ..............70 Types of BGP Route Maps ...............71 Applying Table Maps ................81 Access Lists .....................83 Filtering Prefixes ................83 Filtering AS Paths with a Filter List ...........87 Filtering AS Paths with a Route Map ..........90 Configuring the Community Attribute .............92 Community Lists ..................95 Resetting a BGP Connection ..............98...
Page 12 JUNOSe 11.1.x BGP and MPLS Configuration Guide Managing a Large-Scale AS ................143 Configuring a Confederation ..............144 Configuring Route Reflectors ..............148 Route Reflection and Redundancy ..........149 Route Reflection and Looping ............150 Configuring BGP Multicasting ..............153 Monitoring BGP Multicast Services ............156 Using BGP Routes for Other Protocols ............156 Configuring BGP/MPLS VPNs ...............157 Testing BGP Policies ..................157 Monitoring BGP ...................158...
Page 13 Table of Contents ECMP Labels for MPLS ................233 MPLS Connectivity and ECMP ...............233 Supported TLVs ..................234 MPLS Connectivity Verification and Troubleshooting Methods ....235 Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes Overview ....................237 Ping Extensions for Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes ..................237 RSVP P2MP IPv4 Session Sub-TLV Overview ........238 P2MP Responder Identifier TLV Overview ..........238...
Page 14 JUNOSe 11.1.x BGP and MPLS Configuration Guide Preservation of an Established LSP Label ..........256 RSVP-TE Hellos Based on Node IDs .............256 BFD Protocol and RSVP-TE ................257 Tunneling Model for Differentiated Services Overview ........258 Pipe and Short Pipe Models ..............258 Uniform Model ..................259 EXP Bits for Differentiated Services Overview ..........259 Incoming Traffic ...................259 Outgoing Traffic ..................259...
Page 15 Table of Contents Configuring the BFD Protocol for RSVP-TE ..........294 Configuring IGPs and MPLS .................295 Configuring IGPs and MPLS ..............296 Configuring the IGPs for Traffic Engineering ........297 Configuring MPLS and Differentiated Services ..........299 Configuring the Tunneling Model for Differentiated Services .......299 Configuring EXP Bits for Differentiated Services ..........300 Example Differentiated Services Application and Configuration ....300 Differentiated Services Configuration Example ........301...
Page 16 JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring MPLS Explicit Paths ..............341 Monitoring the RSVP-TE Bypass Tunnels .............341 Monitoring MPLS Labels Used for Forwarding ..........342 Monitoring MPLS Interfaces ................343 Monitoring MPLS Minor Interfaces ..............349 Monitoring MPLS Next Hops ...............351 Monitoring the Configured Mapping between PHB IDs and Traffic Class/Color Combinations ..................352 Monitoring RSVP-TE Profiles and MPLS Tunnel Profiles .......353 Monitoring RSVP Path State Control Blocks, Reservation State Control Blocks,...
Page 17 Table of Contents Troubleshooting MTU Problems in a Point-to-Point MPLS LSP Associated with a VPLS Instance ..............378 Chapter 5 Configuring BGP-MPLS Applications Overview .....................379 Address Families ...................380 Equal-Cost Multipath Support ..............381 BGP/MPLS VPN Components ..............382 VPN-IPv4 Addresses ................385 Route Targets ..................385 Distribution of Routes and Labels with BGP ..........386 Platform Considerations ................389 References ....................389...
Page 18 JUNOSe 11.1.x BGP and MPLS Configuration Guide Export Maps ...................429 Global Export Maps ................430 Import Maps ...................430 Global Import Maps ................431 Global Export of IPv6 VPN Routes into the Global BGP IPv6 RIB ...432 Assigning an Interface to a VRF ............432 Defining Secondary Routing Table Lookup ...........434 Adding Static Routes to a VRF ...............435 Configuring IGPs on the VRF ..............436...
Page 19 Table of Contents Carrier-of-Carriers IPv4 VPNs ..............469 Customer Carrier as an Internet Service Provider .........470 Configuration Steps ................471 Customer Carrier as a VPN Service Provider .........472 Configuration Steps ................473 Enabling Carrier-of-Carriers Support on a VRF ........474 Carrier-of-Carriers Using BGP as the Label Distribution Protocol ...475 Carrier-of-Carriers IPv6 VPNs ..............475 Connecting IPv6 Islands Across IPv4 Clouds with BGP ........476 Connecting IPv6 Islands Across Multiple IPv4 Domains ......477...
Page 20 JUNOSe 11.1.x BGP and MPLS Configuration Guide VCC Cell Relay Encapsulation ...............518 AAL0 Raw Cell Mode ..............518 Cell Concatenation Parameters ............518 Cell Concatenation and Latency .............518 Control Word Support ..............519 Unsupported Features ..............519 HDLC Layer 2 Services over MPLS ...............519 Interface Stacking .................520 Encapsulation ..................520 Control Word Support ................520...
Page 21 Table of Contents Configuration on PE2 (Remote PE Router) ..........553 Configuration on CE2 (Remote CE Router) ..........554 Ethernet Raw Mode Encapsulation for Martini Layer 2 Transport Examples ....................554 S-VLAN Subinterface with an Untagged C-VLAN ID Examples .....557 Multiple ATM Virtual Circuits over a Single Pseudowire Example ....560 Chapter 8 Monitoring Layer 2 Services over MPLS Setting Baselines for Layer 2 Services over MPLS Statistics ......563...
Page 22 JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring VPLS Network Interfaces ............594 Configuring Subscriber Policies for VPLS Network Interfaces ......595 Network Interface Types ...............596 Default Subscriber Policies ..............596 Modifying Subscriber Policies ...............597 Considerations for VPLS Network Interfaces .........597 Configuring the Loopback Interface and Router ID for VPLS ......598 Configuring MPLS LSPs for VPLS ..............599 Configuring BGP Signaling for VPLS ............600 VPLS Configuration Example with BGP Signaling ........601...
Page 23 Table of Contents Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance ....................618 Monitoring VPLS Configuration and Statistics for all VPLS Instances ...620 Monitoring Configuration, Statistics, and Status for VPLS Network Interfaces ....................622 Monitoring Configuration, Statistics, and Status for VPLS Core Interfaces ..625 Monitoring Configuration, Statistics, and Status for VPLS Ports ....627 Monitoring MAC Address Entries for a Specific VPLS Instance .....629 Monitoring Subscriber Policy Rules .............630...
Page 24 JUNOSe 11.1.x BGP and MPLS Configuration Guide VPWS Configuration Example ..............666 Topology Overview ................667 Configuration on PE 1 (Local PE Router) ..........667 Configuration on PE 2 (Remote PE Router) ...........668 Chapter 14 Monitoring VPWS Clearing BGP Attributes for VPWS ...............671 Clearing BGP Reachability Information for the L2VPN Address Family ....................672 Clearing BGP Route Flap Dampening Information for the L2VPN Address...
Page 25 List of Figures Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Figure 1: BGP Peers ..................5 Figure 2: Internal and External BGP ..............6 Figure 3: Interior Gateway Protocols ...............7 Figure 4: Routing Without CIDR ..............10 Figure 5: Routing with CIDR ................10 Figure 6: Transit Service ................12 Figure 7: Nontransit Service ................12 Figure 8: IPv6 Routing over TCP IPv4 ............13...
Page 26 JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 41: A Fully Meshed Autonomous System ..........145 Figure 42: A Confederation of Subautonomous Systems ......146 Figure 43: Simple Route Reflection .............149 Figure 44: Route Reflection: Logical Redundancy ........149 Figure 45: Route Reflection: Physical and Logical Redundancy ....150 Figure 46: BGP Route Reflection ..............151 Part 2 Multiprotocol Layer Switching...
Page 27 List of Figures Figure 82: Site Connectivity in a Full-Mesh VPN ..........406 Figure 83: Route Target Configuration for a Full-Mesh VPN ......407 Figure 84: Site Connectivity in a Hub-and-Spoke VPN .........407 Figure 85: Route Target Configuration for a Hub-and-Spoke VPN ....408 Figure 86: Site Connectivity in an Overlapping VPN ........408 Figure 87: Route Target Configuration for an Overlapping VPN ....409 Figure 88: Overlapping VPNs on a Single PE ..........409...
Page 28 JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 122: MPLS L2VPN Tunnel over VLAN over LAG Configuration Example ....................548 Figure 123: MPLS L2VPN Tunnel over LAG Configuration Example .....551 Figure 124: MPLS L2VPN Tunnel over LAG Configuration Example .....555 Figure 125: Ethernet Packet Distribution over Martini Circuits ....556 Figure 126: Martini Circuit with Two Pseudowires Between PE-Facing Routers ....................558 Figure 127: Martini Circuit Deployment for Transmission of Multiple ATM...
Page 29 List of Tables About the Documentation xxxiii Table 1: Notice Icons ................xxxiv Table 2: Text and Syntax Conventions ............xxxiv Part 1 Border Gateway Protocol Chapter 1 Configuring BGP Routing Table 3: Conventions for BGP Terms ...............4 Table 4: Cease Notification Message Subcodes ..........8 Table 5: Commands Affecting BGP Globally ..........18 Table 6: Commands Affecting All Address Families in a VRF ......18 Table 7: Commands Affecting the Current Address Family ......19...
Page 30 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 28: Configuration Tasks by Type of Network ........268 Table 29: Incoming L-LSP PHB Determination ..........303 Table 30: Examples of Incoming L-LSP PHB Determination ......304 Table 31: Outgoing L-LSP PHB Determination ..........304 Table 32: Differentiated Services Mapping ..........309 Chapter 4 Monitoring MPLS Table 33: show atm vc Output Fields ............321...
Page 31 List of Tables Table 69: show atm mcpt-timers Output Fields ...........564 Table 70: show atm subinterface Output Fields ...........565 Table 71: show mpls cross-connects atm Output Fields ......566 Table 72: show mpls forwarding Output Fields ...........568 Table 73: show mpls interface and show mpls l2transport interface Output Fields ....................570 Part 4 Virtual Private LAN Service...
Page 32 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 104: Commands for Monitoring BGP Settings for the VPWS Address Family ....................673 Table 105: show ip bgp l2vpn Output Fields ..........676 Table 106: show ip bgp l2vpn all next-hops Output Fields ......678 Table 107: show l2vpn connections Output Fields ........681 Table 108: show l2vpn instance Output Fields ..........683 Table 109: show l2vpn interface Output Fields ..........684...
Page 33: About The Documentation
If the information in the latest release notes differs from the information in the documentation, follow the JUNOSe Release Notes. To obtain the most current version of all Juniper Networks® technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/...
Page 34: Table 1: Notice Icons
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 1: Notice Icons Icon Meaning Description Informational note Indicates important features or instructions. Caution Indicates a situation that might result in loss of data or hardware damage. Warning Alerts you to the risk of personal injury or death. Laser warning Alerts you to the risk of personal injury from a laser.
Page 35: About The Documentation
CD-ROMs or DVD-ROMs, see the Offline Documentation page at http://www.juniper.net/techpubs/resources/cdrom.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...
Page 36: Self-Help Online Tools And Resources
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
Page 37: Part 1 Border Gateway Protocol
Part 1 Border Gateway Protocol Configuring BGP Routing on page 3 Border Gateway Protocol...
Page 38: Border Gateway Protocol
JUNOSe 11.1.x BGP and MPLS Configuration Guide Border Gateway Protocol...
Page 39: Configuring Bgp Routing
Chapter 1 Configuring BGP Routing This chapter contains the following sections: Overview on page 3 Platform Considerations on page 14 References on page 14 Features on page 16 Before You Configure BGP on page 17 Configuration Tasks on page 17 Basic Configuration on page 17 Configuring BGP Peer Groups on page 26 Advertising Routes on page 50...
Page 40: Autonomous Systems
JUNOSe 11.1.x BGP and MPLS Configuration Guide those terms are represented in lowercase in this chapter. Table 3 on page 4 lists the terms and their variant spellings. Table 3: Conventions for BGP Terms In This Chapter In RFCs aggregator AGGREGATOR AS-confed-set AS_CONFED_SET...
Page 41: Bgp Speaker
Chapter 1: Configuring BGP Routing (IGPs) such as RIP, OSPF, and IS-IS within its boundaries. ASs use exterior gateway protocols (EGPs) to exchange routing information with other ASs. BGP is an EGP. The outside world views an AS as a single entity, even though it can be a collection of IGPs working together to provide routing within its interior.
Page 42: Ibgp And Ebgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide Because BGP relies on TCP to provide reliable and flow-controlled transmission of routing information, the BGP protocol itself is very simple. However it also implies that two routers can be BGP peers of each other only if they are reachable from each other in the sense that they can exchange IP packets.
Page 43: Bgp Messages
Chapter 1: Configuring BGP Routing Intermediate System-to-Intermediate System (IS-IS) Open Shortest Path First (OSPF) Routing Information Protocol (RIP) Figure 3 on page 7 shows that the routers in AS 53 all communicate with each other using an IGP. Routing information internal to AS 53 is redistributed from the IGP into BGP at router Chicago.
Page 44: Bgp Route
JUNOSe 11.1.x BGP and MPLS Configuration Guide If the session is being terminated for a nonfatal error, the notification messages includes the error code cease. Subcodes sent in the notification message can inform network operators about peering problems and help them better understand network events.
Page 45: Prefixes And Cidr
Chapter 1: Configuring BGP Routing Adj-RIBs-In store unprocessed routes learned from update messages received by the BGP speaker. Loc-RIB contains local routes resulting from the BGP speaker applying its local policies to the routes contained in its Adj-RIBs-In. Adj-RIBs-Out store routes that the BGP speaker will advertise to its peers in the update messages it sends.
Page 46: Path Attributes
(the “ best” route) based on the path attributes. BGP as implemented on the Juniper Networks E Series Broadband Services Router specifies detailed and complex criteria for picking the best route; this helps ensure that all routers will converge to the same routing table, a necessary behavior to avoid routing loops.
Page 47: Transit And Nontransit Service
Chapter 1: Configuring BGP Routing The following are some of the most important path attributes: AS-path specifies the sequence of autonomous systems that must be crossed to reach a certain destination. This path attribute is used to avoid routing loops and to prefer shorter routes over longer routes.
Page 48: Ipv6 Bgp Support
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 6: Transit Service Each ISP provides nontransit service to other ISPs. For example, Figure 7 on page 12 shows that ISP 1 does not permit traffic between ISP 2 and ISP 3 to cross its backbone. If ISP 1 permits such traffic, it squanders its own resources with no benefit to its customers or itself.
Page 49: Exchange Of Ipv6 Routing Information Over Tcp Ipv6
Chapter 1: Configuring BGP Routing Figure 8: IPv6 Routing over TCP IPv4 The E Series router’s MP-BGP implementation uses BGP update messages to announce the feasible routes to an associated IPv6 BGP next hop and also to announce the nonfeasible routes that need to be withdrawn from the peer. The E Series router announces only IPv6 global addresses as the BGP next-hop address;...
Page 50: Platform Considerations
See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP. For information about modules that support BGP on Juniper Networks E120 and E320 Broadband Services Routers: See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications.
Page 51 Chapter 1: Configuring BGP Routing Cooperative Route Filtering Capability for BGP-4 draft-ietf-idr-route-filter-09.txt (February 2003 expiration) Dynamic Capability for BGP-4 draft-ietf-idr-dynamic-cap-04.txt (February 2004 expiration) JUNOSe Release Notes, Appendix A, System Maximums Refer to the Release Notes corresponding to your software release for information about maximum values. RFC 1657 Definitions of Managed Objects for the Fourth Version of the Border Gateway Protocol (BGP-4) using SMIv2 (July 1997) RFC 1745 BGP4/IDRP for IP OSPF Interaction (December 1994)
Page 52: Features
JUNOSe 11.1.x BGP and MPLS Configuration Guide RFC 4721 Graceful Restart Mechanism for BGP (January 2007) RFC 4893 BGP Support for Four-octet AS Number Space (May 2007) Subcodes for BGP Cease Notification Message draft-ietf-idr-cease-subcode-05.txt (March 2004 expiration) NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress.
Page 53: Before You Configure Bgp
Chapter 1: Configuring BGP Routing Before You Configure BGP Before you attempt to configure BGP, ensure that you have TCP/IP reachability to the BGP peers with which you want your router to communicate. This may include tasks such as setting up interfaces and creating routes. See the JUNOSe Link Layer Configuration Guide and JUNOSe Physical Layer Configuration Guide for information about how to configure appropriate interfaces.
Page 54: Understanding Bgp Command Scope
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to remove the BGP process. See router bgp. Understanding BGP Command Scope BGP commands can be sorted into the following categories, each of which has a different scope; that is, each configures parameters within a different area of applicability.
Page 55: Table 7: Commands Affecting The Current Address Family
Chapter 1: Configuring BGP Routing The commands listed in Table 7 on page 19 configure parameters only for the current address family context. Table 7: Commands Affecting the Current Address Family address family disable-dynamic-redistribute aggregate-address external-paths auto-summary ip route-type bgp dampening maximum-paths bgp wait-on-end-of-rib network...
Page 56: Inheritance Of Configuration Values
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 8: Commands Affecting All Address Families for the Specified Peer or Peer Group (continued) neighbor ibgp-singlehop neighbor update-source neighbor lenient neighbor weight The commands listed in Table 9 on page 20 configure parameters separately for each address family exchanged over the BGP session.
Page 57: Table 10: Behavior Of Neighbor Commands
Chapter 1: Configuring BGP Routing from the peer group. However, attributes configured on a peer override values inherited from the peer group of which it is a member. The neighbor commands enable you to control features or set parameters for individual peers or for peer groups.
Page 58: Table 11: Inheritance From Other Commands
JUNOSe 11.1.x BGP and MPLS Configuration Guide Some of the commands in Table 10 on page 21 inherit global values set by other commands. Table 11 on page 22 describes the relationship between these commands. Table 11: Inheritance from Other Commands Category B Command Inherits Global Values Set By neighbor default-originate...
Page 59 Chapter 1: Configuring BGP Routing The no command disables inbound soft-reconfiguration for peer 10.19.7.8, overriding the configuration of the peer group to which the peer 10.19.7.8 belongs. The configuration of an individual peer takes precedence over the configuration of the peer group to which the peer belongs.
Page 60: Limitations On Inheritance
JUNOSe 11.1.x BGP and MPLS Configuration Guide Limitations on Inheritance All BGP peers that are members of the same peer group must send essentially the same updates. Accordingly, all members of a peer group must be the same kind of peer;...
Page 61: Configuring Neighbors
Chapter 1: Configuring BGP Routing host1(config-router)#bgp router-id 10.25.1.1 The new BGP identifier is used in open messages sent after you issue the command. To use the new BGP identifier for sessions already in the established state, you must use the clear ip bgp command to perform a hard clear. Use the no version to restore the router ID as the BGP identifier.
Page 62: Configuring Bgp Peer Groups
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to add an entry to the BGP neighbor table. Specifying a neighbor with an AS number that matches the AS number specified in the router bgp command identifies the neighbor as internal to the local AS. Otherwise, the neighbor is treated as an external neighbor.
Page 63: Figure 11: Bgp Peer Groups
Chapter 1: Configuring BGP Routing The multiprotocol extensions to BGP enable the exchange of information within different types of address families. By default, peers and peer groups exist in the unicast IPv4 address family and exchange unicast IPv4 addresses. For information on configuring and activating BGP peer groups within address families, see “Configuring the Address Family”...
Page 64: Setting The Peer Type
JUNOSe 11.1.x BGP and MPLS Configuration Guide Setting the Peer Type Each peer group must have a peer type before any BGP sessions for members of that peer group are allowed to come up and before the Adj-RIBs-Out table of that peer group can be filled.
Page 65: Logging Neighbor State Changes
Chapter 1: Configuring BGP Routing Use to associate a textual description of up to 80 characters with a BGP neighbor or peer group. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 66: Specifying A Source Address For A Bgp Session
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to stop logging. See bgp log-neighbor-changes Specifying a Source Address for a BGP Session By default, BGP uses the IP address of the outgoing interface toward the peer as the source IP address for the TCP connection over which the BGP session runs.
Page 67: Specifying Peers That Are Not Directly Connected
Chapter 1: Configuring BGP Routing Table 13: Source Addresses and Default Next Hop Addresses for Various Configurations Source Address used Configured Neighbor Configured Update for TCPv4 and TCPv6 Default Next Hop Default Next Hop Address Source Address Connection Value for IPv4 Prefixes Value for IPv6 Prefixes IPv4 neighbor address IPv4 source address...
Page 68: Figure 12: Using Ebgp-Multihop
JUNOSe 11.1.x BGP and MPLS Configuration Guide configure multihop connections. By default, the one-hop limitation per EBGP peers is enforced by the time-to-live attribute. You can override this default limit by using the ttl variable to specify the maximum number of hops to the peer. In Figure 12 on page 32, router Boston and router LA are connected together through router NY, rather than by a direct connection.
Page 69: Specifying A Single-Hop Connection For Ibgp Peers
Chapter 1: Configuring BGP Routing This command takes effect immediately and automatically bounces the BGP session. Use the no version to return BGP to halt acceptance of such routers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration.
Page 70: Removing Private As Numbers From Updates
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config)#router bgp 100 host1(config-router)#neighbor 2.2.2.2 maximum-prefix 1000 neighbor maximum-prefix Use to control how many prefixes can be received from a neighbor. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 71: Checking As Path Length
Chapter 1: Configuring BGP Routing Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 72: Enabling Md5 Authentication On A Tcp Connection
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:3# show ip bgp fields intro best peer loc-pref as-path Local router ID 13.13.13.3, local AS 200 10 paths, 5 distinct prefixes (520 bytes used) 6 paths selected for route table installation 14 path attribute entries (1943 bytes used) Status codes: >...
Page 73: Setting The Maximum Size Of Update Messages
Chapter 1: Configuring BGP Routing Use to enable MD5 authentication on a TCP connection between two BGP peers. If you configure a password for a neighbor, an existing session is torn down and a new one established. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 74: Setting Automatic Fallover
JUNOSe 11.1.x BGP and MPLS Configuration Guide Setting Automatic Fallover You can use the bgp fast-external-fallover command to specify that in the event of the failure of a link to any adjacent external peer, the BGP session is immediately and automatically brought down rather than waiting for the TCP connection to fail or for the hold timer to expire.
Page 75: Automatic Summarization Of Routes
Chapter 1: Configuring BGP Routing Use the no version to restore the default values on the specified neighbor or peer group 30 seconds for the keepalive timer and 90 seconds for the hold-time timer. See neighbor timers. timers bgp Use to set the keepalive and hold-time timers for all neighbors. If you set the keepalive timer to 0, BGP does not send any keepalive messages.
Page 76: Configuring Bgp For Overload Conditions
JUNOSe 11.1.x BGP and MPLS Configuration Guide bgp shutdown Use to shut down BGP globally. This command takes effect immediately. Example host1(config-router)#bgp shutdown Use the no version to reenable BGP. See bgp shutdown. neighbor shutdown Use to shut down a neighbor or peer group without removing their configuration. This command takes effect immediately.
Page 77: Enabling Route Storage In Adj-Ribs-Out Tables
Chapter 1: Configuring BGP Routing host1#show ip bgp summary Local router ID 10.1.0.1, local AS 1 Administrative state is Start Operational state is Down due to transition from Overload state Shutdown in overload state is enabled Default local preference is 100 Enabling Route Storage in Adj-RIBs-Out Tables By default, a BGP speaker does not store a copy of each route it sends to a BGP peer in the Adj-RIBs-Out table for that peer.
Page 78: Effects Of Changing Outbound Policies
JUNOSe 11.1.x BGP and MPLS Configuration Guide BGP cannot compare them with the attributes in the new update message. Consequently, BGP cannot determine whether the update contains new attributes or the same attributes as those previously advertised, and might send superfluous advertisements to peers.
Page 79: Configuring The Address Family
Chapter 1: Configuring BGP Routing Use the no version to enable the route storage. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor rib-out disable. rib-out disable Use to disable storage of routes in the Adj-RIBs-Out tables (disable rib-out) for all BGP peers.
Page 80 JUNOSe 11.1.x BGP and MPLS Configuration Guide VPN IPv6 If you specify the VPN-IPv6 address family, you can configure the router to provide IPv6 VPN services over an MPLS backbone. These VPNs are often referred to as BGP/MPLS VPNs. L2VPN If you specify the L2VPN address family, you can configure the PE router for VPLS L2VPNs or VPWS L2VPNs to exchange layer 2 network layer reachability information (NLRI) for all VPLS or VPWS instances.
Page 81 Chapter 1: Configuring BGP Routing From within the address family, configure BGP parameters for the address family. Exit Address Family Configuration mode. host1:vr1(config-router-af)#exit-address-family address-family Use to configure the router or VRF to exchange IPv4 or IPv6 addresses by creating the specified address family. IPv4 and IPv6 addresses can be exchanged in unicast, multicast, or VPN mode.
Page 82: Enabling Lenient Behavior
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:vr1(config-router-af)#exit-address-family There is no no version. See exit-address-family. neighbor activate Use to specify a peer or peer group with which routes of the current address family are exchanged. A peer or peer group can be activated in more than one address family. By default, a peer is activated only for the IPv4 unicast address family.
Page 83: Configuring Promiscuous Peers And Dynamic Peering
Chapter 1: Configuring BGP Routing BGP speaker to send a notification message to the peer generating the error and to terminate the session. By default, lenient behavior is disabled. neighbor lenient Use to enable a BGP speaker to be more tolerant of some errors generated by a peer, such as malformed BGP messages or finite state machine errors.
Page 84 JUNOSe 11.1.x BGP and MPLS Configuration Guide When the BGP speaker receives an open message from a dynamic peer, the remote AS number must match one of the following criteria; the connection is closed if it does not: If the peer group has a configured remote AS number, then the received AS number must be the same as the configured remote AS number.
Page 85: Configuring Passive Peers
Chapter 1: Configuring BGP Routing Example host1#clear ip bgp 192.168.1.158 vrf boston5 dynamic-peers There is no no version. See clear bgp ipv6 dynamic-peers. See clear ip bgp dynamic-peers. neighbor allow Use to configure a peer group to accept incoming BGP connections from any remote address that matches the specified access list.
Page 86: Advertising Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide If instead you initially configure the router as passive for those peers, BGP will not attempt to establish sessions to those peers but will wait until these remote peers initiate a session, thus conserving CPU resources. If you configure both sides of a BGP session as passive, then the session can never come up because neither side can initiate the connection.
Page 87: Figure 13: Prefixes Originating In An As
Chapter 1: Configuring BGP Routing Figure 13: Prefixes Originating in an AS The following commands configure router NY: host1(config)#router bgp 300 host1(config-router)#neighbor 10.2.25.1 remote-as 100 host1(config-router)#neighbor 10.4.4.1 remote-as 400 host1(config-router)#network 192.168.33.0 mask 255.255.255.0 The following commands configure router Boston: host2(config)#router bgp 100 host2(config-router)#neighbor 10.2.25.2 remote-as 300 host2(config-router)#neighbor 10.3.3.1 remote-as 400 host2(config-router)#network 172.19.0.0...
Page 88: Advertising Best Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the backdoor keyword to lower the preference of an EBGP route to the specified prefix by setting the administrative distance to that of an internal BGP route, 200. Use this option to favor an IGP backdoor route over an EBGP route to a specific network.
Page 89: Redistributing Routes Into Bgp
Chapter 1: Configuring BGP Routing received from an internal peer, no route to the destination is advertised to the internal peers. See bgp advertise-best-external-to-internal. Redistributing Routes into BGP BGP can learn about routes from sources other than BGP updates from peers. Routes known to other protocols can be redistributed into BGP.
Page 90: Redistributing Routes From Bgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide disable-dynamic-redistribute Use to halt the dynamic redistribution of routes that are initiated by changes to a route map. Dynamic redistribution is enabled by default. This command takes effect immediately. Example host1(config-router)#disable-dynamic-redistribute Use the no version to reenable dynamic redistribution. See disable-dynamic-redistribute.
Page 91: Configuring A Default Route
Chapter 1: Configuring BGP Routing NOTE: This default behavior does not apply to VPN routes. Redistribution of IBGP routes (routes received from an internal BGP peer) in a VRF is always enabled. You do not have to issue this command to enable redistribution of internal BGP routes in a VRF.
Page 92: Redistributing Default Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide If you issue the neighbor default-originate command, BGP sends the default route to that neighbor regardless of whether the default route exists in the IP forwarding table. In Figure 15 on page 56, router NY originates the default route 0.0.0.0/0 to router Albany only.
Page 93: Setting A Static Default Route
Chapter 1: Configuring BGP Routing Policy specified by a route map with the default-information originate command is applied at the same time as the policy for redistributed routes, before any outbound policy for peers. Example host1(config)#router bgp 100 host1(config-router)#default-information originate Use the no version to restore the default, preventing the redistribution of default routes.
Page 94: Setting The Minimum Interval Between Routing Updates
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 16: Setting a Static Default Route ip route Use to establish static routes. Use the no version to remove static routes. See ip route. Use to cause a BGP speaker (the local router) to send the default route 0.0.0.0/0 neighbor to a neighbor for use as a default route.
Page 95: Aggregating Routes
Chapter 1: Configuring BGP Routing Use to set the minimum interval between the sending of BGP updates for a given prefix. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 96 JUNOSe 11.1.x BGP and MPLS Configuration Guide host2(config-router)#aggregate-address 172.24.0.0 255.255.224.0 As configured above, router SanJose advertises the more specific routes as well as the aggregate route to router Boston. Alternatively, you can use the summary-only option to configure router SanJose to suppress the more specific routes and advertise only the aggregate route: host2(config)#router bgp 873 host2(config-router)#neighbor 10.2.2.3 remote-as 873...
Page 97 Chapter 1: Configuring BGP Routing passed along to router SanJose and preserved when the aggregate route is created. As a result, the aggregate route is not advertised outside the AS. The following commands demonstrate how to configure router SanJose to prevent the aggregate from not being advertised: host2(config)#router bgp 873 host2(config-router)#neighbor 10.2.2.3 remote-as 873...
Page 98: Advertising Inactive Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide This command takes effect immediately. Use the no version to remove the aggregate route entry from the routing table. See aggregate-address. Advertising Inactive Routes Under normal circumstances, routes that are not being used to forward traffic inactive routes are not advertised to peers unless synchronization is enabled.
Page 99: Advertising Ipv4 Routes Between Ipv6 Bgp Peers
Chapter 1: Configuring BGP Routing bgp enforce-first-as Use to cause BGP to determine whether the first AS in the AS path of a route received from an EBGP peer matches the remote AS number of that peer. If the AS does not match, BGP sends a notification to the peer with the error code “...
Page 100 JUNOSe 11.1.x BGP and MPLS Configuration Guide when that route is not in the routing table. BGP conditional advertisement enables you to control route advertisement without having to rely on only the best routes. For example, in a multi-homed network, you might want to advertise certain prefixes to one of the providers when a failure occurs in the peering session with a different provider, or when there is only partial reachability to that peer.
Page 101 Chapter 1: Configuring BGP Routing route map you specify with the non-exist-map keyword references multiple routes, all of those routes must be absent to trigger the conditional advertisement. You can optionally specify a sequence number for the advertise route map that matches the determining route.
Page 102: Advertising A Route Only When Another Route Is Present
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-router-af)#neighbor 192.168.2.2 advertise-map advertiseroutes exist-map matchroute sequence 10 Use the no version to remove the conditions set for advertising to the peer or peer group the routes specified by the route map. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration.
Page 103: Advertising A Route Only When Another Route Is Absent
Chapter 1: Configuring BGP Routing host1(config)#access-list 77 permit 10.10.20.0 0.0.0.255 host1(config)#route-map advertisetoR1 permit 10 host1(config-route-map)#match ip address 77 host1(config-route-map)#exit !Configure route map to match one trigger route from R3 host1(config)#ip as-path access-list 1 permit ^300 host1(config)#access-list 70 permit 172.24.19.0 0.0.0.255 host1(config)#route-map trigger1 permit 10 host1(config-route-map)#match ip address 70 host1(config-route-map)#match as-path 1...
Page 104: Figure 19: Advertising A Route When Another Route Is Absent
JUNOSe 11.1.x BGP and MPLS Configuration Guide advertises neither of the routes to router R2. Consequently, router R2 advertises both 10.10.20.0/24 and 10.10.30.0/24 to peergroup1. Figure 19: Advertising a Route When Another Route is Absent The following commands configure router R2: host1(config)#router bgp 200 host1(config-router)#neighbor peergroup1 peer-group host1(config-router)#neighbor peergroup1 remote-as 100...
