Juniper JUNOSE 11.2.X BGP AND MPLS Configuration Manual
  1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE 11.2.X BGP AND MPLS
  6. Configuration manual
Juniper JUNOSE 11.2.X BGP AND MPLS Configuration Manual

Juniper JUNOSE 11.2.X BGP AND MPLS Configuration Manual

For e series broadband services routers - bgp and mpls configuration
Hide thumbs
1
2
3
4
5
6
7
8
Table Of Contents
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
Table of Contents

Advertisement

Quick Links

Download this manual
JunosE™ Software
for E Series™ Broadband
Services Routers
BGP and MPLS Configuration Guide
Release
11.2.x
Published: 2010-07-16
Copyright © 2010, Juniper Networks, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the JUNOSE 11.2.X BGP AND MPLS and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Juniper JUNOSE 11.2.X BGP AND MPLS

Summary of Contents for Juniper JUNOSE 11.2.X BGP AND MPLS

  • Page 1 JunosE™ Software for E Series™ Broadband Services Routers BGP and MPLS Configuration Guide Release 11.2.x Published: 2010-07-16 Copyright © 2010, Juniper Networks, Inc.
  • Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
  • Page 3 REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable...
  • Page 4 Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer’s ability to export the Software without an export license. Copyright © 2010, Juniper Networks, Inc.
  • Page 5 (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA http://www.gnu.org/licenses/gpl.html...
  • Page 6 Copyright © 2010, Juniper Networks, Inc.
  • Page 7 Index ............683 Copyright © 2010, Juniper Networks, Inc.
  • Page 8 JunosE 11.2.x BGP and MPLS Configuration Guide viii Copyright © 2010, Juniper Networks, Inc.

  • Page 9: Table Of Contents

    Limitations on Inheritance ........24 Copyright © 2010, Juniper Networks, Inc.
  • Page 10 Filtering AS Paths with a Filter List ......85 Copyright © 2010, Juniper Networks, Inc.
  • Page 11 BFD and BGP Graceful Restart ........140 Copyright © 2010, Juniper Networks, Inc.
  • Page 12 Disabling Display of BGP Logs ........205 Copyright © 2010, Juniper Networks, Inc.
  • Page 13 Traceroute Overview ..........248 Copyright © 2010, Juniper Networks, Inc.
  • Page 14 Setting the EXP Bits for Outgoing Traffic ......269 Copyright © 2010, Juniper Networks, Inc.
  • Page 15 Signaled Mapping for RSVP-TE Tunnels ......310 Preference of per-VR Versus per-LSP Behavior ..... . . 312 Copyright © 2010, Juniper Networks, Inc.
  • Page 16 Monitoring RSVP-TE Graceful Restart ....... . . 365 Monitoring RSVP-TE Hello Adjacency Instances ......366 Copyright © 2010, Juniper Networks, Inc.
  • Page 17 CE–PE Behavior ..........400 Copyright © 2010, Juniper Networks, Inc.
  • Page 18 Configuring PE-to-CE BGP Sessions ....... 445 xviii Copyright © 2010, Juniper Networks, Inc.
  • Page 19 OSPF Route Type Attribute ........480 Copyright © 2010, Juniper Networks, Inc.
  • Page 20 CE-Side MPLS L2VPNs over LAG Overview ......521 Copyright © 2010, Juniper Networks, Inc.
  • Page 21 Monitoring ATM Martini Cell Packing Timers for Layer 2 Services over MPLS . . . 562 Monitoring ATM Subinterfaces for Layer 2 Services over MPLS ....562 Copyright © 2010, Juniper Networks, Inc.
  • Page 22 Configuring LDP Signaling for VPLS ........604 xxii Copyright © 2010, Juniper Networks, Inc.
  • Page 23 VPWS Provider Edge Devices ........643 Copyright © 2010, Juniper Networks, Inc.
  • Page 24 Index ............683 xxiv Copyright © 2010, Juniper Networks, Inc.
  • Page 25 Figure 38: Administrative Distances ........135 Copyright © 2010, Juniper Networks, Inc.
  • Page 26 Figure 76: IPv6 VPN Services over IPv4 MPLS ......399 Figure 77: Inter-AS Topology with VRFs on Each AS Boundary Router ..401 xxvi Copyright © 2010, Juniper Networks, Inc.
  • Page 27 Figure 117: AAL5 Pseudowire and MPLS Tunnel ......517 Copyright © 2010, Juniper Networks, Inc.
  • Page 28 Figure 133: VPWS Cross-Connects ........655 Figure 134: Topology for VPWS Configuration Example ....659 xxviii Copyright © 2010, Juniper Networks, Inc.
  • Page 29 Table 29: show ip bgp community Output Fields ......172 Table 30: show ip bgp community-list Output Fields ..... . 173 Copyright © 2010, Juniper Networks, Inc. xxix...
  • Page 30 Table 72: show mpls Output Fields ........344 Copyright © 2010, Juniper Networks, Inc.
  • Page 31 VPLS Overview ..........573 Copyright © 2010, Juniper Networks, Inc.
  • Page 32 Table 142: show mpls forwarding Output Fields ......678 xxxii Copyright © 2010, Juniper Networks, Inc.

  • Page 33: About The Documentation

    Audience This guide is intended for experienced system and network specialists working with Juniper Networks E Series Broadband Services Routers in an Internet access environment. E Series and JunosE Text and Syntax Conventions Table 1 on page xxxiv defines notice icons used in this documentation.

  • Page 34: Table 1: Notice Icons

    Indicates that you must press two or more Press Ctrl + b. keys simultaneously. Syntax Conventions in the Command Reference Guide Plain text like this Represents keywords. terminal length Italic text like this Represents variables. mask, accessListName xxxiv Copyright © 2010, Juniper Networks, Inc.

  • Page 35: Obtaining Documentation

    CD-ROMs or DVD-ROMs, see the Portable Libraries page at http://www.juniper.net/techpubs/resources/index.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...

  • Page 36: Self-Help Online Tools And Resources

    7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...

  • Page 37: Border Gateway Protocol

    PART 1 Border Gateway Protocol Configuring BGP Routing on page 3 Monitoring BGP on page 157 Copyright © 2010, Juniper Networks, Inc.
  • Page 38 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 39: Configuring Bgp Routing

    Certain terms used with BGP, such as the names of attributes and messages, are typically expressed in all uppercase letters in the RFCs. For improved readability, those terms are represented in lowercase in this chapter. Table 3 on page 4 lists the terms and their variant spellings. Copyright © 2010, Juniper Networks, Inc.

  • Page 40: Table 3: Conventions For Bgp Terms

    LOCAL_PREF multiexit discriminator or MED MULTI_EXIT_DISC new-as-path NEW_AS_PATH new-aggregator NEW_AGGREGATOR next-hop or next hop NEXT_HOP no-advertise NO_ADVERTISE no-export NO_EXPORT no-export-subconfed NO_EXPORT_SUBCONFED notification NOTIFICATION open OPEN origin ORIGIN originator-ID ORIGINATOR_ID route-refresh ROUTE-REFRESH update UPDATE Copyright © 2010, Juniper Networks, Inc.

  • Page 41: Autonomous Systems

    Figure 1: BGP Peers BGP Session When two BGP speakers have both been configured to be BGP peers of each other, they will establish a BGP session to exchange routing information. A BGP session is simply a Copyright © 2010, Juniper Networks, Inc.

  • Page 42: Ibgp And Ebgp

    BGP speakers. EBGP sessions typically exist between peers that are physically connected. Figure 2 on page 6 shows an example of the exchange of information between routers running IBGP and EBGP across multiple ASs. Figure 2: Internal and External BGP Copyright © 2010, Juniper Networks, Inc.

  • Page 43: Interior Gateway Protocols

    Update messages—The update message is the most important message in the BGP protocol. A BGP speaker sends update messages to announce routes to prefixes that it can reach and to withdraw routes to prefixes that it can no longer reach. Copyright © 2010, Juniper Networks, Inc.

  • Page 44: Table 4: Cease Notification Message Subcodes

    The messages contain a request for the peer to resend its routes to the router. This feature enables the BGP speaker to apply modified or new policies to the routes when it receives them again. Copyright © 2010, Juniper Networks, Inc.

  • Page 45: Bgp Route

    CIDR enables you to aggregate multiple classful addresses into a single classless advertisement, reducing the number of advertisements that must be made to provide full access to all the addresses. Suppose an ISP has customers with the following addresses: 192.168.128.0 192.168.129.0 192.168.130.0 192.168.131.0 Copyright © 2010, Juniper Networks, Inc.

  • Page 46: Figure 4: Routing Without Cidr

    Without CIDR, the ISP has to advertise a route to each address, as shown in Figure 4 on page 10. Figure 4: Routing Without CIDR With CIDR, the ISP can aggregate the routes as 192.168.128.0/17 and advertise a single address to that prefix, as shown in Figure 5 on page 11. Copyright © 2010, Juniper Networks, Inc.

  • Page 47: Path Attributes

    If a BGP speaker aggregates routes that have differing path attributes, it includes the atomic-aggregate attribute with the aggregated prefix to inform update recipients that they must not deaggregate the prefix. A BGP speaker Copyright © 2010, Juniper Networks, Inc.

  • Page 48: Transit And Nontransit Service

    ISP 1 does not permit traffic between ISP 2 and ISP 3 to cross its backbone. If ISP 1 permits such traffic, it squanders its own resources with no benefit to its customers or itself. Copyright © 2010, Juniper Networks, Inc.

  • Page 49: Ipv6 Bgp Support

    When a BGP speaker receives a BGP update message carrying IPv6 feasible routes, the speaker resolves the announced IPv6 BGP next hop by performing a route lookup to the IPv6 address in the IPv6 route table. Copyright © 2010, Juniper Networks, Inc.

  • Page 50: Exchange Of Ipv6 Routing Information Over Tcp Ipv6

    Platform Considerations For information about modules that support BGP on the ERX7xx models, ERX14xx models, and the Juniper Networks ERX310 Broadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP.

  • Page 51: References

    Chapter 1: Configuring BGP Routing For information about modules that support BGP on Juniper Networks E120 and E320 Broadband Services Routers: See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications. See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support BGP.

  • Page 52: Features

    Features Some of the more important BGP features supported by the E Series router are the following: Access lists Advertisement intervals Aggregation BGP/MPLS VPNs Communities Confederations EBGP multihop IBGP single hop Copyright © 2010, Juniper Networks, Inc.

  • Page 53: Before You Configure Bgp

    If you configure an attribute both for a peer group and for a peer, the peer configuration takes precedence for that peer, but does not affect other members of that peer group. Copyright © 2010, Juniper Networks, Inc.

  • Page 54: Enabling Bgp Routing

    BGP commands can be sorted into the following categories, each of which has a different scope; that is, each configures parameters within a different area of applicability. Individual command descriptions in this chapter and in “Configuring BGP-MPLS Applications” on page 383, provide more information about command behavior. Copyright © 2010, Juniper Networks, Inc.

  • Page 55: Table 5: Commands Affecting Bgp Globally

    The commands listed in Table 7 on page 19 configure parameters only for the current address family context. Table 7: Commands Affecting the Current Address Family address family disable-dynamic-redistribute aggregate-address external-paths auto-summary ip route-type Copyright © 2010, Juniper Networks, Inc.

  • Page 56: Table 8: Commands Affecting All Address Families For The Specified Peer Or

    The commands listed in Table 9 on page 21 configure parameters separately for each address family exchanged over the BGP session. If you configure these parameters for Copyright © 2010, Juniper Networks, Inc.

  • Page 57: Inheritance Of Configuration Values

    Table 10 on page 22, based on whether the command enables a feature or sets parameters, the levels at which it behaves, and how the no version of the command compares with the default version. Copyright © 2010, Juniper Networks, Inc.

  • Page 58: Table 10: Behavior Of Neighbor Commands

    Some of the commands in Table 10 on page 22 inherit global values set by other commands. Table 11 on page 22 describes the relationship between these commands. Table 11: Inheritance from Other Commands Category B Command Inherits Global Values Set By neighbor default-originate default-information originate Copyright © 2010, Juniper Networks, Inc.
  • Page 59 The no command disables inbound soft-reconfiguration for peer 10.19.7.8, overriding the configuration of the peer group to which the peer 10.19.7.8 belongs. The configuration of an individual peer takes precedence over the configuration of the peer group to which the peer belongs. Copyright © 2010, Juniper Networks, Inc.

  • Page 60: Limitations On Inheritance

    All BGP peers that are members of the same peer group must send essentially the same updates. Accordingly, all members of a peer group must be the same kind of peer; that is, all must be internal peers, all must be external peers, or all must be confederation peers. Copyright © 2010, Juniper Networks, Inc.

  • Page 61: Setting The Bgp Identifier

    To use the new BGP identifier for sessions already in the established state, you must use the clear ip bgp command to perform a hard clear. Use the no version to restore the router ID as the BGP identifier. See bgp router-id Copyright © 2010, Juniper Networks, Inc.

  • Page 62: Configuring Neighbors

    If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer. This command takes effect immediately. Copyright © 2010, Juniper Networks, Inc.

  • Page 63: Configuring Bgp Peer Groups

    By default, peers and peer groups exist in the unicast IPv4 address family and exchange unicast IPv4 addresses. For information on configuring and activating BGP peer groups within address families, see “Configuring the Address Family” on page 43. Copyright © 2010, Juniper Networks, Inc.

  • Page 64: Setting The Peer Type

    Setting the Peer Type Each peer group must have a peer type before any BGP sessions for members of that peer group are allowed to come up and before the Adj-RIBs-Out table of that peer group Copyright © 2010, Juniper Networks, Inc.

  • Page 65: Assigning A Description

    If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is overridden for a specific peer. Copyright © 2010, Juniper Networks, Inc.

  • Page 66: Logging Neighbor State Changes

    By default, BGP uses the IP address of the outgoing interface toward the peer as the source IP address for the TCP connection over which the BGP session runs. If the outgoing interface goes down, the BGP session is dropped because the IP source address is no Copyright © 2010, Juniper Networks, Inc.

  • Page 67: Table 13: Source Addresses And Default Next Hop Addresses For Various Configurations

    Prefixes Prefixes IPv4 neighbor address IPv4 source address IPv4 source address IPv4 source address IPv4 source address mapped to an IPv6 address IPv4 neighbor address IPv6 source address Not allowed Not allowed Not allowed Copyright © 2010, Juniper Networks, Inc.

  • Page 68: Specifying Peers That Are Not Directly Connected

    In Figure 12 on page 33, router Boston and router LA are connected together through router NY, rather than by a direct connection. Routers Boston and LA are configured as Copyright © 2010, Juniper Networks, Inc.

  • Page 69: Figure 12: Using Ebgp-Multihop

    Use the no version to return BGP to halt acceptance of such routers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor ebgp-multihop Copyright © 2010, Juniper Networks, Inc.

  • Page 70: Specifying A Single-Hop Connection For Ibgp Peers

    By default, BGP checks the maximum prefix limit only against accepted routes. You can specify the strict keyword to force BGP to check the maximum prefix against all Copyright © 2010, Juniper Networks, Inc.

  • Page 71: Removing Private As Numbers From Updates

    Use the no version to halt the removal of private AS numbers in updates sent to external peers. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor remove-private-as Copyright © 2010, Juniper Networks, Inc.

  • Page 72: Checking As Path Length

    10.23.40.3/32 172.123.23.2 100 211 32 15 10.23.40.4/32 192.168.13.1 100 211 32 > 10.23.40.4/32 172.123.23.2 100 211 32 15 67 > 10.23.40.5/32 192.168.13.1 100 211 10.23.40.5/32 172.123.23.2 100 211 32 15 67 44 (too long) Copyright © 2010, Juniper Networks, Inc.

  • Page 73: Enabling Md5 Authentication On A Tcp Connection

    BGP session between them. Similarly, if the two routers have different passwords configured, a message appears on the console indicating that this condition exists. Copyright © 2010, Juniper Networks, Inc.

  • Page 74: Setting The Maximum Size Of Update Messages

    If you do not issue this command, the BGP session is not brought down in the event of a link failure until the TCP connection fails or the hold timer expires. This command takes effect immediately. Copyright © 2010, Juniper Networks, Inc.

  • Page 75: Setting Timers

    To force sessions that are already established to use the new timer values, you must use the clear ip bgp command to perform a hard clear. Copyright © 2010, Juniper Networks, Inc.

  • Page 76: Automatic Summarization Of Routes

    Use the no version to reenable a neighbor or peer group that was previously shut down. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor shutdown. Copyright © 2010, Juniper Networks, Inc.

  • Page 77: Configuring Bgp For Overload Conditions

    After enabling rib-out for a peer, you can issue the show ip bgp neighbors advertised-routes command to display the routes that have been advertised to the peer. The attributes displayed for the routes are those from the local routing table, not those Copyright © 2010, Juniper Networks, Inc.

  • Page 78: Effects Of Changing Outbound Policies

    NOTE: You cannot change outbound policy for an individual peer group member. You can change outbound policy only for a peer group as a whole or for peers that are not members of a peer group. neighbor rib-out disable Copyright © 2010, Juniper Networks, Inc.

  • Page 79: Configuring The Address Family

    See rib-out disable. Configuring the Address Family The BGP multiprotocol extensions specify that BGP can exchange information within different types of address families. The JunosE BGP implementation defines the following different types of address families: Copyright © 2010, Juniper Networks, Inc.
  • Page 80 2 NLRI for a specified VPWS instance. For a description of VPWS, see “Configuring VPWS” on page 651. Any command issued outside the context of an address family applies to the unicast IPv4 address family by default. Copyright © 2010, Juniper Networks, Inc.
  • Page 81 This command takes effect immediately. Examples host1:vr1(config-router)#address-family ipv4 multicast host1:vr1(config-router)#address-family ipv4 unicast host1:vr1(config-router)#address-family ipv4 unicast vrf vr2 host1:vr1(config-router)#address-family vpn4 unicast host1:vr1(config-router)#address-family ipv6 unicast Use the no version to disable the exchange of a type of prefix. See address-family. Copyright © 2010, Juniper Networks, Inc.
  • Page 82 If a neighbor is activated, BGP also sends the full contents of the BGP routing table of the newly activated address family. Example Copyright © 2010, Juniper Networks, Inc.

  • Page 83: Enabling Lenient Behavior

    BGP automatically creates a dynamic peer when a peer group member accepts the incoming BGP connection. Dynamic peers are passive, meaning that when they are not in the established state, they will accept inbound connections but they will not initiate Copyright © 2010, Juniper Networks, Inc.
  • Page 84 BGP generates a log message whenever a dynamic peer is created, rejected because the maximum has been reached, or removed. BGP maintains counters for each peer group for the current number of dynamic peers, the highest number of concurrent dynamic Copyright © 2010, Juniper Networks, Inc.
  • Page 85 All the members of the peer group inherit the characteristic configured with this command. It cannot be overridden for a specific peer, because the command applies only to peer groups. Example host1(config-router)#neighbor promispeers allow remotelist1 max-peers 1023 Copyright © 2010, Juniper Networks, Inc.

  • Page 86: Configuring Passive Peers

    Each BGP speaker advertises to its peers the routes to prefixes that it can reach. These routes include: Routes to prefixes originating within the speaker’s AS Routes redistributed from another protocol, including static routes Copyright © 2010, Juniper Networks, Inc.

  • Page 87: Prefixes Originating In An As

    Use to specify the prefixes in its AS that the BGP speaker advertises. BGP advertises the specified prefix only if a non-BGP route to the prefix exists in the IP forwarding table. If the non-BGP route does not exist when you issue the network Copyright © 2010, Juniper Networks, Inc.

  • Page 88: Advertising Best Routes

    The behavior enabled by this command is the default behavior for the E Series router running software releases lower than 5.0.0. Copyright © 2010, Juniper Networks, Inc.

  • Page 89: Redistributing Routes Into Bgp

    Figure 14: Redistributing Routes into BGP clear bgp ipv6 redistribution clear ip bgp redistribution Use to reapply policy to routes that have been redistributed into BGP. This command takes effect immediately. Copyright © 2010, Juniper Networks, Inc.

  • Page 90: Redistributing Routes From Bgp

    If you have redistributed routes from BGP into an IGP, by default only EBGP routes are redistributed. You can issue the bgp redistribute-internal command followed by clearing all BGP sessions to permit the redistribution of IBGP routes in addition to EBGP routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 91: Configuring A Default Route

    IP forwarding table. In Figure 15 on page 56, router NY originates the default route 0.0.0.0/0 to router Albany only. Router Chicago does not receive the default route. Copyright © 2010, Juniper Networks, Inc.

  • Page 92: Redistributing Default Routes

    Policy specified by a route map with the default-information originate command is applied at the same time as the policy for redistributed routes, before any outbound policy for peers. Example host1(config)#router bgp 100 host1(config-router)#default-information originate Copyright © 2010, Juniper Networks, Inc.

  • Page 93: Setting A Static Default Route

    37 host3(config-router)#network 172.25.122.0 mask 255.255.254.0 host3(config-router)#neighbor 10.24.5.3 remote-as 21 Figure 16: Setting a Static Default Route ip route Use to establish static routes. Use the no version to remove static routes. See ip route. Copyright © 2010, Juniper Networks, Inc.

  • Page 94: Setting The Minimum Interval Between Routing Updates

    You aggregate IPv4 routes by specifying the aggregate IP address, and IPv6 routes by specifying the aggregate IPv6 prefix. Copyright © 2010, Juniper Networks, Inc.

  • Page 95: Figure 17: Configuring Aggregate Addresses

    AS numbers traversed by the summarized paths. The AS-Set is enclosed within curly brackets; for example, {3, 2}. Each AS number appears only once, even if it appears in more than one of the original paths. If you use the as-set option, the atomic-aggregate Copyright © 2010, Juniper Networks, Inc.
  • Page 96 IP mask (mask). For IPv6 routes, you must specify an aggregate IPv6 prefix (ipv6Prefix). The optional as-set keyword preserves path information by creating an AS-Set that contains all the AS numbers traversed by the aggregated routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 97: Advertising Inactive Routes

    IP will use the static route rather than the BGP received route for forwarding traffic to that prefix. The BGP received route is inactive and is not advertised to peers. You can use the bgp advertise-inactive command to enable the advertisement of inactive received routes. bgp advertise-inactive Copyright © 2010, Juniper Networks, Inc.

  • Page 98: Verifying An As Path

    BGP session. Use the no version to prevent the AS comparison from taking place. See bgp enforce-first-as. Copyright © 2010, Juniper Networks, Inc.

  • Page 99: Advertising Ipv4 Routes Between Ipv6 Bgp Peers

    BGP routing table. BGP conditional advertisement is supported in only the following address families: Unicast IPv4 Unicast IPv6 Multicast IPv4 Multicast IPv6 Copyright © 2010, Juniper Networks, Inc.
  • Page 100 The route maps referenced by the neighbor advertise-map command must include a match ip-address clause. You can also include additional match clauses. All match Copyright © 2010, Juniper Networks, Inc.

  • Page 101: Advertising A Route Only When Another Route Is Present

    Alternatively, if the route to prefix 172.24.20.0 has been installed in the BGP routing table on router 2, then router 2 advertises to router 1 the route to prefix 10.10.30.0. In this case, the route does not have to be learned from router 3. Copyright © 2010, Juniper Networks, Inc.

  • Page 102: Figure 18: Advertising A Route When Another Route Is Present

    10.10.30.0 0.0.0.255 host1(config)#route-map alternatetoR1 permit 10 host1(config-route-map)#match ip address test host1(config-route-map)#exit !Configure route map to match alternate route from R3 host1(config)#access-list check permit 172.24.20.0 0.0.0.255 host1(config)#route-map trigger2 permit 10 host1(config-route-map)#match ip address check host1(config-route-map)#exit Copyright © 2010, Juniper Networks, Inc.

  • Page 103: Advertising A Route Only When Another Route Is Absent

    Figure 19: Advertising a Route When Another Route is Absent The following commands configure router R2: host1(config)#router bgp 200 host1(config-router)#neighbor peergroup1 peer-group host1(config-router)#neighbor peergroup1 remote-as 100 host1(config-router)#neighbor 10.6.6.2 peer-group peergroup1 host1(config-router)#neighbor 10.7.3.2 peer-group peergroup1 Copyright © 2010, Juniper Networks, Inc.

  • Page 104: Advertising A Default Route Only When Another Route Is Present

    IGP prefix. Because conditional advertisement tracks the BGP routing table rather than the IP routing table, the prefixes that govern the advertisement (the conditional prefixes) must be present in the BGP routing table. In Copyright © 2010, Juniper Networks, Inc.

  • Page 105: Figure 20: Advertising A Default Route When Another Route Is Present

    10 host1(config-route-map)#match ip address prefix-list test-default host1(config-route-map)#exit host1(config)#route-map outbound deny 10 host1(config-route-map)#match ip address prefix-list test-default host1(config-route-map)#exit host1(config)#route-map outbound permit 20 host1(config-route-map)#exit host1(config)#router bgp 200 host1(config-router)#neighbor 10.12.12.2 remote-as 300 host1(config-router)#network 172.55.55.0/24 host1(config-router)#aggregate-address 172.55.0.0/16 summary-only Copyright © 2010, Juniper Networks, Inc.

  • Page 106: Configuring Bgp Routing Policy

    Table 14 on page 70. Table 14: Commands That Create Match-and-Set Route Maps aggregate-address attribute-map global import map bgp dampening route-map neighbor route-map in export map neighbor route-map out import map redistribute route-map global export map table-map Copyright © 2010, Juniper Networks, Inc.