Page 105: Advertising A Default Route Only When Another Route Is Present
Chapter 1: Configuring BGP Routing host1(config)#route-map alternatetoPG1 permit 10 host1(config-route-map)#match ip address allow host1(config-route-map)#exit !Configure route map to match an alternate trigger route host1(config)#access-list test permit 172.21.30.0 0.0.0.255 host1(config)#route-map condition2 permit 10 host1(config-route-map)#match ip address test host1(config-route-map)#match as-path 1 host1(config-route-map)#exit In this configuration, the condition1 route map has a sequence number of five, placing it high in the list of all configured advertise route maps for this peer group within the same address family.
Page 106: Configuring Bgp Routing Policy
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 20: Advertising a Default Route When Another Route is Present The following commands configure router R2: host1(config)#ip prefix-list default permit 0.0.0.0/0 host1(config)#route-map default permit 10 host1(config-route-map)#match ip address prefix-list default host1(config-route-map)#exit host1(config)#ip prefix-list test-default permit 172.55.0.0/16 host1(config)#route-map test permit 10 host1(config-route-map)#match ip address prefix-list test-default host1(config-route-map)#exit...
Page 107: Types Of Bgp Route Maps
Chapter 1: Configuring BGP Routing Prefix trees Route maps The remainder of this section provides detailed information about using these features with BGP. Before proceeding, please see JUNOSe IP Services Configuration Guide, for a thorough background on how these features work in general. Types of BGP Route Maps A route map consists of match clauses and set clauses.
Page 108: Table 16: Commands That Create Match-Only Route Maps
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 15: Clauses Supported in BGP Match-and-Set Route Maps (continued) match metric set metric match metric-type set metric-type match route-type set origin match tag set tag set weight The match-only route maps consist of the route maps configured with any of the commands listed in Table 16 on page 72.
Page 109 Chapter 1: Configuring BGP Routing Use to match a community list. Supported for inbound and outbound route maps. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match community comm5 Use the no version to delete the match clause from a route map or a specified value from the match clause.
Page 110 JUNOSe 11.1.x BGP and MPLS Configuration Guide match ip next-hop Use to match any routes that have a next-hop router address passed by the specified access list, prefix list, or prefix tree. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match ip next-hop 5 192.54.24.1 Use the no version to delete the match clause from a route map or a specified value from the match clause.
Page 111 Chapter 1: Configuring BGP Routing Use to match a route for the specified route type. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#match route-type level-1 Use the no version to delete the match clause from a route map or a specified value from the match clause. See match route-type.
Page 112 JUNOSe 11.1.x BGP and MPLS Configuration Guide results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 113 Chapter 1: Configuring BGP Routing host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set as-path prepend list list10 Use the no version to delete the set clause from a route map. See set as-path prepend. set comm-list delete Use to remove communities specified by the community list from the community attribute of routes matching the route map.
Page 114 JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to delete the set clause from a route map. See set community. set dampening Use to enable BGP route flap dampening only on routes that pass the match clauses of, and are redistributed by, a particular route map. BGP creates a dampening parameter block for each unique set of dampening parameters such as suppress threshold and reuse threshold used by BGP.
Page 115 Chapter 1: Configuring BGP Routing host1(config-route-map)#set ip next-hop 192.56.32.1 Use the no version to delete the set clause from a route map. See set ip next-hop. set local-preference Use to specify a preference value for the AS path. Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set local-preference 200 Use the no version to delete the set clause from a route map.
Page 116 JUNOSe 11.1.x BGP and MPLS Configuration Guide For BGP, you can specify the following: external Reverts to the normal BGP rules for propagating the MED; this is the BGP default internal Sets the MED of a received route that is being propagated to an external peer equal to the IGP cost of the indirect next hop Example host1(config)#route-map nyc1 permit 10...
Page 117: Applying Table Maps
Chapter 1: Configuring BGP Routing Applying Table Maps You can use the table-map command on a per-address-family basis to apply a route map to modify IP attributes of BGP routes that are about to be added to the IP routing table.
Page 118 JUNOSe 11.1.x BGP and MPLS Configuration Guide table-map Use to apply a policy to BGP routes about to be added to the IP routing table. The route map can include any of the clauses listed in Table 18 on page 81. The new route map is applied to all routes that are subsequently placed in the IP routing table.
Page 119: Access Lists
Chapter 1: Configuring BGP Routing I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 Prefix/Length Type...
Page 120: Figure 21: Filtering With Access Lists
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 21: Filtering with Access Lists The following commands configure router Boston to apply access list reject1 to routes inbound from router SanJose. Access list reject1 rejects routes matching 172.24.160.0/19. host3(config)#router bgp 17 host3(config-router)#neighbor 10.5.5.4 remote-as 873 host3(config-router)#neighbor 10.5.5.4 distribute-list reject1 in host3(config-router)#exit...
Page 121 Chapter 1: Configuring BGP Routing host2(config-router)#exit host2(config)#access-list 1 deny 10.16.22.0 0.254.255.255 access-list Use to define an IP access list to permit or deny routes based on the prefix. Each access list is a set of permit or deny conditions for routes based on matching a route’s prefix.
Page 122 JUNOSe 11.1.x BGP and MPLS Configuration Guide Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 123: Filtering As Paths With A Filter List
Chapter 1: Configuring BGP Routing host1(config-router)#neighbor 192.168.1.158 prefix-tree newyork out New policy values are applied to all routes that are sent (outbound policy) or received (inbound policy) after you issue the command. To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session.
Page 124: Figure 23: Filtering With As-Path Access Lists
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 23: Filtering with AS-Path Access Lists Suppose you want router London to behave in the following way: Accept routes originated in AS 621 only if they pass directly to router London Accept routes originated in AS 11 only if they pass directly to router London Forward routes from AS 282 to AS 435 only if they pass through either AS 621 or AS 11, but not both AS 621 and AS 11 The following commands configure router London to apply filters based on the AS...
Page 125: Figure 24: Assigning A Filter List
Chapter 1: Configuring BGP Routing Consider the following commands used to configure router Chicago in Figure 24 on Example 2 page 89: host1(config)#router bgp 293 host1(config-router)#neighbor 10.5.5.2 remote-as 32 host1(config-router)#neighbor 10.5.5.2 filter-list 1 in host1(config-router)#neighbor 10.2.2.4 remote-as 17 host1(config-router)#exit host1(config)#ip as-path access-list 1 deny ^32$ Figure 24: Assigning a Filter List Access list 1 denies routes that originate in AS 32 and therefore routes originated by router NY because the AS-path attribute for these routes begins with (and indeed...
Page 126: Filtering As Paths With A Route Map
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to assign an AS-path access list to matching inbound or outbound routes with the in or out keywords. You can specify an optional weight value with the weight keyword to assign a relative importance to incoming routes matching the AS-path access list.
Page 127: Figure 25: Route Map Filtering
Chapter 1: Configuring BGP Routing Figure 25: Route Map Filtering Routes learned from router Boston have a weight of 150, whereas those learned from router NY have a weight of 50. Router Chicago therefore prefers all routes learned from router Boston to those learned from router NY. Based on this configuration, router Chicago prefers routes to prefixes originating in AS 837 or originating in AS 32 that pass through router Boston over routes to those same prefixes that pass through router NY.
Page 128: Configuring The Community Attribute
JUNOSe 11.1.x BGP and MPLS Configuration Guide Refer to the commands and guidelines in the section “Types of BGP Route Maps” on page 71 for more information about configuring route maps. Configuring the Community Attribute A community is a logical group of prefixes that share some common attribute. Community members can be on different networks and in different autonomous systems.
Page 129: Figure 26: Communities
Chapter 1: Configuring BGP Routing Use the set community command in route maps to configure the community attributes. By default, the community attribute is not sent to BGP peers. To send the community attribute to a neighbor, use the neighbor send-community command. Consider the network structure shown in Figure 26 on page 93.
Page 130 JUNOSe 11.1.x BGP and MPLS Configuration Guide The following commands configure router Boston to apply route map 5 to routes going out to 10.5.5.4. If the destination IP address of such a route matches instance 10 of the route map, router Boston sets the community attribute of the route to no-export.
Page 131: Community Lists
Chapter 1: Configuring BGP Routing Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group and want to fill the Adj-RIBs-Out table for that peer group with the results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group.
Page 132: Figure 27: Community Lists
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 27: Community Lists Suppose you want router Albany to set metrics for routes that it forwards to router Boston based on the communities to which the routes belong. You can create community lists and filter the routes with a route map that matches on the community list.
Page 133 Chapter 1: Configuring BGP Routing Use to create a standard or a regular expression community list for BGP and controls access to it. A route can belong to any number of communities, so a community list can have many entries comprising many communities. You can specify one or more community values when you create a community list.
Page 134: Resetting A Bgp Connection
JUNOSe 11.1.x BGP and MPLS Configuration Guide A route matches this community list only if it belongs to at least all three communities in extended community list boston1: Communities 100:2, 100:3, and 100:4. Use the no version to remove a single extended community list entry if permit or deny and a path-expression are specified.
Page 135: Changing Policies Without Disruption
Chapter 1: Configuring BGP Routing Use the soft out option to reapply outbound policy and resend routes without clearing the BGP session. This command takes effect immediately. There is no no version. See clear bgp ipv6. See clear ip bgp. Changing Policies Without Disruption Changing policies can cause major network disruptions when you bring down sessions to reapply the modified policies.
Page 136: Route-Refresh Capability
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to disable storage of the route copies. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor soft-reconfiguration inbound.
Page 137 Chapter 1: Configuring BGP Routing Use to negotiate the exchange of inbound route filters and their installation as ORFs by specifying the orf keyword, an ORF type, and the direction of the capability. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 138: Configuring Route Flap Dampening
JUNOSe 11.1.x BGP and MPLS Configuration Guide results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 139 Chapter 1: Configuring BGP Routing Use to enable BGP route flap dampening on all BGP routes or routes matching a specified route map. You can specify a complete set of values that determine how routes are dampened. If you choose to do so, you must specify the entire set: half-life—...
Page 140: Policy-Based Route Flap Dampening
JUNOSe 11.1.x BGP and MPLS Configuration Guide To clear IPv4 dampening information for all routes in VRF dogwood: host1#clear ip bgp ipv4 dogwood dampening To clear IPv4 dampening information for all non-VRF routes in the IPv4 unicast address family: host1#clear ip bgp vrf unicast dampening To clear IPv4 dampening information for a specific route: host1#clear ip bgp dampening 192.168.5.0 255.255.255.0 To clear IPv4 dampening information for the most specific route matching an...
Page 141: Policy Testing
Chapter 1: Configuring BGP Routing Routes previously suppressed by a route map that are unsuppressed by this command are not automatically advertised; you must use the clear ip bgp command to perform a hard clear or outbound soft clear. Example host1(config-router)#neighbor berlin5 unsuppress-map inmap3 Use the no version to restore the default values.
Page 142: Selecting The Best Path
JUNOSe 11.1.x BGP and MPLS Configuration Guide test ip bgp neighbor Use to test the effect of BGP policies on a router without implementing the policy. You can apply the test to routes advertised to peers or received from peers. You can test the following kinds of policies: distribute lists, filter lists, prefix lists, prefix trees, or route maps.
Page 143: Bgp Path Decision Algorithm
Chapter 1: Configuring BGP Routing If only one route exists to a particular destination, BGP installs that route. If multiple routes exist for a destination, BGP uses tie-breaking rules to decide which one of the routes to install in the BGP routing table. BGP Path Decision Algorithm BGP determines the best path to each destination for a BGP speaker by comparing path attributes according to the following selection sequence:...
Page 144: Next Hops
JUNOSe 11.1.x BGP and MPLS Configuration Guide If the route originated inside the AS, the next hop is the IP address of the peer that advertised the route. If the route originated outside the AS that is, it was injected into the AS by means of an EBGP session the next hop is the IP address of the external BGP speaker that advertised the route.
Page 145 Chapter 1: Configuring BGP Routing because the next-hop address is not accessible. Router Memphis does a lookup in its IP routing table to determine how to reach 10.1.13.2: Destination Next Hop 10.1.13.0/24 10.2.2.1 The next hop is reachable through router Jackson, and the traffic can be forwarded. The following commands configure the routers as shown in Figure 28 on page 108: To configure router Jackson: host1(config)#router bgp 604...
Page 146: Next-Hop-Self
JUNOSe 11.1.x BGP and MPLS Configuration Guide Next-Hop-Self In some circumstances, using a third-party next hop causes routing problems. These configurations typically involve nonbroadcast multiaccess (NBMA) media. To better understand this situation, first consider a broadcast multiaccess (BMA) media network, as shown in Figure 29 on page 110.
Page 147 Chapter 1: Configuring BGP Routing You can use the neighbor next-hop-self command to correct this routing problem. If you use this command to configure router Madrid, the third-party next hop advertised by router Toledo is not advertised to router Barcelona. Instead, router Madrid advertises 192.168.22.0/23 with the next-hop attribute set to its own IP address, 10.19.7.7.
Page 148: Assigning A Weight To A Route
JUNOSe 11.1.x BGP and MPLS Configuration Guide Assigning a Weight to a Route You can assign a weight to a route when more than one route exists to the same destination. A weight indicates a preference for that particular route over the other routes to that destination.
Page 149: Using A Route Map
Chapter 1: Configuring BGP Routing host1(config-router)#neighbor 10.72.4.2 remote-as 300 host1(config-router)#neighbor 10.72.4.2 weight 500 Router LA sends traffic through router Boston in preference to router NY. Using a Route Map A route map instance is a set of conditions with an assigned number. The number after the permit keyword designates an instance of a route map.
Page 150 JUNOSe 11.1.x BGP and MPLS Configuration Guide The neighbor filter-list commands assign a weight attribute of 1000 to routes passing through router Boston and a weight attribute of 500 to routes passing through router NY. Regardless of the origin of the route, routes learned through router Boston are preferred.
Page 151: Configuring The Local-Pref Attribute
Chapter 1: Configuring BGP Routing results of the new policy, you must use the clear ip bgp peer-group command to perform a hard clear or outbound soft clear of the peer group. You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table.
Page 152: Using The Bgp Default Local-Preference Command
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use a route map to set the local-pref attribute. Using the bgp default local-preference Command In Figure 32 on page 116, AS 873 receives updates for network 192.168.5.0/24 from AS 32 and AS 17. Figure 32: Configuring the Local-Preference Attribute The following commands configure router LA: host1(config-router)#router bgp 873...
Page 153: Using A Route Map To Set The Local Preference
Chapter 1: Configuring BGP Routing To force BGP to run the decision process on routes already received, you must use the clear ip bgp command to perform an inbound soft clear or hard clear of the current BGP session. Use the no version to restore the default value, 100. See bgp default local-preference.
Page 154: Figure 33: The Origin Attribute
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 33: The Origin Attribute Consider the sample topology shown in Figure 33 on page 118. Because routers Albany and Boston are not directly connected, they learn the path to each other by means of an IGP (not illustrated).
Page 155: Table 20: Origin And As Path For Routes Viewed On Different Routers
Chapter 1: Configuring BGP Routing Consider how route 172.21.10.0/23 is passed along to the routers in Figure 33 on page 118: IS-IS injects route 172.21.10.0/23 from router Chicago into BGP on router LA. BGP sets the origin attribute to Incomplete (because it is a redistributed route) to indicate how BGP originally became aware of the route.
Page 156: Understanding The As-Path Attribute
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 20: Origin and AS Path for Routes Viewed on Different Routers (continued) Route Router Origin AS Path 172.19.0.0/16 empty 172.19.0.0/16 192.168.330/24 Albany empty 192.168.330/24 Boston empty 192.168.330/24 empty 192.168.330/24 As a matter of routing policy, you can specify an origin for a route with a set origin clause in a redistribution route map.
Page 157: Configuring A Local As
Chapter 1: Configuring BGP Routing Figure 34: AS-Path Attributes A routing loop exists if router London accepts the route from router Berlin. Router London can choose not to accept the route from router Berlin because it recognizes from the AS-path attribute (11 621 47) that the route originated in its own AS 47. As a matter of routing policy, you can prepend additional AS numbers to the AS-path attribute for a route with a set as-path prepend clause in an outbound route map.
Page 158: Configuring The Med Attribute
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring the MED Attribute If two ASs connect to each other in more than one place, one link or path might be a better choice to reach a particular prefix within or behind one of the ASs. The MED value is a metric expressing a degree of preference for a particular path.
Page 159 Chapter 1: Configuring BGP Routing host2(config-router)#neighbor 10.4.4.1 remote-as 303 host2(config-router)#neighbor 10.4.4.1 route-map 10 out host2(config-router)#neighbor 10.2.25.1 remote-as 73 host2(config-router)#neighbor 10.6.6.1 remote-as 4 host2(config-router)#neighbor 10.6.6.1 route-map 10 out host2(config-router)#network 192.168.33.0 mask 255.255.255.0 host2(config-router)#exit host2(config)#route-map 10 permit 10 host2(config-route-map)#set metric 50 The following commands configure router Nice: host3(config)#router bgp 73 host3(config-router)#neighbor 10.3.3.1 remote-as 303 host3(config-router)#neighbor 10.3.3.1 route-map 10 out...
Page 160 JUNOSe 11.1.x BGP and MPLS Configuration Guide Router Dublin advertises a MED of 25 for route 192.168.33.0/24, which is lower more preferred than the MED advertised by router Paris or router Nice. However, the AS path for the route through router Dublin is longer than that through router Paris.
Page 161: Missing Med Values
Chapter 1: Configuring BGP Routing Use the no version to delete the set clause from a route map. See set metric. Missing MED Values By default, a route that arrives with no MED value is treated as if it had a MED of 0, the most preferred value.
Page 162: Capability Negotiation
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-router)#bgp bestpath med confed Changes apply automatically whenever BGP subsequently runs the best-path decision process for a destination prefix; that is, whenever a best route is picked for a given prefix. To force BGP to run the decision process on routes already received, you must use the clear ip bgp command to perform an inbound soft clear or hard clear of the current BGP session.
Page 163: Cooperative Route Filtering
Chapter 1: Configuring BGP Routing The router advertises these capabilities except for the cooperative route filtering capability by default. You can prevent the advertisement of specific capabilities with the no neighbor capability command. You can also use this command to prevent all capability negotiation with the specified peer.
Page 164: Four-Octet As Numbers
JUNOSe 11.1.x BGP and MPLS Configuration Guide Four-Octet AS Numbers BGP speakers that support four-octet AS and sub-AS numbers are sometimes referred to as “ new” speakers. The four-octet AS numbers are employed by the AS-path and aggregator attributes. “ Old” speakers are those that do not support the four-octet numbers.
Page 165 Chapter 1: Configuring BGP Routing By waiting for all restarted peers to send the End-of-RIB marker, BGP risks delaying the initiation of the best path decision process indefinitely due to a single very slow peer. For a specific peer, you can avoid this delay by hard clearing the peer or issuing the clear ip bgp wait-end-of-rib command.
Page 166 JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to enable the BGP graceful restart capability. Advertisement of the graceful restart capability is disabled by default. The no neighbor capability negotiation command prevents the advertisement of all BGP capabilities, including graceful restart, to the specified peers. This command takes effect immediately and automatically bounces the session.
Page 167 Chapter 1: Configuring BGP Routing Specify an interval longer than the restart time. This command takes effect immediately and automatically bounces the session. Example host1(config-router)#bgp graceful-restart stalepaths-time 480 Use the no version to restore the default value, 360 seconds. See bgp graceful-restart stalepaths-time. clear ip bgp wait-end-of-rib Use to clear a peer or peer group from the set of peers for which BGP is waiting to receive an End-of-RIB marker after a peer restart.
Page 168: Route Refresh
JUNOSe 11.1.x BGP and MPLS Configuration Guide This command takes effect immediately and automatically bounces the session. Example host1(config-router)#neighbor graceful-restart restart-time 240 Use the no version to restore the default value, 120 seconds. See neighbor graceful-restart restart-time. neighbor graceful-restart stalepaths-time Use to set the maximum time BGP waits to receive an End-of-RIB marker from the specified restarted peer or peer group before flushing all remaining stale routes from that peer.
Page 169: Interactions Between Bgp And Igps
Chapter 1: Configuring BGP Routing configuration. If dynamic capability negotiation was not negotiated for the session, the session is bounced automatically. If you issue the deprecated-dynamic-capability-negotiation, dynamic-capability-negotiation, four-octet-as-numbers, negotiation, or orf keywords, the command takes effect immediately and bounces the session. If the BGP speaker receives a capability message for a capability that BGP did not previously advertise in the dynamic capability negotiation capability, BGP sends a notification to the peer with the error code “...
Page 170: Disabling Synchronization
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 36: Synchronization Synchronization solves this problem by preventing a BGP speaker from advertising a route over an EBGP session until all routers within the speaker’s AS have learned about the route. If the AS contains routers connected by means of an IGP, the BGP speaker cannot propagate a BGP route that it learned from a peer until an IGP route to the prefix has been installed in the BGP speaker’s IP routing table.
Page 171: Figure 37: Disabling Synchronization
Chapter 1: Configuring BGP Routing a result, all the routers receive updates learned by the area border routers from external BGP speakers. Figure 37: Disabling Synchronization If synchronization is disabled, a BGP speaker propagates a BGP route learned from a peer only if it is the best route to the prefix in the IP routing table. However, the speaker does advertise the routes that it originates.
Page 172: Setting The Administrative Distance For A Route
JUNOSe 11.1.x BGP and MPLS Configuration Guide To configure router Chicago: host4(config)#router bgp 200 host4(config-router)#neighbor 3.3.3.1 remote-as 100 To configure router LA: host5(config)#router bgp 300 host5(config-router)#neighbor 1.1.1.1 remote-as 100 host5(config-router)#network 192.56.0.0 synchronization Use to enable and disable synchronization between BGP and an IGP. Synchronization is enabled by default.
Page 173 Chapter 1: Configuring BGP Routing If the IP routing table contains several routes to the same prefix for example, an OSPF route and an IBGP route the route with the lowest administrative distance is used for forwarding. By default, BGP propagates received BGP routes to EBGP routes only if the BGP route is used for forwarding traffic that is, if it is the route with the lowest administrative distance in the IP forwarding table.
Page 174: Figure 38: Administrative Distances
JUNOSe 11.1.x BGP and MPLS Configuration Guide local-distance—Administrative distance for local routes in the range 1–255. The default is 200. The default value is 20 for external routes, 200 for internal route, and 200 for local routes. The new distance is applied to all routes that are subsequently placed in the IP routing table.
Page 175: Configuring Backdoor Routes
Chapter 1: Configuring BGP Routing In this example, both router Albany and router Boston have synchronization turned on. When synchronization is on, BGP propagates a received route to EBGP peers, even if the IP forwarding table contains a non-BGP route with a better administrative distance than the BGP route.
Page 176: Setting The Maximum Number Of Equal-Cost Multipaths
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 40: Backdoor Route You can modify this behavior by issuing the network backdoor command on router host1(config)#router bgp 300 host1(config-router)#neighbor 10.4.4.1 remote-as 400 host1(config-router)#network 172.19.0.0 backdoor Unlike the typical network command, network backdoor does not cause the BGP speaker to advertise the specified prefix.
Page 177: Detecting Peer Reachability With Bfd
Chapter 1: Configuring BGP Routing If you set the value to 1, the router installs the single best route in the IP routing table. If you set the value greater than 1, the router installs that number of parallel routes. maximum-paths Use to set the maximum number of equal-cost multipaths.
Page 178 JUNOSe 11.1.x BGP and MPLS Configuration Guide the BFD protocol session goes down, BGP immediately brings down the BGP session and takes all associated actions. Whenever a BGP session leaves the established state, BGP requests BFD to stop the BFD protocol session. BGP also requests BFD to bring the BFD protocol session down and inform BGP if the local interface goes down.
Page 179: Bfd And Bgp Graceful Restart
Chapter 1: Configuring BGP Routing You can change the BFD liveness detection parameters at any time without stopping or restarting the existing session; BFD automatically adjusts to the new parameter value. However, no changes to BFD parameters take place until the values resynchronize with each peer.
Page 180: Configuring A Confederation
JUNOSe 11.1.x BGP and MPLS Configuration Guide For example, in an AS with 9 BGP peers, the peers can conduct 36 sessions: BGP provides the following two alternative configuration strategies to reduce the number of fully meshed peers: Configure confederations. Configure route reflectors.
Page 181: Figure 41: A Fully Meshed Autonomous System
Chapter 1: Configuring BGP Routing Figure 41: A Fully Meshed Autonomous System Figure 42 on page 146 illustrates how you can create three sub-ASs within AS 29 to greatly reduce the number of peering sessions. According to common practice, use a number from the private range of AS numbers from 64512 to 65535 to identify each sub-AS.
Page 182: Figure 42: A Confederation Of Subautonomous Systems
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 42: A Confederation of Subautonomous Systems The following commands partially configure router Salem: host1(config)#router bgp 64720 host1(config-router)#bgp confederation identifier 29 host1(config-router)#bgp confederation peers 64721 64722 host1(config-router)#neighbor 10.2.25.4 remote-as 64720 host1(config-router)#neighbor 10.2.25.8 remote-as 64721 host1(config-router)#neighbor 10.2.25.2 remote-as 325 The bgp confederation identifier command establishes router Salem as a member of Confederation 29.
Page 183 Chapter 1: Configuring BGP Routing host3(config-router)#neighbor 10.2.25.6 remote-as 29 From router Mason’s perspective, router Boston is simply a member of AS 29: host4(config)#router bgp 413 host4(config-router)#neighbor 10.3.3.2 remote-as 29 bgp confederation identifier Use to establish a router as a member of the specified BGP confederation. To routers outside the confederation, the confederation appears as an autonomous system with an AS number the same as the confederation identifier.
Page 184: Configuring Route Reflectors
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring Route Reflectors Router reflection is an alternative to confederations as a strategy to reduce IBGP meshing. BGP specifies that a BGP speaker cannot advertise routes to an IBGP neighbor if the speaker learned the route from a different IBGP neighbor. A route reflector is a BGP speaker that advertises routes learned from each of its IBGP neighbors to its other IBGP neighbors;...
Page 185: Route Reflection And Redundancy
Chapter 1: Configuring BGP Routing Figure 43: Simple Route Reflection Route Reflection and Redundancy Reliability and redundancy are important issues when using route reflection because the members of a cluster are not fully meshed. For example, if router Harvard in Figure 43 on page 149 goes down, all of its clients are isolated from networks outside the cluster.
Page 186: Route Reflection And Looping
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 45: Route Reflection: Physical and Logical Redundancy Route Reflection and Looping BGP prevents looping between ASs by evaluating the AS-path attribute to determine a route’s origin. Border routers reject routes they receive from external neighbors if the AS path indicates that the route originated within the border router’s AS.
Page 187: Figure 46: Bgp Route Reflection
Chapter 1: Configuring BGP Routing You do not configure a cluster ID, because router Salem is the only route reflector in this cluster. Figure 46: BGP Route Reflection To configure router Concord as a route reflector: host2(config)#router bgp 29 host2(config-router)#neighbor 10.7.1.3 remote-as 29 host2(config-router)#neighbor 10.7.1.3 route-reflector-client host2(config-router)#neighbor 10.7.1.4 remote-as 29 host2(config-router)#neighbor 10.7.1.4 route-reflector-client...
Page 188 JUNOSe 11.1.x BGP and MPLS Configuration Guide You must configure a cluster ID, because router Acton and router Harvard are both route reflectors in this cluster. To configure router Harvard as a route reflector: host4(config)#router bgp 29 host4(config)#bgp cluster-id 23 host4(config-router)#neighbor 10.3.1.2 remote-as 29 host4(config-router)#neighbor 10.3.1.2 route-reflector-client host4(config-router)#neighbor 10.1.2.1 remote-as 29...
Page 189: Configuring Bgp Multicasting
Chapter 1: Configuring BGP Routing Use to configure the local router as the route reflector and the specified neighbor as one of its clients. The reflector and its clients constitute a cluster. BGP neighbors that are not specified as clients are nonclients. Route reflectors pass routes among the client routers.
Page 190 JUNOSe 11.1.x BGP and MPLS Configuration Guide Multicast IPv6 If you specify the multicast IPv6 address family, you can use BGP to exchange routing information about how to reach an IPv6 multicast source instead of an IPv6 unicast destination. For a general description of multicasting, see JUNOSe Multicast Routing Configuration Guide.
Page 191 Chapter 1: Configuring BGP Routing The default setting is to exchange IPv4 addresses in unicast mode from the default router. This command takes effect immediately. Examples host1:vr1(config-router)#address-family ipv4 multicast host1:vr1(config-router)#address-family vpnv4 host1:vr1(config-router)#address-family ipv4 unicast vrf vr2 Use the no version to disable the exchange of a type of prefix. See address-family.
Page 192: Monitoring Bgp Multicast Services
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to indicate that routes of the current address family must not be exchanged with the peer. See neighbor activate. Monitoring BGP Multicast Services To display values from the BGP multicast routing table, use the show BGP commands with the ipv4 multicast keyword.
Page 193: Configuring Bgp/Mpls Vpns
Chapter 1: Configuring BGP Routing host1(config-router-af)#ip route-type both Use the no version to restore the default value, unicast. See ip route-type. See ipv6 route-type. Configuring BGP/MPLS VPNs The BGP multiprotocol extensions enable the exchange of BGP information within different types of address families. The VPN IPv4 address family enables you to configure the router to provide IPv4 VPN services over an MPLS backbone.
Page 194: Monitoring Bgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide The following three items apply to the test ip bgp neighbor command only: The address-family identifier for the route is the same as is used for identifying the neighbor. If you do not specify a route, the test is performed for all routes associated with the address-family identifier.
Page 195 Chapter 1: Configuring BGP Routing Use to set the baseline on all BGP statistics as the current values. For example, if you issue the baseline ip bgp command, all the current values of BGP statistics become the baseline values. If the current value of the Total message sent parameter is 105, and the value goes up to 120 messages, the new value is displayed as 15.
Page 196 JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to specify fields that are displayed by default by any subsequently issued show ip bgp command that displays BGP routes. Use the intro keyword to enable the display of introductory information about BGP attributes.
Page 197 Chapter 1: Configuring BGP Routing Use to display the BGP routing table. If you specify an IP address, displays the route that best matches the specified IP address. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop.
Page 198 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:pe1#show ip bgp 10.88.88.1 BGP route information for prefix 10.88.88.1/32 Network route (best route Advertised to both internal and external peers Address Family Identifier (AFI) is ip-v4 Subsequent Address Family Identifier (SAFI) is unicast Next hop IP address is 0.0.0.0 (metric 2) Multi-exit discriminator is 1 Local preference is not present...
Page 199 Chapter 1: Configuring BGP Routing Reference count is 1 Example 5 Displays information about routes in the route-target address family host1# show ip bgp route-target signaling Local BGP identifier 13.13.13.13, local AS 100 4 routes (240 bytes) 3 destinations (228 bytes) of which 3 have a route 3 routes selected for route tables installation 0 unicast/multicast routes selected for route table installation 0 unicast/multicast tunnel-usable routes selected for route table...
Page 200 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:pe1#show ip bgp route-target signaling network Prefix Weight Route-map Backdoor 102:111:34/96 1111111111:23:1/96 host1:pe1#show ip bgp route-target signaling network 102:111:34 Prefix Weight Route-map Backdoor 102:111:34/96 Example 8 Error message generated when a prefix less than 32 or greater than 96 is specified for the RT-MEM-NLRI host1#show ip bgp route-target signaling 100:100:1/31 % Invalid route-target membership NLRI...
Page 201 Chapter 1: Configuring BGP Routing Local BGP identifier BGP router ID of the local router routes Total number of routes stored in the BGP routing table and amount of memory consumed by routes. If several peers have advertised a route to the same prefix, all routes are included in this count.
Page 202 JUNOSe 11.1.x BGP and MPLS Configuration Guide 0 tunnel-only routes selected for tunnel-route table installation 35097 path attribute entries (5334744 bytes) Local-RIB version 20969483. FIB version 20969483. Statistics baseline set WED JUL 12 2006 10:31:53 METDST See show ip bgp. See show bgp ipv6.
Page 203 Chapter 1: Configuring BGP Routing MED Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route Example host1#show ip bgp neighbors 5.72.116.1 advertised-routes Local BGP identifier 2.2.2.2, local AS 2222 0 routes (0 bytes used), 0 distinct destinations (0 bytes used) 0 routes selected for route table installation 0 path attribute entries (0 bytes used)
Page 204 JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to display information about routes that have nonnatural network masks. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 205 Chapter 1: Configuring BGP Routing show ip bgp community show bgp ipv6 community Use to display all routes that are members of the specified BGP community. Does not accept regular expressions. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop.
Page 206 JUNOSe 11.1.x BGP and MPLS Configuration Guide 40845 paths, 40845 distinct prefixes (2940840 bytes used) 40845 paths selected for route table installation 13651 path attribute entries (1864908 bytes used) Prefix Peer Next-hop MED CalPrf Weight Origin > 24.0.0.0/12 10.5.0.48 10.5.0.48 >...
Page 207 Chapter 1: Configuring BGP Routing NN Number that identifies the community within the autonomous system Example host1#show ip bgp community-list 1 fields peer communities Local router ID 192.168.1.153, local AS 100 72077 paths, 72077 distinct prefixes (5189544 bytes used) 72077 paths selected for route table installation 21627 path attribute entries (2957324 bytes used) Prefix Peer...
Page 208 JUNOSe 11.1.x BGP and MPLS Configuration Guide route flap history Status of route flap history for route paths Prefix The prefix for the IP address Peer IP address of the BGP peer Status Status of route dampening of the route path Figure of Merit A measure of the route's stability.
Page 209 Chapter 1: Configuring BGP Routing Use to display all routes whose AS-path matches the specified AS-path access list. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 210 JUNOSe 11.1.x BGP and MPLS Configuration Guide > 12.2.109.0/24 10.5.0.48 11488 701 7018 10656 > 12.2.169.0/24 10.5.0.48 11488 701 7018 11806 > 12.4.114.0/24 10.5.0.48 11488 701 7018 14065 > 12.4.119.0/24 10.5.0.48 11488 701 7018 14065 > 12.4.175.0/24 10.5.0.48 11488 701 7018 11895 >...
Page 211 Chapter 1: Configuring BGP Routing host1#show ip bgp flap-statistics Local BGP identifier 192.168.1.232, local AS 100 Route flap dampening is enabled Default decay half-life is 15 minutes Default cutoff threshold is 2000, default reuse threshold is 750 Default maximum hold-down time is 60 minutes 307 paths have active route flap histories (27016 bytes used) 5 paths are suppressed Figure...
Page 212 JUNOSe 11.1.x BGP and MPLS Configuration Guide MED Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route AS-path AS-path through which this route bas been advertised Example host1#show ip bgp inconsistent-as Local BGP identifier 192.168.1.10, local AS 123 0 routes (0 bytes used), 0 distinct destinations (0 bytes used) 0 routes selected for route table installation...
Page 213 Chapter 1: Configuring BGP Routing path attribute entries Number of distinct path attributes stored in BGP's internal path attributes table. If BGP receives two routes for different prefixes but with identical path attributes, BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory.
Page 214 JUNOSe 11.1.x BGP and MPLS Configuration Guide negotiated BGP version BGP version being used to communicate with the neighbor Administrative status Desired state of the peer connection Connection state Current state of the BGP connection Connection has been established Time that TCP connection was established Reason for last reset Reason for last reset of the BGP session TCP error code TCP connection error type Default originate Status of default originate (enabled or disabled)
Page 215 Chapter 1: Configuring BGP Routing Negotiated hold time Negotiated maximum time allowed between received messages Configured update source IP address IP address used when sending update messages Local IP address Local IP address used for TCP communication to this peer Local port Local TCP port number used for TCP communication to this peer Remote IP address Remote IP address used for TCP communication to this peer...
Page 216 JUNOSe 11.1.x BGP and MPLS Configuration Guide Negotiated detection time Interval between BFD packets negotiated by peers Advertise-map Name of route map that specifies routes to be advertised when routes in conditional route maps are matched Condition-map Name of route map that specifies routes to be matched by routes in the BGP routing table Sequence Position of the specified advertise route map in a list of advertise route maps configured for a particular peer within the same address-family.
Page 217 Chapter 1: Configuring BGP Routing For the graceful restart capability, additional information is presented. Fields concerning graceful restart attributes that apply to peers as a whole (for all address families): Graceful restart negotiation: Sent restart time is 120 seconds Sent restart state bit is zero (we are not restarting) Received restart time is 120 seconds Received restart state bit is zero (peer is not restarting) Maximum time for keeping stale paths is 360 seconds...
Page 218 JUNOSe 11.1.x BGP and MPLS Configuration Guide Minimum transmit interval is 300 ms Minimum receive interval is 300 ms Multiplier is 3 Waiting for BGP to become established before initiating BFD session Fields relevant to BFD when BFD is configured, the BGP session is established, but the BFD protocol session is not up: BFD is enabled: Single-hop IPv4 BFD session to 1.2.3.4...
Page 219 Chapter 1: Configuring BGP Routing Local BGP identifier BGP router ID of the local router routes Total number of routes stored in the BGP routing table. If several peers have advertised a route to the same prefix, all routes are included in this count.
Page 220 JUNOSe 11.1.x BGP and MPLS Configuration Guide d63.65.12.0/24 192.168.1.158 192.168.1.1 0 inc. d63.73.12.0/24 192.168.1.158 192.168.1.1 0 IGP See show ip bgp neighbors dampened-routes. See show bgp ipv6 neighbors dampened-routes. show ip bgp neighbors paths show bgp ipv6 neighbors paths Use to display path information for the specified BGP neighbor. This command displays only the most common path attributes.
Page 221 Chapter 1: Configuring BGP Routing host1#show ip bgp neighbors 192.168.1.158 received prefix-filter ip prefix-list filter 192.168.1.158 for address family ipv4:unicast seq 5 permit 10.1.1.1/32 seq 10 permit 10.1.1.2/32 seq 15 permit 10.1.1.3/32 See show ip bgp neighbors received prefix-filter. show ip bgp neighbors received-routes show bgp ipv6 neighbors received-routes Use to display routes originating from the specified BGP neighbor before inbound policy is applied.
Page 222 JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to display, after inbound policy is applied, all routes that originate from the specified BGP neighbor. Reports whether the indirect next hop of a route is unreachable; if not, displays the IGP cost to the indirect next hop. If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option.
Page 223 Chapter 1: Configuring BGP Routing 5 routes (200 bytes) 5 destinations (360 bytes) of which 5 have a route 5 routes selected for route table installation 4 path attribute entries (608 bytes) Local-RIB version 33. FIB version 33. Status codes: > best, * invalid, s suppressed, d dampened, r rejected, a auto-summarized Prefix Peer...
Page 224 JUNOSe 11.1.x BGP and MPLS Configuration Guide Indirect next-hop 5.5.5.5 Reachable (metric 2) Direct next-hop atm2/0.35 (35.35.35.5) Reference count is 3 Indirect next-hop 6.6.6.6 Reachable (metric 3) Direct next-hop atm2/0.34 (34.34.34.4) atm2/0.35 (35.35.35.5) Reference count is 3 Indirect next-hop 13.13.13.1 Not reachable Reference count is 2 See show ip bgp next-hops.
Page 225 Chapter 1: Configuring BGP Routing Use to display information about BGP peer groups. Field descriptions BGP peer group Name of a BGP peer group remote AS Number of the remote AS Description Textual description of the BGP peer group Members IP addresses of the members of the BGP peer group Default originate Status of default origination of the BGP peer group EBGP multi-hop Status of EBGP multihop for the peer group IBGP single-hop Status of IBGP single hop for the peer group...
Page 226 JUNOSe 11.1.x BGP and MPLS Configuration Guide Advertise-map Name of route map that specifies routes to be advertised when routes in conditional route maps are matched Condition-map Name of route map that specifies routes to be matched by routes in the BGP routing table Sequence Position of the specified advertise route map in a list of advertise route maps configured for a particular peer group within the same address-family.
Page 227 Chapter 1: Configuring BGP Routing Status: Withdraw Advertise-map is alternatetoR1 Condition-map: trigger2 Sequence: 10 Status: Advertise See show ip bgp peer-group. See show bgp ipv6 peer-group. show ip bgp quote-regexp show bgp ipv6 quote-regexp Use to display information about BGP routes whose AS-path matches the specified regular expression.
Page 228 JUNOSe 11.1.x BGP and MPLS Configuration Guide If you filter the display with field options, the usual introductory information about BGP attributes is displayed only if you issue the intro fields option. See show ip bgp for descriptions of the fields displayed by this keyword. See show ip bgp regexp.
Page 229 Chapter 1: Configuring BGP Routing host1#show ip bgp regexp ^200 | begin Prefix % invalid regular expression Because the show ip bgp quote-regexp command accepts only one string as an argument to the regular expression, output filtering is possible: host1#show ip bgp quote-regexp ^200 | begin Prefix Prefix Next-hop CalPrf...
Page 230 JUNOSe 11.1.x BGP and MPLS Configuration Guide Route flap dampening Status, enabled or disabled Maximum number of equal-cost EBGP paths Number of paths Maximum number of equal-cost IBGP paths Number of paths Log neighbor changes Status, enabled or disabled Fast External Fallover Status, enabled or disabled No maximum received AS-path length Indicates whether limit is set for AS path length and, if set, the limit BGP administrative distances Distances for external, internal, and local...
Page 231 Chapter 1: Configuring BGP Routing Global import route map Route map associated with the VRF that modifies routes imported to the VRF from the global BGP non-VPN RIB. The map applies to both IPv4 and IPv6 routes, unless the field name is preceded by IPv4 (applies the map to only IPv4 routes) or IPv6 (applies the map to only IPv6 routes).
Page 232 JUNOSe 11.1.x BGP and MPLS Configuration Guide Always compare MED is disabled Compare MED within confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dampening is disabled Maximum number of equal-cost EBGP paths is 2 Maximum number of equal-cost IBGP paths is 2...
Page 233 Chapter 1: Configuring BGP Routing See show ip bgp summary. See show bgp ipv6 summary. show ip community-list Use to display routes that are permitted by a BGP community list. Example host1#show ip community-list Community List 1: permit 752877569 (11488:1) permit 752877570 (11488:2) permit 752877571 (11488:3) permit 752877572 (11488:4)
Page 234 JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring BGP...
Page 235: Multiprotocol Layer Switching
Part 2 Multiprotocol Layer Switching MPLS Overview on page 201 Configuring MPLS on page 267 Monitoring MPLS on page 315 Configuring BGP-MPLS Applications on page 379 Multiprotocol Layer Switching...
Page 236: Multiprotocol Layer Switching
JUNOSe 11.1.x BGP and MPLS Configuration Guide Multiprotocol Layer Switching...
Page 237: Mpls Overview
Chapter 2 MPLS Overview This chapter describes Multiprotocol Label Switching (MPLS) and contains the following sections: MPLS Overview on page 202 Conventions for MPLS Topics on page 202 MPLS Terms and Acronyms on page 203 MPLS Features on page 206 MPLS Platform Considerations on page 207 MPLS References on page 207 MPLS Label Switching and Packet Forwarding on page 209...
Page 238: Mpls Overview
JUNOSe 11.1.x BGP and MPLS Configuration Guide LDP-IGP Synchronization on page 249 Determining Peer Reachability with RSVP-TE Hello Messages on page 251 RSVP-TE Graceful Restart on page 254 RSVP-TE Hellos Based on Node IDs on page 256 BFD Protocol and RSVP-TE on page 257 Tunneling Model for Differentiated Services Overview on page 258 EXP Bits for Differentiated Services Overview on page 259 Point-to-Multipoint LSPs Overview on page 262...
Page 239: Mpls Terms And Acronyms
Chapter 2: MPLS Overview Table 22: Conventions for MPLS Terms (continued) In This Chapter In RFCs and Other Sources hello Hello HELLO initialization Initialization INITIALIZATION keepalive Keepalive KEEPALIVE label mapping Label Mapping LABEL_MAPPING label release Label Release LABEL_RELEASE label request Label Request LABEL_REQUEST label request abort...
Page 240: Table 23: Mpls Terms And Acronyms
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 23: MPLS Terms and Acronyms Term Definition Admission control Accounting mechanism that tracks resource information. Prevents requests from being accepted if sufficient resources are not available. Border Gateway Protocol, which provides loop-free interdomain routing between autonomous systems (ASs) and can act as a label distribution protocol for MPLS.
Page 241 Chapter 2: MPLS Overview Table 23: MPLS Terms and Acronyms (continued) Term Definition L-LSP Label-only-inferred-PSC LSP. The label value, and possibly the EXP-bits, are used to determine the per-hop behavior applied to the packet. Label-switching router An MPLS node that can forward layer 3 packets based on their labels MPLS Multiprotocol Label Switching Set of techniques enabling forwarding...
Page 242: Mpls Features
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 23: MPLS Terms and Acronyms (continued) Term Definition Tunnel LSP that is used by an IGP to reach a destination, or an LSP that uses traffic engineering Conventions for MPLS Topics on page 202 Related Topics MPLS Features The following major features are currently supported by MPLS:...
Page 243: Mpls Platform Considerations
Chapter 2: MPLS Overview Admission control and bandwidth enforcement Tunnels used by IGP as next hops in SPF calculation Tunnel ingress controlled failure recovery Facility back-up-style fast-route Traffic support Layer 2 frames: ATM, Ethernet, Frame Relay, HDLC, PPP, VLAN Layer 3 datagrams: IPv4, IPv6 Point-to-multipoint LSP support Data replication at branch nodes E Series routers as egress LSRs...
Page 244 JUNOSe 11.1.x BGP and MPLS Configuration Guide RFC 2205 Resource ReSerVation Protocol (RSVP) -- Version 1, Functional Specification (September 1997) RFC 2209 Resource ReSerVation Protocol (RSVP) -- Version 1, Message Processing Rules (September 1997) RFC 2210 The Use of RSVP with IETF Integrated Services (September 1997) RFC 2211 Specification of the Controlled-Load Network Element Service (September 1997) RFC 2474 Definition of the Differentiated Services Field (DS Field) in the IPv4...
Page 245: Mpls Label Switching And Packet Forwarding
Chapter 2: MPLS Overview RFC 3478 Graceful Restart Mechanism for Label Distribution Protocol (February 2003) RFC 3479 Fault Tolerance for the Label Distribution Protocol (LDP) (February 2003) RFC 3564 Requirements for support of Differentiated Services-aware MPLS Traffic Engineering (July 2003) RFC 4090 Fast Reroute Extensions to RSVP-TE for LSP Tunnels (May 2005) RFC 4364 BGP/MPLS IP Virtual Private Networks (VPNs) (February 2006) RFC 4379 Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures...
Page 246: Mpls Lsrs
JUNOSe 11.1.x BGP and MPLS Configuration Guide Forward the packet to a particular neighbor as directed by the table entry, for example in a Martini layer 2 transport case. NOTE: Forwarding of traffic for labeled IPv6 unicast routes with native IPv6 next-hop addresses does not work.
Page 247: Figure 48: Label Switching
Chapter 2: MPLS Overview an unlabeled data packet and prepends label d to the packet. LSR 2 receives the packet, removes label d and uses it as an index in its forwarding table to find the next label. LSR 2 prepends label e to the packet. LSR 3 does the same thing, removing label e and prepending label u.
Page 248: Mpls Label Stacking
JUNOSe 11.1.x BGP and MPLS Configuration Guide MPLS Label Stacking Figure 49 on page 212 shows an LSP that uses label stacking. The ingress node, LSR 1, receives an unlabeled data packet and prepends label d to the packet. LSR 2 receives the packet, removes label d and uses it as an index in its forwarding table to find the next label, prepending label e to the packet.
Page 249: Ttl Processing In The Platform Label Space
Chapter 2: MPLS Overview still use labels from that space unless you restrict them in turn to a different range of interface labels. In the interface label space, MPLS selects labels from interface resources, a VPI/VCI combination. You configure a VPI range and a VCI range available to the labels. When an upstream LSR requests a label, the downstream LSR allocates a VPI/VCI combination for use as a label between these two peers.
Page 250: Ttl Processing On Incoming Mpls Packets
JUNOSe 11.1.x BGP and MPLS Configuration Guide The default tunnel model varies between TTL and EXP processing; for EXP processing, the default tunnel model is pipe, while for TTL processing the default tunnel model is uniform. You can issue the no mpls ip propagate-ttl command to change the TTL processing tunnel model from the default uniform model to the pipe model.
Page 251: Ttl Processing On Outgoing Mpls Packets
Chapter 2: MPLS Overview Figure 51: TTL Processing on Incoming MPLS Packets TTL Processing on Outgoing MPLS Packets The flow chart on Figure 52 on page 217 illustrates TTL processing on outgoing MPLS packets. Rules for Processing on an LSR On an LSR where an MPLS packet is label-switched after processing on the line module the TTL value in the swapped-to label is decremented by 1 from the incoming TTL value when the swapped-to label is not implicit-null.
Page 252 JUNOSe 11.1.x BGP and MPLS Configuration Guide exposed header's TTL is either left unchanged (when the forwarded option for the mpls ip propagate-ttl command has been configured) or is decremented by 1 from the incoming TTL value. If MPLS needs to push more labels, it sets the TTL for each label according to the following LER rules, because for those labels the router effectively is an ingress LER.
Page 253: Mpls Rules For Ttl Expiration
Chapter 2: MPLS Overview Figure 52: TTL Processing on Outgoing MPLS Packets MPLS Rules for TTL Expiration MPLS takes the following actions when the TTL in a MPLS label of a received MPLS packet expires: A TTL-expired ICMP packet is constructed. The destination address of ICMP packet is set to the source address of the IP packet that was encapsulated in the MPLS packet.
Page 254: Mpls Label Distribution Methodology
JUNOSe 11.1.x BGP and MPLS Configuration Guide The source address of ICMP packet is set to the router ID of the router on which the TTL expired. The first 128 bytes of the MPLS packet including the IP payload encapsulated in the MPLS packet are copied into the payload of the ICMP packet, followed by the entire label stack of the original packet.
Page 255: Figure 53: Lsp Creation, Downstream-On-Demand, Ordered Control
Chapter 2: MPLS Overview In Figure 53 on page 219, LSR A sends a label request to LSR C. Before LSR C responds, it sends its own request to LSR D. LSR D in turn makes a request for a label to LSR F.
Page 256: Mapping Ip Data Packets Onto Mpls Lsps
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 54: LSP Creation, Downstream-Unsolicited, Independent Control MPLS Label Switching and Packet Forwarding on page 209 Related Topics MPLS Label Distribution Methodology on page 218 MPLS Label Distribution Protocols on page 229 Topology-Driven LSPs on page 246 Mapping IP Data Packets onto MPLS LSPs IP packets are mapped onto LSPs by one of the following methods: RSVP-TE tunnels can be referenced directly by static routes that you configure.
Page 257 Chapter 2: MPLS Overview When IP packets arrive at the ingress LER, they are looked up in the relevant IP forwarding table and then are forwarded into an LSP. Every IP route eventually points to an IP interface. The IP interface contains IP attributes that affect how the IP packet is forwarded.
Page 258: Statistics For Ip Packets Moving On Or Off Mpls Lsps
JUNOSe 11.1.x BGP and MPLS Configuration Guide MPLS Label Switching and Packet Forwarding on page 209 Related Topics Spoof Checking MPLS Packets on page 225 Statistics for IP Packets Moving On or Off MPLS LSPs on page 222 Topology-Driven LSPs on page 246 Statistics for IP Packets Moving On or Off MPLS LSPs In the earlier architecture, the statistics for IP packets moving onto or off an LSP applied to the IP interface that was stacked on top of the LSP.
Page 259 Chapter 2: MPLS Overview Unicast Packets 29, Bytes 2469 Multicast Packets 49, Bytes 3522 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 78, Bytes 5786 Unicast Packets 78, Bytes 5786 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0...
Page 260: Mpls Forwarding And Next-Hop Tables
JUNOSe 11.1.x BGP and MPLS Configuration Guide Adjacency statistics: 30 hello recv, 29 hello sent, 0 bad hello recv adj setup time = 00:02:19 last hello recv time = 00:00:00, last hello sent time = 00:00:00 queue 0: traffic class best-effort, bound to atm-vc ATM9/0.10 Queue length 0 bytes Forwarded packets 1, bytes 148 Dropped committed packets 0, bytes 0...
Page 261: Spoof Checking Mpls Packets
Chapter 2: MPLS Overview A spoof check field that specifies the type of spoof checking is performed to determine whether the MPLS packet arrived from a legitimate source. See “Spoof Checking MPLS Packets” on page 225 for more information. See Monitoring MPLS on page 315, for information about enabling statistics Related Topics collection for MPLS forwarding table entries.
Page 262: Explicit Routing For Mpls
JUNOSe 11.1.x BGP and MPLS Configuration Guide For example, in a BGP/MPLS VPN topology, LDP or RSVP-TE adds routes to the tunnel routing table for all available tunnels. BGP performs a lookup in the tunnel routing table so that it can resolve indirect next hops. You can clear the routes from the tunnel routing table.
Page 263: Mpls Interfaces And Interface Stacking
Chapter 2: MPLS Overview Figure 55: Explicit Routing in an MPLS Domain MPLS Interfaces and Interface Stacking The JUNOSe implementation of MPLS employs MPLS major, minor, and shim interfaces. MPLS Major Interfaces An MPLS major interface must be stacked on a layer 2 interface to send or receive MPLS packets on that interface.
Page 264: Mpls Minor Interfaces
JUNOSe 11.1.x BGP and MPLS Configuration Guide MPLS Minor Interfaces When you configure an LSP with the interface tunnel mpls command, RSVP-TE creates an MPLS minor interface to represent the head of the LSP. MPLS minor interfaces are also created by RSVP-TE on the transit and tail LSRs when the LSP is signaled.
Page 265: Mpls Label Distribution Protocols
Chapter 2: MPLS Overview Figure 57: MPLS Interface Stacking for the Interface Label Space MPLS Label Switching and Packet Forwarding on page 209 Related Topics MPLS Label Distribution Methodology on page 218 MPLS Label Distribution Protocols on page 229 MPLS Label Distribution Protocols Label distribution protocols create and maintain the label-to-FEC bindings along an LSP from MPLS domain ingress to MPLS domain egress.
Page 266: Ldp Messages And Sessions
JUNOSe 11.1.x BGP and MPLS Configuration Guide engineering (TE) or quality of service (QoS) capabilities, but they also support best-effort LSPs. LDP Messages and Sessions LDP creates reliable sessions by running over TCP. You do not have to explicitly configure LDP peers, because each LSR actively discovers all other LSRs to which it is directly connected.
Page 267: Rsvp-Te Messages And Sessions
Chapter 2: MPLS Overview continued functioning of the LSR. Failure to receive an expected keepalive message causes an LSR to terminate the LDP session. Label mapping and distribution use downstream-unsolicited, independent control. With downstream-unsolicited, independent control, an LSR creates a label binding whenever it learns a new IGP route;...
Page 268: Rsvp-Te State Refresh And Reliability
JUNOSe 11.1.x BGP and MPLS Configuration Guide If a downstream LSR determines that it received an erroneous path message, it sends a patherr message to the sender. If a reservation (label) request fails, the request initiator sends a resverr message to the downstream LSRs. Both of these messages are advisory and do not alter path or resv state.
Page 269: Ecmp Labels For Mpls
Chapter 2: MPLS Overview advertise this capability only to peers for which the neighbor send-label command has been configured. When BGP advertises labeled routes, it adds a label-to-next-hop mapping (cross-connect) to the MPLS forwarding table. This mapping consists of the in label that BGP allocates from the platform label space plus the MPLS next hop information related to the labeled route's next hop.
Page 270: Supported Tlvs
JUNOSe 11.1.x BGP and MPLS Configuration Guide You can use MPLS trace to determine which paths are present on an MPLS LSR. When the TTL expires on an MPLS LSR, the echo reply that is returned includes a downstream mapping TLV. This TLV contains all the downstream mappings of the LSR on which the TTL expired, if that feature is supported by the LSR.
Page 271: Mpls Connectivity Verification And Troubleshooting Methods
Chapter 2: MPLS Overview Table 24: TLVs Supported by MPLS LSP ping (continued) Type Number Value Comments P2MP Responder Identifier This TLV is included in the MPLS echo request packet to validate whether the IP address specified in the TLV is an IP address of one of the interfaces in the router.
Page 272 JUNOSe 11.1.x BGP and MPLS Configuration Guide In an MPLS-enabled network, however, you cannot use these IP commands to determine MPLS connectivity to a destination. You can use the MPLS ping and trace features to detect data plane failures in LSPs. Specific mpls ping and trace mpls commands enable you to target different types of MPLS applications and network topologies.
Page 273: Point-To-Multipoint Lsps Connectivity Verification At Egress Nodes Overview
Chapter 2: MPLS Overview ping mpls l3vpn ping mpls rsvp tunnel ping mpls vpls trace mpls ip trace mpls l2transport trace mpls l3vpn trace mpls rsvp tunnel trace mpls vpls Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes Overview JUNOSe Software enables you to use the MPLS ping feature to detect data plane failures in point-to-multipoint MPLS LSPs.
Page 274: Rsvp P2Mp Ipv4 Session Sub-Tlv Overview
JUNOSe 11.1.x BGP and MPLS Configuration Guide RSVP P2MP IPv4 Session Sub-TLV Overview The RSVP P2MP IPv4 Session TLV identifies the point-to-multipoint LSP for which you are verifying the data plane. This TLV has a type number of 17. To identify the point-to-multipoint LSP for which you are running diagnostic connectivity checks, the echo request message must carry a Target FEC Stack TLV that contains an RSVP P2MP IPv4 Session sub-TLV.
Page 275: Traceroute Overview
Chapter 2: MPLS Overview of the response by a time interval that is limited by the value specified in the Echo Jitter TLV. The point-to-multipoint MPLS LSP ping functionality in JUNOSe Software supports a delay of up to 30 seconds. If the value specified in the Echo Jitter TLV is not within the supported range, the egress node uses a value within the range as the time to wait to send the echo response.
Page 276: P2Mp Responder Identifier Tlv Operations
JUNOSe 11.1.x BGP and MPLS Configuration Guide packet, the responding egress node delays sending a response for a random amount of time between zero milliseconds and 30 seconds that is predefined for this TLV. If the TLV is not contained in the echo request packet, the responding egress node does not create any additional delay in responding to the echo request.
Page 277: Egress Address P2Mp Responder Identifier Sub-Tlvs
Chapter 2: MPLS Overview Table 26: Sub-TLVs Supported for the P2MP Responder Identifier TLV (continued) Subtype Number Value Comments IPv6 Egress Address P2MP The IPv4 address in the sub-TLV Responder Identifier might be of any physical interface or the router ID of the node itself. IPv6 Node Address P2MP The IPv6 address in the sub-TLV Responder Identifier...
Page 278: Ldp Discovery Mechanisms
JUNOSe 11.1.x BGP and MPLS Configuration Guide Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes Overview on page 237 Verifying and Troubleshooting MPLS Connectivity on page 367 LDP Discovery Mechanisms LDP uses two different mechanisms for peer discovery. Peer discovery removes the need to explicitly configure the label-switching peers for an LSR.
Page 279: Mpls Traffic Engineering
Chapter 2: MPLS Overview The targeted hello includes the LDP identifier for the label space that the LSR intends to use. In the JUNOSe implementation, this is always the platform label space, so the LDP identifier specifies the LSR ID and a value of 0 for the label space. The targeted hello also includes other information, such as the targeted-hello hold time, which is configured globally.
Page 280: Path Option
JUNOSe 11.1.x BGP and MPLS Configuration Guide In this scenario, all the configured LSPs are up and active. If the LSP in use develops problems and goes down, traffic is diverted to the LSP having the next best metric. Path Option You can configure multiple paths for an LSP with the tunnel mpls path-option command.
Page 281: Starting Admission Control
Chapter 2: MPLS Overview Currently, bandwidth (BW) and bandwidth-related information are the only resources tracked and used for traffic engineering. Admission control determines whether a setup request can be honored for an MPLS LSP with traffic parameters. Admission control provides bandwidth information to the IGP protocols, ISIS and OSPF.
Page 282: Lsp Preemption
JUNOSe 11.1.x BGP and MPLS Configuration Guide Flooding frequency Periodicity with which the bandwidth value is flooded, apart from any flooding due to value changes Administrative weight Weight assigned to the interface that supersedes any assigned by the IGP Attribute flags 32-bit value that assigns the interface to a resource class and enables a tunnel to discriminate among interfaces by matching against tunnel affinity bits LSP Preemption...
Page 283: Ldp Graceful Restart
Chapter 2: MPLS Overview Figure 58: LDP Tunneled Through an RSVP-TE Core In the network topology illustrated in Figure 58 on page 247, the RSVP-TE LSP consists of LSR 2, LSR 3, LSR 4, and LSR 5. The LDP LSP consists of LER 1, LSR 2, LSR 5, and LER 6.
Page 284: Table 27: Summary Of Ldp Graceful Restart States
JUNOSe 11.1.x BGP and MPLS Configuration Guide LDP graceful restart if stateful SRP switchover is not configured on the router, the graceful restart capability will not function. You can configure an LSR to restart itself gracefully and to support graceful restart in its neighbors (helper mode), or helper mode alone.
Page 285: Ldp-Igp Synchronization
Chapter 2: MPLS Overview the stale mappings from the LSR. The configurable value represents the maximum time that the neighbor waits for the restarting LSR to reestablish the LDP session. This enables the neighbor to avoid having to wait an unreasonably long time set by the reconnect timeout value from the restarting LSR.
Page 286: Synchronization Behavior During Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide When an LDP hello adjacency or an LDP session with a peer is lost due to some error while the IGP still points to that peer. IP forwarding of traffic continues on the IGP link associated with the LDP peer rather than being shifted to another IGP link with which LDP is synchronized.
Page 287: Synchronization Behavior On Lan Interfaces
Chapter 2: MPLS Overview During LDP graceful restart, no synchronization operations are done. If the LDP graceful restart is terminated, LDP notifies the IGPs to advertise the links with the maximum metric. Synchronization Behavior on LAN Interfaces LDP-IGP synchronization does not take place on LAN interfaces unless the IGP has a point-to-point connection over the LAN configured on the interface.
Page 288: Hello Message Objects
JUNOSe 11.1.x BGP and MPLS Configuration Guide Hello Message Objects Hello messages can contain a hello request object or a hello ack object. These objects provide a way to request an instance value from a peer and to provide an instance value to a peer.
Page 289: Determination That A Peer Has Reset
Chapter 2: MPLS Overview Peer A receives the hello ack and sends another hello request to peer B. The request object contains the following: Source instance = 5 (generated by Peer A for this adjacency) Destination instance = 8 (the source instance generated by Peer B for this adjacency) The two peers continue exchanging hello messages until the LSP is torn down.
Page 290: Rsvp-Te Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide When a peer determines that communication has been lost, it can reinitiate the sending of hello messages. In this case, the peer generates a new source instance different than the one it previously used for communication with its peer. RSVP-TE Graceful Restart RSVP-TE graceful restart enables routers to maintain MPLS forwarding state when a link or node failure occurs.
Page 291: Recovery Behavior
Chapter 2: MPLS Overview When a neighboring router that has been configured as a graceful restart helper determines that the number of continuous missing hellos has reached the configured hello miss limit, it declares the router to be down. The helper router then waits for a period equal to the restart time that it received from the router and stored before the failure.
Page 292: Preservation Of An Established Lsp Label
JUNOSe 11.1.x BGP and MPLS Configuration Guide The helper router removes the stale flag for the RSVP-TE state when it receives the corresponding state in path or resv messages sent by the restarting router. When the recovery period expires, the helper router deletes any RSVP-TE states that still have a stale flag.
Page 293: Bfd Protocol And Rsvp-Te
Chapter 2: MPLS Overview Node-based hellos are an attractive alternative to link-based hellos for graceful restart when you use bidirectional forwarding detection (BFD) for link monitoring and you have configured node-based hellos on all RSVP-TE peers. Link-based RSVP-TE hellos are used for monitoring RSVP-TE adjacencies with neighboring routers and for providing RSVP-TE graceful restart.
Page 294: Tunneling Model For Differentiated Services Overview
JUNOSe 11.1.x BGP and MPLS Configuration Guide At least one RSVP-TE LSP exists between (passes through) a pair of directly connected RSVP-TE major interfaces. Both interfaces are BFD-enabled. Consequently, when the last LSP is torn down between the interfaces, the BFD session is no longer required and is brought down as well.
Page 295: Uniform Model
Chapter 2: MPLS Overview Uniform Model The uniform model of tunneling renders MPLS transparent to the differentiated services operation. From the diff-serv perspective, it is as if MPLS is not used. In the uniform model, if traffic conditioning is applied somewhere along the LSP, the EXP bits of the inner header must be changed at the egress when the inner header becomes the outer header (because of the pop of the outer label).
Page 296: Setting The Exp Bits For Outgoing Traffic
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 59 on page 261 illustrates how the initial value of the EXP bits is set for the first label pushed. Figure 60 on page 262 illustrates how the EXP bits can be changed for all labels, including the first label, by attached policies or per-VR EXP rules.