  • Page 107: Table 15: Clauses Supported In Bgp Match-And-Set Route Maps

    Table 17: Clauses Not Supported in BGP Route Maps set automatic-tag set level set distance set route-type match as-path Use to match an AS-path access list. The implemented weight is based on the first matched AS path. Copyright © 2010, Juniper Networks, Inc.
  • Page 108 10 host1(config-route-map)#match extcommunity topeka10 Use the no version to remove the match clause from a route map or a specified value from the match clause. See match extcommunity. match ip address Copyright © 2010, Juniper Networks, Inc.
  • Page 109 Use the no version to delete the match clause from a route map or a specified value from the match clause. See match metric. match metric-type Use to match a route for the specified metric type. Example Copyright © 2010, Juniper Networks, Inc.
  • Page 110 However, you cannot configure a member of a peer group to override the inherited peer group characteristic for outbound policy. New policy values are applied to all routes that are sent (outbound policy) or received (inbound policy) after you issue the command. Copyright © 2010, Juniper Networks, Inc.
  • Page 111 Example host1(config)#route-map nyc1 permit 10 Use the no version to delete the route map. See route-map. set as-path prepend Copyright © 2010, Juniper Networks, Inc.
  • Page 112 BGP confederation boundary Alternatively, you can use the list keyword to specify the name of a community list that you previously created with the ip community-list command. Copyright © 2010, Juniper Networks, Inc.
  • Page 113 On outbound route maps, disables the next hop calculation by setting the next hop to the IP address of the BGP speaker On inbound route maps, overrides any third-party next-hop configuration by setting the next hop to the IP address of the peer Copyright © 2010, Juniper Networks, Inc.
  • Page 114 IGP cost of the next hop of the advertised route. If the cost of the next hop changes, BGP is not forced to readvertise the route. For BGP, you can specify the following: Copyright © 2010, Juniper Networks, Inc.
  • Page 115 Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set weight 200 Use the no version to delete the set clause from a route map. See set weight. Copyright © 2010, Juniper Networks, Inc.

  • Page 116: Applying Table Maps

    Use to apply a policy to BGP routes about to be added to the IP routing table. The route map can include any of the clauses listed in Table 18 on page 80. Copyright © 2010, Juniper Networks, Inc.
  • Page 117 O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 Prefix/Length Type Next Hop Dist/Met Intf ------------------ ------- --------------- -------------- ------------ 10.100.3.3/32 10.12.12.1 33/44 ATM5/1.12 10.63.42.23/32 10.45.2.31 33/44 ATM5/1.14 Copyright © 2010, Juniper Networks, Inc.

  • Page 118: Access Lists

    The following commands configure router Boston to apply access list reject1 to routes inbound from router SanJose. Access list reject1 rejects routes matching 172.24.160.0/19. host3(config)#router bgp 17 host3(config-router)#neighbor 10.5.5.4 remote-as 873 host3(config-router)#neighbor 10.5.5.4 distribute-list reject1 in host3(config-router)#exit host3(config)#access-list reject1 permit 172.24.48.0 0.0.255 Copyright © 2010, Juniper Networks, Inc.

  • Page 119: Figure 22: Filtering Routes With An Access List

    Use the no version to delete an IP access list or the specified entry in the access list. See access-list. clear access-list Use to clear IP access list counters. Each access list has a counter for its entries. Example host1#clear access-list reject1 Copyright © 2010, Juniper Networks, Inc.
  • Page 120 Example host1(config-router)#neighbor 192.168.1.158 prefix-list seoul19 in New policy values are applied to all routes that are sent (outbound policy) or received (inbound policy) after you issue the command. Copyright © 2010, Juniper Networks, Inc.

  • Page 121: Filtering As Paths With A Filter List

    Filtering AS Paths with a Filter List You can use a filter list to filter incoming and outgoing routes based on the value of the AS-path attribute. Whenever a BGP route passes through an AS, BGP prepends its AS Copyright © 2010, Juniper Networks, Inc.

  • Page 122: Figure 23: Filtering With As-Path Access Lists

    The following commands configure router London to apply filters based on the AS path to routes received from router Berlin and router Paris and to routes forwarded to router Madrid. host1(config)#router bgp 47 host1(config-router)#neighbor 10.2.9.2 remote-as 621 Copyright © 2010, Juniper Networks, Inc.

  • Page 123: Figure 24: Assigning A Filter List

    NY—because the AS-path attribute for these routes begins with (and indeed consists only of) the value 32. Routes originating anywhere else—such as in AS 837, AS 17, or AS 451—are permitted, because their AS-path attributes do not begin with 32. Copyright © 2010, Juniper Networks, Inc.

  • Page 124: Filtering As Paths With A Route Map

    Filtering AS Paths with a Route Map You can use a route map instead of the neighbor filter-list command to apply access lists for filtering routes. In Figure 25 on page 89, suppose router Chicago is configured as follows: Copyright © 2010, Juniper Networks, Inc.

  • Page 125: Figure 25: Route Map Filtering

    AS 837. It sets their weight to 175, overriding the neighbor weight (50) set for updates received from 10.5.5.2. Then, instance 20 of route map alpha permits all other routes with no modification. The result of this improved configuration is the following: Copyright © 2010, Juniper Networks, Inc.

  • Page 126: Configuring The Community Attribute

    Both are expressed as decimal numbers. For example, if a prefix in AS 23 belongs to community 411, the attribute can be expressed as 23:411. Use the ip bgp-community new-format command to specify that the show commands display communities in this format. Copyright © 2010, Juniper Networks, Inc.

  • Page 127: Figure 26: Communities

    10.72.4.2 remote-as 31 host2(config-router)#neighbor 10.72.4.2 send-community host2(config-router)#neighbor 10.72.4.2 route-map matchcomm in host2(config-router)#neighbor 10.5.5.1 remote-as 122 host2(config-router)#neighbor 10.5.5.1 send-community host2(config-router)#exit host2(config)#ip community-list 1 permit 31:15 host2(config)#route-map matchcomm permit 10 host2(config-route-map)#match community 1 host2(config-route-map)#set weight 25 Copyright © 2010, Juniper Networks, Inc.
  • Page 128 BGP session. Behavior is different for outbound policies configured for peer groups for which you have enabled Adj-RIBs-Out. If you change the outbound policy for such a peer group Copyright © 2010, Juniper Networks, Inc.

  • Page 129: Community Lists

    Because the router stops testing conditions after the first match, the order of the conditions is critical. If no conditions match, the router rejects the route. Consider the network structure shown in Figure 27 on page 94. Copyright © 2010, Juniper Networks, Inc.

  • Page 130: Figure 27: Community Lists

    Community list 2 comprises routes with a community of 62; their metric is set to 75. Community 3 catches all remaining routes by matching the internet community; their metric is set to 85. ip community-list Copyright © 2010, Juniper Networks, Inc.
  • Page 131 A clause in a route map that includes a list having more than one value only matches a route having all of the values; that is, the multiple values are logical ANDed. Example host1(config)#ip extcommunity-list boston1 permit 100:2 100:3 100:4 host1(config)#route-map marengo permit 10 host1(config-route-map)#match extcommunity boston1 Copyright © 2010, Juniper Networks, Inc.

  • Page 132: Resetting A Bgp Connection

    Use the soft in prefix-filter option to push an ORF to the peer and reapply inbound policy to all received routes without clearing the BGP session. Use the soft out option to reapply outbound policy and resend routes without clearing the BGP session. Copyright © 2010, Juniper Networks, Inc.

  • Page 133: Changing Policies Without Disruption

    Use the no version to disable storage of the route copies. Use the default version to remove the explicit configuration from the peer or peer group and reestablish inheritance of the feature configuration. See neighbor soft-reconfiguration inbound. Copyright © 2010, Juniper Networks, Inc.

  • Page 134: Route-Refresh Capability

    You cannot configure the receive direction for the orf capability for a peer that is a member of a peer group or for a peer. When issued with the orf keyword, this command takes effect immediately and automatically bounces the BGP session. Copyright © 2010, Juniper Networks, Inc.

  • Page 135: Configuring Route Flap Dampening

    See neighbor prefix-list. Configuring Route Flap Dampening Route flap dampening is a mechanism for minimizing instability caused by route flapping. Route flapping occurs when a link is having a problem and is constantly going up and Copyright © 2010, Juniper Networks, Inc.

  • Page 136: Global Route Flap Dampening

    If you do not specify this value, the same half-life period is used for both reachable and unreachable routes. Dampening applies only to routes learned by means of EBGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 137: Policy-Based Route Flap Dampening

    See clear ip bgp dampening. Policy-Based Route Flap Dampening You can use policy-based route flap dampening to apply different dampening criteria to different routes. Establish one or more match clauses for an instance of a route map. Copyright © 2010, Juniper Networks, Inc.
  • Page 138 Example host1(config)#route-map nyc1 permit 10 host1(config-route-map)#set dampening 5 1000 1500 45 15 Use the no version to delete the set clause from a route map. See set dampening. Copyright © 2010, Juniper Networks, Inc.

  • Page 139: Policy Testing

    If you completely specify a route with IP address, mask, and route distinguisher, the command displays detailed route information. Otherwise only summary information is shown. Use the fields option to select particular fields of interest. Copyright © 2010, Juniper Networks, Inc.

  • Page 140: Selecting The Best Path

    Select the path with the lowest IGP cost to the next hop. Select the path with the shortest route reflection cluster list. Routes without a cluster list are treated as having a cluster list of length 0. Copyright © 2010, Juniper Networks, Inc.

  • Page 141: Configuring Next-Hop Processing

    Consider the network configuration shown in Figure 28 on page 106. Router Jackson advertises 192.168.22.0/23 internally to router Memphis with a next hop of 10.2.2.1. Router Jackson advertises the same network externally to router Topeka with a next hop of 10.1.13.1. Copyright © 2010, Juniper Networks, Inc.

  • Page 142: Figure 28: Configuring Next-Hop Processing

    To configure router Jackson: host1(config)#router bgp 604 host1(config-router)#neighbor 10.1.13.2 remote-as 25 host1(config-router)#neighbor 10.2.2.2 remote-as 604 host1(config-router)#network 192.168.22.0 mask 255.255.254.0 To configure router Memphis: host2(config)#router bgp 604 host2(config-router)#neighbor 10.2.2.1 remote-as 604 host2(config-router)#network 172.24.160.0 mask 255.255.224.0 Copyright © 2010, Juniper Networks, Inc.

  • Page 143: Next-Hop-Self

    Toledo. Router Madrid therefore advertises 192.168.22.0/23 to router Barcelona with a next-hop attribute of 10.19.7.5. Now consider Figure 30 on page 108, which shows the same routers on a Frame Relay—NBMA—network. Copyright © 2010, Juniper Networks, Inc.

  • Page 144: Figure 30: Next-Hop Behavior For Nonbroadcast Multiaccess Media

    To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session. Copyright © 2010, Juniper Networks, Inc.

  • Page 145: Assigning A Weight To A Route

    Boston are higher—more preferred—than the routes coming from router NY. Router LA subsequently prefers routes received from router Boston and therefore uses router Boston as the next hop to reach network 192.68.5.0/24. Figure 31: Assigning a Weight to a Neighbor Connection Copyright © 2010, Juniper Networks, Inc.

  • Page 146: Using The Neighbor Weight Command

    The following commands assign weights to routes filtered by AS-path access lists on router LA: host1(config)#router bgp 400 host1(config-router)#neighbor 10.5.5.1 remote-as 100 host1(config-router)#neighbor 10.5.5.1 filter-list 1 weight 1000 host1(config-router)#neighbor 10.72.4.2 remote-as 300 host1(config-router)#neighbor 10.72.4.2 filter-list 2 weight 500 host1(config-router)#exit host1(config)#ip as-path access-list 1 permit ^100_ Copyright © 2010, Juniper Networks, Inc.
  • Page 147 You can apply the filter to incoming or outgoing advertisements with the in or out keywords. If you specify a BGP peer group by using the peerGroupName argument, all the members of the peer group inherit the characteristic configured with this command unless it is Copyright © 2010, Juniper Networks, Inc.
  • Page 148 You cannot merely perform a hard clear or outbound soft clear for individual peer group members because that causes BGP to resend only the contents of the Adj-RIBs-Out table. Use the no version to remove the weight assignment. See neighbor weight. Copyright © 2010, Juniper Networks, Inc.

  • Page 149: Configuring The Local-Pref Attribute

    AS 17 to 200. Because router LA and router SanJose exchange local preference information within AS 873, they both recognize that routes to network 192.168.5.0/24 in AS 293 have a higher local preference when they Copyright © 2010, Juniper Networks, Inc.

  • Page 150: Using A Route Map To Set The Local Preference

    BGP. The origin of the route can be one of three values: IGP—Indicates that the route was learned by means of an IGP and, therefore, is internal to the originating AS. All routes advertised by the network command have an origin of IGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 151: Figure 33: The Origin Attribute

    The following commands configure router Albany: host3(config)#router bgp 100 host3(config-router)#neighbor 10.4.4.2 remote-as 100 host3(config-router)#neighbor 10.2.25.2 remote-as 100 host3(config-router)#network 192.168.33.0 mask 255.255.255.0 The following commands configure router LA: host4(config)#router bgp 300 host4(config-router)#neighbor 10.3.3.2 remote-as 100 Copyright © 2010, Juniper Networks, Inc.

  • Page 152: Table 20: Origin And As Path For Routes Viewed On Different Routers

    172.21.10.0/23 Albany Incomplete 172.21.10.0/23 Boston Incomplete 172.21.10.0/23 Incomplete 172.21.10.0/23 Incomplete empty 172.28.8.0/21 Albany empty 172.28.8.0/21 Boston empty 172.28.8.0/21 empty 172.28.8.0/21 172.31.125.100 Albany Incomplete empty 172.31.125.100 Boston Incomplete empty 172.31.125.100 Incomplete empty 172.31.125.100 Incomplete Copyright © 2010, Juniper Networks, Inc.

  • Page 153: Understanding The As-Path Attribute

    AS-path attribute for route 172.21.10.0/23 is 621 47. Router Berlin advertises the route to router London in AS 47. As received by router London, the AS-path attribute for route 172.21.10.0/23 is 11 621 47. Copyright © 2010, Juniper Networks, Inc.

  • Page 154: Configuring A Local As

    The following example commands change the local AS number for peer 104.4.2 from the global local AS of 100 to 32: host1(config)#router bgp 100 host1(config-router)#address-family ipv4 unicast vrf boston host1(config-router)#neighbor 10.4.4.2 remote-as 645 host1(config-router)#neighbor 10.4.4.2 local-as 32 Copyright © 2010, Juniper Networks, Inc.

  • Page 155: Configuring The Med Attribute

    10.3.3.2 remote-as 73 host1(config-router)#neighbor 10.5.5.2 remote-as 4 host1(config-router)#network 122.28.8.0 mask 255.255.248.0 The following commands configure router Paris: host2(config)#router bgp 73 host2(config-router)#neighbor 10.4.4.1 remote-as 303 host2(config-router)#neighbor 10.4.4.1 route-map 10 out host2(config-router)#neighbor 10.2.25.1 remote-as 73 Copyright © 2010, Juniper Networks, Inc.
  • Page 156 Paris and router Nice, but the MED advertised by router Paris is lower than that advertised by router Nice. Consequently, router London prefers the path through router Paris. Copyright © 2010, Juniper Networks, Inc.

  • Page 157: Missing Med Values

    Missing MED Values By default, a route that arrives with no MED value is treated as if it had a MED of 0, the most preferred value. You can use the bgp bestpath missing-as-worst command to Copyright © 2010, Juniper Networks, Inc.

  • Page 158: Comparing Med Values Within A Confederation

    ASs and does not affect the comparison of routes that are originated in other confederations. Example host1(config-router)#bgp bestpath med confed Changes apply automatically whenever BGP subsequently runs the best-path decision process for a destination prefix; that is, whenever a best route is picked for a given prefix. Copyright © 2010, Juniper Networks, Inc.

  • Page 159: Capability Negotiation

    The router advertises these capabilities—except for the cooperative route filtering capability—by default. You can prevent the advertisement of specific capabilities with the no neighbor capability command. You can also use this command to prevent all capability negotiation with the specified peer. Copyright © 2010, Juniper Networks, Inc.

  • Page 160: Cooperative Route Filtering

    BGP speakers that support four-octet AS and sub-AS numbers are sometimes referred to as “ new” speakers. The four-octet AS numbers are employed by the AS-path and aggregator attributes. “ Old” speakers are those that do not support the four-octet numbers. Copyright © 2010, Juniper Networks, Inc.

  • Page 161: Graceful Restarts

    BGP is awaiting an End-of-RIB marker. Alternatively, you can minimize this effect by using the bgp graceful-restart path-selection-defer-time-limit command to specify a maximum period that the restarted peer waits for the marker from its peers. Copyright © 2010, Juniper Networks, Inc.
  • Page 162 Advertisement of the graceful restart capability is disabled by default. The no neighbor capability negotiation command prevents the advertisement of all BGP capabilities, including graceful restart, to the specified peers. This command takes effect immediately and automatically bounces the session. Example host1(config-router)#bgp graceful-restart Copyright © 2010, Juniper Networks, Inc.
  • Page 163 This command takes effect immediately and automatically bounces the session. Example host1(config-router)#bgp graceful-restart stalepaths-time 480 Use the no version to restore the default value, 360 seconds. See bgp graceful-restart stalepaths-time. clear ip bgp wait-end-of-rib Copyright © 2010, Juniper Networks, Inc.
  • Page 164 Specify an interval shorter than the stalepaths time. This command takes effect immediately and automatically bounces the session. Example host1(config-router)#neighbor graceful-restart restart-time 240 Use the no version to restore the default value, 120 seconds. See neighbor graceful-restart restart-time. neighbor graceful-restart stalepaths-time Copyright © 2010, Juniper Networks, Inc.

  • Page 165: Scenarios

    On the interface that connects PE1 to the core router, P, use the isis hello-interval command in Interface Configuration mode to set the frequency at which the router sends hello packets on the specified interface as 30 seconds. host1(config-if)#isis hello-interval 30 Copyright © 2010, Juniper Networks, Inc.

  • Page 166: Route Refresh

    Use the no version to prevent advertisement of the specified capability or use the negotiation keyword with the no version to prevent all capability negotiation with the specified peer. Use the default version to restore the default, advertising the capability. See neighbor capability. Copyright © 2010, Juniper Networks, Inc.

  • Page 167: Interactions Between Bgp And Igps

    IP routing table. Synchronization is enabled by default. However, you must configure redistribution of external routes into the IGP, or the routing tables will not receive the IGP routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 168: Disabling Synchronization

    NY to put the route to 192.56.0.0/16 in its IP routing table and advertise it to router Chicago without learning about 192.56.00/16 from router Albany. The command also enables router Boston to put the route to Copyright © 2010, Juniper Networks, Inc.

  • Page 169: Setting The Administrative Distance For A Route

    The distance represents how reliable the source of the route is considered to be. A lower value is preferred over a higher value. An administrative distance of 255 indicates no confidence in the source; routes with this distance are not installed Copyright © 2010, Juniper Networks, Inc.

  • Page 170: Table 21: Default Administrative Distances For Route Sources

    BGP. BGP can locally originate routes if you issue the network command, if you configure redistribution into BGP, or by means of a non-AS-set aggregate route. Acceptable values are from 1 to 255. The default value is 200. Copyright © 2010, Juniper Networks, Inc.

  • Page 171: Figure 38: Administrative Distances

    See distance bgp. Example 1 Routes learned from other sources can be preferred to routes learned by means of BGP. Consider the network structure shown in Figure 38 on page 135. Figure 38: Administrative Distances Copyright © 2010, Juniper Networks, Inc.

  • Page 172: Figure 39: Administrative Distance And Synchronization

    BGP speaker can advertise the route it learned from a peer. When the RIP route appears on router Boston, the router has both an IBGP route and a RIP route to the same prefix. Even though the RIP route has a better administrative Copyright © 2010, Juniper Networks, Inc.

  • Page 173: Configuring Backdoor Routes

    EBGP route to that of an IBGP route, 200. Issuing this command does not cause the BGP speaker to advertise the specified route. This command takes effect immediately. Copyright © 2010, Juniper Networks, Inc.

  • Page 174: Setting The Maximum Number Of Equal-Cost Multipaths

    VRF. BFD is not supported for multi-hop BGP sessions (IBGP multi-hop or EBGP multi-hop). BFD behavior is identical for IBGP and EBGP single-hop sessions, and for IPv4 and IPv6 neighbors. Copyright © 2010, Juniper Networks, Inc.
  • Page 175 BFD control packets from the remote peer. The default value is 300 milliseconds. You can use the minimum-interval keyword to specify the same value for both of those intervals. Configuring a minimum interval has the same effect as configuring Copyright © 2010, Juniper Networks, Inc.

  • Page 176: Bfd And Bgp Graceful Restart

    When BGP is acting as a graceful restart helper and the BFD session to the BGP peer is lost, one of the following actions takes place: Copyright © 2010, Juniper Networks, Inc.

  • Page 177: Managing A Large-Scale As

    (for clarity, only the BGP sessions are shown). Border router Salem has an EBGP session with a neighbor in AS 325. Border router Boston has an EBGP session with a neighbor in AS 413. Copyright © 2010, Juniper Networks, Inc.

  • Page 178: Figure 41: A Fully Meshed Autonomous System

    It acts like IBGP within an AS because the local-pref, MED, and next-hop attributes are preserved across the sub-AS boundaries. To the external neighbors, AS 29 appears the same as it ever was. Copyright © 2010, Juniper Networks, Inc.

  • Page 179: Figure 42: A Confederation Of Subautonomous Systems

    64721 host2(config-router)#bgp confederation identifier 29 host2(config-router)#bgp confederation peers 64720 64722 host2(config-router)#neighbor 10.2.25.7 remote-as 64720 From router Newport’s perspective, router Salem is simply a member of AS 29: host3(config)#router bgp 325 host3(config-router)#neighbor 10.2.25.6 remote-as 29 Copyright © 2010, Juniper Networks, Inc.
  • Page 180 AS paths in the set are delimited by commas rather than spaces. Example host1(config)#ip bgp-confed-as-set new-format Use the no version to restore the default display within parentheses and with space-delimited ASs. See ip bgp-confed-as-set new-format. Copyright © 2010, Juniper Networks, Inc.

  • Page 181: Configuring Route Reflectors

    Plymouth, Westford, and Acton. These route reflector clients see router Harvard and each other simply as IBGP neighbors. Router Newport in AS 325 and router Mason in AS 413 see router Harvard simply as an EBGP neighbor in AS 29. Figure 43: Simple Route Reflection Copyright © 2010, Juniper Networks, Inc.

  • Page 182: Route Reflection And Redundancy

    Route reflection creates the possibility of looping within an AS. Routes that originate within a cluster might be forwarded back to the cluster. Because this happens within a given AS, the AS-path attribute is of no use in detecting a loop. Copyright © 2010, Juniper Networks, Inc.
  • Page 183 10.2.5.6 remote-as 29 host1(config-router)#neighbor 10.2.5.6 route-reflector-client host1(config-router)#neighbor 10.2.5.7 remote-as 29 host1(config-router)#neighbor 10.2.5.8 remote-as 29 host1(config-router)#neighbor 10.2.25.5 remote-as 325 You do not configure a cluster ID, because router Salem is the only route reflector in this cluster. Copyright © 2010, Juniper Networks, Inc.

  • Page 184: Figure 46: Bgp Route Reflection

    10.3.3.4 remote-as 29 host3(config-router)#neighbor 10.2.5.1 remote-as 29 You must configure a cluster ID, because router Acton and router Harvard are both route reflectors in this cluster. To configure router Harvard as a route reflector: Copyright © 2010, Juniper Networks, Inc.
  • Page 185 Use to configure the local router as the route reflector and the specified neighbor as one of its clients. The reflector and its clients constitute a cluster. BGP neighbors that are not specified as clients are nonclients. Route reflectors pass routes among the client routers. Copyright © 2010, Juniper Networks, Inc.

  • Page 186: Configuring Bgp Multicasting

    IPv6 routes. For a description of IPv6, see JunosE IP, IPv6, and IGP Configuration Guide. Multicast IPv6—If you specify the multicast IPv6 address family, you can use BGP to exchange routing information about how to reach an IPv6 multicast source instead of Copyright © 2010, Juniper Networks, Inc.

  • Page 187: Peer Or Peer Group

    Use to configure the router to exchange IPv4 or IPv6 addresses by creating the specified address family. IPv4 addresses can be exchanged in unicast, multicast, or VPN mode. IPv6 addresses can be exchanged in unicast mode. Copyright © 2010, Juniper Networks, Inc.
  • Page 188 If a neighbor is activated, BGP also sends the full contents of the BGP routing table of the newly activated address family. Example host1:vr1(config-router-af)#neighbor 192.168.1.158 activate Copyright © 2010, Juniper Networks, Inc.

  • Page 189: Monitoring Bgp Multicast Services

    By default, BGP IPv4 and IPv6 unicast routes are available only for other unicast routing protocols. Example 1 host1(config)#router bgp 100 host1(config-router)#ipv6 route-type both Example 2 host1(config)#router bgp 100 host1(config-router)#address-family ipv4 unicast vrf v1 host1(config-router-af)#ip route-type both Use the no version to restore the default value, unicast. Copyright © 2010, Juniper Networks, Inc.

  • Page 190: Configuring Bgp/Mpls Vpns

    The following three items apply to the test ip bgp neighbor command only: The address-family identifier for the route is the same as is used for identifying the neighbor. Copyright © 2010, Juniper Networks, Inc.
  • Page 191 You can set a weight value for inbound routes filtered with a filter list. Example host1#test ip bgp neighbor 10.12.54.21 advertised-routes distribute-list boston5 fields There is no no version. See test bgp ipv6 neighbor. See test ip bgp neighbor. Copyright © 2010, Juniper Networks, Inc.
  • Page 192 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 193: Monitoring Bgp

    Monitoring BGP Routes with Inconsistent AS Paths on page 178 Monitoring BGP Neighbors on page 180 Monitoring Dampened BGP Routes of Specified Neighbors on page 185 Monitoring BGP Paths of Neighbors on page 187 Copyright © 2010, Juniper Networks, Inc.

  • Page 194: Setting A Baseline On All Bgp Statistics

    To display information about BGP logs for inbound or outbound events, or both. Issue the debug ip bgp command: host1#debug ip bgp Related Topics Disabling Display of BGP Logs on page 205 debug ip bgp undebug ip bgp Copyright © 2010, Juniper Networks, Inc.

  • Page 195: Neighbors

    You can use the intro keyword to enable the display of introductory information about BGP attributes. The order in which you specify the fields has no effect on the order in which they are displayed. Action To specify the default output fields while displaying the BGP routes: Copyright © 2010, Juniper Networks, Inc.