Page 297: Figure 59: Flow For Initial Setting Of Exp Bits For The First Label Pushed
Chapter 2: MPLS Overview Figure 59: Flow for Initial Setting of EXP Bits for the First Label Pushed Figure 59 on page 261 shows how packet type and configuration determine how the EXP bits are set for the first label pushed. EXP Bits for Differentiated Services Overview...
Page 298: Point-To-Multipoint Lsps Overview
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 60: Flow for Setting EXP Bits for All Pushed Labels Configuring EXP Bits for Differentiated Services on page 300 Related Topics Configuring MPLS and Differentiated Services on page 299 Point-to-Multipoint LSPs Overview A point-to-multipoint MPLS LSP is an RSVP-TE LSP with a single ingress LSR and one or more egress LSRs.
Page 299: Using E Series Routers As Egress Lsrs
Chapter 2: MPLS Overview Although you can use point-to-point LSPs to provide point-to-multipoint services, this type of configuration can cause data replication at the ingress LSR or duplicate traffic within the network. You can use the traffic engineering (TE) capability of LSPs to achieve consistent QoS control and efficient use of network resources, and create point-to-multipoint LSPs to deliver data from one ingress LSR to multiple egress LSRs.
Page 300: Figure 61: Simple Mpls Domain
LSR 8 and LSR 1 is an example of this type. NOTE: You cannot use E Series routers as core or ingress LSRs. You need to use Juniper Networks routers running JUNOS software to function as core or ingress LSRs in the point-to-multipoint LSP.
Page 301: Point-To-Multipoint Lsps Configuration
Chapter 2: MPLS Overview Point-to-Multipoint LSPs Configuration To set up a point-to-multipoint LSP, you configure the primary LSP from the ingress router and the branch LSPs that carry traffic to the egress routers. The configuration of the primary point-to-multipoint LSP is similar to a signaled LSP. In addition to the conventional LSP configuration, you specify a path name on the primary LSP and this same path name on each branch LSP.
Page 302 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config)#mpls create-dynamic-interfaces ip on-major-interfaces profile dynip For all types of labels that are advertised for the LSR that is the egress router for the prefix, you must complete the following steps, in addition to those detailed earlier, on the E Series router: Enable IGMP on the interface which owns the route to the source by using the ip igmp command.
Page 303: Configuring Mpls
Chapter 3 Configuring MPLS This chapter describes how to configure Multiprotocol Label Switching (MPLS) on the router, and contains the following sections: Basic MPLS Configuration Tasks on page 268 MPLS Global Configuration Tasks on page 269 LDP and RSVP-TE Interface Profile Configuration Tasks on page 273 MPLS Interface Configuration Tasks on page 274 MPLS Tunnel Configuration Tasks on page 276 MPLS Tunnel Profile Configuration Tasks on page 277...
Page 304: Basic Mpls Configuration Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide Classifying Traffic for Differentiated Services on page 303 Example Traffic Class Configuration for Differentiated Services on page 308 Basic MPLS Configuration Tasks Configuring an MPLS network includes a number of tasks: To configure an MPLS network: Configure settings common to all MPLS usage on a given LSR.
Page 305: Mpls Global Configuration Tasks
Chapter 3: Configuring MPLS To configure LDP and RSVP-TE, depending on your network topology and needs: Configure LDP features depending on your network design. See “Additional LDP Configuration Tasks” on page 281. Configure RSVP-TE features depending on your network design. See “Additional RSVP-TE Configuration Tasks”...
Page 306: Ldp Global Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide (Optional) Specify whether to create dynamic IP interfaces on top of MPLS major interfaces and optionally what profile to use for them. host1(config)#mpls create-dynamic-interfaces ip on-major-interfaces profile v4intf LDP Global Tasks Typically, you do not configure anything for LDP at the global level, but you can perform the following optional tasks.
Page 307 Chapter 3: Configuring MPLS host1(config)#mpls ldp session keepalive-time 180 (Optional) Specify an IP address to be advertised to peers as the transport address in discovery hello messages. host1(config)#mpls ldp discovery transport-address 192.168.34.2 (Optional) Configure independent control as the method of label distribution that LDP uses.
Page 308: Rsvp-Te Global Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide RSVP-TE Global Tasks Typically, you do not configure anything for RSVP-TE at the global level, but you can perform the following optional tasks. (Optional) Enable RSVP-TE. Any RSVP-TE–related command creates RSVP-TE implicitly, negating the need to issue this command. host1(config)#mpls rsvp (Optional) Configure a global RSVP-TE profile that specifies the timeout period in milliseconds between generation of RSVP refresh messages, the number of...
Page 309: Ldp And Rsvp-Te Interface Profile Configuration Tasks
Chapter 3: Configuring MPLS You can also force an immediate search for better paths for all existing LSPs. host1#mpls reoptimize (Optional) Enable refresh reduction and message bundling. host1(config)#mpls rsvp refresh-reduction host1(config)#mpls rsvp message-bundling (Optional) Configure the egress router to advertise the explicit null label. host1(config)#mpls rsvp egress-label explicit-null LDP and RSVP-TE Interface Profile Configuration Tasks The interface profile configuration tasks are optional tasks you may need to perform...
Page 310: Mpls Interface Configuration Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide messages, the number of refresh messages that can be lost before the PATH or RESV state is ended, or both. host1(config-rsvp)#refresh-period 60000 host1(config-rsvp)#cleanup-timeout-factor 9 MPLS Interface Configuration Tasks These tasks are performed at the major interface over which you want to run MPLS. Creating or accessing an interface places the CLI in Interface Configuration mode.
Page 311: Ldp Interface Tasks
Chapter 3: Configuring MPLS LDP Interface Tasks To configure LDP on the interface: Start LDP on the interface. Using the default values (an implicit default profile): host1(config-if)#mpls ldp Using a previously created profile: host1(config-if)#mpls ldp profile ldp5 (Optional) Suppress transmission of link hello messages to all LSRs. host1(config-if)#mpls ldp link-hello disable RSVP-TE Interface Tasks To configure RSVP-TE on the interface:...
Page 312: Mpls Tunnel Configuration Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide (Optional) Configure an administrative weight for the interface that overrides the weight assigned by the IGP. host1(config-if)#mpls traffic-eng administrative-weight 25 MPLS Tunnel Configuration Tasks Complete the following tasks to configure a tunnel interface. Configure the tunnel endpoint last;...
Page 313: Mpls Tunnel Profile Configuration Tasks
Chapter 3: Configuring MPLS (Optional) Associate a text description with the tunnel. host1(config-if)#tunnel mpls description southshore Configure the tunnel endpoint. host1(config-if)#tunnel destination 10.12.21.5 MPLS Global Configuration Tasks on page 269 Related Topics MPLS Interface Configuration Tasks on page 274 MPLS Tunnel Configuration Tasks on page 276 MPLS Tunnel Profile Configuration Tasks on page 277 Additional LDP Configuration Tasks on page 281 Additional RSVP-TE Configuration Tasks on page 286...
Page 314 JUNOSe 11.1.x BGP and MPLS Configuration Guide To configure a tunnel profile: Create an MPLS tunnel profile and enter Tunnel Profile Configuration mode. host1(config)#mpls tunnels profile Lisbon (Optional) Configure the LSP to announce its endpoint to an IGP. host1(config-tunnelprofile)#tunnel mpls autoroute announce isis (Optional) Specify a tunnel metric to be used by an IGP in its SPF calculation.
Page 315: Configuring Explicit Routing For Mpls
Chapter 3: Configuring MPLS When an endpoint is dynamically learned from the specified routing protocol, MPLS searches its tunnel profiles for a match. The dynamic tunnel is established using the settings from the first matching profile. MPLS Global Configuration Tasks on page 269 Related Topics MPLS Interface Configuration Tasks on page 274 MPLS Tunnel Configuration Tasks on page 276...
Page 316: Defining Configured Explicit Paths
JUNOSe 11.1.x BGP and MPLS Configuration Guide Defining Configured Explicit Paths You can create explicit routing paths manually by configuring an explicit path with a name and a series of addresses (hops) from ingress to egress. To manually configure explicit routing: Define an explicit path and access Explicit Path Configuration mode.
Page 317: Configuring Dynamic Explicit Paths On A Tunnel
Chapter 3: Configuring MPLS Configuring Dynamic Explicit Paths on a Tunnel You can create explicit routing paths dynamically with a routing protocol. IS-IS and OSPF both currently support explicit routing. To configure dynamic explicit routing: Create an MPLS tunnel. host1(config)#interface tunnel mpls:bilbao5 Set the path option.
Page 318: Configuring Ldp Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 62: FEC Aggregation and Equal-Cost Paths In this example, LSR 2 uses FEC aggregation, but LSR 3 does not. Consequently, LSR 2 advertises the single label e, mapped to a FEC that includes both prefixes, 10.10.22.0/24 and 10.43.12.0/24.
Page 319: Configuring Ldp Autoconfiguration
Chapter 3: Configuring MPLS Enable LDP graceful restart and graceful restart helper mode. host1(config)#mpls ldp graceful-restart (Optional) Specify the length of time you want the neighbors to wait for the gracefully restarting router to resume sending LDP messages to neighbors after the LDP connection between them fails.
Page 320: Configuring Ldp-Igp Synchronization
JUNOSe 11.1.x BGP and MPLS Configuration Guide To configure LDP autoconfiguration to ensure that LDP is configured on all interfaces running the IGP: Specify whether LDP is created automatically on the current interface or all interfaces: Create LDP on all interfaces in the IGP router context host1(config)#router ospf 1 host1(config-router)#mpls ldp autoconfig area 1 Create LDP on the current interface...
Page 321: Configuring Ldp Md5 Authentication
Chapter 3: Configuring MPLS mpls ldp igp sync holddown mpls ldp sync Configuring LDP MD5 Authentication LDP MD5 authentication provides protection against spoofed TCP segments that can be introduced into the connection streams for LDP sessions. Authentication is configurable for both directly connected and targeted peers. You configure a shared secret (password) on potential LDP peers.
Page 322: Controlling Ldp Label Distribution
JUNOSe 11.1.x BGP and MPLS Configuration Guide Controlling LDP Label Distribution By default, LDP advertises label mappings for all IGP prefixes to all LDP peers. In this case, mappings are not advertised for interface addresses. You can alternatively specify that LDP labels be distributed for a particular interface itself, in addition to the subnet that the interface is on.
Page 323: Configuring Rsvp Md5 Authentication
Chapter 3: Configuring MPLS Configure RSVP MD5 authentication to provide hop-by-hop security. See “Configuring RSVP MD5 Authentication” on page 287. Configure fast reroute extensions to RSVP-TE to create a bypass tunnel. See “Configuring RSVP-TE Fast Rerouting with RSVP-TE Bypass Tunnels” on page 288.
Page 324: Configuring Rsvp-Te Fast Rerouting With Rsvp-Te Bypass Tunnels
JUNOSe 11.1.x BGP and MPLS Configuration Guide The receiver uses the key ID and the sender’s address to determine the relevant security association. The key ID is extracted from the received integrity object. The address of the sending interface is extracted from the rsvp_hop object, if present, or from the packet header if the message does not include the rsvp_hop object.
Page 325: Figure 63: Bypass Tunnel
Chapter 3: Configuring MPLS Each bypass tunnel provides 1:N local protection; that is, each bypass tunnel can protect one or more links depending on where you have configured it. The protected primary LSPs are stacked over the bypass tunnel to redirect their traffic around the failure.
Page 326: Configuration Example
JUNOSe 11.1.x BGP and MPLS Configuration Guide You can use the tunnel mpls path-option command to configure path options on the bypass tunnel. However, the link being protected by the bypass tunnel must not be in the path if you specify an explicit path. Configuration Example The following steps show a partial configuration using the topology in Figure 63 on page 289:...
Page 327: Configuring Rsvp-Te Hello Messages To Determine Peer Reachability
Chapter 3: Configuring MPLS For more information about these commands,see JUNOSe Physical Layer Configuration Guide mpls backup-path tunnel mpls fast-reroute Configuring RSVP-TE Hello Messages to Determine Peer Reachability The RSVP-TE hello feature enables RSVP-TE peers to exchange hello messages and establish a hello adjacency.
Page 328: Configuring Rsvp-Te Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-if)#mpls rsvp signalling hello refresh misses 5 NOTE: Issuing the refresh interval or the refresh misses keywords only configures the refresh values; this action has no effect on enabling or disabling hellos. Basic MPLS Configuration Tasks on page 268 Related Topics Additional RSVP-TE Configuration Tasks on page 286 mpls rsvp signalling hello...
Page 329: Configuring Rsvp-Te Hellos Based On Node Ids
Chapter 3: Configuring MPLS mpls rsvp signalling hello graceful-restart mpls rsvp signalling hello graceful-restart recovery-time mpls rsvp signalling hello graceful-restart restart-time Configuring RSVP-TE Hellos Based on Node IDs You can configure the exchange of node-ID–based RSVP-TE hellos (node hellos) for interoperability with routers that cannot support RSVP-TE graceful restart with link-based hellos.
Page 330: Configuring The Bfd Protocol For Rsvp-Te
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring the BFD Protocol for RSVP-TE Configure the Bidirectional Forwarding Detection (BFD) protocol for RSVP-TE to more rapidly detect failures in a network and enable faster rerouting around the failures. You can modify the BFD timers for more or less aggressive failure detection. When configured, BFD liveness detection is established with all BFD-enabled RSVP-TE peers associated with that RSVP-TE major interface.
Page 331: Configuring Igps And Mpls
Chapter 3: Configuring MPLS NOTE: You can change the BFD liveness detection parameters at any time without stopping or restarting the existing session; BFD automatically adjusts to the new parameter value. However, no changes to BFD parameters take place until the values resynchronize with each peer.
Page 332: Configuring Igps And Mpls
JUNOSe 11.1.x BGP and MPLS Configuration Guide The following commands announce the tunnel to OSPF and specify a relative metric Example 1 of -2: host1(config-if)#tunnel mpls autoroute announce ospf host1(config-if)#tunnel mpls autoroute metric relative -2 By default, the LSP is preferred to reach the tunnel endpoint. OSPF will treat this LSP as having a metric of 2 less than the shortest path metric it has calculated.
Page 333: Configuring The Igps For Traffic Engineering
Chapter 3: Configuring MPLS The tunnel metric can be absolute or relative. An absolute metric indicates there is no relationship to the underlying IGP cost. A relative metric is added to or subtracted from the underlying IGP shortest path cost. The following commands announce the tunnel to OSPF and specify a relative metric Example 1 of -2:...
Page 334 JUNOSe 11.1.x BGP and MPLS Configuration Guide When you configure a node as the downstream endpoint of an LSP, you must provide a stable interface as the router ID for the endpoint. Typically you select a loopback interface because of its inherent stability. Use the mpls traffic-eng router-id command to designate the router as traffic engineering capable and to specify the router ID.
Page 335: Configuring Mpls And Differentiated Services
Chapter 3: Configuring MPLS Configuring MPLS and Differentiated Services TIP: Before you read this section, we recommend you be thoroughly familiar with the concepts of the JUNOSe QoS application. MPLS employs several strategies to manage different kinds of data streams based on service plans and priority: Different conceptual models of diff-serv tunneling that either conceal intermediate LSP nodes from diff-serv operations or render the MPLS network transparent to...
Page 336: Configuring Exp Bits For Differentiated Services
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring MPLS and Differentiated Services on page 299 Example Differentiated Services Application and Configuration on page 300 Configuring EXP Bits for Differentiated Services To set the initial value of the EXP bits to the UPC value associated with the packets: Issue the mpls copy-upc-to-exp command.
Page 337: Differentiated Services Configuration Example
Chapter 3: Configuring MPLS egress queuing is based on the IP precedence value. This action takes place on the egress line module. Plain VPN service For CE-to-PE traffic, the VPN EXP bits are set to 000 when the PE router pushes VPN stacked labels. For PE-to-CE traffic, IP policy on the PE router resets the traffic-class/color combination to the default value, best-effort/green, so that packets are queued as best-effort.
Page 338 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-policy-list-classifier-group)#traffic-class class1 host1(config-policy-list-classifier-group)#color green host1(config)#interface atm 3/0.1 host1(config-subif)#ip policy input qos-service Create and attach an IP input policy for the plain Internet service to CE interfaces on the PE router for incoming traffic. All traffic is treated as best effort, so no classifier group is necessary.
Page 339: Classifying Traffic For Differentiated Services
Chapter 3: Configuring MPLS host1(config-policy-list-classifier-group)#color green host1(config)#interface pos 0/0 host1(config-subif)ip policy output core-ip-policy For traffic from the core, configure per-VR rules or per-LSP policies to set the traffic-class/color combination and therefore shape the egress traffic queue according to the value of the EXP bits in the base label. This action causes host1(config)#mpls match exp-bits <value>...
Page 340: Table 30: Examples Of Incoming L-Lsp Phb Determination
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 29: Incoming L-LSP PHB Determination (continued) EXP Field AFn1 AFn2 AFn3 For nonstandard PHBs (any that are not listed in Table 29 on page 303), the JUNOSe software uses mapping similar to AFn mapping; EXP 001 is mapped to color green, EXP 010 is mapped to yellow, and EXP 011 is mapped to red.
Page 341: Configuring Static Exp-To-Phb Mapping
Chapter 3: Configuring MPLS For nonstandard PHBs, the mapping is similar to AFn mapping. Red color maps to 011, yellow maps to 010, and green maps to 001. Tasks to perform static configuration and signaled mapping between the EXP bits and the PHB of traffic include the following sets of tasks: Configuring Static EXP-to-PHB Mapping on page 305 Signaled Mapping for RSVP-TE Tunnels on page 305...
Page 342: Figure 65: Associations Between Phb Id, Exp Bits, And Traffic
JUNOSe 11.1.x BGP and MPLS Configuration Guide For transit routers and egress routers along the path of the LSP, the incoming EXP bits are matched to determine the traffic class and drop preference (color red, yellow, or green). This matching is accomplished by means of a policy corresponding to the signaled EXP-to-PHB mapping that is created and attached when the LSP is established.
Page 343: Figure 66: Signaled Mapping
Chapter 3: Configuring MPLS Figure 66: Signaled Mapping To define a policy rule that sets the EXP bits in packets to which the policy is applied: Issue the mark-exp command. host1(config-policy-list)#mark-exp 5 classifier-group claclEXP precedence 32 To create or modify an MPLS classifier control list to match on traffic class/color combination or EXP bits: Issue the mpls classifier-listcommand.
Page 344: Preference Of Per-Vr Versus Per-Lsp Behavior
JUNOSe 11.1.x BGP and MPLS Configuration Guide Issue the mpls policy-statistics command. host1#mpls policy-statistics boston2dc Policy statistics are displayed when you issue the show mpls forwarding or show mpls tunnel command, if a policy is attached and policy statistics are enabled. To specify the traffic class for which LSP-level queues are created and the scheduler profile to be used with the queues: Issue the mpls traffic-class command.
Page 345: Table 32: Differentiated Services Mapping
Chapter 3: Configuring MPLS Table 32: Differentiated Services Mapping PHB ID 6-bit PHB ID Traffic Class/Color 0x0000 best-effort/green AF11 0x2800 af1/green AF12 0x3000 af1/yellow AF13 0x3800 af1/red AF21 0x4800 af2/green AF22 0x5000 af2/yellow AF23 0x5800 af2/red 0xb800 ef/green NOTE: This example includes both MPLS and policy configuration commands, and assumes that you are thoroughly familiar with the information and commands presented in the JUNOSe Policy Management Configuration Guide.
Page 346: Configuration On The Ingress Router
JUNOSe 11.1.x BGP and MPLS Configuration Guide [Queue configuration omitted] host1(config)#queue-profile af2-queues [Queue configuration omitted] host1(config)#queue-profile ef-queues [Queue configuration omitted] The scheduler and queue profiles are referenced in QoS profiles. For example, you can create a QoS profile for port-based per-class queuing or for LSP-level per-class queuing (configuration omitted).
Page 347: Configuration On The Ingress And Transit Routers
Chapter 3: Configuring MPLS host1(config)#classifier-list af2-packets host1(config)#classifier-list ef-packets Define a policy that maps the selected packets into traffic classes. For the assured forwarding classes, this example uses rate limit profiles to set the colors. host1(config)#policy-list classify-packets host1(config-policy-list)#traffic-class best-effort classifier-group bf-packets host1(config-policy-list)#traffic-class ef classifier-group ef-packets host1(config-policy-list)#traffic-class af1 classifier-group af1-packets host1(config-policy-list)#traffic-class af2 classifier-group af2-packets...
Page 348: Configuration On The Transit And Egress Routers
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-policy-list)#mark 1 classifier-group af1-green host1(config-policy-list)#mark 2 classifier-group af1-yellow host1(config-policy-list)#mark 3 classifier-group af1-red host1(config-policy-list)#mark 4 classifier-group af2-green host1(config-policy-list)#mark 5 classifier-group af2-yellow host1(config-policy-list)#mark 6 classifier-group af2-red host1(config-policy-list)#mark 7 classifier-group ef-green NOTE: For a topology-driven LSP, you have to configure and apply the classifier list and policy list manually.
Page 349 Chapter 3: Configuring MPLS The packets are forwarded to the appropriate fabric queue according to the traffic class/color combination. On a transit router, when the packet is forwarded out of the tunnel, the router-generated output policy then sets the EXP bits back according to the traffic class/color combination.
Page 350 JUNOSe 11.1.x BGP and MPLS Configuration Guide Example Traffic Class Configuration for Differentiated Services...
Page 351: Monitoring Mpls
Chapter 4 Monitoring MPLS This chapter describes the commands you can use to monitor and troubleshoot Multiprotocol Label Switching (MPLS) on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 352: Setting The Baseline For Mpls Statistics
JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring LDP Targeted Hello Receive and Send Lists on page 337 Monitoring MPLS Status and Configuration on page 338 Monitoring MPLS Explicit Paths on page 341 Monitoring the RSVP-TE Bypass Tunnels on page 341 Monitoring MPLS Labels Used for Forwarding on page 342 Monitoring MPLS Interfaces on page 343 Monitoring MPLS Minor Interfaces on page 349...
Page 353: Enabling And Setting A Baseline For Mpls Forwarding Table Statistics
Chapter 4: Monitoring MPLS Issue the baseline mpls interface command for a specific MPLS major interface. host1#baseline mpls interface boston5 There is no no version. The following statistics are maintained for each MPLS major interface: receive packets and transmit packets and octets octets receive discarded packets...
Page 354: Enabling And Setting A Baseline For Mpls Next-Hop Table Statistics
JUNOSe 11.1.x BGP and MPLS Configuration Guide Enabling and Setting a Baseline for MPLS Next-Hop Table Statistics To enable and set a statistics baseline for MPLS next-hop table entries: Issue the mpls statistics next-hop command to enable the statistics for a specific MPLS next hop.
Page 355: Clearing And Re-Creating Dynamic Interfaces From Mpls Major Interfaces
Chapter 4: Monitoring MPLS Statistics are not stored in NVS. When enabled, the following statistics are maintained for each policy: packets and bytes classifier group EXP bits value To disable collection of policy statistics for a specific MPLS tunnel: Issue the no mpls statistics policy command. host1#no mpls statistics policy tunnel5 Clearing and Re-Creating Dynamic Interfaces from MPLS Major Interfaces To remove and re-create dynamic IPv4 interfaces and dynamic IPv6 interfaces from...
Page 356: Tracing Paths Through The Mpls User Plane
JUNOSe 11.1.x BGP and MPLS Configuration Guide Issue the clear ipv6 tunnel-routes command. host1(config)#clear ipv6 tunnel-routes * There is no no version. This command takes effect immediately. clear ipv6 tunnel-routes Related Topics Tracing Paths Through the MPLS User Plane To trace paths through the MPLS user plane. Purpose To trace the path that packets follow enroute to the destination IP address Action...
Page 357: Table 33: Show Atm Vc Output Fields
Chapter 4: Monitoring MPLS ATM 3/0.8100 1 8100 8100 PVC SNAP 0 DOWN 8000 circuit(s) found Reserved VCC ranges: Start Start End End Interface VPI VCI --------- ----- ----- --- --- ATM 2/0 2 102 ATM 2/0 3 303 2 reservation(s) found To display a summary of all reserved VC ranges on the router, including those reserved for MPLS use: host1#show atm vc reserved...
Page 358: Monitoring Global Call Admission Control Configuration
JUNOSe 11.1.x BGP and MPLS Configuration Guide show atm vc Related Topics Monitoring Global Call Admission Control Configuration Display global call admission control (CAC) configuration. Purpose To display CAC configuration: Action host1#show cac resource info flood interval 180 show cac Related Topics Monitoring Interfaces Configured with Traffic Engineering Bandwidth Accounting Display interfaces on which traffic engineering bandwidth accounting is configured.
Page 359: Monitoring Virtual Router Configuration
Chapter 4: Monitoring MPLS Table 34: show cac interface Output Fields (continued) Field Name Field Description current total available bw Total bandwidth in Kbps that is available to be reserved MPLS TE flooding threshold Absolute percentages of total reservable bandwidth that trigger the up/down flooding of the new bandwidth value throughout the network;...
Page 360 JUNOSe 11.1.x BGP and MPLS Configuration Guide Prefix/Length Type Next Hop Dst/Met Interface ------------------ --------- --------------- ---------- ---------------------------------------- 200.200.200.1/32 111.111.1.1[L18 110/2 ATM5/1.1 Rsvp 200.200.200.1[L 110/2 ATM5/1.1 To display information about all IPv6 tunnel routes: host1:pe1:pe11# show ipv6 tunnel-route all Protocol/Route type codes: O- OSPF, E1- external type 1, E2- external type2, N1- SSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop...
Page 361: Monitoring Ldp
Chapter 4: Monitoring MPLS Table 35: show ip tunnel route and show ipv6 tunnel-route Output Fields Field Name Field Description Prefix IPv4 or IPv6 address prefix of network destination Length Network mask length for prefix Type Type of route; protocol Next Hop IP address of the next hop to the route, whether it is a local interface or another router;...
Page 362: Table 36: Show Ldp Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide NOTE: The mpls keyword is optional and is provided for compatibility with non–E Series implementations. Table 36 on page 326 lists the show ldp command output fields. Meaning Table 36: show ldp Output Fields Field Name Field Description LSR ID...
Page 363: Monitoring Mpls Label Bindings
Chapter 4: Monitoring MPLS Table 36: show ldp Output Fields (continued) Field Name Field Description totalOutLabels Number of out labels (received from downstream neighbor) totalCrLSPSetup Number of constraint-based routed LSPs set up totalCrLSPDeleted Number of constraint-based routed LSPs deleted show ldp Related Topics Monitoring MPLS Label Bindings Use to display label bindings from the MPLS label information base.
Page 364: Monitoring Ldp Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 37: show ldp binding and show mpls binding Output Fields Field Name Field Description Label sent to upstream neighbor for displayed route Label received from downstream neighbor for displayed route neighbor IP address of neighbor to which the label is sent or received stale Label that indicates neighbor has restarted show ldp binding...
Page 365: Monitoring Interfaces That Are Synchronizing With Ldp
Chapter 4: Monitoring MPLS Table 38: show ldp graceful restart Output Fields (continued) Field Name Field Description Reconnect Time Locally configured value for reconnect time, in seconds Recovery Time Locally configured value for recovery time, in seconds Max Recovery Time Locally configured value for max-recovery timer, in seconds Neighbor Liveness Timer Locally configured value for neighbor-liveness timer, in seconds...
Page 366: Monitoring Ldp Interfaces
JUNOSe 11.1.x BGP and MPLS Configuration Guide show ldp igp-sync Related Topics Monitoring LDP Interfaces Display information about all LDP interfaces or the specified LDP interface. Purpose To display information about all LDP interfaces: Action host1#show ldp interface Interface ATM6/0.120 Interface address: 192.168.12.1/28 Enabled with profile 'default' Configured hold time: 15...
Page 367 Chapter 4: Monitoring MPLS Table 40: show ldp interface Output Fields (continued) Field Name Field Description Configured hold time Configured period for which a sending LSR maintains a record of link hello messages from the receiving LSR without receipt of another link hello message from that LSR, in seconds Hello interval Negotiated interval between link-hello packets, in seconds...
Page 368: Monitoring Ldp Neighbors
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 40: show ldp interface Output Fields (continued) Field Name Field Description bad hello recv Number of hello messages received bad adj setup time Time in hh:mm:ss since adjacency set up last hello recv time Time in hh:mm:ss since last hello message received last hello sent time Time in hh:mm:ss since last hello message sent...
Page 369: Table 41: Show Ldp Neighbor Output Fields
Chapter 4: Monitoring MPLS Recovery Time: 0 msec State: operational LDP neighbor 10.0.2.2 Graceful Restart is enabled Helper Mode is enabled Reconnect Time: 220000 msec Recovery Time: 0 msec State: operational To display information about LDP statistics for the session with each LDP neighbor: host1#show ldp neighbor statistics LDP Neighbor: 10.0.2.2 Message type...
Page 370: Monitoring Ldp Profiles
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 41: show ldp neighbor Output Fields (continued) Field Name Field Description Time that the adjacency has been up, in hh:mm:ss format Graceful Restart State of graceful restart, enabled or disabled Helper Mode State of graceful restart helper mode, enabled or disabled Reconnect Time Value for reconnect time received from peer in FT TLV, in...
Page 371: Monitoring Ldp Statistics
Chapter 4: Monitoring MPLS To display the default LDP profile: Action host1:pe2#show ldp profile default ldp profile default: used by 2 interfaces session retry: 10 times at interval 10 NOTE: The mpls keyword is optional and is provided for compatibility with non–E Series implementations.
Page 372: Table 43: Show Ldp Statistics Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Topology changes No router id No address No interface No session No adjacency Unknown version Malformed PDU Malformed message Unknown message type Inappropriate message Malformed tlv Bad TLV value Missing TLV PDU too large PDU too small No Memory NOTE: The mpls keyword is optional and is provided for compatibility with non–E...
Page 373: Monitoring Ldp Targeted Hello Receive And Send Lists
Chapter 4: Monitoring MPLS Table 43: show ldp statistics Output Fields (continued) Field Name Field Description Sessions closed Number of session closed events Topology changes Number of topology change events No router id Number of no router ID events No address Number of no address events No interface Number of no interface events...
Page 374: Monitoring Mpls Status And Configuration
JUNOSe 11.1.x BGP and MPLS Configuration Guide Targeted session sent to 10.9.1.3 is up Used By: D indirect nexthop index 3, resolved Targeted session sent to 10.9.1.6 is up Used By: S indirect nexthop index 206, resolved Table 44 on page 338 lists the show ldp targeted session command output fields. Meaning Table 44: show ldp targeted session Output Fields Field Name...
Page 375: Table 45: Show Mpls Output Fields
Chapter 4: Monitoring MPLS Topology Driven LSP enabled LSPs used for IP forwarding for host addresses only Additional detail is shown when RSVP-TE is enabled: RSVP is enabled LSRID 10.1.1.1 Re-optimization timer is 3600 Tunnel retry forever at interval 5 if route is available Tunnel retry forever at interval 5 if no route is available Refresh reduction is OFF Message bundling is OFF...
Page 376 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 45: show mpls Output Fields (continued) Field Name Field Description LDP session retry Interval in seconds between attempts to set up an MPLS LDP session LDP session hold time Period in seconds for which an LSR maintains the session with its LDP peer without receipt of any LDP message from that peer LDP session keepalive Interval at which LDP sends session keepalive messages, in seconds...
Page 377: Monitoring Mpls Explicit Paths
Chapter 4: Monitoring MPLS show mpls Related Topics Monitoring MPLS Explicit Paths Display MPLS explicit paths. Purpose To display information about all MPLS explicit paths: Action host1:pe2#show mpls explicit-paths path name/identifier rx1-path enabled 1: next-address 70.70.70.2 2: next-address 30.30.30.1 not referenced by any options path name/identifier rx1-path2 enabled 1: next-address 60.60.60.2 2: next-address 40.40.40.1...
Page 378: Monitoring Mpls Labels Used For Forwarding
JUNOSe 11.1.x BGP and MPLS Configuration Guide Role Name / Label BackupIntf / Label Status ---- --------------- ------------- ---------------------- ----------- Core LSP 10.1.1.1:6 ATM4/0.2 / 21 tun mpls:bypass23 / 21 Established Core LSP 10.1.1.1:7 ATM4/0.2 / 26 tun mpls:bypass23 / 26 Established Example on a tunnel ingress router OutIntf...
Page 379: Monitoring Mpls Interfaces
Chapter 4: Monitoring MPLS host1:vr2# show mpls forwarding brief Platform label space In Label Owner Action -------- -------- -------------------------------------- lookup on inner header/label swap to 20 on ATM2/0.10, nbr 10.10.10.2 lookup on inner header/label swap to 22 on ATM2/0.10, nbr 10.10.10.2 swap to 23 on ATM2/0.10, nbr 10.10.10.2 Table 48 on page 343 lists the show mpls forwarding command output fields.
Page 380 JUNOSe 11.1.x BGP and MPLS Configuration Guide Administrative state is enabled Operational state is up Operational MTU is 9180 Received: 0 packets 0 bytes 0 errors 0 discards 0 failed label lookups Sent: 0 packets 0 bytes 0 errors 0 discards LDP information: 10.1.1.2/24 enabled with profile 'default'...
Page 381 Chapter 4: Monitoring MPLS To display information about MPLS interface atm 2/0.60: host1:pe2#show mpls interface atm 2/0.60 Interface atm2/0.60 Up RSVP not configured LDP enabled with profile default IP interfaces on this MPLS interface: 60.60.60.1/16 Session to 4.4.4.4 is operational (active) Session statistics: 12 label alloc, 12 label learned, 12 accum label alloc, 12 accum label learned,...
Page 382 JUNOSe 11.1.x BGP and MPLS Configuration Guide RSVP Enabled with profile default Authentication is disabled Authentication key: <none> Hellos are on with an interval of 10000 and miss limit of 4 Hello settings are not inherited To display detailed information about MPLS interfaces: host1:pe1#show mpls interface detail MPLS major interface ATM2/0.10 ATM circuit type is 1483 LLC encapsulation...
Page 383: Table 49: Show Mpls Interface Output Fields
IP address of IP interfaces and session status interface Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. label alloc Number of labels allocated and advertised to this peer label learned...
Page 384 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 49: show mpls interface Output Fields (continued) Field Name Field Description accum label alloc Cumulative total number of labels allocated and advertised to this peer accum label learned Cumulative total number of labels received from this peer notf Number of notification messages received or received bad or sent mapping...
Page 385: Monitoring Mpls Minor Interfaces
Chapter 4: Monitoring MPLS Table 49: show mpls interface Output Fields (continued) Field Name Field Description hcpkts Number of high-capacity (64-bit) packets received or sent errors Number of packets that are dropped for some reason at receipt or before being sent discards Number of packets that are discarded due to lack of buffer space at receipt or before being sent...
Page 386 JUNOSe 11.1.x BGP and MPLS Configuration Guide Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 MPLS minor interface lsp-02020202-1-4 (receive) Stacked on MPLS major ATM2/0.10 Operational state is up Statistics not enabled for this interface To display detailed information about MPLS minor interfaces: host1:pe1#show mpls minor-interface detail MPLS minor interface pe1-to-pe2 (transmit)
Page 387: Monitoring Mpls Next Hops
Chapter 4: Monitoring MPLS To display summary information about MPLS minor interfaces: host1:pe1#show mpls minor-interface brief Lower Oper Interface MplsMajor state Direction ---------------- --------- ----- --------- pe1-to-pe2 ATM2/0.10 transmit lsp-02020202-1-4 ATM2/0.10 receive ERX-01-0c-d7:pe1# Table 50 on page 351 lists the show mpls minor-interface command output fields. Meaning Table 50: show mpls minor-interface Output Fields Field Name...
Page 388: Monitoring The Configured Mapping Between Phb Ids And Traffic Class/Color Combinations
JUNOSe 11.1.x BGP and MPLS Configuration Guide MPLS next-hop: index 25, label 18, resolved by MPLS nextHop index 10 MPLS next-hop: index 10, resolved by MPLS nextHop index 14, peer address 10.1.1.1 MPLS next-hop: index 14, ECMP next-hop, leg count 2 MPLS next-hop: index 12, label 32 on FastEthernet1/1.120, neighbor 10.120.120.1 MPLS next-hop: index 13, label 32 on ATM2/1.20, neighbor 10.20.20.1...
Page 389: Monitoring Rsvp-Te Profiles And Mpls Tunnel Profiles
Chapter 4: Monitoring MPLS standard phb-id traffic-class color standard phb-id traffic-class color Table 52 on page 353 lists the show mpls phb-id command output fields. Meaning Table 52: show mpls phb-id Output Fields Field Name Field Description phb-id Per-hop behavior ID for which a traffic class/color combination is displayed traffic-class Traffic class associated with traffic...
Page 390: Monitoring Rsvp Path State Control Blocks, Reservation State Control Blocks, Or Sessions
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 53: show mpls profile Output Fields Field Name Field Description profile Number of interfaces that use the profile refresh-period Timeout period in seconds between generation of refresh messages timeout factor Number of refresh messages that can be lost before the session is ended show mpls profile Related Topics...
Page 391: Table 54: Show Mpls Rsvp Output Fields
Chapter 4: Monitoring MPLS To display RSVP-TE session information: host1:two#show mpls rsvp sessions Destination 222.9.3.1 TunnelId 1 Extended Tunnel Id 223.10.1.1 PSB: Sender 223.10.1.1 LSPId 1 timeout 157500 InLabel 17 Associated Minor Interface: Tunnel 223.10.1.1:1 PHopIntf ATM2/0.1 IncomingIntf ATM2/1.1 OutgoingIntf ATM2/0.3 PHopAddr 221.1.1.2 m_ipNextHopAddr 122.1.1.1 NextHop 122.1.1.1/255.255.255.255 (strict) LabelRange (generic) min 0 max 1048575...
Page 392 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 54: show mpls rsvp Output Fields (continued) Field Name Field Description timeout Period of time in milliseconds before PSB/RSB times out if no refresh arrives. InLabel Incoming label information Associated tunnel Tunnel identifier for minor interface for which the RSVP information is displayed PHopIntf Penultimate hop interface...
Page 393 Chapter 4: Monitoring MPLS Table 54: show mpls rsvp Output Fields (continued) Field Name Field Description Flags One or more of the IngressReRoute (the ingress router can reroute the LSP), Local Protection (routers can use local repair mechanism to fix the LSP; this fix might violate the explicit route object associated with the LSP), and MergingPermitted (LSPs can be merged) flags Indicates presence of the traffic trunk classifier object...
Page 394: Monitoring Rsvp Md5 Authentication
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 54: show mpls rsvp Output Fields (continued) Field Name Field Description RSB Flag InUse RSB in use RSB Flag Deleted RSB deleted RSB Flag RcvdAck Acknowledgment received RSB Flag StyleConverted Reservation style converted to shared explicit RSB Flag IsPathTrigger Reservation refresh triggered Destination...
Page 395: Monitoring Rsvp-Te Interfaces Where Bfd Is Enabled
Chapter 4: Monitoring MPLS Table 55: show mpls rsvp authentication Output Fields (continued) Field Name Field Description Receive Sequence Number Sequence number of first authenticated packet from peer; subsequent packets from the peer must be greater than this base number show mpls rsvp authentication Related Topics Monitoring RSVP-TE Interfaces Where BFD is Enabled...
Page 396: Monitoring Rsvp-Te Interface Counters
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 56: show mpls rsvp bfd interfaces Output Fields (continued) Field Name Field Description Multiplier Detection multiplier value; roughly equivalent to the number of packets that can be missed before the BFD session is declared to be down show mpls rsvp bfd interfaces Related Topics...
Page 397 Chapter 4: Monitoring MPLS Table 57: show mpls rsvp counters Output Fields (continued) Field Name Field Description Path Tear Sent Number of pathtear messages sent on the interface Path Tear Rcvd Number of pathtear messages received on the interface Resv Sent Number of resv messages sent on the interface Resv Rcvd Number of resv messages received on the interface...
Page 398: Monitoring Rsvp-Te Graceful Restart
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 57: show mpls rsvp counters Output Fields (continued) Field Name Field Description Hello Ack Rcvd Number of acknowledgments received in response to hello requests sent Hello Discarded Number of hello messages discarded Hello Ack Discarded Number of hello ack messages discarded Hello Suppressed...
Page 399: Monitoring Rsvp-Te Hello Adjacency Instances
Chapter 4: Monitoring MPLS show mpls rsvp hello graceful restart Related Topics Monitoring RSVP-TE Hello Adjacency Instances Display summary or detailed information about RSVP-TE hello adjacency instances. Purpose To display summary information about RSVP-TE hello adjacency instances: Action host1#show mpls rsvp hello instance neighbor is up graceful restart is in progress Peer...
Page 400: Table 59: Show Mpls Rsvp Hello Instance Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 59: show mpls rsvp hello instance Output Fields Field Name Field Description Peer Address Address of the peer in the RSVP-TE hello adjacency Interface Specifier and status of each interface Identifies an RSVP-TE node hello peer Interval Interval at which hellos are sent to the neighbor, in milliseconds Miss Limit...
Page 401: Monitoring Status And Configuration For Mpls Tunnels
Chapter 4: Monitoring MPLS Table 59: show mpls rsvp hello instance Output Fields (continued) Field Name Field Description SrcInstance Nonzero 32-bit value that represents the sender's hello instance. The value is maintained on a per-neighbor basis. This instance value changes only when the sending peer resets, when the sender’s router reboots, or when communication is lost between the hello adjacency peers.
Page 402: Table 60: Show Mpls Tunnels Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide tunnel not announced to any IGP (Global) Retry forever at (Global) interval 5 during Lsp setup if there is route (Global) Retry forever at (Global) interval 5 during Lsp setup if there is no route metric is relative 0 phb-id 2 path option 2...
Page 403: Verifying And Troubleshooting Mpls Connectivity
Chapter 4: Monitoring MPLS Table 60: show mpls tunnels Output Fields (continued) Field Name Field Description pkts Number of packets sent across tunnel hcPkts Number of high-capacity (64-bit) packets sent across tunnel octets Number of octets sent across tunnel hcOctets Number of high-capacity (64-bit) octets sent across tunnel errors Number of packets that are dropped for some reason before being...
Page 404: Sending An Mpls Echo Request Packet To An Ip Or Ipv6 Address
JUNOSe 11.1.x BGP and MPLS Configuration Guide Tracing the Path of an MPLS Echo Request Packet to an RSVP-TE Tunnel on page 369 Sending an MPLS Echo Request Packet to a VPLS Instance on page 369 Tracing the Path of an MPLS Echo Request Packet to a VPLS Instance on page 369 Sending an MPLS Echo Request Packet to an IP or IPv6 Address To send an MPLS echo request packet to the specified IP or IPv6 address: Issue the ping mpls command.
Page 405: Tracing The Path Of An Mpls Echo Request Packet To An L3Vpn Ip Or Ipv6 Prefix
Chapter 4: Monitoring MPLS Tracing the Path of an MPLS Echo Request Packet to an L3VPN IP or IPv6 Prefix To send MPLS echo request packets to discover and examine the path MPLS packets follow to the L3VPN IP or IPv6 prefix: Issue the trace mpls l3vpn command.
Page 406: Packet Flow Examples For Mpls Lsps To An Ip Prefix
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 67: Sample MPLS L3VPN Topology Packet Flow Examples for MPLS LSPs to an IP Prefix Use the ping mpls ip and trace mpls ip commands for MPLS LSPs that are configured to use LDP; labeled BGP; or a combination of LDP, BGP, and RSVP-TE (as for inter-AS and carrier-of-carriers topologies).
Page 407 Chapter 4: Monitoring MPLS PE 1 sends an MPLS echo request UDP packet that contains an LDP IPv4 sub-TLV. The packet is sent as a labeled packet over the target LSP. The packet has the following attributes: Source address 10.1.1.1 Destination address 127.0.0.0/8 UDP port...
Page 408: Packet Flow Example For The Trace Mpls Command
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:pe1#ping mpls ip 10.2.2.2/32 detail Sending 5 UDP echo requests for LDP IPv4 prefix, timeout = 2 sec MplsNextHopIndex 32 handle 8073311 '!' - success, 'Q' - request not transmitted, '.' - timeout, 'U' - unreachable, 'R' - downstream router but not destination 'M' - malformed request, 'N' - downstream router has no mapping Sending MPLS ping echo request, handle 8073311 seq 21241...
Page 409: Packet Flows For Ping And Trace To L3Vpn Ipv4 Prefixes
Chapter 4: Monitoring MPLS in the echo reply packet. The MPLS echo reply packet is sent back as a labeled UDP packet with the following attributes: Source address 10.3.3.3 Destination address 10.1.1.1 UDP port 3503 When the MPLS echo reply reaches router PE 1, the router matches the sender’s handle and the sequence number to the echo request packet that PE 1 sent.
Page 410 JUNOSe 11.1.x BGP and MPLS Configuration Guide An MPLS echo request packet containing a single VPN IPv4 sub-TLV is sent from PE 1 with the following attributes: Source address 10.1.1.1 Destination address 127.0.0.0/8 UDP port 3503 Sender’s handle Randomly generated 32-bit number used to match the reply Sequence number Integer that is incremented for each echo request packet The VPN IPv4 sub-TLV has the route distinguisher set to that of the VRF and the...
Page 411: Inter-As Topology
Chapter 4: Monitoring MPLS host1:pe1:pe11#ip8:pe1#trace mpls l3vpn 10.99.99.21/32 detail Tracing VPN IPv4 prefix, timeout = 2 sec, Max TTL 32 MplsNextHopIndex 73 handle 8073322 1 0ms 10.33.33.33 Label switched at stack-depth/2 TLV Interface and Label stack 20 bytes Router 10.33.33.33 Intf 10.10.10.2 [L34 EXP 0 TTL 1] [L68 EXP 0 S TTL 1] TLV Downstream mapping 24 bytes Router 10.31.31.2 Intf 10.31.31.1 mtu 9180...
Page 412: Packet Flows To L3Vpn Ipv6 Prefixes
JUNOSe 11.1.x BGP and MPLS Configuration Guide topology, this behavior might result in premature termination of the ping or trace. You can use the bottom-label-ttl keyword to avoid this problem. Packet Flows to L3VPN IPv6 Prefixes Packet flow for an MPLS ping and trace to an L3VPN IPv6 prefix is the same as for an IPv4 prefix except that the echo request packets and echo reply packets contain the VPN IPv6 sub-TLV instead of the VPN IPv4 sub-TLV.
Page 413: Troubleshooting Mtu Problems In A Point-To-Point Mpls Lsp Associated With An Ip Or Ipv6 Address
Chapter 4: Monitoring MPLS Troubleshooting MTU Problems in a Point-to-Point MPLS LSP Associated with an IP or IPv6 Address To discover the LSR in a point-to-point MPLS LSP, associated with an IP or IPv6 prefix, that causes MPLS packets to be discarded owing to the size of the packet exceeding the MTU size: Issue the trace mpls ip command with the data-size keyword.
Page 414: Troubleshooting Mtu Problems In A Point-To-Point Mpls Lsp Associated With A Vpls Instance
JUNOSe 11.1.x BGP and MPLS Configuration Guide Troubleshooting MTU Problems in a Point-to-Point MPLS LSP Associated with a VPLS Instance To discover the LSR in a point-to-point MPLS LSP, associated with a VPLS instance, that causes MPLS packets to be discarded owing to the size of the packet exceeding the MTU size: Issue the trace mpls vpls command with the data-size keyword.
Page 415: Chapter 5 Configuring Bgp-Mpls Applications
Chapter 5 Configuring BGP-MPLS Applications This chapter contains the following sections: Overview on page 379 Platform Considerations on page 389 References on page 389 Transporting Packets Across an IP Backbone with MPLS on page 390 Configuring IPv6 VPNs on page 394 Intra-AS IPv6 VPNs on page 395 Providing IPv4 VPN Services Across Multiple Autonomous Systems on page 397 Providing IPv6 VPN Services Across Multiple Autonomous Systems on page 405...
Page 416: Address Families
JUNOSe 11.1.x BGP and MPLS Configuration Guide The BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP multicast and BGP/MPLS virtual private networks (VPNs). BGP/MPLS VPNs are sometimes known as RFC 2547bis VPNs. Some of the applications for which you might use BGP/MPLS VPNs are to transport packets across an IP backbone, enable overlapping VPNs, operate inter-AS VPNs, enable multicast across VPNs, and provide carrier-of-carriers VPNs.
Page 417: Equal-Cost Multipath Support
Chapter 5: Configuring BGP-MPLS Applications VPLS If you specify the VPLS address family, you can configure the router to exchange layer 2 NLRI for a specified VPLS instance. For a description of VPLS, see “Configuring VPLS” on page 589. VPWS If you specify the VPWS address family, you can configure the PE router to exchange layer 2 NLRI for a specified VPWS instance.
Page 418: Bgp/Mpls Vpn Components
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 68: ECMP BGP/MPLS VPN Scenario With respect to PE 1, this network has an ECMP set of two equal-cost legs for the VPN prefix of CE 2, 192.168.0.1/32: PE 1 -> P 1 -> PE 2 -> CE 2 PE 1 ->...
Page 419: Figure 69: Bgp/Mpls Vpn Scenario
Chapter 5: Configuring BGP-MPLS Applications PE routers are situated at the edge of the service provider core and connect directly to customer sites. These routers must run BGP-4, including the BGP/MPLS VPN extensions. They must also be able to originate and terminate MPLS LSPs. (See “Configuring MPLS”...
Page 420: Figure 70: Bgp/Mpls Vpn Components
JUNOSe 11.1.x BGP and MPLS Configuration Guide A customer site is a network that can communicate with other networks in the same VPN. A customer site can belong to more than one VPN. Two sites can exchange IP packets with each other only if they have at least one VPN in common. Each customer site that is connected to a particular PE router is also associated with a VPN routing and forwarding instance (VRF).
Page 421: Vpn-Ipv4 Addresses
Chapter 5: Configuring BGP-MPLS Applications VPN-IPv4 Addresses Because each VPN has its own private address space, the same IP address might be used in several VPNs. To provide for more than one route to a given IPv4 address (each route unique to a single VPN), BGP/MPLS VPNs use route distinguishers (RDs) followed by an IPv4 address to create unique VPN-IPv4 addresses.
Page 422: Distribution Of Routes And Labels With Bgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide A route-target import list is applied before any inbound routing policy (route map) is applied. If an inbound route map contains a set extcommunity clause, the clause replaces all extended communities in the received route. BGP applies the default route-target export list associated with the VRF if the route does not have any route-target extended-community attributes after the inbound policy has been applied.
Page 423 Chapter 5: Configuring BGP-MPLS Applications In this example the two customer sites use different AS numbers, which simplifies configuration. Alternatively, the same AS numbers can be used. Customer site 1 has two networks that need to be reachable from customer site 3 10.3.0.0/16 and 10.12.0.0/16 and uses BGP to announce these prefixes to PE 1.
Page 424: Figure 72: Standard And Extended Bgp Update Messages
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 72: Standard and Extended BGP Update Messages Using the next-hop-self option on PE 1 causes PE 1 to set the next-hop attribute to its own address, 172.32.12.1. Doing so is necessary because the next hop provided by CE 1 is from VPN A’s private address space and has no meaning in the service provider core.
Page 425: Platform Considerations
Chapter 5: Configuring BGP-MPLS Applications Platform Considerations For information about modules that support BGP/MPLS VPNs on the ERX7xx models, ERX14xx models, and the ERX310 Broadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP/MPLS VPNs.
Page 426: Transporting Packets Across An Ip Backbone With Mpls
JUNOSe 11.1.x BGP and MPLS Configuration Guide Transporting Packets Across an IP Backbone with MPLS As described in the previous section, PE 1 and PE 2 exchange routing information, including MPLS labels for their customer sites, by means of a BGP session established between them across the service provider core.
Page 427 Chapter 5: Configuring BGP-MPLS Applications host2:pe2#show ip bgp vpn all field in-label Prefix In-label 10.12.0.0/16 none 10.24.0.0/16 On PE 1, you see that MP-BGP receives a labeled VPN-IPv4 prefix of 10.24.0.0/16 with an out label of 16. MP-BGP on PE 2 advertised this label with the prefix. In the data plane, MPLS traffic is sent by PE 1 to PE 2 with this label.
Page 428: Figure 74: Lsp Creation For Bgp/Mpls Vpn
JUNOSe 11.1.x BGP and MPLS Configuration Guide Each LSP is unidirectional for data traffic, so you must establish LSPs in both directions for two-way data transport. Figure 74 on page 392 shows that two LSPs have been created between PE 1 and PE 2. PE 1 and PE 2 have an MP-BGP session as shown previously in Figure 73 on page 390.
Page 429: Figure 75: Traffic Across The Mpls Backbone Of A Bgp/Mpls Vpn
Chapter 5: Configuring BGP-MPLS Applications Figure 75: Traffic Across the MPLS Backbone of a BGP/MPLS VPN Host 1 constructs an IP packet with the address of Host 2 as the final destination, and sends the packet to router CE 1. CE 1 encapsulates the packet appropriately and forwards it to PE 1.
Page 430: Configuring Ipv6 Vpns
JUNOSe 11.1.x BGP and MPLS Configuration Guide CE 6 receives the IP packet from PE 2 and looks up the destination address Host 2. Subsequent forwarding to Host 2 occurs by means of the IGP in the customer site. The network structure shown in Figure 75 on page 393 consists of two VPNs, A and B.
Page 431: Intra-As Ipv6 Vpns
Chapter 5: Configuring BGP-MPLS Applications Use to configure the router or VRF to exchange IPv4 or IPv6 addresses by creating the specified address family. IPv4 and IPv6 addresses can be exchanged in unicast, multicast, or VPN mode. The default setting is to exchange IPv4 addresses in unicast mode from the default router.
Page 432: Bgp Control Plane Behavior
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 76: IPv6 VPN Services over IPv4 MPLS The PE routers use an MP-BGP session over TCPv4 to advertise the IPv6 routes from the CE devices to the remote PE routers. The IPv6 routes are advertised as labeled VPNv6 routes with a BGP next hop set to the base tunnel endpoint destination address.
Page 433: Pe-Pe Behavior
Chapter 5: Configuring BGP-MPLS Applications RIB with the stacked label L1, which MPLS allocated for this prefix. The default IPv6 VRF label is L1. PE PE Behavior PE 1 advertises the VPNv6 prefixes in the MP_REACH_NLRI attribute of the update messages sent to its MP-IBGP peer, PE 2.
Page 434: Inter-As Option A
JUNOSe 11.1.x BGP and MPLS Configuration Guide preferred to option A. For inter-AS options B and C, you must explicitly configure MPLS on all the inter-AS links. Inter-AS Option A Figure 77 on page 398 illustrates the first method, where you create a VRF for each VPN on each AS boundary router.
Page 435: Figure 78: Inter-As Topology With End-To-End Stacked Mpls Tunnels
Chapter 5: Configuring BGP-MPLS Applications Figure 78: Inter-AS Topology with End-to-End Stacked MPLS Tunnels PE 1 assigns labels for routes to the customer sites, and distributes both the label assignments and the VPN-IPv4 routes throughout AS 42 in extended BGP update messages by means of internal MP-BGP.
Page 436 JUNOSe 11.1.x BGP and MPLS Configuration Guide ASBR 2 receives MPLS frames with label 44 (the in label) from ASBR 3 and sends MPLS frames with label 16 (the out label) to PE 1. The inter-AS next hop shows label 44 as the label advertised to inter-AS peer ASBR 3. Label 44 was generated for the indirect next hop PE router/label pair, 10.2.2.2 (PE 1) and 16.
Page 437 Chapter 5: Configuring BGP-MPLS Applications 0 in errors 0 in discard pkts ASBR 3 in turn generates a new label, 50, to advertise with the VPN-IPv4 prefix to its internal MP-BGP peer inside its autonomous system, AS 35. Indirect next hop 4.4.4.4 is for the MP-IBGP peering between PE 4 (loopback address 4.4.4.4) and ASBR 3.
Page 438: Inter-As Option C
JUNOSe 11.1.x BGP and MPLS Configuration Guide The labels that are generated to be sent to the inter-AS BGP peers are generated for each next-hop PE router/received label tuple. Scaling is improved when all routes advertised from a given VRF have the same label; this is the default E Series router behavior.
Page 439 Chapter 5: Configuring BGP-MPLS Applications In this topology, you can use either LDP or RSVP-TE to establish an LSP between each ASBR router and the PE router in an autonomous system. A labeled MP-IBGP session exists between the ASBR and the PE router in each autonomous system. A labeled MP-EBGP session exists between the two ASBR routers.
Page 440: Inter-As Option C With Route Reflectors
JUNOSe 11.1.x BGP and MPLS Configuration Guide While the packet travels across the VPN from ingress router PE 1, labels are swapped as follows: P 1 swaps outermost label L5 for L7 to get to its next hop, ASBR 1. ASBR 1 pops outermost label L7 and swaps the middle label L6 for L4 to get to ASBR 2.
Page 441: Providing Ipv6 Vpn Services Across Multiple Autonomous Systems
Chapter 5: Configuring BGP-MPLS Applications Use to prevent BGP from modifying the next hop sent to the BGP peer. Outbound route maps take precedence over this command, enabling prefixes that match the route map to be modified, regardless of this command. Takes effect immediately.
Page 442: Using Route Targets To Configure Vpn Topologies
JUNOSe 11.1.x BGP and MPLS Configuration Guide In Figure 81 on page 405, the base tunnels between the PE routers are established in the IPv4 core networks with LDP or RSVP. The PE routers advertise IPv6 prefixes from the CE devices within their respective ASs as VPNv6 prefixes with MP-IBGP. For example, PE 1 advertises the CE 1 prefix 6001:0430::/48 over to PE 2 in its MP_REACH_NLRI attribute.
Page 443: Hub-And-Spoke Vpns
Chapter 5: Configuring BGP-MPLS Applications Figure 83: Route Target Configuration for a Full-Mesh VPN Hub-and-Spoke VPNs In a hub-and-spoke VPN, the spoke sites in the VPN can communicate only with the hub sites; they cannot communicate with other spoke sites, as shown in Figure 84 on page 407.
Page 444: Overlapping Vpns
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 85: Route Target Configuration for a Hub-and-Spoke VPN Overlapping VPNs In an overlapping VPN, a site is a member of more than one VPN. For example, in Figure 86 on page 408, the middle site is a member of both VPN A and VPN B. In other words, that site can communicate with all other VPN A sites and all other VPN B sites.
Page 445: Figure 87: Route Target Configuration For An Overlapping Vpn
Chapter 5: Configuring BGP-MPLS Applications Figure 87: Route Target Configuration for an Overlapping VPN An interesting special case of an overlapping VPN is when two VRFs on the same PE router belong to the same VPN as shown in Figure 88 on page 409. The configuration of the VRF import and export route targets is the same as for the example in Figure 87 on page 409.
Page 446: Constraining Route Distribution With Route-Target Filtering
JUNOSe 11.1.x BGP and MPLS Configuration Guide If the next-hop interface is in the same VRF and the interface is numbered, the router uses the source address of the interface. If the next-hop interface is in the same VRF and the interface is unnumbered, the router uses either the source address of the interface it is pointing to or the router ID of the VRF.
Page 447: Exchanging Route-Target Membership Information
Chapter 5: Configuring BGP-MPLS Applications Exchanging Route-Target Membership Information BGP peers exchange route-target membership information in the following sequence: When the BGP peers negotiate the BGP multiprotocol extensions capability during the establishment of a BGP session, they indicate support for the route-target address family by including the (AFI, SAFI) value pair for the route-target membership NLRI (RT-MEM-NLRI) attribute.
Page 448: Receiving And Sending Rt-Mem-Nlri Routing Updates
JUNOSe 11.1.x BGP and MPLS Configuration Guide The usefulness of BGP VPN route-target filtering depends on the sparseness of route target membership among the VPN sites. In configurations where VPNs are members of many route target communities that is, route target membership is dense the amount of VPN NLRI exchange traffic is about the same regardless of whether route-target filtering is configured.
Page 449 Chapter 5: Configuring BGP-MPLS Applications Table 61: Route-Target Filtering Advertisement Rules for Routes Received from Peers (continued) Advertise to Advertise to IBGP Route IBGP Route Advertise Advertise to EBGP Reflector Reflector to EBGP Confederation Routes Received From Client? Nonclient? Peer? Peer? IBGP route reflector nonclient...
Page 450: Conditions For Advertising Rt-Mem-Nlri Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide neighbor maximum-prefix Use to control how many prefixes can be received from a neighbor. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer.
Page 451 Chapter 5: Configuring BGP-MPLS Applications When you configure the default route, the RT-MEM-NLRI attribute contains 0:0:0/0 as the Default-RT-MEM-NLRI. This 4-byte prefix contains only the local (origin) AS number field, set to zero. By default, BGP does not generate or advertise the Default-RT-MEM-NLRI route. You can use the default-information originate command to generate the Default-RT-MEM-NLRI route and send it to all peers.
Page 452: Route Selection When Route-Target Filtering Is Enabled
JUNOSe 11.1.x BGP and MPLS Configuration Guide command. You cannot override the characteristic for a specific member of the peer group. Outbound policy configured for the neighbor (using the neighbor route-map out command) is not applied to default routes that are advertised because of the neighbor default-originate command.
Page 453: Configuring Route-Target Filtering
Chapter 5: Configuring BGP-MPLS Applications You can control the maximum number of received EBGP best paths that are considered for path selection. The external-paths command limits external route target membership, thus controlling the number of EBGP peers that receive the route target VPN routes referenced by the RT-MEM-NLRI route.
Page 454: Multicast Services Over Vpns
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use to set the maximum number of received external BGP best paths allowed for route-target signaling. Specify a value in the range 1–255; the default value is 1. This command takes effect immediately; it does not bounce the session. This command applies to only the route-target address family.
Page 455 Chapter 5: Configuring BGP-MPLS Applications Assign interfaces for PE-to-CE links to the VRF from outside or inside the VRF context: host1:vr1(config)#interface gigabitEthernet 1/0 host1:vr1(config-if)#ip vrf forwarding vrfA host1:vr1:vrfA(config-if)#ip address 10.16.2.77 255.255.255.0 host1:vr1:vrfA(config-if)#exit host1:vr1(config)#virtual-router :vrfA host1:vr1:vrfA(config)#interface gigabitEthernet 1/0 NOTE: You can also use the ip vrf forwarding command to specify secondary route lookup at the parent (global) level, in the event the original lookup does not yield any results.
Page 456: Pe Router Configuration Tasks
JUNOSe 11.1.x BGP and MPLS Configuration Guide PE Router Configuration Tasks To configure a PE router to provide BGP VPN services: Configure PE-to-PE LSPs. See “Configuring MPLS” on page 267, for information about configuring LSPs. Enable BGP routing. host1:vr1(config)#router bgp 100 (Optional) Disable automatic route-target filtering.
Page 457: Creating A Vrf
Chapter 5: Configuring BGP-MPLS Applications Use network commands or the redistribute static command to make BGP advertise static routes to customers. host1:vr1(config-router)#network 10.3.0.0 mask 255.255.0.0 host1:vr1(config-router)#redistribute static Use redistribute commands to make BGP advertise IGP routes to customers. host1:vr1(config-router)#redistribute ospf (Optional) Configure an AS override.
Page 458: Specifying A Route Distinguisher
JUNOSe 11.1.x BGP and MPLS Configuration Guide Specifying a Route Distinguisher The route distinguisher enables you to establish unique VPN-IPv4 addresses to accommodate the possibility that more than one VPN might use the same IP address from their private address spaces. Use to specify a route distinguisher to a VRF.
Page 459 Chapter 5: Configuring BGP-MPLS Applications If the import and export lists are identical, you can use the both keyword to define the lists simultaneously: host1:vr1(config-vrf)#route-target both 777:105 A route-target export list can be modified on the sending PE router by an export map or outbound routing policy.
Page 460: Figure 89: Fully Meshed Vpns
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 89: Fully Meshed VPNs BGP sessions exist between PE 1 and PE 2, PE 2 and PE 3, and PE 3 and PE 1. The MPLS paths through the service provider core are omitted for clarity. To configure route targets for this fully meshed scenario, you specify the same route target for the import list and export list on all VRFs in VPN A.
Page 461 Chapter 5: Configuring BGP-MPLS Applications host3(config)#ip vrf vrfE host3(config-vrf)#route-target both 777:1 host3(config-vrf)#exit host3(config)#ip vrf vrfF host3(config-vrf)#route-target both 777:2 In one type of a hub-and-spoke design, only the hub site can reach every site in the Example: Hub-and-Spoke VPN. All other sites spokes can reach only the hub site. (More complex hub-and-spoke designs are possible, but require additional configuration and route targets to achieve.) In Figure 90 on page 426, Customer Site 1 is the hub site for VPN A.
Page 462: Setting Import And Export Maps For A Vrf
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 90: Hub-and-Spoke VPN Route-target configuration on PE 2: host2(config)#virtual-router boston host2:boston(config)#ip vrf vrfC host2:boston(config-vrf)#route-target export 777:50 host2:boston(config-vrf)#route-target import 777:25 Route-target configuration on PE 3: host3(config)#ip vrf vrfE host3(config-vrf)#route-target export 777:50 host3(config-vrf)#route-target import 777:25 This configuration ensures that when VRF E on PE 3 receives an update message from PE 1, BGP installs the advertised route only if it has a route target of 25.
Page 463: Characteristics Of Import And Global Import Maps
Chapter 5: Configuring BGP-MPLS Applications can provide finer-grained control of route distribution by associating any combination of export, import, global export, and global import maps with VRFs. As shown in Figure 91 on page 427, a route is distributed (leaked) between RIBs and its attributes are changed as specified in the route map when the map returns an accept message.
Page 464: Characteristics Of Export And Global Export Maps
JUNOSe 11.1.x BGP and MPLS Configuration Guide forwarding works. The global VPN RIB never contains unlabeled routes, so the issue is moot for import maps. When a route that was previously imported into the local VRF RIB is modified in the global BGP RIB (VPN or non-VPN) such that it no longer matches the import or global import map, that route is removed from the local VRF RIB.
Page 465: Subsequent Distribution Of Routes
Chapter 5: Configuring BGP-MPLS Applications Table 63: Characteristics of Export and Global Export Maps (continued) Characteristic Export Global Export Exports both best and non-best routes. The best route selection is made again in the core after the export. Subsequent Distribution of Routes Routes that are imported from the global BGP non-VPN RIB (with a global import map) into a VRF RIB are never exported again.
Page 466: Global Export Maps
JUNOSe 11.1.x BGP and MPLS Configuration Guide export map Use to apply a route map to a VRF to modify or filter routes exported from the VRF to the global BGP VPN RIB in the parent VR. You can specify that only IPv4 or only IPv6 routes are exported. By default, both types of routes are exported.
Page 467: Global Import Maps
Chapter 5: Configuring BGP-MPLS Applications routes. If you associate an import map with a VRF, that VRF then accepts only received routes that pass the import map (and match the import route target list). import map Use to apply an import route map to a VRF to modify and filter routes imported to the BGP RIB of the VRF from the global BGP VPN RIB in the parent VR.
Page 468: Global Export Of Ipv6 Vpn Routes Into The Global Bgp Ipv6 Rib
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:boston(config-vrf)#global import map routemap22 max-routes 512 Use the no version to disable the importing of routes from the global BGP non-VPN RIB to the BGP RIB of the VRF. See global import map. Global Export of IPv6 VPN Routes into the Global BGP IPv6 RIB VPNv6 routes can be exported from the BGP RIB of an IPv6 VRF to the global IPv6 BGP RIB based on policy by means of a route map and the global export map...
Page 469 Chapter 5: Configuring BGP-MPLS Applications Select the interface. Specify the VRF to associate with the interface. host1:vr1(config)#interface gigabitEthernet 1/0 host1:vr1(config-if)#ip vrf forwarding vrfA Assign an IP address to the interface because forwarding the interface from the VR to the VRF removes the existing IP configuration from the interface. host1:vr1:vrfA(config-if)#ip address 10.16.2.77 255.255.255.0 To assign an interface to a VRF from inside the VRF context: Select the interface.
Page 470: Defining Secondary Routing Table Lookup
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to remove the interface assignment or discontinue secondary routing table lookup. See ip vrf forwarding. Defining Secondary Routing Table Lookup You can enable secondary routing table lookup on the virtual router routing table of the parent (global) virtual router.
Page 471: Adding Static Routes To A Vrf
Chapter 5: Configuring BGP-MPLS Applications Use to assign a VRF to an interface or subinterface by forwarding the interface from the VR to the VRF. This command also enables you to specify secondary routing table lookup for a VRF if an initial routing table lookup is unsuccessful. Forwarding the interface removes the IP configuration from the interface.
Page 472: Configuring Igps On The Vrf
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 92: Configuring Static Routes In Figure 92 on page 436, PE 2 has external BGP connections to CE 3 and CE 4. PE 1 has an EBGP connection to CE 2. However, no BGP (or IGP) connection exists between PE 1 and CE 1.
Page 473: Configuring The Igp Outside The Vrf Context
Chapter 5: Configuring BGP-MPLS Applications If you are not in the context of the virtual router that has the VRF, you access the VRF as follows: host1(config)#virtual-router boston:vrfa host1:boston:vrfa(config)# The following commands illustrate one way to configure OSPF; you can configure RIP and IS-IS similarly: host1(config)#ip vrf vrfa host1(config-vrf)#rd 100:5...
Page 474: Disabling Automatic Route-Target Filtering