  • Page 196: Table 23: Show Ip Bgp Output Fields

    BGP has finished updating the routes in the IP route table. The FIB version is less than the local-RIB version when BGP is still in the process of updating the IP routing table. Copyright © 2010, Juniper Networks, Inc.
  • Page 197 Statistics baseline set Timestamp indicating when the statistics baseline was last set Related Topics Monitoring the BGP Routing Table on page 162 default-fields route Copyright © 2010, Juniper Networks, Inc.

  • Page 198: Monitoring As-Path Access Lists

    Peer Next-hop LocPrf Weight Origin ::103.103.103.0/120 103.103.103.3 ::103.103.103.3 inc. > 3ffe:0:0:1::/64 11.11.11.11 ::101.101.101.1 inc. > 3ffe:0:0:3::/64 103.103.103.3 ::103.103.103.3 inc. > 3ffe:0:1:1::/64 12.12.12.12 ::102.102.102.2 inc. To display information about routes for the specified IPv4 prefix: Copyright © 2010, Juniper Networks, Inc.
  • Page 199 Resolution in IP tunnel-route table of VR pe1 MPLS indirect next-hop index 578 Reachable (metric 100) Direct next-hop Push 23, POS4/0 (10.10.10.1) Push 43, POS4/1 (12.12.12.1) Reference count is 1 To display information about routes in the route-target address family: Copyright © 2010, Juniper Networks, Inc.
  • Page 200 102:111:34 Prefix Weight Route-map Backdoor 102:111:34/96 To display filtered information about all networks in the BGP routing table: host1:pe1#show ip bgp fields peer next-hop next-hop-cost Prefix Peer Next-hop Next-hop-cost Copyright © 2010, Juniper Networks, Inc.
  • Page 201 > 12.2.88.0/22 10.5.0.48 10.5.0.48 > 12.2.97.0/24 10.5.0.48 10.5.0.48 > 12.2.99.0/24 10.5.0.48 10.5.0.48 > 12.2.109.0/24 10.5.0.48 10.5.0.48 > 12.2.169.0/24 10.5.0.48 10.5.0.48 Meaning Table 25 on page 166 lists the show ip bgp command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 202: Table 25: Show Ip Bgp Output Fields

    Multiexit discriminator for the route LocPrf Local preference for the route Weight Weight of the route Origin Origin of the route AS path AS path through which this route has been advertised Copyright © 2010, Juniper Networks, Inc.

  • Page 203: Monitoring Advertised Bgp Routes

    Report whether the indirect next hop of a route is unreachable; if not, display the IGP cost to the indirect next hop. Copyright © 2010, Juniper Networks, Inc.

  • Page 204: Table 26: Show Ip Bgp Advertised-Routes Output Fields

    BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory. Prefix Prefix for the routing table entry Copyright © 2010, Juniper Networks, Inc.

  • Page 205: Monitoring Bgp Aggregate Addresses

    Displays a summary of aggregate address information Attribute map Displays the attribute maps for aggregate addresses Advertise map Displays the advertise maps for aggregate addresses Suppress map Displays the suppressed maps for the aggregate addresses Copyright © 2010, Juniper Networks, Inc.

  • Page 206: Monitoring Bgp Routes With Nonnatural Network Masks

    BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory. Prefix Prefix for the routing table entry Copyright © 2010, Juniper Networks, Inc.

  • Page 207: Monitoring Bgp Routes In A Community

    40845 paths selected for route table installation 13651 path attribute entries (1864908 bytes used) Prefix Peer Next-hop MED CalPrf Weight Origin > 24.0.0.0/12 10.5.0.48 10.5.0.48 > 24.4.252.0/22 10.5.0.48 10.5.0.48 > 24.6.0.0/23 10.5.0.48 10.5.0.48 > 24.6.11.0/24 10.5.0.48 10.5.0.48 Copyright © 2010, Juniper Networks, Inc.

  • Page 208: Table 29: Show Ip Bgp Community Output Fields

    IP address of the next hop Multiexit discriminator for the route CalPrf Calculated preference for the route Weight Assigned path weight Origin Origin of the route Related Topics show bgp ipv6 community show ip bgp community Copyright © 2010, Juniper Networks, Inc.

  • Page 209: Monitoring Bgp Community Routes In The Community List

    If several peers have advertised a route to the same prefix, only the best route is included in this count. paths selected for route Number of routes in the BGP routing table that have been inserted table installation into the IP routing table Copyright © 2010, Juniper Networks, Inc.

  • Page 210: Monitoring Dampened Bgp Routes

    10.2.1.48 Available 1997 00:15:10 164.81.0.0/16 10.2.1.48 Available 1997 00:15:11 192.29.60.0/24 10.2.1.48 Available 1997 00:15:12 192.58.228.0/24 10.2.1.48 Available 1997 00:15:15 192.88.8.0/24 10.2.1.48 Available 1997 00:15:17 192.107.253.0/24 10.2.1.48 Suppressed/Unreachable 4331 00:19:42 192.195.44.0/24 10.2.1.48 Suppressed/Reachable 2923 00:19:15 Copyright © 2010, Juniper Networks, Inc.

  • Page 211: Table 31: Show Ip Bgp Dampened-Paths Output Fields

    Time until Reuse/Remove Time until the route is either reused (if currently suppressed) or its history entry is removed (if currently available) Related Topics show bgp ipv6 dampened-paths show ip bgp dampened-paths Copyright © 2010, Juniper Networks, Inc.

  • Page 212: Monitoring Bgp Routes With Matching As Paths And As-Path Access Lists

    If several peers have advertised a route to the same prefix, only the best route is included in this count. paths selected for route Number of routes in the BGP routing table that have been inserted table installation into the IP routing table Copyright © 2010, Juniper Networks, Inc.

  • Page 213: Monitoring Bgp Flap Statistics

    Prefix Peer Status of Merit Reuse/Remove 24.201.0.0/18 192.168.1.158 Available 00:58:23 24.201.64.0/18 192.168.1.158 Available 00:58:23 52.128.224.0/19 192.168.1.158 Available 00:54:12 61.8.0.0/19 192.168.1.158 Available 00:59:53 61.8.30.0/24 192.168.1.158 Available 00:59:53 62.229.73.0/24 192.168.1.158 Unreachable 00:58:23 63.69.150.0/24 192.168.1.158 Available 00:54:12 Copyright © 2010, Juniper Networks, Inc.

  • Page 214: Monitoring Bgp Routes With Inconsistent As Paths

    Display information about routes that have inconsistent AS-paths. Report whether the indirect next hop of a route is unreachable; if not, display the IGP cost to the indirect next hop. The show ip bgp inconsistent-as and show bgp ipv6 inconsistent-as commands display similar information. Copyright © 2010, Juniper Networks, Inc.

  • Page 215: Table 34: Show Ip Bgp Inconsistent-As Output Fields

    IP address of the next hop Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route AS-path AS-path through which this route bas been advertised Copyright © 2010, Juniper Networks, Inc.

  • Page 216: Monitoring Bgp Neighbors

    0 00:00:17 since last update message was received Fields relevant to multiprotocol extensions: Multi-protocol extensions negotiation: ip-v4 unicast: sent, received, used ip-v6 unicast-labeled: sent, received, used For the graceful restart capability, additional information is presented. Copyright © 2010, Juniper Networks, Inc.
  • Page 217 Multiplier is 3 Waiting for BGP to become established before initiating BFD session Fields relevant to BFD when BFD is configured, the BGP session is established, but the BFD protocol session is not up: Copyright © 2010, Juniper Networks, Inc.

  • Page 218: Table 35: Show Ip Bgp Neighbors Output Fields

    Desired state of the peer connection Connection state Current state of the BGP connection Connection has been Time that TCP connection was established established Reason for last reset Reason for last reset of the BGP session Copyright © 2010, Juniper Networks, Inc.
  • Page 219 Frequency of keep-alive messages generated interval Negotiated keepalive Negotiated frequency of keep-alive messages generated interval Configured hold time Configured maximum time allowed between received messages Negotiated hold time Negotiated maximum time allowed between received messages Copyright © 2010, Juniper Networks, Inc.
  • Page 220 Type and address of peer to which BFD session is established Minimum transmit interval Desired interval between BFD packets transmitted to members of peer group Minimum receive interval Desired interval between BFD packets received from members of peer group Copyright © 2010, Juniper Networks, Inc.

  • Page 221: Monitoring Dampened Bgp Routes Of Specified Neighbors

    23 path attribute entries (3450 bytes used) Status codes: > best, * invalid, s suppressed, d dampened, r rejected Prefix Peer Next-hop MED LocPrf Weight Origin d12.8.12.0/24 192.168.1.158 192.168.1.1 0 IGP d24.48.12.0/24 192.168.1.158 192.168.1.1 0 IGP Copyright © 2010, Juniper Networks, Inc.

  • Page 222: Table 36: Show Ip Bgp Neighbors Dampened-Routes Output Fields

    IP address of BGP peer Next hop IP address IP address of the next hop Multiexit discriminator for the route LocPrf Local preference for the route Weight Assigned path weight Origin Origin of the route Copyright © 2010, Juniper Networks, Inc.

  • Page 223: Monitoring Bgp Paths Of Neighbors

    Related Topics show bgp ipv6 neighbors paths show ip bgp neighbors paths Monitoring Prefix List Outbound Route Filters Received from the BGP Neighbor Purpose Display prefix-list outbound route filters received from the BGP neighbor. Copyright © 2010, Juniper Networks, Inc.

  • Page 224: Monitoring Routes Originating From A Bgp Neighbor Before Application Of

    Table 39 on page 188 lists the show ip bgp neighbors received-routes command output fields. Table 39: show ip bgp neighbors received-routes Output Fields Field Name Field Description Local BGP identifier BGP router ID of the local router Copyright © 2010, Juniper Networks, Inc.

  • Page 225: Policy

    Report whether the indirect next hop of a route is unreachable; if not, display the IGP cost to the indirect next hop. The show ip bgp neighbors routes and show bgp ipv6 neighbors routes commands display similar information. Copyright © 2010, Juniper Networks, Inc.

  • Page 226: Table 40: Show Bgp Ipv6 Neighbors Routes Output Fields

    IP route table. The FIB version is less than the local-RIB version when BGP is still in the process of updating the IP routing table. Prefix Prefix for the routing table entry Copyright © 2010, Juniper Networks, Inc.

  • Page 227: Monitoring Networks In An Autonomous System

    Weight Assigned path weight Route-map Indicates whether network-route filtering is enabled Backdoor Indicates whether an IGP backdoor route is favored over an EBGP route Related Topics show bgp ipv6 network show ip bgp network Copyright © 2010, Juniper Networks, Inc.

  • Page 228: Monitoring Bgp Next Hops

    IP indirect next hop or an MPLS indirect next hop when chains of next hops are in use Reference count Number of label mappings of BGP routes that use this next hop Related Topics show bgp ipv6 next-hops Copyright © 2010, Juniper Networks, Inc.

  • Page 229: Monitoring Bgp Paths

    The show ip bgp peer-group and show bgp ipv6 peer-group commands display similar information. Action To display information about BGP peer groups: host1#show ip bgp peer-group BGP peer-group leftcoast, remote AS 200 Peer-group members are external peers Local AS 100 Copyright © 2010, Juniper Networks, Inc.

  • Page 230: Table 44: Show Ip Bgp Peer-Group Output Fields

    Administrative status Desired state of the peer connection EBGP multi-hop Status of EBGP multihop for the peer group (enabled or disabled) IBGP single-hop Status of IBGP single hop for the peer group (enabled or disabled) Copyright © 2010, Juniper Networks, Inc.
  • Page 231 Incoming route map, if configured Outgoing route map Outgoing route map, if configured Minimum route Minimum time between route advertisements advertisement interval Configured update source IP address used when sending update messages IP address Copyright © 2010, Juniper Networks, Inc.

  • Page 232: Monitoring Bgp Routes With Matching As-Paths And Regular Expressions For Single Regular Expressions

    6 paths, 3 distinct prefixes (324 bytes used) 3 paths selected for route table installation 7 path attribute entries (872 bytes used) Prefix Next-hop CalPrf Weight AS-path 10.99.1.2/32 10.1.1.2 10.99.1.3/32 10.1.1.2 200 10 10.99.1.4/32 10.1.1.2 200 10 20 Copyright © 2010, Juniper Networks, Inc.

  • Page 233: Table 45: Show Ip Bgp Quote-Regexp Output Fields

    If BGP receives two routes for different prefixes but with identical path attributes, BGP will create only one entry in its internal path attribute table and share it between the two routes to conserve memory. Copyright © 2010, Juniper Networks, Inc.

  • Page 234: Monitoring Bgp Routes With Matching As-Paths And Regular Expressions For Multiple Regular Expressions

    6 paths, 3 distinct prefixes (324 bytes used) 3 paths selected for route table installation 7 path attribute entries (872 bytes used) Prefix Next-hop CalPrf Weight AS-path 10.99.1.2/32 10.1.1.2 10.99.1.3/32 10.1.1.2 200 10 10.99.1.4/32 10.1.1.2 200 10 20 Copyright © 2010, Juniper Networks, Inc.

  • Page 235: Table 46: Show Ip Bgp Regexp Output Fields

    Prefix Prefix for the routing table entry Next hop IP address IP address of the next router that is used when a packet is forwarded to the destination network Copyright © 2010, Juniper Networks, Inc.

  • Page 236: Monitoring The Status Of All Bgp Neighbors

    Client-to-client reflection is enabled Cluster ID is 10.13.13.13 Route-target filter is enabled Default IPv4-unicast is enabled Redistribution of iBGP routes is disabled Graceful restart is globally disabled Global graceful-restart restart time is 120 seconds Copyright © 2010, Juniper Networks, Inc.

  • Page 237: Table 47: Show Bgp Ipv6 Summary Output Fields

    Shutdown in overload state Status, enabled or disabled Default local preference Default value for local preference IGP synchronization Synchronization status, enabled or disabled Default originate Whether network 0.0.0.0 is redistributed into BGP (enabled) or not (disabled) Copyright © 2010, Juniper Networks, Inc.
  • Page 238 Whether client-to-client reflection is configured (enabled) or not (disabled) Cluster ID Identifying number for cluster ID Route-target filter Status, enabled or disabled Default IPv4-unicast Status, enabled or disabled Redistribution of iBGP Status, enabled or disabled routes Copyright © 2010, Juniper Networks, Inc.
  • Page 239 IPv4 (applies the map to only IPv4 routes) or IPv6 (applies the map to only IPv6 routes). Local-RIB version Number that is increased by one each time a route in that RIB is added, removed or modified. Copyright © 2010, Juniper Networks, Inc.

  • Page 240: Monitoring All Routes In A Bgp Community List

    To display routes that are permitted by a BGP community list: host1#show ip community-list Community List 1: permit 752877569 (11488:1) permit 752877570 (11488:2) permit 752877571 (11488:3) permit 752877572 (11488:4) Community List 2: permit 4294967043 (local-as) Copyright © 2010, Juniper Networks, Inc.

  • Page 241: Disabling Display Of Bgp Logs

    To disable the display of information about BGP logs that was previously enabled with the debug ip bgp command. Issue the undebug ip bgp command: host1#undebug ip bgp Related Topics Enabling Display of BGP Logs on page 158 debug ip bgp undebug ip bgp Copyright © 2010, Juniper Networks, Inc.
  • Page 242 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 243: Multiprotocol Layer Switching

    PART 2 Multiprotocol Layer Switching MPLS Overview on page 209 Configuring MPLS on page 275 Monitoring MPLS on page 321 Configuring BGP-MPLS Applications on page 383 Monitoring BGP/MPLS VPNs on page 489 Copyright © 2010, Juniper Networks, Inc.
  • Page 244 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 245: Mpls Overview

    Ping Extensions for Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes on page 246 TLVs and Sub-TLVs Supported for Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes on page 248 LDP Discovery Mechanisms on page 250 MPLS Traffic Engineering Overview on page 252 Copyright © 2010, Juniper Networks, Inc.

  • Page 246: Mpls Overview

    RFCs and other sources either with initial uppercase letters or all uppercase letters. For improved readability, those terms are represented in lowercase in this chapter. Table 49 on page 211 lists the terms and some of their variant spellings. Copyright © 2010, Juniper Networks, Inc.

  • Page 247: Table 49: Conventions For Mpls Terms

    PathTear PATHTEAR resv Resv RESV resvconf ResvConf RESVCONF resverr ResvErr RESVERR resvtear ResvTear RESVTEAR targeted hello Targeted Hello TARGETED_HELLO Related Topics MPLS Terms and Acronyms on page 212 MPLS Overview on page 210 Copyright © 2010, Juniper Networks, Inc.

  • Page 248: Mpls Terms And Acronyms

    MPLS domain This text does not use LDP to refer to the generic class of label distribution protocols. Label edge router—A label-switching router serving as an ingress or egress nodes Copyright © 2010, Juniper Networks, Inc.
  • Page 249 VPN Provider core router P—An LSR within a service provider core that carries traffic for a VPN RSVP Resource Reservation Protocol; E Series routers do not support RSVP Copyright © 2010, Juniper Networks, Inc.

  • Page 250: Mpls Features

    Interface support ATM AAL5 (RSVP-TE only) ATM1483 (point-to-point AAL5SNAP only) Ethernet/VLAN Multilink PPP POS (PPP over HDLC) SLEP (Cisco HDLC) Label stacking Virtual Private Networks (VR-based and BGP-based) Layer 2 Services over MPLS LER functionality Copyright © 2010, Juniper Networks, Inc.

  • Page 251: Mpls Platform Considerations

    See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support BGP. For information about modules that support MPLS on E120 and E320 Broadband Services Routers: Copyright © 2010, Juniper Networks, Inc.

  • Page 252: Mpls References

    RFC 2836—Per Hop Behavior Identification Codes (May 2000) RFC 2858—Multiprotocol Extensions for BGP-4 (June 2000) RFC 2961—RSVP Refresh Overhead Reduction Extensions (April 2001) RFC 3031—Multiprotocol Label Switching Architecture (January 2001) RFC 3032—MPLS Label Stack Encoding (January 2001) Copyright © 2010, Juniper Networks, Inc.
  • Page 253 NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress. Please refer to the IETF Web site at http://www.ietf.org for the latest drafts. Related Topics MPLS Overview on page 210 Copyright © 2010, Juniper Networks, Inc.

  • Page 254: Mpls Label Switching And Packet Forwarding Overview

    The egress router is sometimes referred to as the tunnel tail end, or the tail-end router. LSPs are unidirectional, carrying traffic only in the downstream direction from the ingress node to the egress node. Copyright © 2010, Juniper Networks, Inc.

  • Page 255: Mpls Lsrs

    2 prepends label e to the packet. LSR 3 does the same thing, removing label e and prepending label u. Finally, the egress node, LSR 4, removes label u and determines where to forward the packet outside the MPLS domain. Figure 48: Label Switching Copyright © 2010, Juniper Networks, Inc.

  • Page 256: Mpls Label Stacking

    Finally, the egress node, LSR 6, removes label z and determines where to forward the packet outside the MPLS domain. Copyright © 2010, Juniper Networks, Inc.

  • Page 257: Mpls Labels And Label Spaces

    When you use the platform label space, the MPLS ingress node places labels in shim headers between the link-layer header and the payload. The shim header includes the following bits (Figure 50 on page 222): Copyright © 2010, Juniper Networks, Inc.

  • Page 258: Ttl Processing In The Platform Label Space Overview

    TTL processing the default tunnel model is uniform. You can issue the no mpls ip propagate-ttl command to change the TTL processing tunnel model from the default uniform model to the pipe model. Issue the no mpls ip Copyright © 2010, Juniper Networks, Inc.

  • Page 259: Ttl Processing On Incoming Mpls Packets

    If the incoming TTL is less than 2, the packet is dropped. If innermost packet is IP, an ICMP packet is built and sent. If the TTL does not expire and the packet needs to be sent out, the outgoing TTL is determined by the rules for outgoing MPLS packets. Copyright © 2010, Juniper Networks, Inc.

  • Page 260: Ttl Processing On Outgoing Mpls Packets

    TTL value when the swapped-to label is not implicit-null. When the swapped-to label is implicit-null (for example, in a PHP configuration), the inner or exposed header's TTL is either left unchanged (when the forwarded option for the mpls ip propagate-ttl Copyright © 2010, Juniper Networks, Inc.

  • Page 261: Rules For Processing On An Ler

    MPLS sets the TTL for these pushed labels to 255. When the packet is neither IP nor MPLS, such as a Martini packet, MPLS sets the TTL of all pushed labels to 255. Copyright © 2010, Juniper Networks, Inc.

  • Page 262: Mpls Rules For Ttl Expiration

    MPLS takes the following actions when the TTL in a MPLS label of a received MPLS packet expires: A TTL-expired ICMP packet is constructed. The destination address of ICMP packet is set to the source address of the IP packet that was encapsulated in the MPLS packet. Copyright © 2010, Juniper Networks, Inc.

  • Page 263: Mpls Label Distribution Methodology

    LSP, preventing inappropriate (early) data mapping from occurring on the first LSR in the path. An LSR is an egress LSR for a FEC when the FEC is its directly attached interface or when MPLS is not configured on the next-hop interface. Copyright © 2010, Juniper Networks, Inc.

  • Page 264: Figure 53: Lsp Creation, Downstream-On-Demand, Ordered Control

    In Figure 54 on page 229, LSR D learns a route to some prefix. LSR D immediately maps a label for this destination and sends the label to its peers, LSR B, LSR C, LSR E, and LSR F. In the topology-driven network, the LSPs are created automatically with each peer LSR. Copyright © 2010, Juniper Networks, Inc.

  • Page 265: Ip Data Packet Mapping Onto Mpls Lsps Overview

    For topology-driven LSPs, LDP can modify the IP routing table to use MPLS next hops in the routing table, replacing the regular IP next hops for the corresponding routes. For labeled BGP routes, BGP adds routes with MPLS next hops to the appropriate VR or VRF routing table. Copyright © 2010, Juniper Networks, Inc.
  • Page 266 VPN or IPv6 VPN interface. Consequently, any policy attached to the interface applies to all that VPN traffic. Related Topics TTL Processing in the Platform Label Space Overview on page 222 IP Data Packet Mapping onto MPLS LSPs Overview on page 229 Copyright © 2010, Juniper Networks, Inc.

  • Page 267: Statistics For Ip Packets Moving On Or Off Mpls Lsps

    ATM9/0.10 line protocol Atm1483 is up, ip is up Copyright © 2010, Juniper Networks, Inc.
  • Page 268 0 unknown msg type err last info err code = 0x00000000, 0 loop detected Sent: 0 notf, 8 msg, 4 mapping, 0 request 0 abort, 0 release, 0 withdraw, 1 addr 0 addr withdraw, 8 msgId Copyright © 2010, Juniper Networks, Inc.

  • Page 269: Mpls Forwarding And Next-Hop Tables Overview

    MPLS looks up the label in the MPLS forwarding table for that particular major interface. The signaling protocols add entries to the MPLS forwarding tables. You cannot manually create an MPLS forwarding entry. The signaling protocols set the following attributes for each entry placed in the forwarding table: Copyright © 2010, Juniper Networks, Inc.

  • Page 270: Mpls Packet Spoof Checking Overview

    MPLS tunnels. The tunnel routing table is not used for forwarding. Instead, protocols resolve MPLS next hops by looking up the routes in the table. For example, BGP uses the table to resolve indirect next hops for labeled routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 271: Explicit Routing For Mpls Overview

    Consider the MPLS domain shown in Figure 55 on page 236. Without explicit path routing, the tunnel is created hop by hop along the following path: LSR 1 –> LSR 3 –> LSR 4 –> LSR 7 Copyright © 2010, Juniper Networks, Inc.

  • Page 272: Mpls Interfaces And Interface Stacking Overview

    Some other commands create an MPLS major interface if it does not already exist. You can configure the following attributes for each MPLS major interface: The administrative state, enabled or disabled, configured with the mpls disable command. Copyright © 2010, Juniper Networks, Inc.

  • Page 273: Mpls Minor Interfaces

    MPLS interface stacking differs depending on whether the platform label space (Figure 56 on page 237) or the interface label space (Figure 57 on page 238) is used. Figure 56: MPLS Interface Stacking for the Platform Label Space Copyright © 2010, Juniper Networks, Inc.

  • Page 274: Mpls Label Distribution Protocols Overview

    Label Distribution Protocol. BGP and LDP have no traffic-engineering capability and support only best-effort LSPs. LDP supports topology-driven MPLS networks in best-effort, hop-by-hop implementations. RSVP-TE is used primarily for MPLS applications that require traffic Copyright © 2010, Juniper Networks, Inc.

  • Page 275: Ldp Messages And Sessions

    An LSR responds with a keepalive message if the values in the initialization message are acceptable. If any value is not acceptable, the LSR responds instead with an error notification message, terminating the session. After a session is Copyright © 2010, Juniper Networks, Inc.

  • Page 276: Rsvp-Te Messages And Sessions

    The pathtear message removes the path and resv states in each LSR as it proceeds downstream. Downstream LSRs similarly send the resvtear message when their resv state times out to remove the resv states in upstream LSRs. Copyright © 2010, Juniper Networks, Inc.

  • Page 277: Rsvp-Te State Refresh And Reliability

    BGP to send labels to a particular BGP peer only if that peer advertised the capability to process update messages with SAFI 4. BGP speakers advertise this capability only to peers for which the neighbor send-label command has been configured. Copyright © 2010, Juniper Networks, Inc.

  • Page 278: Ecmp Labels For Mpls Overview

    ECMP paths. You can use MPLS trace to determine which paths are present on an MPLS LSR. When the TTL expires on an MPLS LSR, the echo reply that is returned includes a downstream Copyright © 2010, Juniper Networks, Inc.

  • Page 279: Supported Tlvs

    This TLV is generated if requested by the received downstream mapping TLV. Errored TLVs This TLV is generated if an error is encountered while parsing one of the received TLVs. Reply TOS Byte – Copyright © 2010, Juniper Networks, Inc.