JUNOSe 11.1.x BGP and MPLS Configuration Guide You must use the no ip vrf command to remove a VRF. Issuing a no version of this command (no virtual-router : vrfName or no virtual-router vrName : vrfName) that specifies an existing VRF only displays the error message: Cannot delete a VRF with this command”...
Page 475 Chapter 5: Configuring BGP-MPLS Applications You can use the ip mpls forwarding-mode label-switched command to configure the router to generate a label for each different FEC that a BGP route points to in the VPN; this is a per-FEC label. Issuing this command enables you to avoid a route lookup for traffic destined for CE routers, because in this mode traffic is label switched to the corresponding next hop over that interface;...
Page 476: Configuring Pe-To-Pe Lsps
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring PE-to-PE LSPs See “Configuring MPLS” on page 267, for information about configuring LSPs. Enabling BGP Routing You must enable the BGP routing process on the router serving as the PE router. router bgp Use to enable the BGP routing protocol and to specify the local AS the AS to which this BGP speaker belongs.
Page 477: Figure 93: Bgp/Mpls Vpn Ibgp Example
Chapter 5: Configuring BGP-MPLS Applications Figure 93: BGP/MPLS VPN IBGP Example The sample BGP/MPLS network connects PE 1, PE 2, and PE 3, which are configured for VPNv4 unicast IBGP peering. CE 1 and CE 2 are configured for EBGP peering with the PE devices.
Page 478: Figure 94: Bgp/Mpls Vpn Eibgp Example
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 94: BGP/MPLS VPN EIBGP Example VRF A has two paths to get to CE 2: the IBGP path through the MPLS network, and the EBGP path by means of regular IP. To support BGP/MPLS ECMP, PE 1 is configured with the maximum-paths eibgp command in the IPv4 unicast VRF A address family.
Page 479: Enabling Vpn Address Exchange
Chapter 5: Configuring BGP-MPLS Applications Use the show ip bgp vpnv4 vrf vrfName summary or show bgp ipv6 vpnv6 vrf vrfName summary command to verify your ECMP configuration. The output includes a line indicating the equal-cost paths: Maximum number of both EBGP and IBGP equal-cost paths is 16 Use the no version to restore the default value, 1.
Page 480: Configuring Pe-To-Ce Bgp Sessions
JUNOSe 11.1.x BGP and MPLS Configuration Guide There is no no version. See exit-address-family. neighbor activate Use to specify neighbors to exchange routes with from within the current address family. Takes effect immediately. If dynamic capability negotiation was not negotiated with the peer, the session is automatically bounced so that the exchanged address families can be renegotiated in the open messages when the session comes back up.
Page 481: Advertising Static Routes To Customers
Chapter 5: Configuring BGP-MPLS Applications You configure the characteristics of VRF A, the global BGP attributes, the address family for the session, and BGP attributes relevant to the VRF or address family. host1(config)#ip vrf vrfa host1(config-vrf)#rd 777:5 host1(config-vrf)#route-target both 777:5 host1(config-vrf)#exit host1(config)#interface gigabitEthernet 1/0 host1(config-if)#ip vrf forwarding vrfA...
Page 482: Disabling The Default Address Family
JUNOSe 11.1.x BGP and MPLS Configuration Guide Disabling the Default Address Family PE routers can exchange routes in the IPv4 address family, VPNv4 address family, or both. Issuing the neighbor remote-as command automatically activates the IPv4 unicast address family, meaning that the PE router exchanges routes in the IPv4 unicast address family with that peer.
Page 483: Using A Single As Number For All Ce Sites
Chapter 5: Configuring BGP-MPLS Applications Using a Single AS Number for All CE Sites If you want to use the same AS number for all of your CE sites, you can substitute a PE router’s autonomous system number for that of a neighbor by specifying the neighbor’s IP address in the neighbor as-override command.
Page 484: Preventing Routing Loops
JUNOSe 11.1.x BGP and MPLS Configuration Guide Use the no version to halt the substitution of the AS numbers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor as-override.
Page 485: Figure 96: Network With Potential Routing Loops
Chapter 5: Configuring BGP-MPLS Applications Figure 96: Network with Potential Routing Loops The following commands are relevant to the illustrated network: host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 host1:pe1(config)#router bgp 200 host1:pe1(config-router)#address-family ipv4 unicast vrf yourvpn host1:pe1(config-router)#neighbor 10.5.4.22 remote-as 100 host1:pe1(config-router)#neighbor 10.5.4.22 as-override Now, suppose instead you assign a unique site of origin to each CE router in the network and configure the BGP session on each PE router with the site of origin.
Page 486: Figure 97: Preventing Potential Routing Loops In The Network
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 97: Preventing Potential Routing Loops in the Network Use to set a site of origin that is included in the extended community list for neighbor site-of-origin routes received from the specified peer. If you use this command to configure a site of origin for routes from a peer, then routes advertised to that peer that contain this site of origin are filtered out and not advertised.
Page 487: Advertising Prefixes With Duplicate As Numbers
Chapter 5: Configuring BGP-MPLS Applications Advertising Prefixes with Duplicate AS Numbers When a BGP speaker receives a route that has the speaker’s AS number in its AS path, the speaker declares that route to be a loop and discards it. However, in some circumstances, as in the implementation of a hub-and-spoke VPN topology, this is not the desired behavior.
Page 488: Controlling Route Importation
JUNOSe 11.1.x BGP and MPLS Configuration Guide To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session. Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out.
Page 489: Deleting Routes For A Vrf
Chapter 5: Configuring BGP-MPLS Applications interval has passed since the last limit-exceeded log entry. This behavior prevents the system log from being flooded with log entries. When you issue the command, the router immediately reevaluates the current number of routes against the new limit. If the current number of routes is greater than the maximum configured limit, the router might remove dynamically learned routes in order to enforce the new limit.
Page 490: Enabling Vrf-To-Vr Peering
JUNOSe 11.1.x BGP and MPLS Configuration Guide There is no no version. See clear ip routes. Enabling VRF to VR Peering In some circumstances you might want a CE router, which connects to the PE router by means of a VRF, to be able to establish an EBGP peering session directly with the parent VR in which the VRF has been configured.
Page 491: Achieving Fast Reconvergence In Vpn Networks
Chapter 5: Configuring BGP-MPLS Applications displayed with the show ip interface command. You must use the show ip route or show ip static commands to display the interface. If the interface in the parent VR goes down or is deleted, the static route added in the VRF will continue to exist.
Page 492: Fast Reconvergence With Unique Rds
JUNOSe 11.1.x BGP and MPLS Configuration Guide Fast Reconvergence with Unique RDs You can assign a unique RD for the VRFs in each PE router to avoid the slow reconvergence issue. The route reflectors in the network consider advertised routes with different RDs to be different prefixes and therefore reflect both routes.
Page 493: Fast Reconvergence By Means Of Reachability Checking
Chapter 5: Configuring BGP-MPLS Applications PE router must be able to choose from all available paths, which in turn requires that each VRF have a unique RD. If each VRF has a unique RD and the ingress PE router has all feasible paths to choose from, you can configure IBGP multipath and ECMP traffic over multiple PE-to-PE MPLS tunnels.
Page 494: Configuring Bgp To Send Labeled And Unlabeled Unicast Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide When the MPLS tunnel (RSVP-TE or LDP) to the next hop of the best route goes down, the VPNv4 route reflector immediately advertises the next-best route (if any) without waiting for the MP-IBGP session to go down. In this example, that route is through PE 2.
Page 495: Bgp Next-Hop-Self
Chapter 5: Configuring BGP-MPLS Applications Example host1:pe1(config-route-map)#match mpls-label Use the no version to remove the configuration. See match mpls-label. neighbor send-label Use to configure a BGP peer to distribute an MPLS label with the advertisements for its IPv4 and IPv6 routes. This command enables BGP to dynamically negotiate SAFI 1 and SAFI 4 with this neighbor.
Page 496: Bgp Processing Of Received Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide BGP Processing of Received Routes BGP processes received routes differently depending on whether the route is labeled or unlabeled, unicast or VPN. Labeled Unicast Routes When BGP receives a labeled route from a directly connected peer, BGP uses the MPLS major interface that is next to the peer IP interface to resolve the route's BGP next hop.
Page 497: Bgp Advertising Rules For Labeled And Unlabeled Routes With The Same Afi
Chapter 5: Configuring BGP-MPLS Applications Table 64: Resolution of Indirect Next Hops (continued) Route Type Table in Which BGP Indirect Next Hop Resolves Labeled VPN IP tunnel routing table BGP Advertising Rules for Labeled and Unlabeled Routes with the Same AFI When BGP receives a route to a prefix with the same AFI in both labeled and unlabeled forms, only one of these routes can be selected as the best route.
Page 498: Enabling Traffic Flow From The Vpn To The Internet
JUNOSe 11.1.x BGP and MPLS Configuration Guide VRF and is used for VPN traffic. The other logical circuit runs between the CE router and the parent VR of the VRF and is used for Internet traffic. These logical circuits are typically FR circuits, ATM circuits, or VLANs. The following sections describe alternative methods of providing Internet access for situations in which having two separate logical circuits is not acceptable or desirable.
Page 499: Configuring A Fallback Global Option
Chapter 5: Configuring BGP-MPLS Applications prefix. Because BGP has only a default route in the VRF, it has to point that single default route to a single uplink interface. All the Internet-bound traffic must flow out of that interface. You cannot configure traffic for one prefix to flow out of one uplink interface and traffic to another prefix to flow out of another uplink interface.
Page 500: Configuring A Global Import Map For Specific Routes
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 102: Fallback Global Option If BGP finds a route in the VRF context, it uses that route. If BGP does not find a route in the VRF context but does find a route in the VR context, it falls back on the global route in the parent VR.
Page 501: Creating A Bgp Session Between The Ce Router And The Parent Vr
Chapter 5: Configuring BGP-MPLS Applications Figure 103: Global Import Map Applied to Routes Imported from VRF BGP RIB The global import map enables global BGP routes to be automatically imported into the BGP RIB table in a VRF. The route map determines which routes are imported and which are not.
Page 502: Figure 104: Bgp Session Between Ce Router And Parent Vr
JUNOSe 11.1.x BGP and MPLS Configuration Guide interface in the parent VR that is used for BGP peering with the CE router. To achieve this configuration, you must do both of the following: In the parent VR, create a shared IP interface for the PE-CE interface and point a static route to the loopback of the CE router to the shared interface.
Page 503: Enabling Traffic Flow From The Internet To The Vpn
Chapter 5: Configuring BGP-MPLS Applications On host 1, VR PE 1: host1(config)#virtual-router pe1 host1:pe1(config)#router bgp 100 host1:pe1(config-router)#neighbor 10.4.4.4 remote-as 200 host1:pe1(config-router)# neighbor 10.4.4.4 ebgp-multihop host1:pe1(config-router)#neighbor 10.4.4.4 update-source loopback1 host1:pe1(config-router)#exit On host 2, VR CE 1: host2(config)#virtual-router ce1 host2:ce1(config)#interface loopback 1 host2:ce1(config-if)#ip address 10.4.4.4 255.255.255.255 host2:ce1(config-if)#exit host2:ce1(config)#ip route 10.2.2.2 255.255.255.255 atm2/1.1...
Page 504: Global Export Map
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 105: Static Route to Shared IP Interface The following commands configure the shared interface and a static route: host1(config)#virtual-router pe1 host1:pe1(config)#interface ip ce1-cust host1:pe1(config-if)#ip share-interface atm2/0.1 host1:pe1(config-if)# ip address 10.1.1.3 255.255.255.0 host1:pe1(config-if)#exit host1:pe1(config)#ip route 10.4.4.4 255.255.255.255 ip ce1-cust Global Export Map The global export map enables VPN routes to be automatically exported from the...
Page 505: Carrier-Of-Carriers Ipv4 Vpns
Chapter 5: Configuring BGP-MPLS Applications Figure 106: Global Export Map Applied to Routes Exported from VRF BGP RIB The following commands configure the route map and global export map: host1(config)#virtual-router pe1 host1:pe1(config)#access-list dot-one permit 0.0.0.1 255.255.255.0 host1:pe1(config)#route-map globxmap1 host1:pe1(config-route-map)#match ip address dot-one host1:pe1(config-route-map)#set local-pref 200 host1:pe1(config-route-map)#exit host1:pe1(config)#ip vrf pe11...
Page 506: Customer Carrier As An Internet Service Provider
JUNOSe 11.1.x BGP and MPLS Configuration Guide because there are multiple tiers of VPNs the tier-1 backbone VPN of the provider carrier and the tier-2 VPNs of the customer carrier. In a hierarchical carrier-of-carriers VPN environment, each carrier (or ISP) maintains the internal routes of its customers in VRF tables on its PE routers.
Page 507: Configuration Steps
Chapter 5: Configuring BGP-MPLS Applications The customer carrier’s PE routers that connect to the provider’s VPN use LDP to exchange labels for the internal routes between themselves and the provider carrier’s PE router. The customer carrier’s PE routers that connect to the provider’s VPN learn external routes through IBGP sessions among themselves.
Page 508: Customer Carrier As A Vpn Service Provider
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configure MPLS. Configure BGP. Configure an IGP. Configure LDP. Configure VRF. Enable carrier-of-carriers support on the VRF; use the mpls topology-driven-lsp command in the context of the VRF virtual router to enable MPLS support. Enable LDP on the interface in the VRF that connects to the customer carrier’s PE router.
Page 509: Configuration Steps
Chapter 5: Configuring BGP-MPLS Applications Figure 108: Carrier-of-Carriers VPN Service Configuration Steps You must complete the following configuration process when the customer carrier provides VPN services for its customers. On the provider carrier’s PE router: Configure MPLS. Configure BGP. Carrier-of-Carriers IPv4 VPNs...
Page 510: Enabling Carrier-Of-Carriers Support On A Vrf
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configure an IGP. Configure LDP. Configure VRF. Enable carrier-of-carriers support on the VRF; use the mpls topology-driven-lsp command in the context of the VRF virtual router to enable MPLS support. Enable LDP on the interface in the VRF that connects to the customer carrier’s PE router.
Page 511: Carrier-Of-Carriers Using Bgp As The Label Distribution Protocol
Chapter 5: Configuring BGP-MPLS Applications Carrier-of-Carriers Using BGP as the Label Distribution Protocol You can run BGP instead of LDP as the label distribution protocol on the PE-CE link between the Tier 1 and the Tier 2 carriers in a carrier-of-carriers topology. This capability is available for carriers providing Internet access or VPN service to end users.
Page 512: Connecting Ipv6 Islands Across Ipv4 Clouds With Bgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide Connecting IPv6 Islands Across IPv4 Clouds with BGP If you have not upgraded your core to IPv6, you can still provide IPv6 services to customers by connecting remote IPv6 islands across IPv4 clouds by means of MP-BGP and MPLS.
Page 513: Connecting Ipv6 Islands Across Multiple Ipv4 Domains
Chapter 5: Configuring BGP-MPLS Applications Router CE 1 establishes an MP-BGP session over TCPv4 to PE 1 and advertises its ability to reach the IPv6 network 2001:0430::/32. The MP-BGP update message specifies an AFI value of 2 (IPv6) and a SAFI value of 1 (unicast). As the next hop in the MP-REACH-NLRI attribute, CE 1 advertises the IPv6 address of the CE 1 interface that links to PE 1.
Page 514: Configuring Ipv6 Tunneling Over Ipv4 Mpls
JUNOSe 11.1.x BGP and MPLS Configuration Guide routers of each domain. Routing between PE 1–ASBR 1 in AS 1 and between PE 2–ASBR 2 in AS 2 is accomplished by means of label-switched paths. IPv6 unlabeled routes are exchanged through the external MP-BGP session between ASBR 1 and ASBR 2.
Page 515: Ospf And Bgp/Mpls Vpns
Chapter 5: Configuring BGP-MPLS Applications host1(config-router-af)#neighbor 2.2.2.2 activate d. Configure the MP-BGP PE neighbor to send labeled IPv6 prefixes. host1(config-router-af)#neighbor 2.2.2.2 send-label host1(config-router-af)#neighbor 2.2.2.2 update-source loopback 1 host1(config-router-af)#neighbor 2.2.2.2 next-hop-self host1(config-router-af)#exit-address-family Configure the P router with an IPv4 IGP and an MPLS signaling protocol. Configure the PE 2 router as you did PE 1 in Steps 1–6.
Page 516: Distributing Ospf Routes From Ce Router To Pe Router
JUNOSe 11.1.x BGP and MPLS Configuration Guide BGP/MPLS VPN acts as if it is in an area above the OSPF backbone area. When the PE-CE link is in a nonbackbone area, the BGP/MPLS VPN acts as an OSPF backbone. In either case, the OSPF router configured as a PE router in the BGP/MPLS VPN is always treated as an area border router (ABR) and functions as an area 0 router so that it can distribute interarea routes to the CE router.
Page 517: Ospf Route Type Attribute
Chapter 5: Configuring BGP-MPLS Applications OSPF Route Type Attribute The route type attribute carries the OSPF area ID and LSA type, as indicated in Table 66 on page 481: Table 66: Route Types and Route Origins Type of Route Origin of Route 1 –...
Page 518: Preventing Routing Loops
JUNOSe 11.1.x BGP and MPLS Configuration Guide Preventing Routing Loops PE routes disregard OSPF routes received from a CE router if the routes are advertised A type 3 LSA with the most-significant bit set in the LSA options field. A type 5 LSA that has a tag value equal to the VPN route tag associated with the OSPF VRF on that PE router.
Page 519: Ospf Backdoor Links
Chapter 5: Configuring BGP-MPLS Applications a directly connected CE router are installed into the IP routing table of the VRF associated with that CE router. The OSPF routes in the VRF’s IP routing table are then redistributed into MP-BGP and advertised as VPNv4 routes to other PE routers. MP-BGP attaches extended communities to the advertised routes to carry OSPF-specific attributes such as the route type and the domain ID across the backbone.
Page 520: Figure 113: Ospf Sham Link
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 113: OSPF Sham Link Use the remote-neighbor command to configure the OSPF sham link on both VRFs joined by the link. If a BGP route and an OSPF route to the same destination are both installed in the IP routing table, OSPF uses the OSPF route because it has a better administrative distance by definition.
Page 521: Configuration Tasks
Chapter 5: Configuring BGP-MPLS Applications Example host1:pe1(config-router-rn)#dont-install-routes Use the no version to restore the default behavior, which installs these routes in the relevant IP routing table. See dont-install-routes. remote-neighbor Use to configure an OSPF remote neighbor. Example host1:pe1(config-router)#remote-neighbor 10.25.100.14 area 35672 Use the no version to remove the remote neighbor and any attributes configured for the remote neighbor.
Page 522 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config)#ip vrf ospf2 Proceed with new VRF creation? [confirm] host1(config-vrf)#rd 100:85 host1(config-vrf)#exit Start OSPF on the VRF, either from the parent VR or directly from the VRF. From the parent VR: host1(config)#router ospf 5 vrf ospf2 From the VRF: host1(config)#virtual-router :ospf2 host1:default:ospf2(config)#router ospf 5...
Page 523: Configuring Vpls
Chapter 5: Configuring BGP-MPLS Applications domain-tag Use to set the VPN route tag for an OSPF VRF on a PE router. The default value is a 32-bit number based on the AS number of the BGP/MPLS VPN backbone, with the first 16 bits set to 1110 0000 0000 0000, followed by the 16 bits representing the AS number.
Page 524 JUNOSe 11.1.x BGP and MPLS Configuration Guide NOTE: The E120 router and E320 router output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 525 Chapter 5: Configuring BGP-MPLS Applications When it is received from other type of peers, the indirect next hop is reachable if an entry exists in the IP routing table that resolves this indirect next-hop address. For VPN labeled routes in a VRF, the following rules apply: When it is received in a core VRF from a remote multihop IBGP or EBGP VPN peer, the indirect next hop is reachable if an entry exists in the IP tunnel routing table that resolves the next-hop address.
Page 526 JUNOSe 11.1.x BGP and MPLS Configuration Guide Reachable (metric 0) Number of direct next-hops is 1 Direct next-hop ATM4/0.61 (10.61.61.2) Resolution in IP tunnel-route table of VRF pe22 Not reachable Reference count is 2 See show ip bgp next-hops. show ip interface vrf Use to display information about the interfaces associated with the specified VRF.
Page 527 Chapter 5: Configuring BGP-MPLS Applications In Received Packets, Bytes Total number of packets and bytes received on an IP interface Unicast Number of unicast packets and bytes received on an IP interface Multicast Number of multicast packets and bytes received on an IP interface In Policed Packets Number of packets discarded on a receive IP interface because of token bucket limiting...
Page 528 JUNOSe 11.1.x BGP and MPLS Configuration Guide Operational MTU = 9180 Administrative MTU = 0 Operational speed = 155520000 Administrative speed = 0 Discontinuity Time = 0 Router advertisement = disabled Administrative debounce-time = disabled Operational debounce-time = disabled Access routing = disabled Multipath mode = hashed In Received Packets 0, Bytes 0 Unicast Packets 0, Bytes 0...
Page 529 Chapter 5: Configuring BGP-MPLS Applications Neighbor Incoming/Outgoing update prefix list Number of the prefix list for incoming or outgoing routes Neighbor Incoming/Outgoing update prefix tree Number of the prefix tree for incoming or outgoing routes Neighbor Incoming/Outgoing update filter list Number of filter list for incoming routes Routing for Networks The network for which BGP is currently injecting routes...
Page 530 JUNOSe 11.1.x BGP and MPLS Configuration Guide flushed interval Current setting of the flush timer (in seconds) Filter applied to outgoing route update Access list applied to outgoing RIP route updates Filter applied to incoming route update Access list applied to incoming RIP route updates Global route map Route map that specifies all RIP interfaces on the router...
Page 531 Chapter 5: Configuring BGP-MPLS Applications O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 Prefix/Length Type Next Hop Dist/Met Intf --------------- ------- ---------- -------- ------------ 45.5.5.5/32 Connect 45.5.5.5 fastEthernet3/0 56.5.5.0/24 Connect 56.5.5.5 atm4/0.21 See show ip route.
Page 532 JUNOSe 11.1.x BGP and MPLS Configuration Guide Reassemble Timeout Value to time out reassembled packets Interface Configured Interface configured for the VRF Import VPN Route Target Extended Communities List of VPNs from which the VRF accepts routing information Export VPN Route Target Extended Communities List of VPNs to which the VRF sends update messages Import Route-map Route map associated with the VRF that filters and modifies routes imported to the VRF from the global BGP VPN RIB.
Page 533 Chapter 5: Configuring BGP-MPLS Applications VRF IP Router Id: 10.12.12.1 Default TTL: 127 Reassemble Timeout: 30 Interface Configured: null0 ATM2/0.12 tun mpls:vpnEgL18-4 ip dyn-25 Import VPN Route Target Extended Communities: 100:2 Export VPN Route Target Extended Communities: 100:2 Import Route-map : importmap1 Export Route-map : exportmap23 (can filter routes) Global Import Route-map : globalimportmap2 Global Export Route-map : globalexportmap3...
Page 534 JUNOSe 11.1.x BGP and MPLS Configuration Guide IP Statistics Rcvd: local destination Frames with this router as their destination hdr errors Number of packets containing header errors addr errors Number of packets containing addressing errors unkn proto Number of packets received containing unknown protocols discards Number of discarded packets IP Statistics Frags: reasm ok Number of reassembled packets...
Page 535 Chapter 5: Configuring BGP-MPLS Applications ICMP Statistics Sent: errors Number of error packets sent dst unreach Number of packets sent with destination unreachable time excd Number of packets sent with time-to-live exceeded param probs Number of packets sent with parameter errors src quench Number of source quench packets sent redirect Number of send packet redirects timestamp req Number of requests for a timestamp...
Page 536 JUNOSe 11.1.x BGP and MPLS Configuration Guide Multicast Number of multicast packets and bytes forwarded out an IP interface Out Requested Packets, Bytes Number of packets and bytes requested to be forwarded out an IP interface Out Total Dropped Packets, Bytes Total number packets and bytes dropped by an IP interface on output Out Scheduler Drops Committed Packets, Bytes Number of committed packets and bytes dropped because of out queue threshold limit...
Page 537 Chapter 5: Configuring BGP-MPLS Applications 0 param probs, 0 src qnch, 0 redirect 0 timestamp req, 0 timestamp rpy 0 addr mask req, 0 addr mask rpy atm4/0.134 is up, line protocol is up VRF: pe11 Link up/down trap is disabled Internet address is 4.4.4.2/255.255.255.0 IP statistics: Rcvd:...
Page 538 JUNOSe 11.1.x BGP and MPLS Configuration Guide active at a given time, this command does not give a complete picture of the configuration. Use the member-circuits keyword to display circuit information for the group. Field descriptions routed to/base LSP Identifies address of the router at the other end of the tunnel and the base tunnel that is selected to forward the traffic load-balancing group Group number Martini group-id Martini group ID number for the interface...
Page 539 Chapter 5: Configuring BGP-MPLS Applications Interface Interface specifier and status; active indicates it is being used for traffic from the core; if active is not displayed, interface is not currently being used for traffic, but the statistics may be valid member ports Number and type of candidate ports configured for the group, including interface specifiers and state member circuits Number of member circuits configured for each port and...
Page 540 JUNOSe 11.1.x BGP and MPLS Configuration Guide show mpls tunnels Use to display status and configuration for all tunnels or for a specific tunnel in the current router context. A result of Incomplete Configuration in the display indicates either no tunnel endpoint or no label distribution protocol.
Page 541 Chapter 5: Configuring BGP-MPLS Applications There is no no version. See undebug ip mbgp. Monitoring BGP/MPLS VPNs...
Page 542 JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring BGP/MPLS VPNs...
Page 543: Layer 2 Services Over Mpls
Part 3 Layer 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 509 Configuring Layer 2 Services over MPLS on page 529 Monitoring Layer 2 Services over MPLS on page 563 Layer 2 Services Over MPLS...
Page 544 JUNOSe 11.1.x BGP and MPLS Configuration Guide Layer 2 Services Over MPLS...
Page 545: Layer 2 Services Over Mpls Overview
Chapter 6 Layer 2 Services over MPLS Overview This chapter contains the following sections: Layer 2 Services over MPLS Overview on page 509 Layer 2 Services over MPLS Platform Considerations on page 510 Layer 2 Services over MPLS References on page 511 Layer 2 Services over MPLS Implementation on page 512 Local Cross-Connects Between Layer 2 Interfaces Using MPLS on page 513 MPLS Shim Interfaces for Layer 2 Services over MPLS on page 513...
Page 546: Layer 2 Services Over Mpls Platform Considerations
JUNOSe 11.1.x BGP and MPLS Configuration Guide ATM with ATM Adaptation Layer 5 (AAL5) encapsulation ATM with virtual channel connection (VCC) cell relay encapsulation Ethernet (Fast Ethernet, Gigabit Ethernet, 10-Gigabit Ethernet, bridged Ethernet, bridged Ethernet/VLAN, Ethernet/VLAN) NOTE: For the purposes of configuring layer 2 services over MPLS, Ethernet interfaces and bridged Ethernet interfaces function identically, as do Ethernet/VLAN interfaces and bridged Ethernet/VLAN interfaces.
Page 547: Interface Specifiers
Chapter 6: Layer 2 Services over MPLS Overview See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications. See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support the underlying layer 2 service and MPLS. NOTE: In the current release, the E120 and E320 routers supports all layer 2 services over MPLS shown in the bulleted list in “Layer 2 Services over MPLS Overview”...
Page 548: Layer 2 Services Over Mpls Implementation
JUNOSe 11.1.x BGP and MPLS Configuration Guide Encapsulation Methods for Transport of PPP/HDLC Over IP and MPLS Networks draft-ietf-pwe3-hdlc-ppp-encap-mpls-03.txt (October 2004 expiration) Framework for Pseudo Wire Emulation Edge-to-Edge (PWE3) draft-ietf-pwe3-arch-06.txt (April 2004 expiration) IEEE 802.3ad (Link Aggregation) Pseudowire Setup and Maintenance Using LDP draft-ietf-pwe3-control-protocol-08.txt (January 2005 expiration) Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3) draft-ietf-pwe3-requirements-08.txt (June 2004 expiration)
Page 549: Local Cross-Connects Between Layer 2 Interfaces Using Mpls
Chapter 6: Layer 2 Services over MPLS Overview A service-specific control word may be placed between the layer 2 data and the VC label. The control word is used for frame sequencing and carrying service-specific information, such as Frame Relay forward explicit congestion notification (FECN) and backward explicit congestion notification (BECN) information.
Page 550 JUNOSe 11.1.x BGP and MPLS Configuration Guide Each MPLS shim interface points to a single MPLS next hop. When layer 2 frames arrive on the layer 2 interface below the MPLS shim interface, they are encapsulated in an MPLS packet and forwarded to that MPLS next hop. The details of the encapsulation are determined by the attributes of the shim interface.
Page 551: Multiple Layer 2 Services Over Mpls
Chapter 6: Layer 2 Services over MPLS Overview For information about collecting statistics for the MPLS shim interfaces, see Monitoring Layer 2 Services over MPLS on page 563 Multiple Layer 2 Services over MPLS When you configure an MPLS shim interface over an ATM, Frame Relay, or HDLC layer 2 interface, no other interface (for example, PPP or IP) can be stacked above the layer 2 interface.
Page 552: Aal5 Encapsulation
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 116: E Series Router Replacing Remote ATM Switch ATM layer 2 services over MPLS supports two encapsulation methods on E Series routers: AAL5 relay encapsulation VCC cell relay encapsulation The following sections describe each of these encapsulation methods. AAL5 Encapsulation JUNOSe software supports the AAL5 relay method of encapsulation that is specified in the Martini draft.
Page 553: Qos Classification
Chapter 6: Layer 2 Services over MPLS Overview The router passes the following OAM cells transparently: F5 alarm indication signal (AIS) segment and end-to-end F5 remote defect indication (RDI) segment and end-to-end F5 loopback segment and end-to-end Resource management F5 continuity check segment and end-to-end In addition, F4 OAM cell forwarding is supported.
Page 554 JUNOSe 11.1.x BGP and MPLS Configuration Guide VCC Cell Relay Encapsulation E Series routers support virtual channel connection (VCC) cell relay encapsulation for ATM layer 2 services over MPLS. VCC cell relay encapsulation enables a router to emulate ATM switch behavior by forwarding individual ATM cells over an MPLS pseudowire (also referred to as an MPLS tunnel) created between two ATM VCCs, or as part of a local ATM cross connect between two ATM 1483 subinterfaces on the same router.
Page 555 Chapter 6: Layer 2 Services over MPLS Overview We recommend that for voice-over-ATM configurations, you select timeout values between 6 microseconds and 3 x 6 microseconds. Values within this range are generally low enough to maintain a reasonable cell delay and high enough to take advantage of the cell concatenation mechanism.
Page 556 JUNOSe 11.1.x BGP and MPLS Configuration Guide You can configure an HDLC layer 2 circuit between two serial interfaces, between two packet over SONET (POS) interfaces, or between a serial interface and a POS interface. The interfaces at either end of the circuit can operate at the same speed or at different speeds.
Page 557: Figure 118: Ce-Side Mpls L2Vpn Tunnel Over Lag
Chapter 6: Layer 2 Services over MPLS Overview Configuring HDLC Layer 2 Services on page 538 Related Topics CE-Side MPLS L2VPNs over LAG Overview MPLS L2VPNs over link aggregation groups (LAGs) uses the functionality of both layer 2 services over MPLS and LAG. MPLS L2VPNs (Martini circuits) over LAG enable MPLS Martini circuits to use LAG in the network between the customer edge (CE) devices and the provider edge (PE) routers to distribute traffic arriving from pseudowires across multiple physical Ethernet interfaces.
Page 558 JUNOSe 11.1.x BGP and MPLS Configuration Guide layer 2 processing is required on the remaining layer 2 frames. After PE2 processes the Ethernet layer 2 frames, they are forwarded to CE2. Traffic arriving at PE1 from pseudowires is distributed across all the member links of the LAG.
Page 559 Chapter 6: Layer 2 Services over MPLS Overview Selective removal of only the service-delimiting tag when layer 2 frames were received from the CE devices to be sent to the pseudowire Selective insertion of only the service-delimiting tag when layer 2 frames were received from the pseudowire to be sent to the CE device In this release, you can configure an S-VLAN subinterface to enable the provider edge (PE) device to strip the S-VLAN tag from all packets that enter the MPLS pseudowires...
Page 560 JUNOSe 11.1.x BGP and MPLS Configuration Guide S-VLAN Subinterface with an Untagged C-VLAN ID Overview In previous releases, you could configure an S-VLAN subinterface with a C-VLAN ID in the range 0–4095 or with the any (5001) keyword for the VLAN ID. The single- tagged frames with a valid S-VLAN ID or untagged frames were ignored for the subinterface.
Page 561 Chapter 6: Layer 2 Services over MPLS Overview manual configuration and MPLS signaling protocol (LDP) state that had to be maintained. Now, you can emulate physical connectivity between two ATM ports that are not directly connected. This emulation is made possible by transporting ATM cells belonging to a subset of matching ATM VCs on both the ATM ports over a single pseudowire.
Page 562 JUNOSe 11.1.x BGP and MPLS Configuration Guide You can also specify concatenation of multiple ATM cells to be sent in a single MPLS-labeled packet for efficient usage of the backbone bandwidth. If you do not specify cell concatenation, each individual ATM cell is MPLS-labeled and transmitted on the pseudowire.
Page 563 Chapter 6: Layer 2 Services over MPLS Overview the router does not enable opening of the VP-level OAM circuits to be transported transparently on the pseudowire. Because only a subset of the ATM virtual circuits on an ATM port are carried on the pseudowire, LDP uses the ATM n-to-one VCC cell transport (0x0009) pseudowire (PW) type instead of the ATM transparent cell transport (0x0003) PW type in the signaling messages.
Page 564 JUNOSe 11.1.x BGP and MPLS Configuration Guide When a VPI/VCI range that you enter is a subset of an already defined range, the specified range is not saved and an appropriate message is displayed on the CLI interface. When a VPI/VCI range that you enter encompasses one or more of the previously defined ranges, the configuration attempt fails and an appropriate message is displayed on the CLI interface.
Page 565: Chapter 7 Configuring Layer 2 Services Over Mpls
Chapter 7 Configuring Layer 2 Services over MPLS This chapter describes how to configure layer 2 services over MPLS on the router, and contains the following sections: Before You Configure Layer 2 Services over MPLS on page 529 Configuring Frame Relay Layer 2 Services on page 530 Configuring Interoperation with Legacy Frame Relay Layer 2 Services on page 530 Configuring Ethernet/VLAN Layer 2 Services on page 531 Configuring S-VLAN Tunnels for Layer 2 Services on page 532...