  • Page 280: Mpls Connectivity Verification And Troubleshooting Methods

    IP connectivity exists to a destination even when the ping packets must traverse multiple LSPs. You can use the traceroute command to determine the labels that data packets use when traversing LSPs to the destination. Copyright © 2010, Juniper Networks, Inc.
  • Page 281 IPv6 prefix to investigate IPv6 VPNs. Related Topics ECMP Labels for MPLS Overview on page 242 Verifying and Troubleshooting MPLS Connectivity on page 370 Packet Flow Examples for Verifying MPLS Connectivity on page 372 ping mpls ip Copyright © 2010, Juniper Networks, Inc.

  • Page 282: Point-To-Multipoint Lsps Connectivity Verification At Egress Nodes

    MPLS ping extensions in point-to-multipoint LSPs define the following new sub-type-length-values (TLVs) for the Target FEC Stack TLV and new TLVs: RSVP P2MP IPv4 Session sub-TLV P2MP Responder Identifier TLV Echo Jitter TLV Copyright © 2010, Juniper Networks, Inc.

  • Page 283: Rsvp P2Mp Ipv4 Session Sub-Tlv Overview

    Use the new Echo Jitter TLV and associated rules for processing the LSP ping message (echo request) that contains this the Echo Jitter TLV to delay the transmission of the response by a time interval that is limited by the value specified in the Echo Jitter TLV. Copyright © 2010, Juniper Networks, Inc.

  • Page 284: Traceroute Overview

    30 seconds that is predefined for this TLV. If the TLV is not contained in the echo request packet, the responding egress node does not create any additional delay in responding to the echo request. The Echo Jitter TLV is valid only in an Copyright © 2010, Juniper Networks, Inc.

  • Page 285: P2Mp Responder Identifier Tlv Operations

    IPv6 address of a branch or intermediate node. IPv6 Egress Address P2MP The IPv4 address in the sub-TLV Responder Identifier might be of any physical interface or the router ID of the node itself. Copyright © 2010, Juniper Networks, Inc.

  • Page 286: Egress Address P2Mp Responder Identifier Sub-Tlvs

    Point-to-Multipoint LSPs Connectivity Verification at Egress Nodes Overview on page 246 Verifying and Troubleshooting MPLS Connectivity on page 370 LDP Discovery Mechanisms LDP uses two different mechanisms for peer discovery. Peer discovery removes the need to explicitly configure the label-switching peers for an LSR. Copyright © 2010, Juniper Networks, Inc.

  • Page 287: Ldp Basic Discovery Mechanism

    If the targeted LSR responds to the sender, it does so by periodically sending targeted hellos to the initiating LSR. The exchange of targeted hellos constitutes a hello adjacency for the two LSRs. Copyright © 2010, Juniper Networks, Inc.

  • Page 288: Mpls Traffic Engineering Overview

    Reoptimization You can use the traffic-engineering reoptimization capability to ensure that the best path is being used. Suppose the current path goes down and MPLS switches to an alternate Copyright © 2010, Juniper Networks, Inc.

  • Page 289: Methods For Configuring Rsvp-Te Tunnels

    As new LSPs are created, the available bandwidth decreases. The IGPs can subsequently advertise this information and use it for SPF calculations to determine paths that satisfy the traffic requirements. You can configure readvertisement to occur periodically or when the change crosses some threshold. Copyright © 2010, Juniper Networks, Inc.

  • Page 290: Starting Admission Control

    Administrative weight—Weight assigned to the interface that supersedes any assigned by the IGP Attribute flags—32-bit value that assigns the interface to a resource class and enables a tunnel to discriminate among interfaces by matching against tunnel affinity bits Copyright © 2010, Juniper Networks, Inc.

  • Page 291: Lsp Preemption

    LDP LSP over an RSVP-TE LSP, as shown in Figure 58 on page 256. With LDP over RSVP-TE, LDP establishes targeted sessions among the LDP routers at the edge of the RSVP core. From the perspective of the LDP LSP, the RSVP-TE core is a single hop. Copyright © 2010, Juniper Networks, Inc.

  • Page 292: Ldp Graceful Restart Overview

    LDP graceful restart supports only the downstream-unsolicited mode of label distribution. Successful operation of LDP graceful restart requires that stateful SRP switchover (high availability) be configured on the router. Although you can configure LDP graceful restart Copyright © 2010, Juniper Networks, Inc.

  • Page 293: Table 54: Summary Of Ldp Graceful Restart States

    (indicating that both graceful restart and helper mode are disabled), it deletes the label mapping information. Also when the LSR restarts, the neighbor sets its neighbor liveness timer to the lesser of the two values, the reconnect timeout value and its own configurable neighbor liveness Copyright © 2010, Juniper Networks, Inc.

  • Page 294: Ldp-Igp Synchronization Overview

    BGP. Another example is an MPLS VPN where each given PE router depends on the availability of a complete MPLS forwarding path to the other PE routers for each VPN that it serves. This means that along the shortest path between the PE routers, each link Copyright © 2010, Juniper Networks, Inc.
  • Page 295 Only after that takes place does LDP notify the IGP to bring down the cost on the interface. LDP-IGP synchronization is supported only for directly connected peers and links with the platform label space. Copyright © 2010, Juniper Networks, Inc.

  • Page 296: Synchronization Behavior During Graceful Restart

    You can configure the hello interval to establish how frequently the node sends hello messages. Hello messages are exchanged when an LSP is set up and are stopped when the last LSP between the two peers goes away. Copyright © 2010, Juniper Networks, Inc.

  • Page 297: Hello Message Objects

    Peer A sends a hello request to Peer B. The request object contains the following: Source instance = 5 (generated by Peer A for this adjacency) Destination instance = 0 (because it has never exchanged messages with Peer B) Copyright © 2010, Juniper Networks, Inc.

  • Page 298: Determination That A Peer Has Reset

    If the requesting peer advertises a wrong value in the destination instance field of the request message, then the acknowledging peer treats the requesting peer as if communication has been lost. Copyright © 2010, Juniper Networks, Inc.

  • Page 299: Behavior Of Both Peers

    Restarting Behavior When the control plane fails, the LSR stops sending hello messages to its RSVP-TE neighbors. However, as a restarting router the LSR can continue to forward MPLS traffic Copyright © 2010, Juniper Networks, Inc.

  • Page 300: Recovery Behavior

    Otherwise, the restarting router examines the path message for the recovery_label object. If the recovery_label object is not found, the restarting router treats the path message as a setup request for a new LSP and handles the path message as usual. Copyright © 2010, Juniper Networks, Inc.

  • Page 301: Preservation Of An Established Lsp Label

    IPv4 addresses and in the IPv6 TE Router_ID for IPv6 addresses. In OSPF, the node ID is the TE router ID as defined in the router address TLV for IPv4 addresses and in the Copyright © 2010, Juniper Networks, Inc.

  • Page 302: Bfd Protocol And Rsvp-Te Overview

    Adjacency failure detection by means of hello messages takes place on the order of seconds, whereas BFD fast failure detection can take place on the order of hundreds of milliseconds. Copyright © 2010, Juniper Networks, Inc.

  • Page 303: Tunneling Model For Differentiated Services Overview

    In fact, on ingress line modules the traffic class/color combination is always determined from the outermost label, so fabric queuing is also based on the outermost label. However, on the egress line module you can achieve the queuing behavior expected with the short Copyright © 2010, Juniper Networks, Inc.

  • Page 304: Uniform Model

    Outgoing traffic is queued according to traffic class/color combinations. The applied combination can be the same as was set on the ingress line module, or it can be reset on the egress line module by egress IP policy. Copyright © 2010, Juniper Networks, Inc.

  • Page 305: Setting The Exp Bits For Outgoing Traffic

    VPN you might want the inner label’s EXP bits value to be the copied IP precedence value. You might want the base label’s EXP bits value set according to the mapping of EXP bits to traffic class/color combination that is defined in your network. Copyright © 2010, Juniper Networks, Inc.

  • Page 306: Figure 59: Flow For Initial Setting Of Exp Bits For The First Label Pushed

    Figure 59: Flow for Initial Setting of EXP Bits for the First Label Pushed Figure 59 on page 270 shows how packet type and configuration determine how the EXP bits are set for the first label pushed. Copyright © 2010, Juniper Networks, Inc.

  • Page 307: Point-To-Multipoint Lsps Overview

    (between ASs). Although you can use point-to-point LSPs to provide point-to-multipoint services, this type of configuration can cause data replication at the ingress LSR or duplicate traffic Copyright © 2010, Juniper Networks, Inc.

  • Page 308: Using E Series Routers As Egress Lsrs

    Figure 61 on page 273 shows a point-to-multipoint LSP with multiple egress LSRs. The multicast source sends a packet to the ingress router, LSR 1, which in turn sends the packet on the point-to-multipoint LSP to the branch router, LSR 2. The branch router, Copyright © 2010, Juniper Networks, Inc.

  • Page 309: Figure 61: Simple Mpls Domain

    Use the show mpls rsvp tunnels p2mp role tail command to view the status and configuration information for point-to-multipoint egress tunnels. Related Topics Monitoring Status and Configuration for MPLS Tunnels on page 368 Configuring Point-to-Multipoint LSPs on page 317 show mpls tunnels Copyright © 2010, Juniper Networks, Inc.
  • Page 310 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 311: Configuring Mpls

    Configuring MPLS and Differentiated Services on page 303 Configuring the Tunneling Model for Differentiated Services on page 304 Configuring EXP Bits for Differentiated Services on page 304 Example Differentiated Services Application and Configuration on page 305 Copyright © 2010, Juniper Networks, Inc.

  • Page 312: Basic Mpls Configuration Tasks

    Table 55 on page 276. Table 55: Configuration Tasks by Type of Network Traffic Engineering Topology-Driven Network Task Set Network (Best-Effort, Hop-by-Hop, LDP) Global Interface Profile Optional Optional Interface Tunnel Tunnel Profile Copyright © 2010, Juniper Networks, Inc.

  • Page 313: Mpls Global Configuration Tasks

    EXP bits when the router acts as an LER. host1(config)#mpls copy-upc-to-exp (Optional) Specify whether the EXP bits for VPN MPLS labels can be modified by EXP bit mapping or by policy for differentiated services. host1(config)#mpls preserve-vpn-exp Copyright © 2010, Juniper Networks, Inc.

  • Page 314: Ldp Global Tasks

    (Optional) Configure the interval at which LDP sends session keepalive messages. host1(config)#mpls ldp session keepalive-time 180 (Optional) Specify an IP address to be advertised to peers as the transport address in discovery hello messages. Copyright © 2010, Juniper Networks, Inc.

  • Page 315: Rsvp-Te Global Tasks

    (Optional) Configure a global RSVP-TE profile that specifies the timeout period in milliseconds between generation of RSVP refresh messages, the number of refresh messages that can be lost before the PATH or RESV state is ended, or both. host1(config)#mpls rsvp interface profile rsvp4 Copyright © 2010, Juniper Networks, Inc.

  • Page 316: Ldp And Rsvp-Te Interface Profile Configuration Tasks

    (Optional) Configure the egress router to advertise the explicit null label. host1(config)#mpls rsvp egress-label explicit-null LDP and RSVP-TE Interface Profile Configuration Tasks The interface profile configuration tasks are optional tasks you may need to perform to configure your network’s label distribution options. Copyright © 2010, Juniper Networks, Inc.

  • Page 317: Ldp Interface Profile Configuration Tasks And Commands

    NOTE: Loop detection is always enabled in the JunosE MPLS implementation. Your choice of label distribution protocol determines whether the LDP or RSVP-TE interface configuration tasks are appropriate for your network design. Copyright © 2010, Juniper Networks, Inc.

  • Page 318: Mpls Interface Tasks

    (Optional) Suppress transmission of link hello messages to all LSRs. host1(config-if)#mpls ldp link-hello disable RSVP-TE Interface Tasks To configure RSVP-TE on the interface: Start RSVP-TE on the interface. Using the default values (an implicit default profile): host1(config-if)#mpls rsvp Copyright © 2010, Juniper Networks, Inc.

  • Page 319: Mpls Tunnel Configuration Tasks

    (Optional) Specify a tunnel metric to be used by an IGP in its SPF calculation. host1(config-if)#tunnel mpls autoroute metric absolute 100 (Optional) Configure the path options used for the tunnel. host1(config-if)#tunnel mpls path-option 3 dynamic isis (Optional) Configure the bandwidth required for the tunnel. host1(config-if)#tunnel mpls bandwidth 1240 Copyright © 2010, Juniper Networks, Inc.
  • Page 320 Copyright © 2010, Juniper Networks, Inc.

  • Page 321: Mpls Tunnel Profile Configuration Tasks

    45 host1(config-tunnelprofile)#tunnel mpls retries 250 host1(config-tunnelprofile)#tunnel mpls retry-time 65 (Optional) Associate a text description with the tunnel. host1(config-tunnelprofile)#tunnel mpls description southshore Configure the tunnel endpoint. For static tunnels host1(config-tunnelprofile)#tunnel destination 10.1.2.5 10.1.2.6 Copyright © 2010, Juniper Networks, Inc.

  • Page 322: Configuring Explicit Routing For Mpls

    LSP takes is defined by the ingress node. The path consists of a series of hops defined by the ingress LSR. Each hop can be a traditional interface, an autonomous system, or an LSP. Copyright © 2010, Juniper Networks, Inc.

  • Page 323: Defining Configured Explicit Paths

    After you have defined a configured explicit path, you can configure the path on a tunnel. To configure explicit routing on a tunnel: Create an MPLS tunnel. host1(config)#interface tunnel mpls:1 Set the path option. host1(config-if)#tunnel mpls path-option 1 explicit name xyz Copyright © 2010, Juniper Networks, Inc.

  • Page 324: Configuring Dynamic Explicit Paths On A Tunnel

    FEC. Only a single label is advertised for this FEC. LDP maintains this aggregation as the advertisement traverses the network, if possible. Consider the topology shown in Figure 62 on page 289. Copyright © 2010, Juniper Networks, Inc.

  • Page 325: Configuring Ldp Graceful Restart

    LDP graceful restart if stateful SRP switchover is not configured on the router, the graceful restart capability will not function. To configure LDP graceful restart: Enable LDP graceful restart and graceful restart helper mode. Copyright © 2010, Juniper Networks, Inc.

  • Page 326: Configuring Ldp Autoconfiguration

    To configure LDP autoconfiguration to ensure that LDP is configured on all interfaces running the IGP: Specify whether LDP is created automatically on the current interface or all interfaces: Create LDP on all interfaces in the IGP router context Copyright © 2010, Juniper Networks, Inc.

  • Page 327: Configuring Ldp-Igp Synchronization

    Configuring LDP MD5 Authentication LDP MD5 authentication provides protection against spoofed TCP segments that can be introduced into the connection streams for LDP sessions. Authentication is configurable for both directly connected and targeted peers. Copyright © 2010, Juniper Networks, Inc.

  • Page 328: Controlling Ldp Label Distribution

    If the destination matches, labels are advertised to peers subject to any specified neighbor address list. If either access list is not matched, the labels are not advertised. Copyright © 2010, Juniper Networks, Inc.

  • Page 329: Additional Rsvp-Te Configuration Tasks

    See “Configuring RSVP-TE Graceful Restart” on page 298. Configure the exchange of RSVP-TE node hellos on all RSVP-TE interfaces. See “Configuring RSVP-TE Hellos Based on Node IDs” on page 299. Configure the BFD Protocol for RSVP-TE. Copyright © 2010, Juniper Networks, Inc.

  • Page 330: Configuring Rsvp Md5 Authentication

    RSVP processing. Unauthenticated messages are discarded. To configure RSVP-TE MD5 authentication: Assign a key to the interface for MD5 authentication between RSVP peers. host1(config-if)#mpls rsvp authentication key 34udR973j Enable MD5 authentication on the RSVP-TE interface. Copyright © 2010, Juniper Networks, Inc.

  • Page 331: Configuring Rsvp-Te Fast Rerouting With Rsvp-Te Bypass Tunnels

    The bypass tunnel naturally protects all LSPs that share the bypassed link (the LSP segment from the PLR to the downstream node) and that have requested protection. Consider the network shown in Figure 63 on page 295. Figure 63: Bypass Tunnel Copyright © 2010, Juniper Networks, Inc.

  • Page 332: Configuration Example

    1 explicit name bypass host1(config-if)#tunnel destination 172.20.1.1 host1(config-if)#exit On LSR 5, enable the explicit path, if configured. host1(config)#mpls explicit-path name bypass enable host1(config-expl-path)#next-address 10.10.9.2 host1(config-expl-path)#exit On LSR 5, assign the bypass tunnel to the interface being protected. Copyright © 2010, Juniper Networks, Inc.

  • Page 333: Fast Reroute Over Sonet/Sdh

    10 seconds) is more appropriate and typically does not cause performance degradation. To configure the RSVP-TE hello feature on all RSVP-TE interfaces in the VR: Issue the mpls rsvp signalling hello command. Copyright © 2010, Juniper Networks, Inc.

  • Page 334: Configuring Rsvp-Te Graceful Restart

    (Optional) Configure the recovery time—the time within which you want neighboring routers to resynchronize RSVP-TE state and MPLS forwarding state after a graceful restart. host1(configf)#mpls rsvp signalling hello graceful-restart recovery-time 140000 Copyright © 2010, Juniper Networks, Inc.

  • Page 335: Configuring Rsvp-Te Hellos Based On Node Ids

    5 NOTE: Issuing the refresh interval or the refresh misses keywords only configures the refresh values; this action has no effect on enabling or disabling RSVP-TE node hellos. Copyright © 2010, Juniper Networks, Inc.

  • Page 336: Configuring The Bfd Protocol For Rsvp-Te

    BFD session is declared to be down. The calculated BFD liveness detection interval can be different on each peer. host1(config-if)#mpls rsvp bfd-liveness-detection multiplier 15 Copyright © 2010, Juniper Networks, Inc.

  • Page 337: Configuring Igps And Mpls

    The tunnel metric can be absolute or relative. An absolute metric indicates there is no relationship to the underlying IGP cost. A relative metric is added to or subtracted from the underlying IGP shortest path cost. Copyright © 2010, Juniper Networks, Inc.

  • Page 338: Configuring The Igps For Traffic Engineering

    ID for the endpoint. Typically you select a loopback interface because of its inherent stability. Use the mpls traffic-eng router-id command to designate the router as traffic engineering capable and to specify the router ID. For all tunnels that Copyright © 2010, Juniper Networks, Inc.

  • Page 339: Configuring Mpls And Differentiated Services

    TIP: Before you read this section, we recommend you be thoroughly familiar with the concepts of the JunosE QoS application. MPLS employs several strategies to manage different kinds of data streams based on service plans and priority: Copyright © 2010, Juniper Networks, Inc.

  • Page 340: Configuring The Tunneling Model For Differentiated Services

    Example Differentiated Services Application and Configuration on page 305 Configuring EXP Bits for Differentiated Services To set the initial value of the EXP bits to the UPC value associated with the packets: Issue the mpls copy-upc-to-exp command. host1(config)#mpls copy-upc-to-exp Copyright © 2010, Juniper Networks, Inc.

  • Page 341: Example Differentiated Services Application And Configuration

    EXP bits as received on the core side in inter-AS case, or the IP precedence value in all other cases. It is acceptable that fabric queuing is based on the incoming base label's EXP. Copyright © 2010, Juniper Networks, Inc.

  • Page 342: Differentiated Services Configuration Example

    The same qos-service policy that is attached to the input in Step 1 can be used on the output, even though the UPC setting is not needed. host1(config)#Interface atm 3/0.1 host1(config-subif)#Ip policy output qos-service Copyright © 2010, Juniper Networks, Inc.

  • Page 343: Classifying Traffic For Differentiated Services

    At each node, traffic belonging to a particular BA is mapped to the corresponding per-hop behavior (PHB), which provides the scheduling behavior and drop probability required by the traffic. Copyright © 2010, Juniper Networks, Inc.

  • Page 344: Table 56: Incoming L-Lsp Phb Determination

    Table 57 on page 308 presents three examples that indicate how the PSC and the EXP field are combined to determine the PHB for traffic on incoming L-LSPs. Table 57: Examples of Incoming L-LSP PHB Determination EXP Field AF22 AF32 Copyright © 2010, Juniper Networks, Inc.

  • Page 345: Configuring Static Exp-To-Phb Mapping

    The PHB of incoming packets is determined from the EXP bits by the match values set with the mpls match exp-bits command. The EXP bits of outgoing packets are determined from the PHB by the mtach values set with the mpls match traffic-class command. To configure static EXP-to-PHB mapping: Copyright © 2010, Juniper Networks, Inc.

  • Page 346: Signaled Mapping For Rsvp-Te Tunnels

    Mapping association between PHB ID and EXP bits is configured on ingress routers using the tunnel mpls diff-serv phb-id command. Mapping association between PHB ID and traffic class/color combination is configured on all routers using the mpls diff-serv phb-id traffic-class command. Copyright © 2010, Juniper Networks, Inc.

  • Page 347: Figure 65: Associations Between Phb Id, Exp Bits, And Traffic

    To define a policy rule that sets the EXP bits in packets to which the policy is applied: Issue the mark-exp command. host1(config-policy-list)#mark-exp 5 classifier-group claclEXP precedence 32 To create or modify an MPLS classifier control list to match on traffic class/color combination or EXP bits: Issue the mpls classifier-listcommand. Copyright © 2010, Juniper Networks, Inc.

  • Page 348: Preference Of Per-Vr Versus Per-Lsp Behavior

    EXP bits) is attached to the ingress segment of the LSP. Similarly, per-VR setting of EXP bits is not performed on the LSP when an output policy (setting the outgoing EXP bits) is attached to the egress segment of the LSP. Copyright © 2010, Juniper Networks, Inc.

  • Page 349: Example Traffic Class Configuration For Differentiated Services

    The expedited forwarding traffic (the ef class) requires strict-priority queuing. host1(config)#traffic-class af1 host1(config-traffic-class)#fabric-weight 16 host1(config)#traffic-class af2 host1(config-traffic-class)#fabric-weight 32 host1(config)#traffic-class ef host1(config-traffic-class)#fabric-strict-priority Define two scheduler profiles for the af1 and af2 classes on the egress line modules: host1(config)#scheduler-profile af1-scheduler-profile Copyright © 2010, Juniper Networks, Inc.

  • Page 350: Configuration On The Ingress Router

    18 exp-bits 4 host1(config-if)#tunnel mpls diff-serv phb-id standard 20 exp-bits 5 host1(config-if)#tunnel mpls diff-serv phb-id standard 22 exp-bits 6 PHB-ID–to–EXP mapping for the ef traffic class: host1(config-if)#tunnel mpls diff-serv phb-id standard 46 exp-bits 7 Copyright © 2010, Juniper Networks, Inc.

  • Page 351: Configuration On The Ingress And Transit Routers

    Copyright © 2010, Juniper Networks, Inc.

  • Page 352: Configuration On The Transit And Egress Routers

    Copyright © 2010, Juniper Networks, Inc.

  • Page 353: Configuring Point-To-Multipoint Lsps

    LSP. By default, the branch LSPs are dynamically signaled by means of CSPF and require no configuration. You can alternatively configure the branch LSPs as a static path. Copyright © 2010, Juniper Networks, Inc.
  • Page 354 Disable the multicast reverse path forwarding (RPF) check policy for all the streams that will be delivered on the point-to-multipoint LSP by using the ip multicast-routing disable-rpf-check command. For more information, see Enabling and Disabling RPF Checks in the JunosE Multicast Routing Configuration Guide. Copyright © 2010, Juniper Networks, Inc.
  • Page 355 Chapter 4: Configuring MPLS Related Topics Point-to-Multipoint LSPs Overview on page 271 show mpls tunnels Copyright © 2010, Juniper Networks, Inc.
  • Page 356 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 357: Monitoring Mpls

    Monitoring LDP Interfaces on page 334 Monitoring LDP Neighbors on page 337 Monitoring LDP Profiles on page 339 Monitoring LDP Statistics on page 340 Monitoring LDP Targeted Hello Receive and Send Lists on page 342 Copyright © 2010, Juniper Networks, Inc.

  • Page 358: Setting The Baseline For Mpls Statistics

    Enabling Statistics Collection for Policies Attached to MPLS Tunnels on page 324 Setting a Baseline for MPLS Major Interface Statistics To set a statistics baseline for MPLS major interfaces: Issue the baseline mpls interface command for a specific MPLS major interface. Copyright © 2010, Juniper Networks, Inc.

  • Page 359: Enabling And Setting A Baseline For Mpls Forwarding Table Statistics

    Issue the mpls statistics next-hop command to enable the statistics for a specific MPLS next hop. host1#mpls statistics next-hop 1046 Issue the baseline mpls next-hop command for a specific MPLS next hop. host1#baseline mpls next-hop 1046 Copyright © 2010, Juniper Networks, Inc.

  • Page 360: Setting A Baseline For Mpls Tunnel Statistics

    Clearing and Re-Creating Dynamic Interfaces from MPLS Major Interfaces To remove and re-create dynamic IPv4 interfaces and dynamic IPv6 interfaces from all MPLS major interfaces or a specific MPLS major interface: Issue the clear mpls dynamic-interfaces on-major-interfaces command: host1#clear mpls dynamic-interfaces on-major-interfaces Copyright © 2010, Juniper Networks, Inc.

  • Page 361: Clearing And Refreshing Ipv4 Dynamic Routes In The Tunnel Routing Table

    ICMP extensions enable LSRs to append MPLS header information (the label stack) to ICMP destination unreachable and time exceeded messages. This sample output shows the label and EXP bits used to switch the ICMP packets. Copyright © 2010, Juniper Networks, Inc.

  • Page 362: Monitoring Atm Vcs And Vpi/Vci Ranges Used For Mpls

    Table 60 on page 326 lists the show atm vc command output fields. Table 60: show atm vc Output Fields Field Name Field Description Interface Interface type and number Virtual path identifier Virtual channel identifier Virtual circuit descriptor Type Type of circuit: PVC Copyright © 2010, Juniper Networks, Inc.