Page 566 JUNOSe 11.1.x BGP and MPLS Configuration Guide NOTE: To provide uninterrupted service during an SRP switchover in a scaled configuration, such as one with 32,000 Martini circuits, set the LDP graceful restart reconnect time to the maximum 300 seconds and set the LDP graceful restart recovery timer to the maximum 600 seconds.
Page 567 Chapter 7: Configuring Layer 2 Services over MPLS host1(config-if)#interface serial 4/1:1/1.1 host1(config-subif)#frame-relay interface-dlci 17 ietf Specify MPLS tunneling by using the appropriate command. host1(config-if)#mpls-relay 10.10.100.2 45 relay-format frame-relay host1(config-if)#route interface tunnel mpls:tunnel6 45 relay-format frame-relay Configure Frame Relay and MPLS on the remote PE router. For information about configuring a more complex Frame Relay over MPLS Related Topics topology, see Frame Relay over MPLS Configuration Example on page 544...
Page 568 JUNOSe 11.1.x BGP and MPLS Configuration Guide mpls-relay route interface vlan id Configuring S-VLAN Tunnels for Layer 2 Services When you configure Ethernet or bridged Ethernet layer 2 services over MPLS, you can use the svlan id command with the any keyword to create a stacked VLAN (S-VLAN) tunnel that uses a single interface to tunnel traffic from multiple VLANs across an MPLS network.
Page 569: Figure 119: Local Cross-Connect Between Ethernet/Vlan Interfaces
Chapter 7: Configuring Layer 2 Services over MPLS svlan ethertype svlan id Configuring Local Cross-Connects Between Ethernet/VLAN Interfaces This section provides an example for configuring a local cross-connect that uses MPLS between two Ethernet/VLAN interfaces. NOTE: You must use the mpls-relay command instead of the route interface command to configure a local cross-connect, regardless of the MPLS tunneling method used in the core network.
Page 570 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-if)#vlan id 10 (Optional) If you are configuring a multiservice local cross-connect, assign an IP address and mask to the Ethernet/VLAN interface. host1(config-if)#ip address 10.1.2.3 255.255.255.0 Configure MPLS tunneling on this side of the connection by issuing the mpls-relay command.
Page 571 Chapter 7: Configuring Layer 2 Services over MPLS an MPLS relay connection from the PVCs to the loopback interface. You do not need to configure any other MPLS commands. The following commands create an ATM cross-connect between two ATM subinterfaces on the same router. NOTE: Although this procedure uses AAL5 encapsulation to configure a local cross-connect between two ATM 1483 subinterfaces within the same router, you can also use AAL5 encapsulation when you configure an MPLS pseudowire (tunnel)
Page 572 JUNOSe 11.1.x BGP and MPLS Configuration Guide atm pvc Related Topics interface atm interface loopback ip address mpls-relay show mpls cross-connects atm vlan id Configuring an MPLS Pseudowire with VCC Cell Relay Encapsulation The following commands create an ATM layer 2 services over MPLS pseudowire connection between two ATM 1483 subinterfaces on different routers.
Page 573 Chapter 7: Configuring Layer 2 Services over MPLS Identifier (1, 2, or 3) of the ATM Martini cell packing timer that you want to use to detect timeout of the cell collection threshold host1(config-subif)#atm cell-packing 100 mcpt-timer 2 Create an MPLS relay connection to the loopback interface on the egress router. The VC ID (1 in this example) must be the same on both sides of the connection.
Page 574: Configuring Hdlc Layer 2 Services
JUNOSe 11.1.x BGP and MPLS Configuration Guide OutDiscards: 1 interface(s) found host2#show atm subinterface atm 4/0.101 Circuit Interface Interface ATM-Prot VCD VPI VCI Type Encap MTU Status Type --------- -------- --- --- --- ------- ----- ---- -------------- --------- ATM 4/0.101 ATM/MPLS 101 0 101 PVC AAL0 9180 lowerLayerDown Static...
Page 575 Chapter 7: Configuring Layer 2 Services over MPLS Use one of the following methods to create the HDLC layer 2 circuit over MPLS: Use the mpls-relay or route interface command without the relay-format ppp keywords. This command causes the router to signal VC-type HDLC on the LDP session and use HDLC encapsulation.
Page 576 JUNOSe 11.1.x BGP and MPLS Configuration Guide Local Cross-Connects on page 520 Related Topics For more information about policies and MPLS layer 2 circuits, see Managing Policies on the E Series Router, Creating or Modifying Classifier Control Lists for MPLS Policy Lists, and Creating Policy Lists for MPLS in the JUNOSe Policy Management Configuration Guide interface pos interface serial...
Page 577 Chapter 7: Configuring Layer 2 Services over MPLS In this example, the router advertises a single label, 53, to the remote peer, 10.9.1.3, and receives a single label, 55, from the peer, resulting in the following forwarding table: host1:# show mpls forwarding brief Platform label space In Label Owner...
Page 578: Figure 120: Ce-Side Load-Balancing Topology
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring Load-Balancing Groups Load-balancing groups are a legacy method of configuring CE-side load balancing. It was the only method available before Release 7.1.0. Load-balancing groups enable you to configure attributes for a group that are inherited by the member shim interfaces (Figure 120 on page 542).
Page 579 Chapter 7: Configuring Layer 2 Services over MPLS You configure each circuit for VLAN or S-VLAN subinterfaces that you create across a set of candidate Ethernet ports. The router distributes traffic from the core through the candidate ports used by the load-balancing group. If a port is disabled, traffic is redistributed to a working port.
Page 580: Figure 121: Sample Frame Relay Over Mpls Configuration
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-mpls-l2-group)#no member interface fast 13/0.2 host1()#interface fast 13/0.2 host1(config-subif)#no mpls-relay member interface Related Topics mpls l2transport load-balancing-group Frame Relay over MPLS Configuration Example The script provided in this section is one way to configure Frame Relay services over MPLS.
Page 581 Chapter 7: Configuring Layer 2 Services over MPLS controller t3 4/0 no shutdown clock source internal module cablelength 5 t1 1 clock source internal module t1 1/1 timeslots 1-24 speed 64 t1 2 clock source internal module t1 2/1 timeslots 1-24 speed 64 controller t3 4/1 no shutdown clock source internal module...
Page 582 JUNOSe 11.1.x BGP and MPLS Configuration Guide atm clock inter mod interface atm 2/0.1 atm pvc 1 1 11 aal5snap ip address 10.10.11.2 255.255.255.0 ip router isis mpls mpls ldp router isis net 47.0005.80FF.F800.0000.0000.0004.0000.F209.0202.00 mpls traffic-eng router-id loopback 0 mpls traffic-eng level-1 metric-style wide !-------------------------------------------------------------------------- !Create virtual router three.
Page 583 Chapter 7: Configuring Layer 2 Services over MPLS mpls ldp interface atm 2/1.2 atm pvc 2 1 12 aal5snap ip address 10.10.12.5 255.255.255.0 ip router isis mpls mpls ldp router isis net 47.0005.80FF.F800.0000.0000.0004.0000.F209.0505.00 mpls traffic-eng router-id loopback 0 mpls traffic-eng level-1 metric-style wide !-------------------------------------------------------------------------- !Create MPLS tunnel from VR three to VR two.
Page 584: Figure 122: Mpls L2Vpn Tunnel Over Vlan Over Lag Configuration
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 122: MPLS L2VPN Tunnel over VLAN over LAG Configuration Example CE-Side MPLS L2VPN over LAG 7.7.7.7/24 11.11.11.11/32 22.22.22.22/32 7.7.7.8/24 2/1/0 2/1/1 2/1/4 2/1/5 2/1/6 2/1/7 2/1/3 2/1/2 2.0.0.1/24 2.0.0.2/24 vlan id 20 lag 1 lag 2 svlan 1 1...
Page 585 Chapter 7: Configuring Layer 2 Services over MPLS ! On PE1, configure a loopback interface, and assign an IP address and mask to ! the interface. host1:pe1(config)#interface loopback 0 host1:pe1(config-if)#ip address 11.11.11.11 255.255.255.255 ! Assign the router ID using the IP address you configured for the loopback ! interface.
Page 586 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:pe2(config)#mpls . ! Configure PE2 to create topology-driven LSPs. Enabling LDP automatically creates ! topology-driven LSPs. host1:pe2(config)#mpls topology-driven-lsp ! On PE2, configure a loopback interface, and assign an IP address and mask to ! the interface.
Page 587: Figure 123: Mpls L2Vpn Tunnel Over Lag Configuration Example
Chapter 7: Configuring Layer 2 Services over MPLS ! Configure a virtual router CE2 host1(config)#virtual-router ce2 ! Specify a Gigabit Ethernet interface and assign VLAN as the encapsulation method. host1:ce2(config)#interface gigabitEthernet 2/1/7 host1:ce2(config-if)#encapsulation vlan ! Create a subinterface, assign an S-VLAN ID, and configure an IP address and mask to it.
Page 588 JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuration on CE1 (Local CE Router) Use the following commands on the local CE router (CE1) to configure the MPLS L2VPN tunnel over LAG shown in Figure 123 on page 551. ! Configure a virtual router CE1. host1(config)#virtual-router ce1 ! Specify the interface for the LAG bundle lag 1 that groups all Ethernet physical ! interfaces between CE1 and PE1.
Page 589 Chapter 7: Configuring Layer 2 Services over MPLS ! encapsulation method, and configure another subinterface. For this subinterface, ! assign a VLAN ID, specify the encapsulation method as VLAN, configure MPLS, ! and assign an IP address and mask. Also, enable LDP and topology-driven LSP, as ! does any LDP-related command, using an implicit default profile, on this Gigabit ! Ethernet subinterface.
Page 590 JUNOSe 11.1.x BGP and MPLS Configuration Guide ! Create another Gigabit Ethernet subinterface on the main interface. For this ! interface, assign a VLAN ID, specify the encapsulation method as VLAN, configure ! MPLS, and assign an IP address and mask. Also, enable LDP and topology-driven ! LSP, as does any LDP-related command, using an implicit default profile, on this ! Gigabit Ethernet subinterface.
Page 591: Figure 124: Mpls L2Vpn Tunnel Over Lag Configuration Example
Chapter 7: Configuring Layer 2 Services over MPLS PE devices and the configuration of the S-VLAN subinterface on CE-facing devices, a device in the Maritni circuit can be either S-VLAN-aware or S-VLAN-unaware. Figure 124 on page 555 shows a Martini circuit deployment in which the CE-side devices on either side of the network send and receive Ethernet frames.
Page 592: Figure 125: Ethernet Packet Distribution Over Martini Circuits
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 68 on page 556 describes the different scenarios in which the Martini circuit configuration is supported, when Ethernet raw mode encapsulation is configured on the S-VLAN interfaces. Table 68: Martini Circuit Scenarios with Ethernet Raw Mode Whether scenario is MPLS network supported, when raw...
Page 593 Chapter 7: Configuring Layer 2 Services over MPLS 10G LMs, ES2 10G Uplink LMs, and ES2 10G ADV LMs. At point B, the MPLS encapsulation header is added to the packet and the egress line module forwards it to the MPLS network. This functionality is the same for both ES2 4G, ES2 10G, ES2 10G Uplink, and ES2 10G ADV LMs.
Page 594: Figure 126: Martini Circuit With Two Pseudowires Between Pe-Facing
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config-if)#svlan ethertype 8100 The following are the limitations in this setup when the user at the CE-side tags all the packets from the CE-side, including C-VLAN tagged or untagged packets, with an S-VLAN ID to identify a particular user: If the S-VLAN Ethertype is 0x8100, then you must create two sub-interfaces, one for the double-tagged packets, and the other for single-tagged packets to process both these types of packets.
Page 595 Chapter 7: Configuring Layer 2 Services over MPLS host1(config-if)#vlan id X If you configure such a setting, the set of commands that is configured first takes precedence. Consider the following two cases with this configuration: Case 1: Assume that svlan id X any 8100 is configured on the subinterface. In this case, all packets with the outer tag as X and Ethertype as 8100 are matched to the sub-interface.
Page 596: Figure 127: Martini Circuit Deployment For Transmission Of Multiple Atm Vcs Over A Single Pseudowire
JUNOSe 11.1.x BGP and MPLS Configuration Guide Multiple ATM Virtual Circuits over a Single Pseudowire Example Figure 127 on page 560 shows a Martini circuit deployment in which the CE-side devices on either side of the network send and receive ATM cells. An MPLS tunnel that connects two E Series provider edge routers, PE1 and PE2, and ATM cross-connects provide a pseudowire between the ATM VCs on the two routers.
Page 597 Chapter 7: Configuring Layer 2 Services over MPLS NOTE: The support for multiple VCs over a single pseudowire uses the the ATM n-to-one VCC cell transport (0x0009) pseudowire (PW) type in LDP signalling messages. This PW type is also used in the signaling messages by the ATM Martini circuit feature, which enables cell relay encapsulation on an ATM subinterface, that transports ATM cells associated with an ATM subinterface on a single pseudowire.
Page 598 JUNOSe 11.1.x BGP and MPLS Configuration Guide Multiple ATM Virtual Circuits over a Single Pseudowire Example...
Page 599: Chapter 8 Monitoring Layer 2 Services Over Mpls
Chapter 8 Monitoring Layer 2 Services over MPLS This chapter describes the commands you can use to monitor and troubleshoot layer 2 services over MPLS on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 600: Table 69: Show Atm Mcpt-Timers Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide To set a statistics baseline for layer 2 services over MPLS: Issue the baseline mpls interface command: host1#baseline mpls interface There is no no version. baseline mpls interface Related Topics Monitoring ATM Martini Cell Packing Timers for Layer 2 Services over MPLS Display the current systemwide values configured on the router for the three ATM Purpose Martini cell packing timers.
Page 601: Table 70: Show Atm Subinterface Output Fields
Chapter 8: Monitoring Layer 2 Services over MPLS To display the current state of all ATM subinterfaces: Action host1#show atm subinterface Interface ATM-Prot VCD VPI VCI Type Encap MTU Status Address ----------- -------- --- --- --- ---- ----- ---- ------ ------- ATM 2/0.100 ATM/MPLS 100 0 100 PVC AAL0...
Page 602: Table 71: Show Mpls Cross-Connects Atm Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide NOTE: For ATM over MPLS interfaces, the ATM-Prot field displays ATM/MPLS. show atm subinterface Related Topics Monitoring ATM Cross-Connects for Layer 2 Services over MPLS Display all ATM cross-connects (passthrough connections between local subinterfaces). Purpose To display ATM cross-connects: Action...
Page 603: Monitoring Mpls Forwarding For Layer 2 Services Over Mpls
Chapter 8: Monitoring Layer 2 Services over MPLS show mpls cross-connects atm Related Topics Monitoring MPLS Forwarding for Layer 2 Services over MPLS Display configuration and statistics for all label-switched paths (LSPs) or for specific Purpose LSPs configured on the label-switching router (LSR). The brief keyword displays only the the action taken for each in label.
Page 604: Table 72: Show Mpls Forwarding Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 72: show mpls forwarding Output Fields Field Name Field Description name/id Interface specifier destination Destination IP address In label Label sent to upstream neighbor for route Out label Label received from downstream neighbor for route pkts Number of packets sent across tunnel hcPkts...
Page 605 Chapter 8: Monitoring Layer 2 Services over MPLS Received: 0 packets 0 bytes 1 error 0 discards Sent: 0 packets 0 bytes 0 errors 0 discards received mtu 0 queue 0: traffic class best-effort, bound to ethernet FastEthernet2/0 Queue length 0 bytes Forwarded packets 0, bytes 0 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0...
Page 606: Table 73: Show Mpls Interface And Show Mpls L2Transport Interface Output
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 73: show mpls interface and show mpls l2transport interface Output Fields Field Name Field Description MPLS shim interface Interface specifier Remote PE address Address of the remote PE router for the layer 2 circuit Virtual circuit ID VC ID number for the interface Group ID...
Page 607 Chapter 8: Monitoring Layer 2 Services over MPLS Table 73: show mpls interface and show mpls l2transport interface Output Fields (continued) Field Name Field Description Queue length Number of bytes in the queue Forwarded packets, bytes Total number of packets and bytes forwarded by this interface Dropped committed Total number of committed packets and bytes dropped by this packets, bytes...
Page 608 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 73: show mpls interface and show mpls l2transport interface Output Fields (continued) Field Name Field Description Virtual Circuit ID VC ID number for the interface Load Balancing Group Load-balancing group associated with the layer 2 Martini transport circuit Admin state Administrative state of the interface, enabled or disabled...
Page 609: Virtual Private Lan Service
Part 4 Virtual Private LAN Service VPLS Overview on page 575 Configuring VPLS on page 589 Monitoring VPLS on page 613 Virtual Private LAN Service...
Page 610 JUNOSe 11.1.x BGP and MPLS Configuration Guide Virtual Private LAN Service...
Page 611: Chapter 9 Vpls Overview
Chapter 9 VPLS Overview This chapter describes the virtual private LAN service (VPLS), and contains the following sections: VPLS Overview on page 575 VPLS Components on page 576 VPLS and Transparent Bridging on page 577 BGP Signaling for VPLS on page 579 LDP Signaling for VPLS on page 579 BGP Multihoming for VPLS on page 580 VPLS Supported Features on page 585...
Page 612: Figure 128: Vpls Sample Topology
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 128 on page 576 illustrates an example of a simple VPLS topology. The basic topology of a VPLS network is the same regardless of whether BGP signaling or LDP signaling is used. Figure 128: VPLS Sample Topology BGP Signaling for VPLS on page 579 Related Topics...
Page 613 Chapter 9: VPLS Overview Figure 128 on page 576depicts two VPLS domains: VPLS A and VPLS B. The VPLS A domain connects Customer A’s Boston and Chicago offices, and consists of provider edge routers PE 1 and PE 2, each of which runs a VPLS instance named vplsA. Similarly, the VPLS B domain connects Customer B’s Boston and Chicago offices, and consists of provider edge routers PE 1 and PE 2, each of which also runs a VPLS instance named vplsB.
Page 614: Table 74: Vpls Forwarding Table On Pe 1 For Vpls A
JUNOSe 11.1.x BGP and MPLS Configuration Guide effect, a VPLS instance is a new or existing bridge group that has additional VPLS attributes configured. A bridge group is a collection of bridge interfaces stacked on Ethernet layer 2 interfaces to form a broadcast domain. Similarly, a VPLS instance is a collection of network interfaces stacked on Ethernet layer 2 interfaces that transmits packets between the router, or VE device, and the CE device located at the edge of the customer’s network.
Page 615: Table 77: Vpls Forwarding Table On Pe 2 For Vpls B
Chapter 9: VPLS Overview Table 77: VPLS Forwarding Table on PE 2 for VPLS B Interface MAC Address Outgoing Label Received Label Bridged Ethernet 2/0.21 4b4b.4b4b.4b4b – – VPLS virtual core interface 2b2b.2b2b.2b2b BGP Signaling for VPLS BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP/MPLS VPNs, which are sometimes known as RFC 2547bis VPNs.
Page 616 JUNOSe 11.1.x BGP and MPLS Configuration Guide for a local PE router is equal to the total number of other PE routers that participate in the VPLS instances configured on the local PE router. As is the case with Martini encapsulation for Ethernet layer 2 services over MPLS, a targeted session to a remote PE router can have many pseudowires that terminate at the same remote PE router.
Page 617 Chapter 9: VPLS Overview When a CE device connects to multiple PE routers, each of these routers advertises reachability for the multihomed site routes that have the same site ID in the layer2 NLRI. The other PE routers in the network use a BGP path selection process to select only one of the advertising routers to which they send traffic destined for the CE device.
Page 618 JUNOSe 11.1.x BGP and MPLS Configuration Guide The layer 2 multihoming decision process is run only in the non-core VPLS (or VPWS) layer 2 unicast address families. This second decision process treats prefixes with the same site ID but different RDs as a single prefix. When the PE router receives a layer 2 BGP advertisement that has the down bit set, inbound policy sets the local preference attribute to zero.
Page 619 Chapter 9: VPLS Overview The result of this process is the best path to the multihomed customer site through each PE router connected to the site. One best path is selected for each router. The process establishes whether the route advertised by each PE router is suitable for advertising to peer routers.
Page 620 JUNOSe 11.1.x BGP and MPLS Configuration Guide up pseudowires to and from the new designated VE device and tears down the pseudowires to and from the previous designated VE device. If this PE router does not select a best path after running the process, then the local PE router does not consider the remote site to exist.
Page 621 Chapter 9: VPLS Overview To modify their pseudowires, the peer routers correct their MPLS forwarding tables and set up new entries in their pseudowire tables. VPLS Supported Features The JUNOSe implementation of VPLS provides the following features: Single-level VPLS hierarchy within a single autonomous system (AS) using MPLS tunneling technology for the core Support for the following types of network interfaces between the PE router and the CE device:...
Page 622 JUNOSe 11.1.x BGP and MPLS Configuration Guide For information about the modules that support VPLS network interfaces and VPLS virtual core interfaces on ERX14xx models, ERX7xx models, and ERX310 Braoadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications.
Page 623 Chapter 9: VPLS Overview JUNOSe Release Notes, Appendix A, System Maximums Refer to the Release Notes corresponding to your software release for information about the maximum values supported for VPLS configuration. RFC 3036 LDP Specification (January 2001) RFC 4447 Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) (April 2006) RFC 4762 Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling (January 2007)
Page 624 JUNOSe 11.1.x BGP and MPLS Configuration Guide VPLS References...
Page 625: Chapter 10 Configuring Vpls
Chapter 10 Configuring VPLS This chapter describes how to configure the virtual private LAN service (VPLS) on the router, and contains the following sections: Before You Configure VPLS on page 589 Configuration Tasks for VPLS with BGP Signaling on page 590 Configuring VPLS Instances with BGP Signaling on page 590 Configuring BGP Multihoming for VPLS on page 593 Configuring Optional Attributes for VPLS Instances on page 593...
Page 626: Table 78: Commands To Configure Basic Vpls Instances
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuration Tasks for VPLS with BGP Signaling To configure VPLS with BGP signaling on the PE router: Configure a single instance of VPLS, known as a VPLS instance, on the PE router for each VPLS domain in which the router participates. (Optional) Configure BGP multihoming for the customer site.
Page 627 Chapter 10: Configuring VPLS Table 78: Commands to Configure Basic VPLS Instances (continued) bridge vpls site-name site-id To configure a basic VPLS instance with BGP signaling on the PE router: From Global Configuration mode, create the VPLS instance by specifying the transport virtual router for this instance.
Page 628 JUNOSe 11.1.x BGP and MPLS Configuration Guide Create or add a route target to the import and export lists of VPN extended communities for this VPLS instance. host1(config)#bridge customer1 vpls route-target both 100:1 The PE router uses the lists of VPN extended communities to determine which routes are imported by this VPLS instance.
Page 629 Chapter 10: Configuring VPLS Configuring BGP Multihoming for VPLS You can configure BGP multihoming in the VPLS network to provide redundancy in the event of failures such as a PE router-to-CE device link failure, the failure of a PE router, or an MPLS reachability failure between the local PE router and a remote PE router.
Page 630 JUNOSe 11.1.x BGP and MPLS Configuration Guide In this example, the VPLS instance forwards frames destined for the node with MAC address 0090.1a40.4c7c out the specified Gigabit Ethernet interface host1(config)#bridge vplsA address 0090.1a40.4c7c forward gigabitEthernet 3/0.1 In this example, the VPLS instance drops frames sent from or destined for the node with MAC address 1011.22b2.333c host1(config)#bridge vplsB address 1011.22b2.333c discard (Optional) Set the length of time that a dynamic (learned) MAC address entry...
Page 631 Chapter 10: Configuring VPLS 10-Gigabit Ethernet VLAN and S-VLAN subinterfaces over bridged Ethernet, Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet interfaces The requirements and procedures for network interfaces are the same whether you employ BGP or LDP signaling for VPLS. To configure a network interface for a VPLS instance: From Global Configuration mode, select the interface that you want to assign to the VPLS instance.
Page 632: Table 79: Default Subscriber Policies For Vpls Network Interfaces
JUNOSe 11.1.x BGP and MPLS Configuration Guide requirements and procedures for subscriber policies are the same whether you employ BGP or LDP signaling for VPLS. Network Interface Types VPLS instances, like bridge groups, support two types of network interfaces: Subscriber (client) A subscriber (client) interface is downstream from the traffic flow;...
Page 633: Table 80: Commands To Configure Subscriber Policies
Chapter 10: Configuring VPLS Table 79: Default Subscriber Policies for VPLS Network Interfaces (continued) Packet/Attribute Type Default Subscriber Policy Default Trunk Policy Relearn Permit Permit Unicast (user-to-user) Permit Permit Unknown unicast DA Deny Permit Unknown protocol Permit Permit Modifying Subscriber Policies For a network interface configured as a subscriber (client) interface, you can modify the default subscriber policy to change the default permit or deny value for one or more of the packet or attribute types listed in Table 79 on page 596.
Page 634 JUNOSe 11.1.x BGP and MPLS Configuration Guide interface with a VPLS instance named vplsBoston, and configure the interface as a trunk. host1(config)#interface tenGigabitEthernet 4/0/1 host1(config-if)#bridge-group vplsBoston subscriber-trunk If you configure a VPLS network interface as a subscriber (client) interface, use care if you modify the default subscriber policy in effect for that interface.
Page 635 Chapter 10: Configuring VPLS Configuration Tasks for VPLS with BGP Signaling on page 590 Related Topics interface loopback ip address ip router-id Configuring MPLS LSPs for VPLS As part of a VPLS configuration, you must create MPLS label-switched paths (LSPs) to connect the local PE router and the remote PE router through the provider (P) router in the MPLS core.
Page 636: Table 81: Commands To Configure Bgp Signaling For Vpls
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring BGP Signaling for VPLS This section describes one way to configure BGP signaling for VPLS, but does not provide complete details about configuring BGP and BGP/MPLS VPNs. Table 81 on page 600 lists the commands discussed in this section to configure BGP signaling for VPLS.
Page 637 Chapter 10: Configuring VPLS host1(config-router-af)#neighbor 10.4.4.4 activate Use neighbor commands to configure additional address family parameters for the session, then exit the address family. This example configures only the next-hop-self attribute, forcing the BGP speaker to report itself as the next hop for an advertised route that it learned from a neighbor.
Page 638: Figure 129: Topology For Vpls Configuration Example With Bgp
JUNOSe 11.1.x BGP and MPLS Configuration Guide Figure 129: Topology for VPLS Configuration Example with BGP Signaling Topology Overview of VPLS with BGP Signaling The sample topology in Figure 129 on page 602 includes two VPLS domains, VPLS A and VPLS B. VPLS A connects CE 1, at the edge of Customer A’s Boston site, with CE 3, at the edge of Customer A’s Chicago site.
Page 639 Chapter 10: Configuring VPLS Configuration on PE 1 (Local PE Router) Use the following commands on the local PE router (PE 1) to configure the VPLS topology shown in Figure 129 on page 602. ! Configure VPLS instance vplsA. host1(config)#bridge vplsA vpls transport-virtual-router default host1(config)#bridge vplsA vpls site-range 10 host1(config)#bridge vplsA vpls site-name boston site-id 1 host1(config)#bridge vplsA vpls rd 100:11...
Page 640 JUNOSe 11.1.x BGP and MPLS Configuration Guide ! Configure BGP signaling. host1(config)#router bgp 100 host1(config-router)#neighbor 10.2.2.2 remote-as 100 host1(config-router)#neighbor 10.2.2.2 update-source loopback 0 host1(config-router)#neighbor 10.2.2.2 next-hop-self host1(config-router)#address-family l2vpn signaling host1(config-router-af)#neighbor 10.2.2.2 activate host1(config-router-af)#neighbor 10.2.2.2 next-hop-self host1(config-router-af)#exit-address-family host1(config-router)#address-family vpls vplsA host1(config-router-af)#exit-address-family host1(config-router)#address-family vpls vplsB host1(config-router-af)#exit-address-family host1(config-router)#exit...
Page 641 Chapter 10: Configuring VPLS ! Assign the router ID for PE 2 using the IP address of the loopback interface. host2(config)#ip router-id 10.2.2.2 ! Enable MPLS on the default virtual router. host2(config)#mpls ! Configure ATM core-facing interface 3/1.100 between PE 2 and the P router, ! and assign it an IP address.
Page 642 JUNOSe 11.1.x BGP and MPLS Configuration Guide Configure a loopback interface to be associated with the targeted LDP neighbor, and assign a router ID that uses the IP address of the loopback interface. For instructions, see “Configuring the Loopback Interface and Router ID for VPLS” on page 598.
Page 643: Table 82: Commands To Configure Ldp Signaling For Vpls
Chapter 10: Configuring VPLS Configuration Tasks for VPLS with LDP Signaling on page 605 Related Topics bridge vpls transport-virtual-router Configuring LDP Signaling for VPLS LDP signaling establishes targeted sessions to the remote VEs configured at the edge of the service provider’s MPLS core network. To enable LDP to establish these targeted sessions, you issue the mpls ldp vpls-id command to configure a VPLS identifier for the VPLS instance, and the mpls ldp vpls neighbor command to configure a list of neighbor (peer) addresses to which LDP can send or from which LDP can receive...
Page 644: Table 83: Commands To Configure Ospf For A Vpls Network
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configuring Routing in the Core Network for VPLS After you configure the transparent bridging, LDP, and MPLS components of the VPLS network, you must configure an IGP, such as OSPF or IS-IS, on the PE router to set up routing within the core MPLS network.
Page 645: Figure 130: Topology For Vpls Configuration Example With Ldp
Chapter 10: Configuring VPLS Figure 130: Topology for VPLS Configuration Example with LDP Signaling PE 1 PE 2 De fault vi rtual route r De fault vi rtual route r Topology Overview of VPLS with LDP Signaling Because the basic components of a VPLS network are the same regardless of whether BGP signaling or LDP signaling is used, the sample topology shown for LDP signaling in Figure 130 on page 609 is almost identical to the sample topology shown for BGP signaling in Figure 129 on page 602.
Page 646 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config)#bridge vplsA vpls transport-virtual-router default ! Configure VPLS instance vplsB. host1(config)#bridge vplsB vpls transport-virtual-router default ! Configure Fast Ethernet interface 2/1 between PE 1 and CE 1, ! and assign it to vplsA as a trunk interface. host1(config)#interface fastEthernet 2/1 host1(config-if)#bridge-group vplsA subscriber-trunk host1(config-if)#exit...
Page 647 Chapter 10: Configuring VPLS ! Configure VPLS instance vplsA. host2(config)#bridge vplsA vpls transport-virtual-router default ! Configure VPLS instance vplsB. host2(config)#bridge vplsB vpls transport-virtual-router default ! Configure Fast Ethernet interface 2/5 between PE 2 and CE 3, ! and assign it to vplsA as a trunk interface. host2(config)#interface fastEthernet 2/5 host2(config-if)#bridge-group vplsA subscriber-trunk host2(config-if)#exit...
Page 648 JUNOSe 11.1.x BGP and MPLS Configuration Guide VPLS Configuration Example with LDP Signaling...
Page 649: Chapter 11 Monitoring Vpls
Chapter 11 Monitoring VPLS This chapter describes the commands you can use to monitor and troubleshoot the virtual private LAN service (VPLS) on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 650 JUNOSe 11.1.x BGP and MPLS Configuration Guide Setting a Baseline for VPLS Statistics You can use the following baseline commands to set a statistics baseline for a VPLS instance, for a network interface associated with a VPLS instance, or for the VPLS virtual core interface associated with a VPLS instance.
Page 651 Chapter 11: Monitoring VPLS baseline bridge interface baseline bridge interface vpls Clearing Dynamic MAC Addresses from the VPLS Forwarding Table You can use the following clear commands to remove all dynamic (learned) MAC address entries or a specific dynamic MAC address entry from the forwarding table for a VPLS instance.
Page 652 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1#clear bridge interface atm 3/3.2 There is no no version. Clearing All Dynamic MAC Addresses for the VPLS Virtual Core Interface Associated with A VPLS Instance To clear all dynamic MAC address entries for the VPLS virtual core interface associated with a VPLS instance: Issue the clear bridge interface vpls command.
Page 653: Table 84: Commands For Monitoring Vpls Bridging Settings
Chapter 11: Monitoring VPLS There is no no version. Clearing BGP Route Flap Dampening Information for the VPWS Address Family To clear route flap dampening information for the VPLS address family associated with the specified VPLS instance: Issue the clear ip bgp dampening command. host1#clear ip bgp vpls vplsA dampening There is no no version.
Page 654 JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring VPLS Configuration and Statistics for a Specific VPLS Instance on Related Topics page 618 Monitoring VPLS Configuration and Statistics for all VPLS Instances on page 620 Monitoring Configuration, Statistics, and Status for VPLS Network Interfaces on page 622 Monitoring Configuration, Statistics, and Status for VPLS Core Interfaces on page 625...
Page 655: Table 85: Show Bridge Output Fields
Chapter 11: Monitoring VPLS Table 85: show bridge Output Fields Field Name Field Description BridgeGroup Name of the VPLS instance for which information is displayed Bridge Mode Bridging capability currently enabled; for a VPLS instance, this field always displays default Aging Time Length of time, in seconds, that a MAC address entry can remain in the forwarding table before expiring...
Page 656: Monitoring Vpls Configuration And Statistics For All Vpls Instances
JUNOSe 11.1.x BGP and MPLS Configuration Guide show bridge Related Topics Monitoring VPLS Configuration and Statistics for all VPLS Instances Display configuration and statistics information for all VPLS instances configured on Purpose the router. To display the names of all VPLS instances configured on the router: Action host1#show bridge groups BridgeGroup: vplsA(vpls)
Page 657: Table 86: Show Bridge Groups Details Output Fields
Chapter 11: Monitoring VPLS SiteRange: VPLS Route Targets No Route Targets configured Flood Next Hop: Index 1048578 Table 86 on page 621 lists the show bridge group details command output fields. Meaning Table 86: show bridge groups details Output Fields Field Name Field Description BridgeGroup...
Page 658 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 86: show bridge groups details Output Fields (continued) Field Name Field Description Flood Next Hop Index of the MPLS next hop to which the router floods packets with unknown destination addresses. For more information about displaying MPLS next hops and any available next-hop statistics, see “Monitoring MPLS Next Hops”...
Page 659: Table 87: Show Bridge Interface Output Fields
Chapter 11: Monitoring VPLS Operational Status: Up Admin Status: Up Snmp Link Status Trap: Disabled Max Learn: Unlimited Subscriber Policy: samplepolicy Statistics: In Octets: 3770 In Frames: In Discards: In Errors: Out Octets: 3682 Out Frames: Out Discards: 0 Out Errors: Time since counters last reset: 01:07:08 queue 0: traffic class best-effort, bound to bridge FastEthernet1/1.1 Queue length 0 bytes...