  • Page 363: Monitoring Global Call Admission Control Configuration

    10 kbps MPLS TE flooding threshold: 15 30 45 60 75 80 85 90 95 96 97 98 99 100 down 100 99 98 97 96 95 90 85 80 75 60 45 30 15 Copyright © 2010, Juniper Networks, Inc.

  • Page 364: Monitoring Virtual Router Configuration

    Related Topics show cac interface Monitoring Virtual Router Configuration Purpose Display the configuration of all virtual routers or a specific virtual router. Action To display VR configuration: host1#show configuration virtual-router euro7 Related Topics show configuration Copyright © 2010, Juniper Networks, Inc.

  • Page 365: Monitoring Ip And Ipv6 Tunnel Routing Tables

    L- MPLS label, V- VRF, *- via indirect next-hop ::21.21.21.0/126 Type: BgpTunnel Distance: 200 Metric: 0 Class: 0 MPLS next-hop: 18, label 20, VPN traffic, resolved by MPLS next-hop 13 MPLS next-hop: 13, resolved by MPLS next-hop 34, peer ::ffff:2.2.2.2 Copyright © 2010, Juniper Networks, Inc.

  • Page 366: Monitoring Ldp

    Label distribution control mode: ordered control LDP session retry 0 times at interval 10 LDP session hold time: 180 LDP session keepalive interval: 20 LDP targeted-hello hold time: 45 LDP targeted-hello interval: 15 Topology Driven LSP enabled Copyright © 2010, Juniper Networks, Inc.

  • Page 367: Table 63: Show Ldp Output Fields

    LDP proto stats LDP protocol statistics totalPeersDiscovered Number of LDP peers discovered totalAdjacenciesEstablished Number of LDP adjacencies established totalSessionsEstablished Number of LDP sessions established Copyright © 2010, Juniper Networks, Inc.

  • Page 368: Monitoring Mpls Label Bindings

    20005 neighbor 10.5.5.2 NOTE: The ldp keyword and the mpls keyword display the same information. Meaning Table 64 on page 333 lists the show ldp binding command and show mpls binding command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 369: Monitoring Ldp Graceful Restart

    State of graceful restart, enabled or disabled Helper Mode State of graceful restart helper mode, enabled or disabled Reconnect Time Locally configured value for reconnect time, in seconds Recovery Time Locally configured value for recovery time, in seconds Copyright © 2010, Juniper Networks, Inc.

  • Page 370: Monitoring Interfaces That Are Synchronizing With Ldp

    IP address of LDP peer IGP enabled IGP protocol Related Topics show ldp igp-sync Monitoring LDP Interfaces Purpose Display information about all LDP interfaces or the specified LDP interface. Action To display information about all LDP interfaces: Copyright © 2010, Juniper Networks, Inc.

  • Page 371: Table 67: Show Ldp Interface Output Fields

    Negotiated interval between link-hello packets, in seconds Hold time Lowest configured hold time among all neighbors on the same subnet, used as the effective hold time, in seconds Number of adjacencies Number of LDP adjacencies for the interface Copyright © 2010, Juniper Networks, Inc.
  • Page 372 Number of unknown message type errors received hello recv Number of hello messages received hello sent Number of hello messages sent bad hello recv Number of hello messages received bad adj setup time Time in hh:mm:ss since adjacency set up Copyright © 2010, Juniper Networks, Inc.

  • Page 373: Monitoring Ldp Neighbors

    LDP neighbor 10.0.2.2 Graceful Restart is enabled Helper Mode is enabled Reconnect Time: 220000 msec Recovery Time: 0 msec State: operational To display information about LDP statistics for the session with each LDP neighbor: Copyright © 2010, Juniper Networks, Inc.

  • Page 374: Table 68: Show Ldp Neighbor Output Fields

    Graceful Restart State of graceful restart, enabled or disabled Helper Mode State of graceful restart helper mode, enabled or disabled Reconnect Time Value for reconnect time received from peer in FT TLV, in milliseconds Copyright © 2010, Juniper Networks, Inc.

  • Page 375: Monitoring Ldp Profiles

    Display a specific LDP profile, or all LDP profiles. Action To display the default LDP profile: host1:pe2#show ldp profile default ldp profile default: used by 2 interfaces session retry: 10 times at interval 10 Copyright © 2010, Juniper Networks, Inc.

  • Page 376: Monitoring Ldp Statistics

    All TCP 9654 9654 Event type Total --------------------- ----- Sessions opened Sessions closed Topology changes No router id No address No interface No session No adjacency Unknown version Malformed PDU Malformed message Unknown message type Copyright © 2010, Juniper Networks, Inc.

  • Page 377: Table 70: Show Ldp Statistics Output Fields

    Number of TCP messages received and sent Sessions opened Number of session opened events Sessions closed Number of session closed events Topology changes Number of topology change events No router id Number of no router ID events Copyright © 2010, Juniper Networks, Inc.

  • Page 378: Monitoring Ldp Targeted Hello Receive And Send Lists

    3, resolved Targeted session sent to 10.9.1.6 is up Used By: S indirect nexthop index 206, resolved Meaning Table 71 on page 343 lists the show ldp targeted session command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 379: Monitoring Mpls Status And Configuration

    Re-optimization timer is 3600 Tunnel retry forever at interval 5 if route is available Tunnel retry forever at interval 5 if no route is available Refresh reduction is OFF Message bundling is OFF Egress label is non-null Copyright © 2010, Juniper Networks, Inc.

  • Page 380: Table 72: Show Mpls Output Fields

    LDP peer without receipt of any LDP message from that peer LDP session keepalive Interval at which LDP sends session keepalive messages, in seconds interval LDP targeted hello hold LDP targeted-hello hold time, in seconds time Copyright © 2010, Juniper Networks, Inc.

  • Page 381: Monitoring Mpls Explicit Paths

    Graceful restart recovery time, in milliseconds Related Topics show mpls Monitoring MPLS Explicit Paths Purpose Display MPLS explicit paths. Action To display information about all MPLS explicit paths: host1:pe2#show mpls explicit-paths path name/identifier rx1-path enabled Copyright © 2010, Juniper Networks, Inc.

  • Page 382: Monitoring The Rsvp-Te Bypass Tunnels

    Table 74 on page 346 lists the show mpls fast-reroute command output fields. Table 74: show mpls fast-reroute Output Fields Field Name Field Description Role Role of the router in the LSP: core, head, or tail Name Name of the primary LSP Copyright © 2010, Juniper Networks, Inc.

  • Page 383: Monitoring Mpls Labels Used For Forwarding

    Table 75: show mpls forwarding Output Fields Field Name Field Description In label Label sent to upstream neighbor for route Out label Label received from downstream neighbor for route Label space Label space in which the label is assigned Copyright © 2010, Juniper Networks, Inc.

  • Page 384: Monitoring Mpls Interfaces

    0 errors 0 discards LDP information: 10.1.1.2/24 enabled with profile 'default' 0 hello recv, 1 hello sent, 0 hello rej 0 adj setup, 0 adj deleted, RSVP Enabled with profile default Authentication is disabled Copyright © 2010, Juniper Networks, Inc.
  • Page 385 0 unknown msg type err last info err code = 0x00000000, 0 loop detected Sent: 0 notf, 29 msg, 12 mapping, 0 request 0 abort, 0 release, 0 withdraw, 1 addr 0 addr withdraw, 29 msgId Adjacency statistics: Copyright © 2010, Juniper Networks, Inc.
  • Page 386 Peer IPv4 interface is ATM2/0.10 (UID 0x000000be) No peer IPv6 interface Upper IPv4 interface is ip19000001.mpls.ip (UID 0x000000bf, FEC index 0x0000003f) No upper IPv4 VPN interface No upper IPv6 interface No upper IPv6 VPN interface Condensed location is 0x00020000 Copyright © 2010, Juniper Networks, Inc.
  • Page 387 Admin Oper Interface state state --------- ------- ----- ATM2/0.10 enabled MPLS shim interfaces Remote-PE Virtual Load Circuit Balancing Admin Oper Interface LSP-name Group state state --------- --------- ------- --------- ----- ----- MPLS minor interfaces Copyright © 2010, Juniper Networks, Inc.

  • Page 388: Table 76: Show Mpls Interface Output Fields

    IP address of IP interfaces and session status interface Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. label alloc Number of labels allocated and advertised to this peer label learned...
  • Page 389 Number of adjacencies currently established session Number of sessions currently established accum adjacency Cumulative total number of adjacencies established since interface is up accum session Cumulative total number of sessions established since interface is Copyright © 2010, Juniper Networks, Inc.

  • Page 390: Monitoring Mpls Minor Interfaces

    MPLS minor interface UID is 0x1a000001 Lower MPLS major interface UID is 0x19000001 Sent: 0 packets 0 bytes queue 0: traffic class best-effort, bound to atm-vc ATM2/0.10 Queue length 0 bytes Forwarded packets 0, bytes 0 Copyright © 2010, Juniper Networks, Inc.

  • Page 391: Monitoring Mpls Next Hops

    MPLS next-hop: index 10, resolved by MPLS nextHop index 14, peer address 10.1.1.1 MPLS next-hop: index 14, ECMP next-hop, leg count 2 MPLS next-hop: index 12, label 32 on FastEthernet1/1.120, neighbor 10.120.120.1 MPLS next-hop: index 13, label 32 on ATM2/1.20, neighbor 10.20.20.1 Sent: 0 packets Copyright © 2010, Juniper Networks, Inc.

  • Page 392: Monitoring The Configured Mapping Between Phb Ids And Traffic Class/Color Combinations

    Meaning Table 79 on page 357 lists the show mpls phb-id command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 393: Monitoring Rsvp-Te Profiles And Mpls Tunnel Profiles

    Field Description profile Number of interfaces that use the profile refresh-period Timeout period in seconds between generation of refresh messages timeout factor Number of refresh messages that can be lost before the session is ended Copyright © 2010, Juniper Networks, Inc.

  • Page 394: Monitoring Rsvp Path State Control Blocks, Reservation State Control Blocks

    NextHop 122.1.1.1/255.255.255.255 (strict) LabelRange (generic) min 0 max 1048575 SenderTSpec CType IntServ Controlled Load Token Bucket Rate 0 Token Bucket Size 0 Peak Data Rate 0 Min Policed Unit 0 Max Packet Size 0 Copyright © 2010, Juniper Networks, Inc.

  • Page 395: Table 81: Show Mpls Rsvp Output Fields

    Period of time in milliseconds before PSB/RSB times out if no refresh arrives. InLabel Incoming label information Associated tunnel Tunnel identifier for minor interface for which the RSVP information is displayed PHopIntf Penultimate hop interface IncomingIntf Incoming interface OutgoingIntf Outgoing interface PHopAddr Penultimate hop address Copyright © 2010, Juniper Networks, Inc.
  • Page 396 Indicates presence of the traffic trunk classifier object Policy Object Indicates presence of the policy object Unknown Objects Indicates presence objects not defined by the RSVP specification PSB Flag InUse PSB in use Copyright © 2010, Juniper Networks, Inc.
  • Page 397 QosCorrectionNeeded PSB Flag IsPathTrigger Has path refresh been triggered RSB Flag InUse RSB in use RSB Flag Deleted RSB deleted RSB Flag RcvdAck Acknowledgment received RSB Flag StyleConverted Reservation style converted to shared explicit Copyright © 2010, Juniper Networks, Inc.

  • Page 398: Monitoring Rsvp Md5 Authentication

    Related Topics show mpls rsvp authentication Monitoring RSVP-TE Interfaces Where BFD is Enabled Purpose Display information about RSVP-TE major interfaces on which BFD is enabled. Copyright © 2010, Juniper Networks, Inc.

  • Page 399: Monitoring Rsvp-Te Interface Counters

    Interface ATM6/0.1 Path Sent Path Rcvd Path Error Sent Path Error Rcvd Path Tear Sent Path Tear Rcvd Resv Sent Resv Rcvd Resv Error Sent Resv Error Rcvd Resv Tear Sent Resv Tear Rcvd Copyright © 2010, Juniper Networks, Inc.

  • Page 400: Table 84: Show Mpls Rsvp Counters Output Fields

    Number of resvconf messages received on the interface Srefresh Conf Sent Number of srefresh messages sent on the interface Srefresh Conf Rcvd Number of srefresh messages received on the interface Ack Conf Sent Number of resvconf messages sent on the interface Copyright © 2010, Juniper Networks, Inc.

  • Page 401: Monitoring Rsvp-Te Graceful Restart

    Related Topics show mpls rsvp counters Monitoring RSVP-TE Graceful Restart Purpose Display information about the state of RSVP-TE graceful restart. Copyright © 2010, Juniper Networks, Inc.

  • Page 402: Monitoring Rsvp-Te Hello Adjacency Instances

    Peer Address Interface Interval Miss Limit State -------- --------- -------- ---------- ------ 10.1.1.2 <any> 10000 10.3.1.2 <any> 10000 11.2.3.1 Atm3/1.3 10000 To display detailed information about RSVP-TE hello adjacency instances: Copyright © 2010, Juniper Networks, Inc.

  • Page 403: Table 86: Show Mpls Rsvp Hello Instance Output Fields

    Down if new control traffic needs to be sent to the peer or if the peer starts sending control traffic. Down No hellos have been received from the peer. The router is actively sending hellos to the peer. Copyright © 2010, Juniper Networks, Inc.

  • Page 404: Monitoring Status And Configuration For Mpls Tunnels

    Monitoring Status and Configuration for MPLS Tunnels Purpose Display status and configuration for all tunnels or for a specific tunnel in the current router context. Action To display the status and configuration for all tunnels: Copyright © 2010, Juniper Networks, Inc.

  • Page 405: Table 87: Show Mpls Tunnels Output Fields

    Table 87 on page 369 lists the show mpls tunnels command output fields. Table 87: show mpls tunnels Output Fields Field Name Field Description Label Label prepended to packets before being sent across tunnel Copyright © 2010, Juniper Networks, Inc.

  • Page 406: Verifying And Troubleshooting Mpls Connectivity

    . In an MPLS-enabled network, you can use the mpls ping and trace mpls commands to detect plane failures in different types of MPLS applications and network topologies. Copyright © 2010, Juniper Networks, Inc.

  • Page 407: Sending An Mpls Echo Request Packet To An Ip Or Ipv6 Address

    Issue the trace mpls l2transport command. host1:pe1#trace mpls l2transport FastEthernet1/0.1 detail Sending an MPLS Echo Request Packet to an L3VPN IP or IPv6 Prefix To send an MPLS echo request packet to the specified L3VPN IP or IPv6 prefix: Copyright © 2010, Juniper Networks, Inc.

  • Page 408: Tracing The Path Of An Mpls Echo Request Packet To An L3Vpn Ip Or Ipv6 Prefix

    Figure 67 on page 373 shows a sample IPv4/IPv6 L3VPN topology with LDP or RSVP-TE base tunnels. Two base tunnels (one in each direction) are present between 10.1.1.1 and 10.2.2.2. The packet flow examples that follow refer to this sample topology. Copyright © 2010, Juniper Networks, Inc.

  • Page 409: Packet Flow Examples For Mpls Lsps To An Ip Prefix

    The following example illustrates the packet flow that results when you issue the ping mpls ip command from router PE 1 (10.1.1.1) to router PE 2 (10.2.2.2) over an LDP base tunnel. host1:pe1#ping mpls ip 10.2.2.2/32 Copyright © 2010, Juniper Networks, Inc.
  • Page 410 10.2.2.2/32 detail Sending 5 UDP echo requests for LDP IPv4 prefix, timeout = 2 sec MplsNextHopIndex 32 handle 8073311 '!' - success, 'Q' - request not transmitted, '.' - timeout, 'U' - unreachable, Copyright © 2010, Juniper Networks, Inc.

  • Page 411: Packet Flow Example For The Trace Mpls Command

    The Interface and Label Stack TLV is included in the echo reply packet. The MPLS echo reply packet is sent back as a labeled UDP packet with the following attributes: Source address 10.3.3.3 Destination address 10.1.1.1 UDP port 3503 Copyright © 2010, Juniper Networks, Inc.

  • Page 412: Packet Flows For Ping And Trace To L3Vpn Ipv4 Prefixes

    PE 1 to the IPv4 prefix 10.99.99.21/32. For validation at the remote end, the source address of the echo request packet must be the same as the update-source address of BGP peer. host1:pe1#ping mpls l3vpn vrf pe11 10.99.99.21/32 Copyright © 2010, Juniper Networks, Inc.
  • Page 413 Figure 67 on page 373. host1:pe1:pe11#ip8:pe1#trace mpls l3vpn 10.99.99.21/32 detail Tracing VPN IPv4 prefix, timeout = 2 sec, Max TTL 32 MplsNextHopIndex 73 handle 8073322 Copyright © 2010, Juniper Networks, Inc.

  • Page 414: Inter-As Topology

    LSP and an echo reply can be sent back to the source. However, in an inter-AS topology, this behavior might result in premature termination of the ping or trace. You can use the bottom-label-ttl keyword to avoid this problem. Copyright © 2010, Juniper Networks, Inc.

  • Page 415: Packet Flows To L3Vpn Ipv6 Prefixes

    Circuit on page 380 Troubleshooting MTU Problems in a Point-to-Point MPLS LSP Associated with an RSVP-TE Tunnel on page 380 Troubleshooting MTU Problems in a Point-to-Point MPLS LSP Associated with a VPLS Instance on page 380 Copyright © 2010, Juniper Networks, Inc.

  • Page 416: Troubleshooting Mtu Problems In A Point-To-Point Mpls Lsp Associated With An Ip Or Ipv6 Address

    MPLS packets to be discarded owing to the size of the packet exceeding the MTU size: Issue the trace mpls vpls command with the data-size keyword. host1:pe1#trace mpls vpls vplsA sender-site-id 1 remote-site-id 2 data-size 60 Related Topics ping mpls ip Copyright © 2010, Juniper Networks, Inc.
  • Page 417 Chapter 5: Monitoring MPLS ping mpls l2transport ping mpls l3vpn ping mpls rsvp tunnel ping mpls vpls trace mpls ip trace mpls l2transport trace mpls l3vpn trace mpls rsvp tunnel trace mpls vpls Copyright © 2010, Juniper Networks, Inc.
  • Page 418 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 419: Configuring Bgp-Mpls Applications

    BGP Routing” on page 3 and “Configuring MPLS” on page 275. The BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP multicast and BGP/MPLS virtual private networks (VPNs). BGP/MPLS VPNs are Copyright © 2010, Juniper Networks, Inc.

  • Page 420: Address Families

    Route-target—If you specify the route-target address family, you can configure the router to exchange route-target membership information to limit the number of routes redistributed among members. For a description of route-target filtering, see “Constraining Route Distribution with Route-Target Filtering” on page 413. Copyright © 2010, Juniper Networks, Inc.

  • Page 421: Equal-Cost Multipath Support

    In a network that connects IPv6 islands across an IPv4 core, where a given IPv6 prefix is learned from multiple egress PEs running IPv6. Consider the simple ECMP scenario for a BGP/MPLS VPN shown in Figure 68 on page 386. Copyright © 2010, Juniper Networks, Inc.

  • Page 422: Bgp/Mpls Vpn Components

    Provider edge routers (PE routers) Provider core routers (P routers) PE routers are situated at the edge of the service provider core and connect directly to customer sites. These routers must run BGP-4, including the BGP/MPLS VPN extensions. Copyright © 2010, Juniper Networks, Inc.

  • Page 423: Figure 69: Bgp/Mpls Vpn Scenario

    A customer site is a network that can communicate with other networks in the same VPN. A customer site can belong to more than one VPN. Two sites can exchange IP packets with each other only if they have at least one VPN in common. Copyright © 2010, Juniper Networks, Inc.

  • Page 424: Figure 70: Bgp/Mpls Vpn Components

    The VRFs are populated by BGP while it learns routes from the VPN. If a customer site is a member of multiple VPNs, the routes learned from all those VPNs populate the VRF associated with the site. Copyright © 2010, Juniper Networks, Inc.

  • Page 425: Vpn-Ipv4 Addresses

    Configure the import list and the export list to include the same information: the set of VPNs comprising the sites associated with the VRF. For more complicated scenarios—for example, hub-and-spoke VPNs—the route-target import list and the route-target export list might not be identical. Copyright © 2010, Juniper Networks, Inc.

  • Page 426: Distribution Of Routes And Labels With Bgp

    Run an IGP (such as IS-IS, OSPF, or RIP) between the CE router and the PE router. Configure static routes on the CE and PE routers (on the CE router this would typically be a default route). Copyright © 2010, Juniper Networks, Inc.
  • Page 427 FEC pointed to by a BGP route in a given VRF. However, some routes always receive a per-VRF label; see “Creating Labels per FEC” on page 439 for more information. Copyright © 2010, Juniper Networks, Inc.

  • Page 428: Figure 72: Standard And Extended Bgp Update Messages

    MP-Reach-NLRI attribute, according to MP-BGP. The extended update also has the extended-communities attribute, which identifies the VPN to which the routes are advertised. In this example, the route target is 777:1001, identifying VPN A. Copyright © 2010, Juniper Networks, Inc.

  • Page 429: Platform Considerations

    NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress. Please refer to the IETF Web site at http://www.ietf.org for the latest drafts. Copyright © 2010, Juniper Networks, Inc.

  • Page 430: Transporting Packets Across An Ip Backbone With Mpls

    If you display the in label on PE 2, you see that MP-BGP advertises a labeled VPN-IPv4 prefix of 10.24.0.0/16 with an in label of 16 (and an RD of 777:5, as shown in the illustration). host2:pe2#show ip bgp vpn all field in-label Prefix In-label 10.12.0.0/16 none 10.24.0.0/16 Copyright © 2010, Juniper Networks, Inc.
  • Page 431 Figure 74 on page 396 shows that two LSPs have been created between PE 1 and PE 2. PE 1 and PE 2 have an MP-BGP session as shown previously in Figure 73 on page 394. Copyright © 2010, Juniper Networks, Inc.

  • Page 432: Figure 74: Lsp Creation For Bgp/Mpls Vpn

    The process of data transport is shown in Figure 75 on page 396. PE 1 has already received Transport announcements from PE 2; an LSP has been established between PE 1 and PE 2. Figure 75: Traffic Across the MPLS Backbone of a BGP/MPLS VPN Copyright © 2010, Juniper Networks, Inc.
  • Page 433 (PE 1) to and the same egress (PE 2) from the service provider core. Remember that the illustrated LSP carries data traffic only from PE 1 to PE 2. Traffic from PE 2 to PE 1 requires a different LSP. Copyright © 2010, Juniper Networks, Inc.

  • Page 434: Configuring Ipv6 Vpns

    Creating an address family for a VRF automatically disables both synchronization and automatic summarization for that VRF. This command takes effect immediately. Examples host1:vr1(config-router)#address-family ipv4 multicast host1:vr1(config-router)#address-family ipv4 unicast host1:vr1(config-router)#address-family ipv4 unicast vrf vr2 host1:vr1(config-router)#address-family vpvn4 unicast host1:vr1(config-router)#address-family vpnv6 unicast ecmplabel host1:vr1(config-router)#address-family ipv6 multicast Copyright © 2010, Juniper Networks, Inc.

  • Page 435: Intra-As Ipv6 Vpns

    The VPN service in Figure 76 on page 399 includes both CE 1 (VRF A) and CE 2 (VRF B). The MPLS base tunnels are established to tunnel endpoints PE 1 and PE 2 at their loopback interfaces. The loopback address for PE 1 is FFFF::1.1.1.1/128; for PE 2, it is FFFF::2.2.2.2/128. Copyright © 2010, Juniper Networks, Inc.

  • Page 436: Ce-Pe Behavior

    IPv6 dynamic interface. When the P router receives this packet, it performs a lookup on L2 and label switches the packet toward PE 1. The P router either replaces L2 with another label or pops that label if PE 1 requested PHP. Copyright © 2010, Juniper Networks, Inc.

  • Page 437: Providing Ipv4 Vpn Services Across Multiple Autonomous Systems

    All inter-AS VPN routes (potentially a very large number) must be stored in the BGP RIBs and IP routing tables on the AS boundary routers. You must configure VRFs on each AS boundary router. Copyright © 2010, Juniper Networks, Inc.

  • Page 438: Inter-As Option B

    VPN-IPv4 prefix (label 16, RD 100:0, IPv4 prefix 10.10.10.11/32). host1:pe1#show ip bgp vpn all field in-label Prefix In-label 10.10.10.11/32 On PE 1, no out label is associated with the IPv4 prefix 10.10.10.11/32. Copyright © 2010, Juniper Networks, Inc.
  • Page 439 MPLS next-hop: 29, resolved by MPLS next-hop 23, peer 1.1.1.1 MPLS next-hop: 23, label 33 on ATM6/1.20, nbr 10.20.20.1 Statistics collection is disabled host1:asbr2#show mpls forwarding brief ..swap to 16, push 34 on ATM6/1.20, nbr 10.20.20.1 Copyright © 2010, Juniper Networks, Inc.
  • Page 440 In turn, ASBR 3 receives MPLS frames with label 50 (the in label) from PE 4 and sends MPLS frames with label 44 (the out label) to ASBR 2. PE 4 receives the VPN-IPv4 prefix with label 50: Copyright © 2010, Juniper Networks, Inc.

  • Page 441: Inter-As Option C

    Two different configuration scenarios are possible with option C, one employing a two-label stack and the other a three-label stack. Figure 79 on page 406 illustrates the three-label stack scenario. PHP is not used in this example. Copyright © 2010, Juniper Networks, Inc.

  • Page 442: Figure 79: Topology For Three-Label Stack Configuration For Inter-As Option

    ASBR 1. P 1 learns label L7 for the route to the loopback address on ASBR 1 by means of LDP or RSVP-TE from ASBR 1. Copyright © 2010, Juniper Networks, Inc.

  • Page 443: Inter-As Option C With Route Reflectors

    RR advertises routes to external neighbors. Issuing this command causes the VPN RR that is multihop peering with another RR in the AS to send the next hop unchanged for the VPN routes that it advertises. Copyright © 2010, Juniper Networks, Inc.

  • Page 444: Providing Ipv6 Vpn Services Across Multiple Autonomous Systems

    (Figure 81 on page 409). The base MPLS tunnels are local to each AS. Stacked tunnels run from end to end between PE routers on the different ASs. This method enhances scalability, because only the BGP RIBs store all the inter-AS VPN routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 445: Using Route Targets To Configure Vpn Topologies

    In a full-mesh VPN, each site in the VPN can communicate with every other site in that same VPN. For example, in Figure 82 on page 410, each site in VPN A can communicate with all other VPN A sites but not with the sites in VPN B. Copyright © 2010, Juniper Networks, Inc.

  • Page 446: Hub-And-Spoke Vpns

    Hub-and-Spoke VPNs In a hub-and-spoke VPN, the spoke sites in the VPN can communicate only with the hub sites; they cannot communicate with other spoke sites, as shown in Figure 84 on page 411. Copyright © 2010, Juniper Networks, Inc.

  • Page 447: Overlapping Vpns

    VPN is often used to provide centralized services. The central site might contain DNS servers or WWW servers or management stations that need to be reachable from multiple VPNs. Overlapping IPv4 and IPv6 VPNs are supported by the same route-target mechanism. Copyright © 2010, Juniper Networks, Inc.

  • Page 448: Figure 86: Site Connectivity In An Overlapping Vpn

    VRF to the other VRF; in this case from the VPN AB VRF to the VPN A VRF. Consequently, traffic that arrives in one VRF is forwarded out another VRF without going through the MPLS core network. Copyright © 2010, Juniper Networks, Inc.

  • Page 449: Constraining Route Distribution With Route-Target Filtering

    For BGP/MPLS VPNs, route-target filtering is a better approach. Route-target filtering controls the distribution of BGP routes based on the VPNS (indicated by the route-target extended communities) to which peer routers belong. PE routers use the MP_REACH_NLRI Copyright © 2010, Juniper Networks, Inc.

  • Page 450: Exchanging Route-Target Membership Information

    A prefix less than 32 or greater than 96 is invalid. However, the prefix for the Default-RT-MEM-NLRI attribute is an exception to this rule. For the Default-RT-MEM-NLRI attribute, 0 is a valid prefix length. For example, 100:100:53/36 is a valid RT--MEM-NLRI. Copyright © 2010, Juniper Networks, Inc.

  • Page 451: Receiving And Sending Rt-Mem-Nlri Routing Updates

    Adj-RIBS-Out table. This can result in an incremental update that advertises or withdraws some routes for the VPN. You can use the bgp wait-on-end-of-rib command to specify how long BGP waits for the End-ofRIB marker from route-target peers. Copyright © 2010, Juniper Networks, Inc.

  • Page 452: Table 88: Route-Target Filtering Advertisement Rules For Routes Received From

    RT-MEM-NLRI prefix (origin AS number:route target). However, you can filter route-target filtering routes with policies that include items that match on other BGP attributes, such as the extended community attached to the route-target filtering route. Copyright © 2010, Juniper Networks, Inc.

  • Page 453: Conditions For Advertising Rt-Mem-Nlri Routes

    VRF's route target import list when the preceding conditions have been met. A withdrawal for the RT-MEM-NLRI attribute is generated when the route target is removed from this VRF's import list. Copyright © 2010, Juniper Networks, Inc.

  • Page 454: Advertising A Default Route

    Example host1(config-router)#router address-family route-target host1(config-router-af)#default-information originate Use the no version to restore the default, preventing the redistribution of default routes. See default-information originate. neighbor default-originate Copyright © 2010, Juniper Networks, Inc.

  • Page 455: Route Selection When Route-Target Filtering Is Enabled

    IBGP paths for the RT-MEM-NLRI prefix. BGP then sets outbound route filters so that VPN routes that match the route target are sent to all IBGP peers that advertised the RT-MEM-NLRI route. This behavior does not affect how the BGP speaker in turn advertises the RT-MEM-NLRI routes. Copyright © 2010, Juniper Networks, Inc.

  • Page 456: Configuring Route-Target Filtering

    10.2.2.2 next-hop-self (Optional) Configure BGP to send a Default-MEM-NLRI route for all peers in the address family or for a specific peer or peer group in the address family. host1(config-router-af)#default-information originate host1(config-router-af)#neighbor 10.2.2.2 default-originate Copyright © 2010, Juniper Networks, Inc.

  • Page 457: Multicast Services Over Vpns

    Assign a route distinguisher to the VRF. host1:vr1(config-vrf)#rd 100:100 Set the route-target import and route-target export lists for the VRF. host1:vr1(config-vrf)#route-target import 100:1 host1:vr1(config-vrf)#route-target export 100:1 (Optional) Set import and export maps for the VRF. Copyright © 2010, Juniper Networks, Inc.
  • Page 458 (Optional) For carrier-of-carriers VPNs, configure carrier-of-carriers mode in the provider carrier’s PE router that connects to the customer carrier’s network. host1:vr1:VrfA(config)#mpls topology-driven-lsp See “Carrier-of-Carriers IPv4 VPNs” on page 469 for information about configuring carrier-of-carriers VPNs. Copyright © 2010, Juniper Networks, Inc.

  • Page 459: Pe Router Configuration Tasks

    10.12.13.0 remote-as 200 Use network commands or the redistribute static command to make BGP advertise static routes to customers. host1:vr1(config-router)#network 10.3.0.0 mask 255.255.0.0 host1:vr1(config-router)#redistribute static Use redistribute commands to make BGP advertise IGP routes to customers. Copyright © 2010, Juniper Networks, Inc.

  • Page 460: Creating A Vrf

    You can specify either an AS number or an IP address as the first part of the route distinguisher. Specify some unique integer as the second part. You must specify a route distinguisher for a VRF. Otherwise, the VRF will not operate. Copyright © 2010, Juniper Networks, Inc.

  • Page 461: Defining Route Targets For Vrfs

    An export list defines a route-target extended community; routes having any route target in their export list that matches a route target in a VRF’s import list are installed in the VRF’s forwarding table. Copyright © 2010, Juniper Networks, Inc.

  • Page 462: Figure 89: Fully Meshed Vpns

    Figure 89: Fully Meshed VPNs BGP sessions exist between PE 1 and PE 2, PE 2 and PE 3, and PE 3 and PE 1. The MPLS paths through the service provider core are omitted for clarity. Copyright © 2010, Juniper Networks, Inc.
  • Page 463 To configure route targets for this hub and spoke, you specify different import and export route targets on the hub VRF. On the spoke VRFs, you switch these route targets. Route-target configuration on PE 1: host1(config)#virtual-router newyork host1:newyork(config)#ip vrf vrfA host1:newyork(config-vrf)#route-target export 777:25 host1:newyork(config-vrf)#route-target import 777:50 Copyright © 2010, Juniper Networks, Inc.

  • Page 464: Setting Import And Export Maps For A Vrf

    VRFs. As shown in Figure 91 on page 429, a route is distributed (leaked) between RIBs and its attributes are changed as specified Copyright © 2010, Juniper Networks, Inc.

  • Page 465: Characteristics Of Import And Global Import Maps

    When a route that was previously imported into the local VRF RIB is modified in the global BGP RIB (VPN or non-VPN) such that it no longer matches the import or global import map, that route is removed from the local VRF RIB. Copyright © 2010, Juniper Networks, Inc.

  • Page 466: Characteristics Of Export And Global Export Maps

    Subsequent Distribution of Routes Routes that are imported from the global BGP non-VPN RIB (with a global import map) into a VRF RIB are never exported again. Because these routes are not exported to the Copyright © 2010, Juniper Networks, Inc.

  • Page 467: Creating A Map

    You can specify that only IPv4 or only IPv6 routes are exported. By default, both types of routes are exported. Example host1:boston(config-vrf)#export map routemap5 filter Use the no version to remove the route map from the VRF. See export map. Copyright © 2010, Juniper Networks, Inc.

  • Page 468: Global Export Maps

    You can specify that only IPv4 or only IPv6 routes are imported. By default, both types of routes are imported. Example host1:boston(config-vrf)#import map routemap72 Use the no version to remove the route map from the VRF. See import map. Copyright © 2010, Juniper Networks, Inc.

  • Page 469: Global Import Maps

    IPv4 VPN routes by matching on IPv4 access lists that filter out IPv4 prefixes. The following commands illustrate this behavior. Configure an IPv6 access list to export IPv6 VPN prefixes to the global IPv6 RIB. Copyright © 2010, Juniper Networks, Inc.

  • Page 470: Assigning An Interface To A Vrf

    Associate the interface. host1:vr1:vrfA(config)#interface gigabitEthernet 1/0 In this case, you do not have to reassign an IP address to the interface because you did not use the ip vrf forwarding command. ip vrf forwarding Copyright © 2010, Juniper Networks, Inc.

  • Page 471: Defining Secondary Routing Table Lookup

    10.12.4.5 255.255.255.0 To specify from inside the VRF context that an interface use the fallback global routing table lookup: Select the interface. host1:vr1(config)#interface gigabitEthernet 1/0 Enter the VRF context. Copyright © 2010, Juniper Networks, Inc.

  • Page 472: Adding Static Routes To A Vrf

    Adding Static Routes to a VRF Consider the network structure shown in Figure 92 on page 437. If no routing protocol—BGP or any other IGP—is running between the PE router and the CE router, you must use the Copyright © 2010, Juniper Networks, Inc.

  • Page 473: Configuring Igps On The Vrf

    IGP on the VRF so that the VRF can learn routes from customer sites. Configuring the IGP in the VRF Context After creating a VRF, you can access it as if it were a virtual router for the purpose of configuring the IGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 474: Configuring The Igp Outside The Vrf Context

    Use to access a VRF to configure it with an IGP to learn routes from a CE router. To access the VRF from its VR context (in this example, the default VR): host1(config)#virtual-router :vrfsouthie host1:default:southie(config)# To access the VRF from the context of a different VR: host1(config)#virtual-router boston:southie Copyright © 2010, Juniper Networks, Inc.

  • Page 475: Disabling Automatic Route-Target Filtering

    BGP routes advertised by a given VRF; this is a per-VRF label. Upon receiving traffic for a per-VRF label, the router performs a label pop and a route lookup to forward the traffic to the next hop. Copyright © 2010, Juniper Networks, Inc.
  • Page 476 Example host1:vr1(config-vrf)#ip mpls forwarding-mode label-switched Use the no version to restore the default, generating a single label for all BGP routes sent from a given VRF. See ip mpls forwarding-mode label-switched. Copyright © 2010, Juniper Networks, Inc.

  • Page 477: Configuring Pe-To-Pe Lsps

    In the example shown in Figure 93 on page 442, the E Series router gives equal consideration to IBGP VPN routes learned from multiple remote PE devices when determining load balancing. Copyright © 2010, Juniper Networks, Inc.

  • Page 478: Figure 93: Bgp/Mpls Vpn Ibgp Example

    In Figure 94 on page 443, a BGP/MPLS network connects PE 1 and PE 2, which are configured for VPNv4 unicast IBGP peering. CE 1 and CE 2 are configured for EBGP peering with the PE devices. CE 2 is multihomed, connected to both PE 1 and PE 2. Copyright © 2010, Juniper Networks, Inc.

  • Page 479: Figure 94: Bgp/Mpls Vpn Eibgp Example

    This command is not supported for the VPNv4 or VPNv6 address families. The maximum-paths eibgp command cannot be used if the router is currently configured with the maximum-paths or maximum-paths ibgp command. Example host1(config)#router bgp 100 host1(config-router)#address-family ipv4 vrf vrfA host1(config-router-af)#maximum-paths eibgp 6 Copyright © 2010, Juniper Networks, Inc.

  • Page 480: Enabling Vpn Address Exchange

    Use the no version to disable the exchange of a type of prefix. See address-family. exit-address-family Use to exit Address Family Configuration mode and access Router Configuration mode. Example host1:vr1(config-router-af)#exit-address-family There is no no version. See exit-address-family. neighbor activate Copyright © 2010, Juniper Networks, Inc.

  • Page 481: Configuring Pe-To-Ce Bgp Sessions

    You configure the characteristics of VRF A, the global BGP attributes, the address family for the session, and BGP attributes relevant to the VRF or address family. host1(config)#ip vrf vrfa host1(config-vrf)#rd 777:5 host1(config-vrf)#route-target both 777:5 host1(config-vrf)#exit host1(config)#interface gigabitEthernet 1/0 host1(config-if)#ip vrf forwarding vrfA Copyright © 2010, Juniper Networks, Inc.

  • Page 482: Advertising Static Routes To Customers

    The following commands illustrate how to configure the exchange of routes in both the IPv4 unicast and the VPNv4 unicast address families for a BGP peer: host1:vr1(config)#router bgp 777 host1:vr1(config-router)#neighbor 10.26.5.10 remote-as 100 host1:vr1(config-router)#address-family vpnv4 unicast host1:vr1(config-router-af)#neighbor 10.26.5.10 activate host1:vr1(config-router-af)#exit-address-family Copyright © 2010, Juniper Networks, Inc.

  • Page 483: Using A Single As Number For All Ce Sites

    In the following example, the router’s AS number of 777 overrides the neighboring router’s AS number of 100. host1:vr1(config)#router bgp 777 host1:vr1(config-router)#neighbor 172.16.20.10 remote-as 100 host1:vr1(config-router)#neighbor 172.16.20.10 update-source loopback0 host1:vr1(config-router)#address-family ipv4 vrf vpn1 host1:vr1(config-router-af)#neighbor 172.25.14.12 remote-as 100 Copyright © 2010, Juniper Networks, Inc.

  • Page 484: Preventing Routing Loops

    The site-of-origin extended community attribute enables BGP to filter out such routes to prevent routing loops in this network. You can use the set extcommunity command to specify a site of origin and then use the match extcommunity command and an Copyright © 2010, Juniper Networks, Inc.

  • Page 485: Figure 96: Network With Potential Routing Loops

    BGP session on each PE router with the site of origin. The result of the following (partial) configuration is shown in Figure 97 on page 450. host1:pe1(config)#ip vrf yourvpn host1:pe1(config-vrf)#rd 200:1 host1:pe1(config-vrf)#route-target both 200:11 Copyright © 2010, Juniper Networks, Inc.

  • Page 486: Figure 97: Preventing Potential Routing Loops In The Network

    To apply the new policy to routes that are already present in the BGP routing table, you must use the clear ip bgp command to perform a soft clear or hard clear of the current BGP session. Example host1(config-router)#neighbor 10.25.32.4 site-of-origin 200:21 Copyright © 2010, Juniper Networks, Inc.

  • Page 487: Advertising Prefixes With Duplicate As Numbers

    AS number up to the specified number of times. If the AS path of a route contains the speaker’s AS number more than the specified number of times, the route is determined to be a loop and is discarded. Copyright © 2010, Juniper Networks, Inc.

  • Page 488: Controlling Route Importation

    As long as the route count stays at the limit, further attempts to add routes fail, but do not generate any more limit-exceeded log entries. Copyright © 2010, Juniper Networks, Inc.

  • Page 489: Deleting Routes For A Vrf

    If you do not specify a VRF, routes are removed from all VRFs. You can specify either that a single route or all dynamic routes are to be removed. This command takes effect immediately. Example Copyright © 2010, Juniper Networks, Inc.

  • Page 490: Enabling Vrf-To-Vr Peering

    Use to establish a static route in a VRF to a remote interface in the parent VR. The specified interface must be preexisting and have an alias assigned with the description command. Copyright © 2010, Juniper Networks, Inc.

  • Page 491: Achieving Fast Reconvergence In Vpn Networks

    PE router without having to wait for the BGP session to the failed PE router to time out. Depending on the network topology, you can achieve fast reconvergence by assigning unique RDs to each VRF or by enabling next-hop reachability checking. Copyright © 2010, Juniper Networks, Inc.

  • Page 492: Fast Reconvergence With Unique Rds

    PE router. For these networks, relying on the ingress PE router is better than relying on the route reflector to decide which route is best. For this to work properly, the ingress PE router Copyright © 2010, Juniper Networks, Inc.

  • Page 493: Fast Reconvergence By Means Of Reachability Checking

    In Figure 100 on page 457, PE 1 has already failed, and tunnels PE 3–PE 1 and PE 4–PE 1 have gone down. Figure 100: Topology for Fast Reconvergence by Means of Reachability Checking, After Tunnels Go Down Copyright © 2010, Juniper Networks, Inc.

  • Page 494: Configuring Bgp To Send Labeled And Unlabeled Unicast Routes

    By including this command in the appropriate route map (export, global export, global import route map), you can restrict importing or exporting to only labeled or only unlabeled routes. Example Copyright © 2010, Juniper Networks, Inc.

  • Page 495: Bgp Next-Hop-Self

    BGP Processing of Received Routes BGP processes received routes differently depending on whether the route is labeled or unlabeled, unicast or VPN. Copyright © 2010, Juniper Networks, Inc.

  • Page 496: Labeled Unicast Routes

    SAFI was previously negotiated with peers other than the one from which it received the best route. Table 92 on page 461 lists the advertising action taken for the best route, whether labeled or unlabeled. Copyright © 2010, Juniper Networks, Inc.

  • Page 497: Providing Internet Access To And From Vpns

    PE router then looks up the destination address of the IP packet in the context of the VRF routing table rather than the VR routing table. Problems The VRF routing table lookup introduces the following complication. Copyright © 2010, Juniper Networks, Inc.

  • Page 498: Solutions

    You cannot configure traffic for one prefix to flow out of one uplink interface and traffic to another prefix to flow out of another uplink interface. That behavior requires a full default-free Internet routing table in the VRF, which is a complication that you want to avoid. Copyright © 2010, Juniper Networks, Inc.

  • Page 499: Configuring A Fallback Global Option

    CE router. One lookup is in the IP routing table of the VRF; the other lookup is in the IP routing table of the parent Copyright © 2010, Juniper Networks, Inc.

  • Page 500: Configuring A Global Import Map For Specific Routes

    For the third solution you create a global import map to import only the specific routes needed to reach the desired small number of networks in the Internet. See Figure 103 on page 465. Copyright © 2010, Juniper Networks, Inc.

  • Page 501: Creating A Bgp Session Between The Ce Router And The Parent Vr

    This situation requires a BGP session from the parent VR to the CE router (Figure 104 on page 466). This BGP session in turn requires a route in the VRF to the loopback interface Copyright © 2010, Juniper Networks, Inc.

  • Page 502: Figure 104: Bgp Session Between Ce Router And Parent Vr

    VRloop host1:pe1(config-route-map)#exit host1:pe1(config)#ip vrf pe11 host1:pe1(config-vrf)#rd 100:1 host1:pe1(config-vrf)#route-target both 100:1 host1:pe1(config-vrf)#global import map globimaploop The following commands create a BGP session between the CE router and the parent On host 1, VR PE 1: Copyright © 2010, Juniper Networks, Inc.

  • Page 503: Enabling Traffic Flow From The Internet To The Vpn

    PE-CE interface for each particular VPN site. The static routes must then be injected into BGP (possibly as part of an aggregate) so that they can be reached from the Internet. Figure 105 on page 468 illustrates this approach: Copyright © 2010, Juniper Networks, Inc.

  • Page 504: Global Export Map

    When they are installed in the global IP routing table, these exported routes point to the IP interface in the VRF as shown in Figure 106 on page 469. See “Global Export Maps” on page 432 for more information. Copyright © 2010, Juniper Networks, Inc.

  • Page 505: Carrier-Of-Carriers Ipv4 Vpns

    Layer 3 VPN services—The customer carrier provides VPN services for its customers and uses the provider carrier’s VPN for the backbone that connects the customer carrier’s VPN sites. This environment is called a hierarchical VPN, because there are Copyright © 2010, Juniper Networks, Inc.

  • Page 506: Customer Carrier As An Internet Service Provider

    PE routers that connect to the provider carrier at each site. Routes are learned and maintained as follows: The customer carrier’s internal routes are learned and advertised across the provider carrier’s VPN. The customer carrier’s external routes are not installed in the provider’s VPN. Copyright © 2010, Juniper Networks, Inc.

  • Page 507: Configuration Steps

    Figure 107: Carrier-of-Carriers Internet Service Configuration Steps You must complete the following configuration process when the customer carrier provides Internet connectivity for its customers. On the provider carrier’s PE router: Configure MPLS. Configure BGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 508: Customer Carrier As A Vpn Service Provider

    In the customer carrier’s VPN, PE routers use MP-IBGP sessions to exchange labeled VPN routes that correspond to the end customer’s VPN routes. Figure 108 on page 473 shows a sample carrier-of-carriers environment in which the customer carrier provides VPN services to its customers. Copyright © 2010, Juniper Networks, Inc.

  • Page 509: Configuration Steps

    Figure 108: Carrier-of-Carriers VPN Service Configuration Steps You must complete the following configuration process when the customer carrier provides VPN services for its customers. On the provider carrier’s PE router: Configure MPLS. Configure BGP. Configure an IGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 510: Enabling Carrier-Of-Carriers Support On A Vrf

    VRF. The output includes a line indicating the status: Carrier’s carrier mode is enabled. Example host1:vr1:VrfA(config)#mpls topology-driven-lsp Use the no version to disable carrier-of-carriers mode on the VRF. See mpls topology-driven-lsp. Copyright © 2010, Juniper Networks, Inc.

  • Page 511: Carrier-Of-Carriers Using Bgp As The Label Distribution Protocol

    109 on page 475) must be IPv4 addresses; they cannot be IPv6 addresses, whether native or IPv4-mapped. For more information about carrier-of-carriers VPNs, see “Carrier-of-Carriers IPv4 VPNs” on page 469 . Figure 109: Carrier-of-Carrier IPv6 VPNs Copyright © 2010, Juniper Networks, Inc.

  • Page 512: Connecting Ipv6 Islands Across Ipv4 Clouds With Bgp

    PE routers. LDP binds label L1 to 10.1.1.1/32 on the P router. Router CE 1 establishes an MP-BGP session over TCPv4 to PE 1 and advertises its ability to reach the IPv6 network 2001:0430::/32. The MP-BGP update message specifies an Copyright © 2010, Juniper Networks, Inc.

  • Page 513: Connecting Ipv6 Islands Across Multiple Ipv4 Domains

    DS-BGP routers of each domain. Routing between PE 1–ASBR 1 in AS 1 and between PE 2–ASBR 2 in AS 2 is accomplished by means of label-switched paths. Copyright © 2010, Juniper Networks, Inc.

  • Page 514: Configuring Ipv6 Tunneling Over Ipv4 Mpls

    Activate the neighbors in the IPv6 address-family. host1(config-router)#address-family ipv6 unicast host1(config-router-af)#neighbor 11.19.1.2 activate host1(config-router-af)#neighbor 2.2.2.2 activate Configure the MP-BGP PE neighbor to send labeled IPv6 prefixes. host1(config-router-af)#neighbor 2.2.2.2 send-label host1(config-router-af)#neighbor 2.2.2.2 update-source loopback 1 host1(config-router-af)#neighbor 2.2.2.2 next-hop-self host1(config-router-af)#exit-address-family Copyright © 2010, Juniper Networks, Inc.

  • Page 515: Ospf And Bgp/Mpls Vpns

    You configure OSPF in the VRF associated with the VPN and associate the interface connected to the CE router with the VRF. OSPF routes can then propagate from a CE router to a PE router when an OSPF adjacency has formed between the two routers. Copyright © 2010, Juniper Networks, Inc.

  • Page 516: Distributing Routes Between Pe Routers

    Origin of Route 1 – intra-area route Type 1 LSA 2 – intra-area route Type 2 LSA 3 – interarea summary route Type 3 LSA 5 – external route (area ID = 0) Type 5 LSA Copyright © 2010, Juniper Networks, Inc.

  • Page 517: Distributing Ospf Routes From Pe Router To Ce Router

    PE router replaces the external route tag in the LSA with the VPN route tag. You configure the VPN route tag for the OPSF VRF on the PE router with the domain-tag command. The value of a VPN route tag must be unique within an OSPF domain, so that Copyright © 2010, Juniper Networks, Inc.

  • Page 518: Using Remote Neighbors To Configure Ospf Sham Links

    OSPF Backdoor Links OSPF backdoor links typically serve as backup paths, providing a way for traffic to flow from one VPN site to the other only if the path over the backbone is broken. Copyright © 2010, Juniper Networks, Inc.

  • Page 519: Ospf Sham Links

    If a BGP route and an OSPF route to the same destination are both installed in the IP routing table, OSPF uses the OSPF route because it has a better administrative distance by definition. Copyright © 2010, Juniper Networks, Inc.
  • Page 520 Use to configure a hop count by setting the value of the time-to-live field used by packets sent to an OSPF remote neighbor. Specify a value in the range 1–255 seconds; the default value is 1 second. Copyright © 2010, Juniper Networks, Inc.

  • Page 521: Configuration Tasks

    OSPF. Configure the OSPF domain ID. host1:default:ospf2(config-router)#domain-id 45 Configure the VPN route tag. host1:default:ospf2(config-router)#domain-tag 1200 Redistribute routes learned from other PE routers back into OSPF. host1:default:ospf2(config-router)#redistribute bgp Create an address family in BGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 522: Configuring Vpls

    L2VPN instances, on the router. An L2VPN, sometimes referred to as Virtual Private Wire Service (VPWS), is a BGP-MPLS application that has much in common with BGP/MPLS VPNs. L2VPNs employ layer 2 services over MPLS to build a topology of Copyright © 2010, Juniper Networks, Inc.
  • Page 523 L2VPNs enable the sharing of a provider’s core network infrastructure between IP and L2VPN services, reducing the cost of providing those services. For details about configuring and using L2VPNs, see “Configuring VPWS” on page 651. Copyright © 2010, Juniper Networks, Inc.
  • Page 524 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 525: Monitoring Bgp/Mpls Vpns

    Issue the debug ip mbgp command: host1#debug ip mbgp Related Topics Disabling the MP-BGP Events Log Display on page 506 debug ip mbgp undebug ip mbgp Monitoring BGP Next Hops for VPN Purpose Display information about BGP next hops. Copyright © 2010, Juniper Networks, Inc.