Page 660 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 87: show bridge interface Output Fields (continued) Field Name Field Description Operational Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent Admin Status State of the physical interface: Up, Down Snmp Link Status Trap Whether SNMP link status processing is enabled or disabled for the specified interface...
Page 661: Table 88: Show Bridge Interface Output Fields
Chapter 11: Monitoring VPLS Table 88: show bridge interface Output Fields Field Name Field Description Interface Interface type and specifier associated with the port Port Port number on which this interface resides Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent show bridge interface Related Topics...
Page 662 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 89: show bridge interface vpls Output Fields (continued) Field Name Field Description Operational Status Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent Admin Status State of the physical interface: Up, Down Snmp Link Status Trap Whether SNMP link status processing is enabled or disabled for the specified interface...
Page 663: Monitoring Configuration, Statistics, And Status For Vpls Ports
Chapter 11: Monitoring VPLS show bridge interface vpls Related Topics Monitoring Configuration, Statistics, and Status for VPLS Ports Display configuration, statistics, and status information for ports (interfaces) associated Purpose with a VPLS instance. To display information for VPLS ports: Action host1#show bridge vplsC port FastEthernet1/1.1 Port Number: 1...
Page 664: Table 90: Show Bridge Port Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1#show bridge vplsTest port brief Port Interface Status ------ ------------------------- ------------ FastEthernet1/1.1 ATM10/1.1.1 vpls vplsTest Table 90 on page 628 lists the show bridge port command output fields. Meaning Table 90: show bridge port Output Fields Field Name Field Description BridgeGroup...
Page 665: Table 91: Show Bridge Port Brief Output Fields
Chapter 11: Monitoring VPLS Table 90: show bridge port Output Fields (continued) Field Name Field Description Dropped committed Number of committed packets and bytes that were dropped packets, bytes Dropped conformed Number of conformed packets and bytes that were dropped packets, bytes Dropped exceeded Number of exceeded packets and bytes that were dropped...
Page 666: Table 92: Show Bridge Table Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 92: show bridge table Output Fields Field Name Field Description Bridge Name of the VPLS instance for which the MAC address table is displayed Address MAC address of the entry Action Specifies how the VPLS instance handles this entry: forward or discard Interface Interface type and specifier on which the entry is forwarded;...
Page 667: Table 93: Show Subscriber-Policy Output Fields
Chapter 11: Monitoring VPLS Unicast : Permit PPPoE : Permit Relearn : Permit Mpls : Permit Subscriber: default Trunk : Permit Broadcast : Permit Multicast : Permit Unknown Destination : Permit : Permit Unknown Protocol : Permit Unicast : Permit PPPoE : Permit Relearn...
Page 668: Table 94: Commands For Monitoring Vpls Bgp Settings
JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 94: Commands for Monitoring VPLS BGP Settings show ip bgp show ip bgp neighbors paths show ip bgp advertised-routes show ip bgp neighbors received-routes show ip bgp community show ip bgp neighbors routes show ip bgp community-list show ip bgp network show ip bgp dampened-paths...
Page 669 Chapter 11: Monitoring VPLS 4 routes (264 bytes) 4 destinations (288 bytes) of which 4 have a route 0 routes selected for route tables installation 0 unicast/multicast routes selected for route table installation 0 unicast/multicast tunnel-usable routes selected for route table installation 0 tunnel-only routes selected for tunnel-route table installation 4 path attribute entries (608 bytes) Local-RIB version 11.
Page 670: Table 95: Show Ip Bgp L2Vpn Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1#show ip bgp l2vpn vpls customer1 site-id 2 block-offset 1 BGP route information for prefix 2:1 Received route learned from internal peer 2.2.2.2 (best route) Leaked route Route placed in IP forwarding table Best to advertise to external peers Address Family Identifier (AFI) is layer2 Subsequent Address Family Identifier (SAFI) is unicast...
Page 671: Monitoring Bgp Next Hops For Vpls
Chapter 11: Monitoring VPLS Table 95: show ip bgp l2vpn Output Fields (continued) Field Name Field Description Status codes Status codes for the route, listed before the Prefix: > best route * invalid route s suppressed route d dampened route r rejected route a auto-summarized route m multihomed backup route;...
Page 672: Table 96: Show Ip Bgp Next-Hops Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Resolution in IP route table of VR IP indirect next-hop index 2 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop ATM2/0.10 (10.10.10.2) Resolution in IP tunnel-route table of VR MPLS indirect next-hop index 19 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop 0000000c...
Page 673: Table 97: Show Ldp Vpls Output Fields
Chapter 11: Monitoring VPLS To display information for all VPLS instances configured on the virtual router: Action host1:ve1#show ldp vpls Vpls Vpls Remote Instance In-label Out-label -------- ---- ------- -------- --------- vpls1 2.2.2.2 vpls2 2.2.2.2 Table 97 on page 637 lists the show ldp vpls command output fields. Meaning Table 97: show ldp vpls Output Fields Field Name...
Page 674: Table 98: Show Mpls Forwarding Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1:ve1#show mpls forwarding brief In-label Owner Action -------- ----- ---------------------------------- Forward to bridge-group customer1 Forward to bridge-group customer2 Table 98 on page 638 lists the show mpls forwarding command output fields. Meaning Table 98: show mpls forwarding Output Fields Field Name Field Description In label...
Page 675 Chapter 11: Monitoring VPLS Multihomed priority: Connections status code: UP = Operational SC = Local and Remote Site Identifier Collision EM = Encapsulation Mismatch OR = Out of Range DN = VC Down because Remote PE Unreachable LD = Local Site Down RD = Remote Site Down AS = Max BGP AS path length exceeded OL = No Out Label...
Page 676: Table 99: Show Vpls Connections Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Learning: Enabled Max Learn: Unlimited Link Status Snmp Traps: Disabled Subscriber Policy: default Subscriber Port Count: Interface Count: Transport Virtual Rtr: Route Distinguisher: 1.1.1.1:10 SiteName: westford SiteId: SiteRange: VPLS Route Targets Route Target: RT:100:2 (both) Flood Next Hop: Index 1048578 MPLS next-hop: 21, label 56, resolved by MPLS next-hop 19 MPLS next-hop: 19, resolved by MPLS next-hop 17, peer 2.2.2.2...
Page 677 Chapter 11: Monitoring VPLS Table 99: show vpls connections Output Fields (continued) Field Name Field Description Port Count Number of ports currently configured for the VPLS instance, including network interfaces and the VPLS virtual core interface Interface Count Number of network interfaces currently configured for the VPLS instance Transport Virtual Rtr Name of the transport virtual router configured for the VPLS...
Page 678 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 99: show vpls connections Output Fields (continued) Field Name Field Description Remote PE IP address of the remote VPLS edge (VE) router, which is analogous to the remote provider edge (PE) router in a BGP/MPLS VPN configuration In-label Incoming MPLS label from the remote site...
Page 679: Virtual Private Wire Service
Part 5 Virtual Private Wire Service VPWS Overview on page 645 Configuring VPWS on page 657 Monitoring VPWS on page 671 Virtual Private Wire Service...
Page 680 JUNOSe 11.1.x BGP and MPLS Configuration Guide Virtual Private Wire Service...
Page 681: Chapter 12 Vpws Overview
Chapter 12 VPWS Overview This chapter describes virtual private wire service (VPWS) L2VPNs, and contains the following sections: VPWS Overview on page 645 BGP Signaling for L2VPNs on page 647 VPWS Components on page 648 VPWS and BGP/MPLS VPNs on page 649 BGP Multihoming for VPWS on page 650 VPWS Supported Features on page 655 VPWS Platform Considerations on page 655...
Page 682: Figure 131: Vpws Sample Topology
JUNOSe 11.1.x BGP and MPLS Configuration Guide VPWS provides the same services as layer 2 over MPLS except for CE-side load-balancing. The main differences between the VPWS and L2 over MPLS services are signaling, autodiscovery, and configuration. A VPWS L2VPN can have either a full-mesh or a hub-and-spoke topology. The tunneling mechanism in the core network typically is MPLS.
Page 683: Table 100: Components Of Vpws Nlri
Chapter 12: VPWS Overview to two different sites configured in the same VPWS instance and on the same PE router. BGP advertises reachability for the VPNs. The BGP configuration is similar to that used for other VPN services, such as layer 3 VPNs and VPLS. MPLS is configured to set up base LSPs to the remote PE routers similarly to the other VPN services.
Page 684: Figure 132: Vpws Components
JUNOSe 11.1.x BGP and MPLS Configuration Guide The VPWS NLRIs must be accompanied by a route-target extended community. PE routers that receive VPN information can filter route advertisements with the route target import lists and export lists. This route filtering enables the PE routers to control CE-to-CE connectivity or full-mesh, hub-and-spoke, and overlapping VPNs as is done in L3VPNs.
Page 685 Chapter 12: VPWS Overview provider core, also known as an MPLS backbone. Each VPWS L2VPN consists of the set of provider edge routers running the corresponding VPWS instance. To provide connectivity for the L2VPN, BGP builds pseudowires between the VPWS instances on the provider edge routers participating in a particular VPWS L2VPN point-to-point connection.
Page 686 JUNOSe 11.1.x BGP and MPLS Configuration Guide The procedures for configuring BGP signaling for BGP/MPLS VPNs and for VPWS L2VPNs are similar except that for VPWS L2VPNs you must configure both of the following address families: L2VPN The L2VPN address family enables you to configure the PE router for VPWS (or VPLS) L2VPNs to exchange layer 2 network layer reachability information (NLRI) for all VPWS (or VPLS) instances.
Page 687 Chapter 12: VPWS Overview You configure the same site ID (sometimes referred to as a VE ID) on these connected PE routers. Each of these routers then advertises reachability for the multihomed site; the VPWS NLRI contains the site ID. The site ID shared by the connected PE routers should be different than the site IDs configured on the remote PE routers in the VPWS network;...
Page 688 JUNOSe 11.1.x BGP and MPLS Configuration Guide to all other RR clients even though only one of these routes is used to trigger the VPWS pseudowire to the multihomed site. Selecting the Designated VE Device for a Multihomed Site BGP on each PE router in the VPWS network determines the best path to the multihomed site by comparing path attributes.
Page 689 Chapter 12: VPWS Overview locally-originated route. These PE router also receive the advertisements from the other connected PE routers. If the multihoming selection process preferred local origination, each of these routers would select itself as the best path. The process does not consider IGP cost in order to prevent improperly designated VE device selection by the remote PE routers.
Page 690 JUNOSe 11.1.x BGP and MPLS Configuration Guide up pseudowires to and from the new designated VE device and tears down the pseudowires to and from the previous designated VE device. If this PE router does not select a best path after running the process, then the local PE router does not consider the remote site to exist.
Page 691 Chapter 12: VPWS Overview To modify their pseudowires, the peer routers correct their MPLS forwarding tables and set up new entries in their pseudowire tables. VPWS Supported Features The JUNOSe software implementation of VPWS provides the following features: Support for the following types of network interfaces between the PE router and the CE device: ATM with ATM Adaptation Layer 5 (AAL5) encapsulation ATM with virtual channel connection (VCC) cell relay encapsulation...
Page 692 JUNOSe 11.1.x BGP and MPLS Configuration Guide See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support VPWS network interfaces and VPWS virtual core interfaces. Interface Specifiers The configuration task examples in this chapter use the slot/port[.subinterface ] format to specify the physical interface on which to configure an VPWS L2VPN network interface.
Page 693: Chapter 13 Configuring Vpws
Chapter 13 Configuring VPWS This chapter describes how to configure virtual private wire service (VPWS) L2VPNs on the router, and contains the following sections: Before You Configure VPWS on page 657 VPWS Configuration Tasks on page 658 Configuring a VPWS Instance on page 659 Configuring BGP Multihoming for VPWS on page 661 Configuring Customer-Facing Interfaces in the VPWS Instance on page 661 Configuring a Local Cross-Connect for VPWS on page 662...
Page 694 JUNOSe 11.1.x BGP and MPLS Configuration Guide VPWS Configuration Tasks To configure a PE router to provide VPWS: Configure an VPWS instance. a. Configure the encapsulation type and create an VPWS instance on the PE router for each VPWS in which the router participates. b.
Page 695: Table 101: Commands To Configure Basic Vpws Instances
Chapter 13: Configuring VPWS d. Activate the neighbors in the L2VPN address family for the PE-to-PE BGP session. e. Create the VPWS address family to configure the router to exchange layer 2 NLRI for each VPWS instance configured on the router. Configure MPLS label-switched paths (LSPs) to connect the local and remote PE routers.
Page 696 JUNOSe 11.1.x BGP and MPLS Configuration Guide Create the VPWS instance by configuring the encapsulation type for all interfaces in the L2VPN. You must issue this command before any other l2vpn commands. host1(config)#l2vpn exampleco encapsulation-type ethernet Configure the maximum number of customer sites that can participate in the L2VPN.
Page 697 Chapter 13: Configuring VPWS Configuring BGP Multihoming for VPWS You can configure BGP multihoming in the VPWS network to provide redundancy in the event of failures such as a PE router-to-CE device link failure, the failure of a PE router, or an MPLS reachability failure between the local PE router and a remote PE router.
Page 698: Figure 133: Vpws Cross-Connects
JUNOSe 11.1.x BGP and MPLS Configuration Guide Access Interface Configuration mode for a layer 2 interface for the VPWS on the PE router. host1(config)#interface fastEthernet 4/0 Configure the local and remote site IDs on the interface to specify the interface as a member of the VPWS L2VPN.
Page 699 Chapter 13: Configuring VPWS To configure a local cross-connect between two local sites: Configure the two local sites. host1(config)#l2vpn exampleco encapsulation-type ethernet host1(config)#l2vpn exampleco site-name westford site-id 1 host1(config)#l2vpn exampleco site-name boston site-id 2 host1(config)#l2vpn exampleco site-range 10 host1(config)#l2vpn exampleco rd 100:11 host1(config)#l2vpn exampleco route-target both 100:1 Configure the correct local and remote site IDs on the two local interfaces that are being cross-connected.
Page 700: Table 102: Commands To Configure Bgp Signaling For Vpws
JUNOSe 11.1.x BGP and MPLS Configuration Guide ip address ip router-id Configuring BGP Signaling for VPWS This section describes one way to configure BGP signaling for VPWS, but does not provide complete details about configuring BGP and BGP/MPLS VPNs.. Table 102 on page 664 lists the commands used in this section to configure BGP signaling for VPWS.
Page 701 Chapter 13: Configuring VPWS Activate the neighbors with which routes of the L2VPN address family are exchanged for this PE-to-PE BGP session. Use the bgp dampening command and BGP neighbor commands to configure additional address family parameters for the session. No other commands are supported in this address family. host1(config-router-af)#neighbor 10.2.2.2 activate host1(config-router-af)#neighbor 10.2.2.2 next-hop-self Exit the address family.
Page 702: Figure 134: Topology For Vpws Configuration Example
JUNOSe 11.1.x BGP and MPLS Configuration Guide Configure the core-facing interface on which you want to enable MPLS, Label Distribution Protocol (LDP), and topology-driven LSPs. host1(config)#interface atm 5/0.100 host1(config-subif)#atm pvc 100 1 100 aal5snap 0 0 0 host1(config-subif)#ip address 192.168.5.5 255.255.255.0 Enable MPLS on the core-facing interface.
Page 703 Chapter 13: Configuring VPWS Topology Overview The sample topology in Figure 134 on page 666 includes two L2VPNs, L2VPN A and L2VPN B. L2VPN A connects CE 1, at the edge of Customer A’s Boston site, with CE 3, at the edge of Customer A’s Chicago site. Similarly, L2VPN B connects CE 2, at the edge Customer B’s Boston site, with CE 4, at the edge of Customer B’s Chicago site.
Page 704 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1(config)#interface gigabitEthernet 1/1 host1(config-subif)#l2vpn l2vpnB local-site-id 2 remote-site-id 4 host1(config-if)#exit ! Configure a loopback interface on PE 1 and assign it an IP address. host1(config)#interface loopback 0 host1(config-if)#ip address 10.1.1.1 255.255.255.255 host1(config-if)#exit ! Assign the router ID for PE 1 using the IP address of the loopback interface. host1(config)#ip router-id 10.3.3.3 ! Configure BGP signaling.
Page 705 Chapter 13: Configuring VPWS ! matches the route target configured for l2vpnB on PE 1. host2(config)#l2vpn l2vpnB encapsulation-type ethernet host2(config)#l2vpn l2vpnB site-range 20 host2(config)#l2vpn l2vpnB site-name chicago site-id 4 host2(config)#l2vpn l2vpnB rd 100:12 host2(config)#l2vpn l2vpnB route-target both 100:2 host2(config)#l2vpn l2vpnB control-word host2(config)#l2vpn l2vpnB sequencing ! Configure the customer-facing interface between PE 2 and CE 3 ! in L2VPN instance l2vpnA.
Page 706 JUNOSe 11.1.x BGP and MPLS Configuration Guide ! Enable MPLS, LDP, and topology-driven LSPs on the core-facing interface. host1(config-subif)#mpls host1(config-subif)#mpls ldp host1(config-subif)#exit VPWS Configuration Example...
Page 707: Chapter 14 Monitoring Vpws
Chapter 14 Monitoring VPWS This chapter describes the commands you can use to monitor and troubleshoot Virtual Private Wire Service (VPWS) L2VPNs on E Series routers. NOTE: The E120 and E320 Broadband Services Routers output for monitor and show commands is identical to output from other E Series routers, except that the E120 and E320 router output also includes information about the adapter identifier in the interface specifier (slot/adapter/port).
Page 708 JUNOSe 11.1.x BGP and MPLS Configuration Guide Clearing BGP Reachability Information for the L2VPN Address Family To clear BGP reachability information for a specific VPWS instance in the L2VPN address family: Issue the clear ip bgp command and specify l2vpn vpws vpwsName. host1#clear ip bgp l2vpn soft in To clear BGP reachability information for all VPLS and VPWS instances in the L2VPN address family:...
Page 709: Table 103: Commands For Monitoring Bgp Settings For The Vpws Address Family
Chapter 14: Monitoring VPWS Issue the clear ip bgp wait-end-of-rib command and include the l2vpn all keywords. host1#clear ip bgp l2vpn all wait-end-of-rib There is no no version. Configuring BGP Routing on page 3 Related Topics clear ip bgp clear ip bgp dampening clear ip bgp wait-end-of-rib Monitoring BGP-Related Settings for VPWS L2VPNs This section provides examples of some of the show ip bgp commands that you can...
Page 710 JUNOSe 11.1.x BGP and MPLS Configuration Guide Table 104: Commands for Monitoring BGP Settings for the VPWS Address Family (continued) show ip bgp filter-list show ip bgp regexp show ip bgp flap-statistics show ip bgp summary For more information about using the show ip bgp commands that are not described in this section, see “Configuring BGP Routing”...
Page 711 Chapter 14: Monitoring VPWS Always compare MED is disabled Compare MED within confederation is disabled Advertise inactive routes is disabled Advertise best external route to internal peers is disabled Enforce first AS is disabled Missing MED as worst is disabled Route flap dampening is disabled Log neighbor changes is disabled Fast External Fallover is disabled...
Page 712: Table 105: Show Ip Bgp L2Vpn Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide Route Distinguisher (RD) is 100:23 Original Route Distinguisher (RD) is 100:23 MPLS in-label is none MPLS in-label block size is 0 MPLS out-label is 106 MPLS out-label block size is 10 Next hop IP address is 2.2.2.2 (metric 3) Multi-exit discriminator is not present Local preference is 100 Weight is 0...
Page 713 Chapter 14: Monitoring VPWS Table 105: show ip bgp l2vpn Output Fields (continued) Field Name Field Description Extended communities Description of the L2VPN extended communities that the router uses to determine which routes are imported by the specified VPWS instance. Includes route target, community type, encapsulation, control word and sequencing use, L2VPN link MTU.
Page 714: Table 106: Show Ip Bgp L2Vpn All Next-Hops Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide host1#show ip bgp l2vpn all next-hops 10.2.2.2 Indirect next-hop 10.2.2.2 Resolution in IP route table of VR IP indirect next-hop index 2 Reachable (metric 3) Number of direct next-hops is 1 Direct next-hop ATM2/0.10 (10.10.10.2) Resolution in IP tunnel-route table of VR MPLS indirect next-hop index 19 Reachable (metric 3)
Page 715: Monitoring Vpws Connections
Chapter 14: Monitoring VPWS show ip bgp next-hops Related Topics Monitoring VPWS Connections Display configuration and status information for VPWS L2VPN connections configured Purpose on the router. The details keyword displays detailed information about the connections. To display detailed information about connections for all VPWS instances configured Action on the router: host1:pe1# show l2vpn connections details...
Page 716 JUNOSe 11.1.x BGP and MPLS Configuration Guide Admin Oper Interface Local-Site-Id Remote-Site-Id state state ---------- ------------- -------------- ------- ----- ATM2/0.122 enabled ATM2/0.123 enabled ATM2/0.124 enabled ATM2/0.121 enabled Connections status code: UP = Operational SC = Local and Remote Site Identifier Collision EM = Encapsulation Mismatch OR = Out of Range DN = VC Down because Remote PE Unreachable...
Page 717: Table 107: Show L2Vpn Connections Output Fields
Chapter 14: Monitoring VPWS LN = Local Site not Designated RN = Remote Site not Designated Remote MPLS Up-down Site State In-label Out-label NH Idx Time ---- ----- ------- -------- --------- -------- ----------- 2.2.2.2 801024 00000014 1d 08:45:34 2.2.2.2 801028 00000014 1d 08:45:34 Table 107 on page 681 lists the show l2vpn connections command output fields.
Page 718 JUNOSe 11.1.x BGP and MPLS Configuration Guide host1#show l2vpn all L2VPN: l2vpn1 Encapsulation Type Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Site Range 10 Sites: Site Name boston Site Id 1 Route Targets: Route Target: RT:100:1 both L2VPN: l2vpn2 Encapsulation Type ATM AAL5 SDU VCC transport Use of control word is preferred...
Page 719: Table 108: Show L2Vpn Instance Output Fields
Chapter 14: Monitoring VPWS host1#show l2vpn instance l2vpn1 detail L2VPN: l2vpn1 Encapsulation Type ATM AAL5 SDU VCC transport Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Site Range 10 Sites: Site Name westford Site Id 1 Multi-homed: Site-Priority: Route Targets:...
Page 720: Table 109: Show L2Vpn Interface Output Fields
JUNOSe 11.1.x BGP and MPLS Configuration Guide show l2vpn instance Related Topics Monitoring L2VPN Interfaces for VPWS Display configuration and status information for interfaces on the router that are Purpose that are configured to be members of VPWS L2VPNs in the current VR. You can display information for a specific L2VPN interface, for all L2VPN interfaces in the specified VPWS instance, or for all L2VPN interfaces in all VPWS instances.
Page 721 UID automatically assigned to the MPLS major interface when it is created Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. Received Number of packets, bytes, errors and discards received on the...
Page 722: Monitoring Mpls Forwarding Table For Vpws
JUNOSe 11.1.x BGP and MPLS Configuration Guide show l2vpn interface Related Topics Monitoring MPLS Forwarding Table for VPWS Display information about MPLS labels that are being used for forwarding. The brief Purpose keyword displays summary information for the MPLS labels. To display MPLS forwarding information for a particular label: Action host1#show mpls forwarding label 17...
Page 723: Table 110: Show Mpls Forwarding Output Fields
Chapter 14: Monitoring VPWS MPLS next-hop: 9, label 39 on ATM2/0.20, nbr 10.20.20.2 Statistics: Disabled Table 110 on page 687 lists the show mpls forwarding command output fields. Meaning Table 110: show mpls forwarding Output Fields Field Name Field Description In label Label sent to upstream neighbor for route Out label...
Page 724 JUNOSe 11.1.x BGP and MPLS Configuration Guide Monitoring MPLS Forwarding Table for VPWS...
Page 725 Part 6 Index Index on page 691 Index...
Page 726 JUNOSe 11.1.x BGP and MPLS Configuration Guide Index...
Page 727: Index
Index AS-path, BGP access lists, modifying..........72 Symbols attribute..............120 802.3ad switch............540 filtering..............87 as-set keyword (aggregate-address)......61 ATM (Asynchronous Transfer Mode) AAL0 encapsulation..........517 access lists, BGP............83 AAL5 encapsulation..........516 assigning weights to neighbors......112 Martini encapsulation.........516 distributing neighbor information......83 over MPLS............509 access-list command..........83, 85 passthrough for ATM over MPLS....512, 515 address families............380 VCC cell relay encapsulation L2VPN......43, 153, 380, 579, 600, 649...
Page 728 JUNOSe 11.1.x BGP and MPLS Configuration Guide ATM ports transportation of cells from multiple circuits changed to LOS state over a single pseudowire......524 and multiple VCs over a single transportation of multiple ATM cells pseudowire..........526 concatetation..........526 configuring cell concatenation parameters atomic-aggregate, BGP..........11 requirements..........528 attribute-map keyword (aggregate-address)....61...
Page 729 Index Cisco-proprietary route refresh capability...126 promiscuous peers..........43 community lists............95 reapplying BGP policies.........98 community path attribute........11 redistributing BGP routes........53 conditional advertising..........62 reduce the number of meshed peers....143 configuration inheritance........20 remove BGP dynamic peers........43 configuring............17 resetting BGP sessions..........98 default routes..........55 route refresh capability........126 peer groups...........26 route-refresh message..........8 route reflectors..........148...
Page 730 JUNOSe 11.1.x BGP and MPLS Configuration Guide AS number OSPF routes advertising prefixes with duplicate....451 distributing between PEs......479 using for all CE sites........447 distributing from CE to PE......479 BGP advertising rules for routes......461 distributing from PE to CE......479 BGP sessions, configuring........444 OSPF routing information, preserving....479 customer edge device.........382 OSPF routing loops, preventing......479...
Page 731 Index VPNs within an AS clear IPv4.............390 BGP hard..............98 IPv6.............395 BGP soft..............98 VRF..............384 clear bgp ipv6 commands Bidirectional Forwarding Detection. See BFD clear bgp ipv6............98 Border Gateway Protocol. See BGP clear bgp ipv6 dampening........102 bridge commands............617 clear bgp ipv6 dynamic-peers.......43 bridge acquire.............593 clear bgp ipv6 redistribution.........53 bridge address............593...
Page 732 JUNOSe 11.1.x BGP and MPLS Configuration Guide conventions dont-install-routes command........484 notice icons............xxxiii DS-BGP routers............476 text and syntax..........xxxiv dual-stack BGP routers..........476 cooperative route filtering capability......126 dynamic capability negotiation........126 core non-VPN RIB............428 dynamic interfaces, created by MPLS......220 core VPN RIB.............428 dynamic peering, BGP..........43 cross-connects, local......513, 520, 533, 538 dynamic peers, remove BGP........43 customer edge (CE) device.........382...
Page 733 Index MPLS indirect next hops........380 four-octet AS number capability.........126 path failures in BGP/MPLS VPNs......380 Frame Relay pruning failed paths..........380 over MPLS............509 Egress Address P2MP Responder Identifier sub-TLVs configuration example.........544 specifying full-mesh VPNs, configure with route targets....406 IPv4 address of egress nodes.......241 IPv6 address of egress nodes.......241 used to denote a specific egress node from which path must...
Page 734 JUNOSe 11.1.x BGP and MPLS Configuration Guide IETF draft, Detecting Data Plane Failures in ip route............56, 58 Point-to-Multipoint Multiprotocol Label Switching ip route vrf............436 (MPLS) - Extensions to LSP Ping ip route-type............156 definition of type value for ip router-id..........598, 663 Echo Jitter TLV..........238 ip mpls commands P2MP Responder Identifier TLV....238...
Page 735 Index IPv6 Node Address P2MP Responder Identifier CE-side load balancing........540 in echo requests containing CE-side MPLS L2VPNs over LAG Multicast LDP FEC Stack sub-TLVs....241 overview............521 RSVP P2MP Session sub-TLVs......241 configuration example........544 inclusion in echo requests configuring............529 specifies address of physical interface or configuring shim interfaces......515, 534 router ID..........240 control word............512...
Page 736 JUNOSe 11.1.x BGP and MPLS Configuration Guide graceful restart............247 Martini circuits graceful restart configuration tasks.....282 Ethernet packet distribution LDP-IGP synchronization........249 configuration example.........556 link hellos and discovery........242 Ethernet raw mode encapsulation messages............229 configuration example.........555 overview.............229 over LAG peer discovery............242 configuration example.........551 targeted hellos and discovery......242 over VLAN over LAG LDP-based VPLS.
Page 737 Index configuration stacking............211 basic............269 swapping.............211 interface............274 layer 2 services over...........509 interface profile...........273 LDP. See LDP (Label Distribution Protocol) levels............268 local cross-connects......513, 520, 538 tunnel............276 loose hop............226 tunnel profile..........277 LSP (label-switched path) configuring Ethernet/S-VLAN over.......532 backup............243 connectivity, verify and troubleshoot....235 configure for VPWS L2VPNs......665 constraint-based routing........243 configuring for VPLS........599 conventional IP routing........202...
Page 738 JUNOSe 11.1.x BGP and MPLS Configuration Guide tunnel endpoint MPLS echo request packets announcement..........220 testing network connectivity definition.............218 for egress nodes in point-to-multipoint tunnel metric for backup........243 LSPs............237 tunnel models for differentiated services....258 MPLS echo requests ultimate hop popping..........211 excluding P2MP Responder Identifier TLV from upstream node............218 responses sent from all nodes in the path to VPI/VCI and labels..........213...
Page 739 Index mpls ldp commands MPLS ping feature mpls ldp........270, 275, 599, 665 data plane failure detection for egress nodes mpls ldp advertise-labels........270 IP address in echo request matching with mpls ldp autoconfig........283, 284 interface IP address........238 mpls ldp deaggregate..........282 IP address in echo request not matching with mpls ldp disable..........275 interface IP address........238 mpls ldp egress-label..........270...
Page 740 JUNOSe 11.1.x BGP and MPLS Configuration Guide mpls-relay command neighbor local-as..........121 prerequisite for configuring neighbor maximum-orf-entries......98 cell concatenation parameters for ATM neighbor maximum-prefix......33, 410 ports............528 neighbor maximum-update-size......33 VCI/VPI range for ATM VCs neighbor next-hop-self......110, 600, 664 transmission..........527 neighbor passive...........43 MTU problems neighbor password..........33 determining the exact LSR neighbor peer-group..........27...
Page 741 Index Node Address P2MP Responder Identifier sub-TLVs IP address in the TLV matching with interface IP sending of echo responses address if sub-TLV address matches with node success response to the sender....238 address............241 IP address in the TLV not matching with interface specifying IP address IPv4 address of interface or router ID..241...
Page 742 JUNOSe 11.1.x BGP and MPLS Configuration Guide per-hop behavior............303 point-to-multipoint LDP LSPs nonstandard............303 error response per-hop scheduling class..........303 during connectivity verification....238 performance impact point-to-multipoint LSPs on routers traceroute requests and transmission of multiple ATM VCs over tracking the path to egress nodes in....239 single pseudowire........528 point-to-multipoint MPLS LSPs PHB.
Page 743 Index transportation of multiple ATM virtual circuits route targets over a single wire........524 configuring VPN topologies.........406 using a single wire for multiple VCs transport export list............385 topology example........560 for VPN topologies..........406 PWid FEC element TLV, for VPLS with LDP import list............385 signaling..............579 route- refresh message , BGP.........8 route-map command...........76...
Page 744 JUNOSe 11.1.x BGP and MPLS Configuration Guide RSVP-TE (Resource Reservation Protocol with traffic set commands engineering extensions)..........229 set comm-list delete..........72 BFD liveness detection and.........257 set community............95 bypass tunnels............288 set dampening..........72, 102 detecting path failures.........257 set distance............81 fast reroute extensions........288 set extcommunity..........72 graceful restart............254 set ip next-hop............72 announcement of........254...
Page 745 Index show cac commands show ldp targeted-hello........337 show cac.............322 show ldp vpls............636 show cac interface..........322 show mpls commands show configuration commands show mpls..........338, 343, 349 show configuration..........323 show mpls binding..........327 show ip bgp commands..........115 show mpls cross-connects atm......566 show ip bgp............160 show mpls explicit-paths........341 show ip bgp aggregate-address......160 show mpls fast-reroute database......341...
Page 746 JUNOSe 11.1.x BGP and MPLS Configuration Guide support, technical See technical support tunnel mpls commands switch, 802.3ad............540 tunnel mpls affinity........276, 277 synchronization tunnel mpls autoroute announce....276, 277 enabling BGP............133 tunnel mpls autoroute metric......276, 277 LDP-IGP..............249 tunnel mpls bandwidth.......276, 277 synchronization command.........136 tunnel mpls description......276, 277 tunnel mpls diff-serv phb-id........308 tunnel mpls fast-rerout........291...
Page 747 Index VPI/VCI ranges loopback interface and router ID, configuring for multiple VCs transport configuring..........598 guidelines to be followed......525 monitoring LDP-related settings....636 configuring using sample topology, configuring.......608 the mpls-relay atm vpi-range signaling overview........579 command..........525 VPLS instances for LDP signaling, matching configurations configuring..........606 on both sides of the pseudowire for multiple module support..........585...
Page 748 JUNOSe 11.1.x BGP and MPLS Configuration Guide traffic flow from Internet to VPN......467 assigning with filter list........112 traffic flow from VPN to Internet......461 assigning with route maps........112 VPWS (virtual private wire service L2VPNs) address families, configure.........664 BGP signaling, configuring........664 BGP/MPLS VPNs..........649 CE (customer edge device)........648 clear BGP reachability..........672...

This manual is also suitable for:

Junose 11.1.x bgp and mpls Bgp Mpls

Juniper BGP - CONFIGURATION GUIDE V 11.1.X Configuration Manual

Table of Contents

Table of Contents

Chapter 1 Configuring BGP Routing

Chapter 2 MPLS Overview

Chapter 3 Configuring MPLS

Chapter 4 Monitoring MPLS

Chapter 5 Configuring BGP-MPLS Applications

Chapter 6 Layer 2 Services over MPLS Overview

Chapter 7 Configuring Layer 2 Services over MPLS

Chapter 8 Monitoring Layer 2 Services over MPLS

Chapter 9 VPLS Overview

Chapter 10 Configuring VPLS

Chapter 11 Monitoring VPLS

Chapter 12 VPWS Overview

Chapter 13 Configuring VPWS

Chapter 14 Monitoring VPWS

Quick Links

Chapters

Troubleshooting

Related Manuals for Juniper BGP - CONFIGURATION GUIDE V 11.1.X

Summary of Contents for Juniper BGP - CONFIGURATION GUIDE V 11.1.X