  • Page 526: Table 94: Show Ip Bgp Next-Hop Output Fields

    MPLS indirect next-hop Index number of the MPLS indirect next hop that this BGP indirect index next hop resolves to Reachable Indicates whether or not the indirect next hop is reachable. Copyright © 2010, Juniper Networks, Inc.

  • Page 527: Monitoring Vrf Interfaces

    Unicast Packets 0, Bytes 0 Multicast Packets 0, Bytes 0 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 Out Forwarded Packets 0, Bytes 0 Unicast Packets 0, Bytes 0 Copyright © 2010, Juniper Networks, Inc.

  • Page 528: Table 95: Show Ip Interface Vrf Output Fields

    Enabled—Indicates time in milliseconds that the router waits before generating an up or down event in response to a state change in the interface. If the state changes back before the debounce timer expires, no state change is reported. Copyright © 2010, Juniper Networks, Inc.
  • Page 529 Number of exceeded packets and bytes dropped because of out Exceeded Packets, Bytes queue threshold limit Out Policed Packets, Bytes Number of packets and bytes discarded on a forwarding IP interface because of token bucket limiting Related Topics show ip interface vrf Copyright © 2010, Juniper Networks, Inc.

  • Page 530: Monitoring Vrf Routing Protocols

    Number of the prefix list for incoming or outgoing routes Incoming/Outgoing update prefix list Neighbor Number of the prefix tree for incoming or outgoing routes Incoming/Outgoing update prefix tree Neighbor Number of filter list for incoming routes Incoming/Outgoing update filter list Copyright © 2010, Juniper Networks, Inc.
  • Page 531 Current setting of the hold down timer (in seconds) flushed interval Current setting of the flush timer (in seconds) Filter applied to outgoing Access list applied to outgoing RIP route updates route update Copyright © 2010, Juniper Networks, Inc.

  • Page 532: Monitoring The Vrf Routing Table

    Type of route Prefix/Length Network prefix for route in VRF routing table Type Protocol of route Next Hop IP address of the next hop to reach route Dist/Met Administrative distance and metric applied to route Copyright © 2010, Juniper Networks, Inc.

  • Page 533: Monitoring The Vrf

    IPv6 Global Export Route-map: my-global-v6-export-map pe12; Default RD 100:12 VRF IP Router Id: 10.12.12.1 Default TTL: 127 Reassemble Timeout: 30 Interface Configured: null0 ATM2/0.12 tun mpls:vpnEgL18-4 ip dyn-25 Import VPN Route Target Extended Communities: 100:2 Copyright © 2010, Juniper Networks, Inc.
  • Page 534 0 timestamp req, 0 timestamp rpy 0 addr mask req, 0 addr mask rpy atm4/0.134 is up, line protocol is up VRF: pe11 Link up/down trap is disabled Internet address is 4.4.4.2/255.255.255.0 IP statistics: Rcvd: 0 local destination Copyright © 2010, Juniper Networks, Inc.

  • Page 535: Table 98: Show Ip Vrf Output Fields

    VRF IP Router Id IP address that uniquely identifies the router Default TTL Time to live value in the IP header Reassemble Timeout Value to time out reassembled packets Interface Configured Interface configured for the VRF Copyright © 2010, Juniper Networks, Inc.
  • Page 536 In Fabric Dropped Packets Number of packets discarded on a receive IP interface because of internal fabric congestion Out Requested Packets, Number of packets and bytes requested to be forwarded out an IP Bytes interface Copyright © 2010, Juniper Networks, Inc.
  • Page 537 Number of packets that could not be routed discards Number of packets that could not be routed that were discarded ICMP Statistics Rcvd errors Number of error packets received dst unreach Number of packets received with destination unreachable Copyright © 2010, Juniper Networks, Inc.
  • Page 538 Number of requests for a timestamp timestamp rpy Number of replies to timestamp requests addr mask req Number of address mask requests addr mask rpy Number of address mask replies Related Topics show ip vrf Copyright © 2010, Juniper Networks, Inc.

  • Page 539: Monitoring Load-Balanced Martini Circuits

    Meaning Table 99 on page 504 lists the show mpls l2transport load-balancing-group command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 540: Table 99: Show Mpls L2Transport Load-Balancing-Group Output Fields

    Number of committed packets and bytes dropped Dropped conformed Number of conformed packets and bytes dropped Dropped exceeded Number of exceeded packets and bytes dropped discardPkts Number of packets discarded due to lack of buffer space before being sent Copyright © 2010, Juniper Networks, Inc.

  • Page 541: Monitoring Mpls Tunnels

    Number of packets sent across tunnel hcpkts Number of high-capacity (64-bit) packets sent across tunnel Copyright © 2010, Juniper Networks, Inc.

  • Page 542: Disabling The Mp-Bgp Events Log Display

    To disable the display of information about MP-BGP logs that was previously enabled with the debug ip mbgp command Issue the undebug ip mbgp command: host1#undebug ip mbgp Related Topics Enabling the MP-BGP Events Log Display on page 489 undebug ip mbgp debug ip mbgp Copyright © 2010, Juniper Networks, Inc.

  • Page 543: Layer 2 Services Over Mpls

    PART 3 Layer 2 Services Over MPLS Layer 2 Services over MPLS Overview on page 509 Configuring Layer 2 Services over MPLS on page 529 Monitoring Layer 2 Services over MPLS on page 561 Copyright © 2010, Juniper Networks, Inc.
  • Page 544 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 545: Layer 2 Services Over Mpls Overview

    From the perspective of the customer edge (CE) devices, all that exists is the layer 2 circuit, even though the circuit actually exists over the service provider’s MPLS network. The JunosE Software currently support the following layer 2 services over MPLS: Copyright © 2010, Juniper Networks, Inc.

  • Page 546: Layer 2 Services Over Mpls Platform Considerations

    See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support the underlying layer 2 service and MPLS. For information about the modules that support the underlying layer 2 service and MPLS on the E120 or E320 Broadband Services Router: Copyright © 2010, Juniper Networks, Inc.

  • Page 547: Interface Specifiers

    Networks—draft-ietf-pwe3-ethernet-encap-05.txt (June 2004 expiration) Encapsulation Methods for Transport of Layer 2 Frames Over IP and MPLS Networks—draft-martini-l2circuit-encap-mpls-08.txt (March 2005 expiration) Encapsulation Methods for Transport of PPP/HDLC Over IP and MPLS Networks—draft-ietf-pwe3-hdlc-ppp-encap-mpls-03.txt (October 2004 expiration) Copyright © 2010, Juniper Networks, Inc.

  • Page 548: Layer 2 Services Over Mpls Implementation

    Layer 2 Services over MPLS Implementation When layer 2 services are configured over MPLS, layer 2 traffic is encapsulated in MPLS frames and sent over MPLS tunnels. A virtual circuit (VC) label that indicates a specific Copyright © 2010, Juniper Networks, Inc.

  • Page 549: Local Cross-Connects Between Layer 2 Interfaces Using Mpls Overview

    For a list of supported layer 2 services, see Layer 2 Services over MPLS Overview on page 509 For a configuration example that shows how to create local cross-connects between Ethernet/VLAN interfaces, see Configuring Local Cross-Connects Between Ethernet/VLAN Interfaces on page 533 Copyright © 2010, Juniper Networks, Inc.

  • Page 550: Mpls Shim Interfaces For Layer 2 Services Over Mpls Overview

    The layer 2 interface determines the default preference if this option is not configured. Even when preferred, the sequence numbers might not be sent if the Copyright © 2010, Juniper Networks, Inc.

  • Page 551: Multiple Layer 2 Services Over Mpls Overview

    ATM Layer 2 Services over MPLS Overview ATM layer 2 services over MPLS provide ATM switch-like functionality for E Series routers. This feature is useful for customers who run IP in the majority of their network but still Copyright © 2010, Juniper Networks, Inc.

  • Page 552: Aal5 Encapsulation

    ATM VC. In Figure 117 on page 517, an MPLS tunnel connects two E Series routers, and ATM cross-connects provide a pseudowire between the ATM VCs on the two routers. All AAL5 Copyright © 2010, Juniper Networks, Inc.

  • Page 553: Oam Cells

    Automatic connection setup using user-to-network interface (UNI) signaling and private network-to-network interface (PNNI) is not supported. The ATM MIB cross-connected table is not supported. Connections between ATM circuits and non-ATM interfaces are not supported. Copyright © 2010, Juniper Networks, Inc.

  • Page 554: Control Word Support

    ATM cells and transmit the cells in an MPLS packet on the pseudowire. Numeric identifier (1, 2, or 3) that indicates which of the three ATM Martini cell packing timers you want to use to detect timeout of the cell collection threshold. Copyright © 2010, Juniper Networks, Inc.

  • Page 555: Cell Concatenation And Latency

    Transport of ATM Over MPLS Networks—draft-ietf-pwe3-atm-encap-07.txt (April 2005 expiration) For VCC cell relay encapsulation configuration instructions, seeConfiguring an MPLS Pseudowire with VCC Cell Relay Encapsulation on page 535 Control Word Support on page 518 Copyright © 2010, Juniper Networks, Inc.

  • Page 556: Hdlc Layer 2 Services Over Mpls Overview

    Local Cross-Connects You can configure an HDLC layer 2 circuit in a local cross-connect configuration between serial or POS interfaces within the same router. In this configuration, the pairs of HDLC Copyright © 2010, Juniper Networks, Inc.

  • Page 557: Ce-Side Mpls L2Vpns Over Lag Overview

    IP traffic Layer 2 frames arrive from CE1 to PE1 on the VLAN1 interface that resides below the MPLS shim interface. These frames are encapsulated in an MPLS packet and forwarded to the Copyright © 2010, Juniper Networks, Inc.

  • Page 558: Ethernet Raw Mode Encapsulation For Martini Layer 2 Transport Overview

    VLAN tags on the local interface before sending the frame to the CE device Insertion of the inner V-LAN tag while sending layer 2 frames received from the pseudowire to the CE device on a double-tagged interface Copyright © 2010, Juniper Networks, Inc.
  • Page 559 The raw-mode attribute of the Martini circuit is sent to the forwarding controller (FC) on the supported line modules and the Label Distribution Protocol (LDP) is notified of the correct pseudowire type to be used in the signaling messages. Copyright © 2010, Juniper Networks, Inc.

  • Page 560: S-Vlan Subinterface With An Untagged C-Vlan Id Overview

    ATM cells that pertained to a particular ATM virtual circuit (VC) to be transported over a single pseudowire. This behavior was achieved by emulating connectivity between two ATM ports for a single virtual circuit. However, if you wanted to emulate the connectivity Copyright © 2010, Juniper Networks, Inc.
  • Page 561 Label Discovery Protocol (LDP) brings up the pseudowire. However, on the remote provider edge (PE) router, ATM cells received from the pseudowire that are not within the configured ranges are discarded. Copyright © 2010, Juniper Networks, Inc.
  • Page 562 If the ATM port was moved to an LOS state, all ATM virtual circuits on the same port that are configured for functionality other than the multiple VCs over single pseudowire functionality are also disrupted. Copyright © 2010, Juniper Networks, Inc.

  • Page 563: Guidelines For Configuring Vpi/Vci Ranges Of Atm Virtual Circuits

    If some of the VCs other than the F4 OAM VCs are opened for other applications, the range is marked inactive. You must specify ranges that do not overlap with the F4 OAM VCI values. Copyright © 2010, Juniper Networks, Inc.

  • Page 564: An Atm Port

    Support for unified ISSU and high availability with a VPI/VCI range configured with the maximum number of VCs is provided. Related Topics Example: Multiple ATM Virtual Circuits over a Single Pseudowire on page 559 mpls-relay atm vpi-range vci-range mpls-relay atm cell-packing mcpt-timer Copyright © 2010, Juniper Networks, Inc.

  • Page 565: Configuring Layer 2 Services Over Mpls

    MPLS and the type of layer 2 interfaces that you want to configure. Before you configure layer 2 services over MPLS, you must configure the layer 2 interfaces and MPLS. Copyright © 2010, Juniper Networks, Inc.

  • Page 566: Configuring Frame Relay Layer 2 Services

    To configure the router to interoperate with a router that uses the legacy Frame Relay pseudowire type for layer 2 services over MPLS: Configure the Frame Relay interface. host1(config)#interface serial 4/1:1/1 host1(config-if)#encapsulation frame-relay ietf host1(config-if)#frame-relay intf-type dte host1(config-if)#frame-relay lmi-type ansi host1(config-if)#interface serial 4/1:1/1.1 host1(config-subif)#frame-relay interface-dlci 17 ietf Copyright © 2010, Juniper Networks, Inc.

  • Page 567: Configuring Ethernet/Vlan Layer 2 Services

    Specify MPLS tunneling by using the appropriate command. host1(config-if)#mpls-relay 10.10.100.2 45 host1(config-if)#route interface tunnel mpls:tunnel6 45 Configure Ethernet/VLAN and MPLS on the remote PE router. Related Topics encapsulation vlan interface fastEthernet mpls-relay route interface vlan id Copyright © 2010, Juniper Networks, Inc.

  • Page 568: Configuring S-Vlan Tunnels For Layer 2 Services

    PE router. Related Topics For more information about S-VLANs, including complete configuration instructions, see the JunosE Link Layer Configuration Guide encapsulation vlan interface fastEthernet mpls-relay route interface svlan ethertype svlan id Copyright © 2010, Juniper Networks, Inc.

  • Page 569: Configuring Local Cross-Connects Between Ethernet/Vlan Interfaces

    (Optional) If you are configuring a multiservice local cross-connect, assign an IP address and mask to the Ethernet/VLAN interface. host1(config-if)#ip address 10.1.2.3 255.255.255.0 Configure MPLS tunneling on this side of the connection by issuing the mpls-relay command. Copyright © 2010, Juniper Networks, Inc.

  • Page 570: Configuring Local Atm Cross-Connects With Aal5 Encapsulation

    NOTE: Although this procedure uses AAL5 encapsulation to configure a local cross-connect between two ATM 1483 subinterfaces within the same router, you can also use AAL5 encapsulation when you configure an MPLS pseudowire (tunnel) connection between two ATM VCCs on different routers. Copyright © 2010, Juniper Networks, Inc.

  • Page 571: Configuring An Mpls Pseudowire With Vcc Cell Relay Encapsulation

    The following commands create an ATM layer 2 services over MPLS pseudowire connection between two ATM 1483 subinterfaces on different routers. This procedure uses the aal0 encapsulation keyword for each ATM PVC to indicate that the router receive Copyright © 2010, Juniper Networks, Inc.
  • Page 572 The virtual connection ID (VC ID) value in the mpls-relay command, however, must be the same on the ingress and egress routers. host2(config)#atm mcpt-timers 1500 2500 3500 host2(config)#interface loopback 0 host2(config-if)#ip address 6.1.1.1 255.255.255.255 Copyright © 2010, Juniper Networks, Inc.
  • Page 573 9180 lowerLayerDown Static Maximum number of cells per packet: 150 Cell aggregation timeout timer: SNMP trap link-status: disabled InPackets: InBytes: OutPackets: OutBytes: InErrors: OutErrors: InPacketDiscards: InPacketsUnknownProtocol: 0 OutDiscards: 1 interface(s) found Related Topics atm cell-packing Copyright © 2010, Juniper Networks, Inc.

  • Page 574: Configuring Hdlc Layer 2 Services

    POS interface contains actual PPP packets. host1(config-if)#mpls-relay 2.2.2.1 1 relay-format ppp host1(config-if)#route interface tunnel mpls:tunnel-to-pe2 1 relay-format ppp (Optional) Attach an MPLS policy to the HDLC layer 2 circuit by using the mpls policy command. Copyright © 2010, Juniper Networks, Inc.

  • Page 575: Differences

    In these cases, traffic destined for the CE routers is load-balanced among the multiple shim interfaces. This is known as CE-side load balancing. In the case of Ethernet/VLANs, CE-side load balancing enables an E Series router to interoperate with an 802.3ad switch. Copyright © 2010, Juniper Networks, Inc.

  • Page 576: Vc Id

    10.9.1.2 is a local address: host1(config)#interface atm 6/0.101 point-to-point host1(config-subif)#mpls-relay 10.9.1.2 600001 host1(config-subif)#exit host1(config)#interface atm 6/2.101 point-to-point host1(config-subif)#mpls-relay 10.9.1.2 600001 host1(config-subif)#exit host1(config)#interface atm 6/2.103 point-to-point host1(config-subif)#mpls-relay 10.9.1.2 600001 This configuration results in the following forwarding table: Copyright © 2010, Juniper Networks, Inc.

  • Page 577: Load-Balancing Group Configuration

    Load-balancing groups are a legacy method of configuring CE-side load balancing. It was the only method available before Release 7.1.0. Load-balancing groups enable you to configure attributes for a group that are inherited by the member shim interfaces. Figure 120: CE-Side Load-Balancing Topology Copyright © 2010, Juniper Networks, Inc.

  • Page 578: Mpls Interfaces And Labels

    Removing Member Subinterfaces from a Circuit on page 543 Adding a Member Interface to a Group Circuit You specify the lower interface as a member interface, as in the following example. host1(config)#mpls l2transport load-balancing-group 100 mpls-relay 2.2.2.2 202 host1(config-mpls-l2-group)#member interface fast 2/0.500 Copyright © 2010, Juniper Networks, Inc.

  • Page 579: Removing Member Subinterfaces From A Circuit

    You can substitute the mpls-relay command, depending on the tunneling method best for your environment. Figure 121: Sample Frame Relay over MPLS Configuration hostname "host 1" exception protocol ftp anonymous null !-------------------------------------------------------------------------- !Configure CT3 interfaces in slot 4 for Frame Relay. Copyright © 2010, Juniper Networks, Inc.
  • Page 580 4/1:2/1.1 frame-relay interface-dlci 12 ietf !-------------------------------------------------------------------------- !Create virtual router two. Configure MPLS. !-------------------------------------------------------------------------- virtual-router two mpls mpls ldp tar send list 222.9.1.3 interface loopback 0 ip address 222.9.1.2 255.255.255.255 ip router isis Copyright © 2010, Juniper Networks, Inc.
  • Page 581 !Create virtual router five. Configure MPLS. !-------------------------------------------------------------------------- virtual-router five mpls interface loopback 0 ip address 222.9.1.5 255.255.255.255 ip router isis interface atm 2/1.1 atm pvc 1 1 11 aal5snap ip address 10.10.11.5 255.255.255.0 ip router isis Copyright © 2010, Juniper Networks, Inc.

  • Page 582: Example: Configuring Mpls L2Vpn Tunnel Over Vlan Over Lag

    PE2, which is the remote router located at the other side of the service provider core, are processed. After PE2 processes the layer 2 Ethernet frames, they are sent to CE2, which is the customer edge device at the remote site. Copyright © 2010, Juniper Networks, Inc.

  • Page 583: Configuration On Ce1 (Local Ce Router)

    Use the following commands on the local PE router (PE1) to configure the MPLS L2VPN tunnel shown inFigure 122 on page 547. ! Configure a virtual router PE1. host1(config)#virtual-router pe1 ! Enable MPLS on a virtual router in Global Configuration mode. host1:pe1(config)#mpls . Copyright © 2010, Juniper Networks, Inc.

  • Page 584: Configuration On Pe2 (Remote Pe Router)

    Configuration on PE2 (Remote PE Router) Use the following commands on the remote PE router (PE2) to configure the MPLS L2VPN tunnel shown inFigure 122 on page 547. ! Configure a virtual router PE2. Copyright © 2010, Juniper Networks, Inc.
  • Page 585 ! the next hop that can be used to reach the destination network. host1:pe2(config)#ip route 22.22.22.22 255.255.255.255 2.0.0.1 ! Configure LDP to advertise a non-null label for the egress routes. host1:pe2(config)#mpls ldp egress-label non-null Copyright © 2010, Juniper Networks, Inc.

  • Page 586: Configuration On Ce2 (Remote Ce Router)

    MPLS labels. After PE2 processes the layer 2 Ethernet frames, they are sent to CE2, which is the customer edge device at the remote site. Copyright © 2010, Juniper Networks, Inc.

  • Page 587: Configuration On Ce1 (Local Ce Router)

    ! Configure the LSR to create topology-driven LSPs. Enabling LDP automatically ! creates topology-driven LSPs. host1:pe1(config)#mpls topology-driven-lsp ! On PE1, configure a loopback interface, and assign an IP address and mask to ! the interface. host1:pe1(config)#interface loopback 0 Copyright © 2010, Juniper Networks, Inc.

  • Page 588: Configuration On Pe2 (Remote Pe Router)

    ! Configure PE2 to create topology-driven LSPs. Enabling LDP automatically creates ! topology-driven LSPs. host1:pe2(config)#mpls topology-driven-lsp ! On PE2, configure a loopback interface, and assign an IP address and mask to ! the interface. host1:pe2(config)#interface loopback 0 host1:pe2(config-if)#ip address 22.22.22.22 255.255.255.255 Copyright © 2010, Juniper Networks, Inc.

  • Page 589: Configuration On Ce2 (Remote Ce Router)

    Examples: Ethernet Raw Mode Encapsulation for Martini Layer 2 Transport When a Martini circuit operates in Ethernet raw mode, you can configure the provider edge (PE) devices that receive packets from the customer edge (CE)-facing devices to Copyright © 2010, Juniper Networks, Inc.

  • Page 590: Figure 124: Mpls L2Vpn Tunnel Over Lag Configuration Example

    Case Sending CE device remote routers, PE1 Receiving CE configured on the number (CE1) and PE2 Device (CE2) S-VLAN interface S-VLAN-Aware S-VLAN-Aware S-VLAN-Aware Supported S-VLAN-Aware S-VLAN-Unaware S-VLAN-Aware Unsupported Copyright © 2010, Juniper Networks, Inc.

  • Page 591: Table 102: Martini Circuit Scenarios With Ethernet Raw Mode

    Figure 125 on page 556 shows the transmission of Ethernet packets over a Martini circuit with ES2 4G, GE-2, GE/FE, ES2 10G, ES2 10G Uplink, and ES2 10G ADV LMs. The different processing points inside the PE-facing routers are denoted as A, B, C, and D. Copyright © 2010, Juniper Networks, Inc.

  • Page 592: Figure 125: Ethernet Packet Distribution Over Martini Circuits

    At point D, for both ES2 4G LMs, ES2 10G LMs, ES2 10G Uplink LMs, and ES2 10G ADV LMs, the S-VLAN tag is inserted into the packet and sent to the CE-facing device at the remote site. Copyright © 2010, Juniper Networks, Inc.

  • Page 593: Examples: Configuring S-Vlan Subinterface With An Untagged C-Vlan Id

    CPE1 X:Y tagged for traffic from CPE1 CVLAN Y MPLS network Untagged X tagged Ethernet traffic for traffic with or without from CPE2 SVLAN tag, based on CPE2 PW2 for single-tagged traffic subinterface configuration Copyright © 2010, Juniper Networks, Inc.
  • Page 594 Both S-VLAN and C-VLAN tagged The following set of commands generates in appropriate error messages when you attempt to configure them on a VLAN major interface: host1(config-if)#interface fastEthernet 1/1.1 host1(config-if)#svlan id X anyUntagged host1(config-if)#svlan Ethertype 0x8100 Copyright © 2010, Juniper Networks, Inc.

  • Page 595: Example: Multiple Atm Virtual Circuits Over A Single Pseudowire

    ATM port of PE1. If cell concatenation is configured on that ATM port of PE1, PE1 accumulates the received ATM cells. If cell concatenation is not specified, cell concatenation count is reached, or the concatenation timer expired, PE1 encapsulates Copyright © 2010, Juniper Networks, Inc.
  • Page 596 VPI/VCI range. If the ATM cells do not fall within the configured VPI/VCI range, they are discarded. Related Topics Multiple ATM Virtual Circuits over a Single Pseudowire Overview on page 524 mpls-relay atm vpi-range vci-range mpls-relay atm cell-packing mcpt-timer Copyright © 2010, Juniper Networks, Inc.

  • Page 597: Monitoring Layer 2 Services Over Mpls

    The following statistics are maintained for each MPLS shim interface: receive packets and octets transmit packets and octets receive discarded packets transmit discarded packets receive error packets transmit error packets To set a statistics baseline for layer 2 services over MPLS: Copyright © 2010, Juniper Networks, Inc.

  • Page 598: Monitoring Atm Martini Cell Packing Timers For Layer 2 Services Over Mpls

    0 200 PVC SNAP 9180 up ATM 2/0.201 RFC-1483 201 0 201 PVC SNAP 9180 up 4 interface(s) found To display the current state of a specific ATM subinterface: host1#show atm subinterface atm 2/0.100 Circuit Interface Copyright © 2010, Juniper Networks, Inc.

  • Page 599: Monitoring Atm Cross-Connects For Layer 2 Services Over Mpls

    NOTE: For ATM over MPLS interfaces, the ATM-Prot field displays ATM/MPLS. Related Topics show atm subinterface Monitoring ATM Cross-Connects for Layer 2 Services over MPLS Purpose Display all ATM cross-connects (passthrough connections between local subinterfaces). Copyright © 2010, Juniper Networks, Inc.

  • Page 600: Monitoring Mpls Forwarding For Layer 2 Services Over Mpls

    20 0 pkts, 0 hcPkts, 0 octets 0 hcOctets, 0 errors, 0 discardPkts Out label 45 on tun mpls:1 nbr 222.9.1.3 0 pkts, 0 hcPkts, 0 octets 0 hcOctets, 0 errors, 0 discardPkts Copyright © 2010, Juniper Networks, Inc.

  • Page 601: Table 106: Show Mpls Forwarding Output Fields

    Number of high-capacity (64-bit) octets sent across tunnel errors Number of packets dropped for some reason before being sent discardPkts Number of packets discarded due to lack of buffer space before being sent Copyright © 2010, Juniper Networks, Inc.

  • Page 602: Monitoring Mpls Layer 2 Interfaces For Layer 2 Services Over Mpls

    0 packets, 0 bytes exceeded: 0 packets, 0 bytes MPLS policy output shimRl classifier-group * 0 packets, 0 bytes rate-limit-profile shimRl committed: 0 packets, 0 bytes conformed: 0 packets, 0 bytes exceeded: 0 packets, 0 bytes Copyright © 2010, Juniper Networks, Inc.

  • Page 603: Table 107: Show Mpls Interface And Show Mpls L2Transport Interface Output

    ATM cells that belong to multiple VCs over a single pseudowire. ATM cell aggregation Concatenation of multiple ATM cells to be sent in a single MPLS-labeled packet for an ATM port, enabled or disabled. Copyright © 2010, Juniper Networks, Inc.
  • Page 604 Total number of conformed packets and bytes dropped by this packets, bytes interface Dropped exceeded Total number of exceeded packets and bytes dropped by this packets, bytes interface MPLS policy Type (input, output) and name of policy Copyright © 2010, Juniper Networks, Inc.
  • Page 605 VC ID number for the interface Load Balancing Group Load-balancing group associated with the layer 2 Martini transport circuit Admin state Administrative state of the interface, enabled or disabled Oper state Operational state of the interface, up or down Copyright © 2010, Juniper Networks, Inc.
  • Page 606 JunosE 11.2.x BGP and MPLS Configuration Guide Related Topics show mpls interface show mpls l2transport interface Copyright © 2010, Juniper Networks, Inc.

  • Page 607: Virtual Private Lan Service

    PART 4 Virtual Private LAN Service VPLS Overview on page 573 Configuring VPLS on page 589 Monitoring VPLS on page 609 Copyright © 2010, Juniper Networks, Inc.
  • Page 608 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 609: Vpls Overview

    BGP as the protocol that signals reachability for the VPLS domain in which the VPLS instance participates. You must configure BGP on each provider edge (PE) router in your topology to provide signaling for each VPLS domain. Copyright © 2010, Juniper Networks, Inc.

  • Page 610: Vpls Components Overview

    As illustrated in Figure 128 on page 574, a typical VPLS topology consists of the following components. VPLS Domains on page 575 Customer Edge Devices on page 575 VPLS Edge Devices on page 575 Copyright © 2010, Juniper Networks, Inc.

  • Page 611: Vpls Domains

    PE devices. The router encapsulates Ethernet frames from the CE device in an MPLS packet and then forwards the encapsulated frames to the service provider core through the provider (P) router. This encapsulation is identical to Martini encapsulation for Ethernet layer 2 services over MPLS. Copyright © 2010, Juniper Networks, Inc.

  • Page 612: Vpls And Transparent Bridging Overview

    Bridged Ethernet 2/0.12 2b2b.2b2b.2b2b – – VPLS virtual core interface 4b4b.4b4b.4b4b Table 110: VPLS Forwarding Table on PE 2 for VPLS A Interface MAC Address Outgoing Label Received Label Fast Ethernet 3/5 3a3a.3a3a.3a3a – – Copyright © 2010, Juniper Networks, Inc.

  • Page 613: Subscriber Policies For Vpls Network Interfaces Overview

    Each network interface is associated with a default subscriber policy for that interface type. The subscriber policy is a set of forwarding and filtering rules that defines how the specified interface handles various packet or attribute types, as follows: Copyright © 2010, Juniper Networks, Inc.

  • Page 614: Modifying Subscriber Policies

    VPLS virtual core interface. Trunk interfaces and the VPLS virtual core interface always use the default trunk policy, which forwards packets of all types and permits relearning. Copyright © 2010, Juniper Networks, Inc.

  • Page 615: Considerations For Vpls Network Interfaces

    JunosE Link Layer Configuration Guide. BGP Signaling for VPLS Overview BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP/MPLS VPNs, which are sometimes known as RFC 2547bis VPNs. VPLS with BGP Copyright © 2010, Juniper Networks, Inc.

  • Page 616: Ldp Signaling For Vpls Overview

    VPLS identifier for the VPLS instance, and the mpls ldp vpls neighbor command to configure a list of neighbor (peer) addresses to which LDP can send or from which LDP can receive targeted hello messages. Copyright © 2010, Juniper Networks, Inc.

  • Page 617: Pwid Fec Element Tlv

    BEST PRACTICE: To prevent the creation of layer 2 loops due to a misconfiguration or temporary loops during a topology change and subsequent convergence, we recommend that you employ the Spanning Tree Protocol (STP) on your CE devices. Copyright © 2010, Juniper Networks, Inc.
  • Page 618 PE router for the purpose of reflecting layer 2 routes. Layer 2 prefixes that have different route distinguishers are considered to have different NLRI for route reflection. This result of the standard BGP path selection process enables Copyright © 2010, Juniper Networks, Inc.

  • Page 619: Designated Ve Device Selection For A Multihomed Site

    The result of this process establishes that the best path is suitable for establishing a pseudowire from the remote PE router to the PE router. That PE router is accordingly selected as the designated VE device. Copyright © 2010, Juniper Networks, Inc.
  • Page 620 When a VE device receives an advertisement for a layer 2 NLRI that matches its own site ID but the site is not multihomed, then the pseudowire between it and the transmitting PE router transitions to a site collision (SC) state and is not considered to be up. Copyright © 2010, Juniper Networks, Inc.

  • Page 621: Multihoming Reaction To Failures In The Network

    VPLS pseudowires as needed. To modify their pseudowires, the peer routers correct their MPLS forwarding tables and set up new entries in their pseudowire tables. VPLS Supported Features The JunosE implementation of VPLS provides the following features: Copyright © 2010, Juniper Networks, Inc.

  • Page 622: Vpls Platform Considerations

    For information about the modules that support VPLS network interfaces and VPLS virtual core interfaces on ERX14xx models, ERX7xx models, and ERX310 Braoadband Services Router: See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. Copyright © 2010, Juniper Networks, Inc.

  • Page 623: Interface Specifiers

    RFC 4447—Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) (April 2006) RFC 4762—Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling (January 2007) Virtual Private LAN Service—draft-ietf-l2vpn-vpls-bgp-05.txt (October 2005 expiration) Copyright © 2010, Juniper Networks, Inc.
  • Page 624 NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress. Please refer to the IETF Web site at http://www.ietf.org for the latest drafts. Copyright © 2010, Juniper Networks, Inc.

  • Page 625: Configuring Vpls

    Configuring VPLS Instances with LDP Signaling on page 603 Configuring LDP Signaling for VPLS on page 604 Configuring Routing in the Core Network for VPLS on page 604 Example: Configuring VPLS LDP Signaling on page 605 Copyright © 2010, Juniper Networks, Inc.

  • Page 626: Configuring Vpls With Bgp Signaling On A Pe Router

    Table 114 on page 590 lists the commands that you use to configure a basic VPLS instance, as described in this section. Table 114: Commands to Configure Basic VPLS Instances bridge vpls rd bridge vpls site-range bridge vpls route-target bridge vpls transport-virtual-routers bridge vpls site-name site-id Copyright © 2010, Juniper Networks, Inc.
  • Page 627 Create or add a route target to the import and export lists of VPN extended communities for this VPLS instance. host1(config)#bridge customer1 vpls route-target both 100:1 The PE router uses the lists of VPN extended communities to determine which routes are imported by this VPLS instance. Copyright © 2010, Juniper Networks, Inc.

  • Page 628: Configuring Bgp Multihoming For Vpls

    PE router can begin providing service to the customer site as soon as the failure is detected. The redundant connectivity maintains the VPLS service and traffic forwarding to and from the multihomed site while avoiding the formation of layer 2 traffic loops. Copyright © 2010, Juniper Networks, Inc.

  • Page 629: Configuring Optional Attributes For Vpls Instances

    (Optional) Set the length of time that a dynamic (learned) MAC address entry can remain in the forwarding table of the specified VPLS instance before expiring. host1(config)#bridge vplsB aging-time 1000 (Optional) Set the maximum number of dynamic MAC address entries that the specified VPLS instance can learn. Copyright © 2010, Juniper Networks, Inc.

  • Page 630: Configuring Vpls Network Interfaces

    From Interface Configuration mode or Subinterface Configuration mode, assign the interface to the specified VPLS instance. host1(config-if)#bridge-group customer1 Issuing this command with no optional keywords configures the network interface as a subscriber (client) interface by default. Copyright © 2010, Juniper Networks, Inc.

  • Page 631: Configuring The Loopback Interface And Router Id For Vpls

    Configure a loopback interface on the PE router and assign it an IP address. host1(config)#interface loopback 0 host1(config-if)#ip address 10.3.3.3 255.255.255.255 host1(config-if)#exit Assign the router ID using the IP address you configured for the loopback interface. host1(config)#ip router-id 10.3.3.3 Copyright © 2010, Juniper Networks, Inc.

  • Page 632: Configuring Mpls Lsps For Vpls

    For complete information about configuring MPLS LSPs, see Configuring MPLS on page 275. mpls mpls ldp Configuring BGP Signaling for VPLS This section describes one way to configure BGP signaling for VPLS, but does not provide complete details about configuring BGP and BGP/MPLS VPNs. Copyright © 2010, Juniper Networks, Inc.

  • Page 633: Table 115: Commands To Configure Bgp Signaling For Vpls

    This example configures only the next-hop-self attribute, forcing the BGP speaker to report itself as the next hop for an advertised route that it learned from a neighbor. host1(config-router-af)#neighbor 10.4.4.4 next-hop-self host1(config-router-af)#exit-address-family Copyright © 2010, Juniper Networks, Inc.

  • Page 634: Example: Configuring Vpls With Bgp Signaling

    The example in this section shows how to configure the VPLS topology illustrated in Figure 129 on page 599. The example includes the commands for configuring VPLS on both the local E Series router (PE 1) and the remote E Series router (PE 2). Copyright © 2010, Juniper Networks, Inc.

  • Page 635: Topology Overview Of Vpls With Bgp Signaling

    After you configure the bridging, MPLS, and BGP components of VPLS, the router automatically generates a VPLS virtual core interface for each VPLS instance. The VPLS virtual core interface represents all of the MPLS tunnels from the router to the remote VE device. Copyright © 2010, Juniper Networks, Inc.

  • Page 636: Configuration On Pe 1 (Local Pe Router)

    ! and assign it an IP address. host1(config)#interface atm 2/0.100 point-to-point host1(config-subif)#atm pvc 100 1 100 aal5snap 0 0 0 host1(config-subif)#ip address 192.168.1.1 255.255.255.0 ! Enable MPLS, LDP, and topology-driven LSPs on the core-facing interface. host1(config-subif)#mpls host1(config-subif)#mpls ldp host1(config-subif)#exit Copyright © 2010, Juniper Networks, Inc.

  • Page 637: Configuration On Pe 2 (Remote Pe Router)

    ! Configure a loopback interface on PE 2 and assign it an IP address. host2(config)#interface loopback 0 host2(config-if)#ip address 10.2.2.2 255.255.255.255 host2(config-if)#exit ! Assign the router ID for PE 2 using the IP address of the loopback interface. host2(config)#ip router-id 10.2.2.2 Copyright © 2010, Juniper Networks, Inc.

  • Page 638: Configuring Vpls With Ldp Signaling On A Pe Router

    For instructions, see “Subscriber Policies for VPLS Network Interfaces Overview” on page 577. Configure a loopback interface to be associated with the targeted LDP neighbor, and assign a router ID that uses the IP address of the loopback interface. Copyright © 2010, Juniper Networks, Inc.

  • Page 639: Configuring Vpls Instances With Ldp Signaling

    (customer3 in this example) already exists on the router, issuing this command causes the bridge group to become a VPLS instance. Related Topics Configuring VPLS with LDP Signaling on a PE Router on page 602 bridge vpls transport-virtual-router Copyright © 2010, Juniper Networks, Inc.

  • Page 640: Configuring Ldp Signaling For Vpls

    MPLS network. This section explains one way to configure OSPF to enable routing in the core network. Table 117 on page 605 lists the commands discussed in this section to configure OSPF. Copyright © 2010, Juniper Networks, Inc.

  • Page 641: Example: Configuring Vpls Ldp Signaling

    The example in this section shows how to configure the VPLS topology illustrated in Figure 130 on page 606. The example includes the commands for configuring VPLS on both the local E Series router (PE 1) and the remote E Series router (PE 2). Copyright © 2010, Juniper Networks, Inc.

  • Page 642: Topology Overview Of Vpls With Ldp Signaling

    “Topology Overview of VPLS with BGP Signaling” on page 599. Configuration on PE 1 (Local PE Router) Use the following commands on the local PE router (PE 1) to configure the VPLS topology shown in Figure 130 on page 606. Copyright © 2010, Juniper Networks, Inc.

  • Page 643: Configuration On Pe 2 (Remote Pe Router)

    10.10.10.0 0.0.0.255 area 0.0.0.0 host1(config-router)#exit Configuration on PE 2 (Remote PE Router) Use the following commands on the remote PE router (PE 2) to configure the VPLS topology shown in Figure 130 on page 606. Copyright © 2010, Juniper Networks, Inc.
  • Page 644 ! Configure OSPF routing in the core MPLS network. host2(config)#router ospf 1 host2(config-router)#network 2.2.2.2 0.0.0.0 area 0.0.0.0 host2(config-router)#network 20.20.20.0 0.0.0.255 area 0.0.0.0 host2(config-router)#exit Related Topics Configuring VPLS with LDP Signaling on a PE Router on page 602 Copyright © 2010, Juniper Networks, Inc.

  • Page 645: Monitoring Vpls

    You can use the following baseline commands to set a statistics baseline for a VPLS instance, for a network interface associated with a VPLS instance, or for the VPLS virtual core interface associated with a VPLS instance. The router implements the baseline by Copyright © 2010, Juniper Networks, Inc.

  • Page 646: Setting A Baseline For A Vpls Instance

    Tasks to clear the VPLS forwarding table are: Clearing All Dynamic MAC Addresses from the VPLS Forwarding Table on page 611 Clearing a Specific Dynamic MAC Addresses from the VPLS Forwarding Table on page 611 Copyright © 2010, Juniper Networks, Inc.

  • Page 647: Clearing All Dynamic Mac Addresses From The Vpls Forwarding Table

    To clear all dynamic MAC address entries for the VPLS virtual core interface associated with a VPLS instance: Issue the clear bridge interface vpls command. host1#clear bridge interface vpls vplsA Related Topics clear bridge clear bridge address clear bridge interface clear bridge interface vpls Copyright © 2010, Juniper Networks, Inc.

  • Page 648: Clearing Bgp Attributes For Vpls

    To clear the wait for receiving an End-of-RIB marker from the peer for the L2VPN address family: Issue the clear ip bgp wait-end-of-rib command. host1#clear ip bgp l2vpn wait-end-of-rib Related Topics clear ip bgp clear ip bgp dampening clear ip bgp wait-end-of-rib Copyright © 2010, Juniper Networks, Inc.

  • Page 649: Monitoring Vpls Configuration And Statistics For A Specific Vpls Instance

    Maximum number of dynamic MAC addresses that the VPLS instance can learn Link Status Snmp Traps Whether SNMP link status processing is enabled or disabled Subscriber Policy Name of the subscriber policy currently in effect Copyright © 2010, Juniper Networks, Inc.

  • Page 650: Monitoring Vpls Configuration And Statistics For All Vpls Instances

    To display the names of all VPLS instances configured on the router: host1#show bridge groups BridgeGroup: vplsA(vpls) BridgeGroup: vplsB(vpls) To display configuration settings for all VPLS instances on the router: host1#show bridge groups details Copyright © 2010, Juniper Networks, Inc.

  • Page 651: Table 119: Show Bridge Groups Details Output Fields

    Aging Time Length of time, in seconds, that a MAC address entry can remain in the forwarding table before expiring Learning Whether acquisition of dynamically learned MAC addresses is enabled or disabled Copyright © 2010, Juniper Networks, Inc.

  • Page 652: Monitoring Configuration, Statistics, And Status For Vpls Network Interfaces

    Monitoring Configuration, Statistics, and Status for VPLS Network Interfaces Purpose Display configuration, statistics, and status information for a specified network interface or for all interfaces assigned to a VPLS instance. Action To display information for a specified network interface: Copyright © 2010, Juniper Networks, Inc.
  • Page 653 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 vpls vplsB Port Number: 2 Operational Status: Down Admin Status: Up Snmp Link Status Trap: Disabled Max Learn: Unlimited Subscriber Policy: default Trunk Copyright © 2010, Juniper Networks, Inc.

  • Page 654: Table 120: Show Bridge Interface Output Fields

    Number of frames received on this interface In Discards Number of incoming packets discarded on this interface In Errors Number of incoming errors received on this interface Out Octets Number of octets transmitted on this interface Copyright © 2010, Juniper Networks, Inc.

  • Page 655: Monitoring Configuration, Statistics, And Status For Vpls Core Interfaces

    LowerLayerDown, NotPresent Related Topics show bridge interface Monitoring Configuration, Statistics, and Status for VPLS Core Interfaces Purpose Display configuration, statistics, and status information for the VPLS virtual core interface associated with a VPLS instance. Copyright © 2010, Juniper Networks, Inc.

  • Page 656: Table 122: Show Bridge Interface Vpls Output Fields

    Number of octets received on this interface In Frames Number of frames received on this interface In Discards Number of incoming packets discarded on this interface In Errors Number of incoming errors received on this interface Copyright © 2010, Juniper Networks, Inc.

  • Page 657: Monitoring Configuration, Statistics, And Status For Vpls Ports

    VPLS instance. Action To display information for VPLS ports: host1#show bridge vplsC port FastEthernet1/1.1 Port Number: 1 Operational Status: Up Admin Status: Up Snmp Link Status Trap: Disabled Max Learn: Unlimited Subscriber Policy: samplepolicy Statistics: Copyright © 2010, Juniper Networks, Inc.

  • Page 658: Table 123: Show Bridge Port Output Fields

    Operational status of the physical interface: Up, Down, LowerLayerDown, NotPresent Admin Status State of the physical interface: Up, Down Snmp Link Status Trap Whether SNMP link status processing is enabled or disabled for the specified interface Copyright © 2010, Juniper Networks, Inc.
  • Page 659 Number of exceeded packets and bytes that were dropped packets, bytes vpls vplsName Identifies the VPLS virtual core interface for the VPLS instance Table 124 on page 624 lists the show bridge port brief command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 660: Monitoring Mac Address Entries For A Specific Vpls Instance

    VPLS virtual core interface Length of time that a dynamic entry has been in the forwarding table; this value does not appear for static entries Related Topics show bridge table Copyright © 2010, Juniper Networks, Inc.

  • Page 661: Monitoring Subscriber Policy Rules

    Unknown Destination : Deny : Permit Unknown Protocol : Permit Unicast : Permit PPPoE : Permit Relearn : Deny Mpls : Permit Meaning Table 126 on page 626 lists the show subscriber-policy command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 662: Monitoring Layer2 Nlri For Vpls Instances

    Local-RIB version 11. FIB version 11. Status codes: > best, * invalid, s suppressed, d dampened, r rejected, a auto-summarized Prefix Peer Next-hop MED LocPrf Weight Origin > 1:1 0.0.0.0 self 0 IGP > 1:1 0.0.0.0 self 0 IGP Copyright © 2010, Juniper Networks, Inc.
  • Page 663 MPLS in-label is none MPLS in-label block size is 0 MPLS out-label is 46 MPLS out-label block size is 20 Next hop IP address is 2.2.2.2 (metric 3) Multi-exit discriminator is not present Local preference is 100 Copyright © 2010, Juniper Networks, Inc.

  • Page 664: Table 127: Show Ip Bgp L2Vpn Output Fields

    IP address of the next router that is used when a packet is forwarded address) to the destination network Multiexit discriminator for the route LocPrf Local preference for the route Weight Weight of the route Copyright © 2010, Juniper Networks, Inc.

  • Page 665: Monitoring Bgp Next Hops For Vpls

    IP tunnel routing table, or both) and whether this is in a VR or VRF IP indirect next-hop index Index number of the IP indirect next hop that corresponds to the BGP indirect next hop and its resolution Copyright © 2010, Juniper Networks, Inc.

  • Page 666: Monitoring Ldp-Related Settings For Vpls

    Globally unique identifier for the VPLS domain Remote PE IP address of the remote VE (also known as the PE) router In-label Incoming MPLS label from the remote site Out-label Outgoing MPLS label used to reach the remote site Copyright © 2010, Juniper Networks, Inc.

  • Page 667: Monitoring Mpls-Related Settings For Vpls

    Action taken for MPLS packets arriving with that label in pkts Number of packets sent with the label in Octets Number of octets sent with the label in errors Number of packets that are dropped for some reason before being sent Copyright © 2010, Juniper Networks, Inc.

  • Page 668: Monitoring Vpls-Specific Settings

    Aging Time: 300 secs Learning: Enabled Max Learn: Unlimited Link Status Snmp Traps: Disabled Subscriber Policy: default Subscriber Port Count: Interface Count: Transport Virtual Rtr: Route Distinguisher: 1.1.1.1:10 SiteName: westford SiteId: SiteRange: VPLS Route Targets Copyright © 2010, Juniper Networks, Inc.
  • Page 669 Site State Remote PE In-label Out-label MPLS NH Idx Up-down Time ----- ----- --------------- -------- --------- ----------- ------------ 2.2.2.2 00:02:56 Meaning Table 131 on page 634 lists the show vpls connections command output fields. Copyright © 2010, Juniper Networks, Inc.

  • Page 670: Table 131: Show Vpls Connections Output Fields

    Maximum number of sites that can participate in the VPLS domain associated with the VPLS instance VPLS Route Targets Extended community identifiers, also known as route targets, for each VPLS instance configured on the router Copyright © 2010, Juniper Networks, Inc.
  • Page 671 Outgoing MPLS label used to reach the remote site MPLS NH Idx MPLS next-hop index number that corresponds to the outgoing MPLS label Up-down Time Time since the last state change for this VPLS connection Related Topics show vpls connections Copyright © 2010, Juniper Networks, Inc.
  • Page 672 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 673: Virtual Private Wire Service

    PART 5 Virtual Private Wire Service VPWS Overview on page 639 Configuring VPWS on page 651 Monitoring VPWS on page 663 Copyright © 2010, Juniper Networks, Inc.
  • Page 674 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 675: Vpws Overview

    VPNs over layer 2 circuits. BGP signaling also enables autodiscovery of L2VPN peers. VPWS is similar to BGP/MPLS VPNs and VPLS in many respects, because all three types of services employ BGP for signaling. Copyright © 2010, Juniper Networks, Inc.

  • Page 676: Figure 131: Vpws Sample Topology

    VPWS L2VPN must be configured with the VPWS L2VPN’s encapsulation type. The layer 2 interfaces that connect the PE router and CE device pairs are configured to be members of the corresponding VPWS L2VPN, L2VPN A or L2VPN B. Copyright © 2010, Juniper Networks, Inc.

  • Page 677: Bgp Signaling For L2Vpns Overview

    VPWS instance. Traffic coming into the local interface from the CE device is cross-connected to an MPLS next hop that corresponds to the demultiplexer. Traffic is then encapsulated in MPLS and sent across the MPLS core to the remote PE router in the L2VPN. Copyright © 2010, Juniper Networks, Inc.

  • Page 678: Vpws Components Overview

    Figure 132 on page 642 shows the components of a typical VPWS L2VPN topology. Figure 132: VPWS Components VPWS Instances on page 643 Customer Edge Devices on page 643 VPWS Provider Edge Devices on page 643 Copyright © 2010, Juniper Networks, Inc.

  • Page 679: Vpws Instances

    BGP multiprotocol extensions (MP-BGP) enable BGP to support IPv4 services such as BGP/MPLS VPNs, which are sometimes known as RFC 2547bis VPNs. A VPWS L2VPN is actually a BGP-MPLS application that has much in common with BGP/MPLS VPNs. Copyright © 2010, Juniper Networks, Inc.

  • Page 680: Bgp Multihoming For Vpws Overview

    BGP in the local-preference attribute. You configure the same site ID (sometimes referred to as a VE ID) on these connected PE routers. Each of these routers then advertises reachability for the multihomed site; Copyright © 2010, Juniper Networks, Inc.
  • Page 681 RR to reflect all routes that have different route distinguishers to all other RR clients even though only one of these routes is used to trigger the VPWS pseudowire to the multihomed site. Copyright © 2010, Juniper Networks, Inc.

  • Page 682: Designated Ve Device Selection For A Multihomed Site

    VE device. The PE routers connected to the customer site always have a local route and therefore all advertise a locally-originated route. These PE router also receive the advertisements from the other connected PE routers. Copyright © 2010, Juniper Networks, Inc.
  • Page 683 PE routers in the VPWS network. The PE router receives the multihomed advertisements and selects a best path; it does not originate any of these advertisements because it is not connected to the multihomed customer site. Copyright © 2010, Juniper Networks, Inc.

  • Page 684: Multihoming Reaction To Failures In The Network

    PE router. BGP sends a layer 2 update with the new local preference attribute to all peer PE routers. The peer PE routers each run the best path selection process again and adjust the VPWS pseudowires as needed. Copyright © 2010, Juniper Networks, Inc.

  • Page 685: Vpws Supported Features

    See ERX Module Guide, Chapter 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support VPWS. For information about the modules that support VPWS on E120 and E320 Broadband Services Routers: Copyright © 2010, Juniper Networks, Inc.

  • Page 686: Interface Specifiers

    NOTE: IETF drafts are valid for only 6 months from the date of issuance. They must be considered as works in progress. Please refer to the IETF Web site at http://www.ietf.org for the latest drafts. Copyright © 2010, Juniper Networks, Inc.

  • Page 687: Configuring Vpws

    See “Configuring Customer-Facing Interfaces in the VPWS Instance” on page 654 (Optional) Configure local cross-connects. See “Configuring a Local Cross-Connect for VPWS” on page 655 Configure the loopback interface and router ID for BGP. Copyright © 2010, Juniper Networks, Inc.

  • Page 688: Configuring An Vpws Instance

    Configure the maximum number of customer sites that can participate in the L2VPN. host1(config)#l2vpn exampleco site-range 10 Configure the name and ID number for the customer sites in the L2VPN instance. Copyright © 2010, Juniper Networks, Inc.

  • Page 689: Configuring Bgp Multihoming For Vpws

    2 traffic loops. To configure BGP multihoming on a VPWS PE router: Configure the site as multihomed and specify a multihoming priority for the PE site for this instance. Copyright © 2010, Juniper Networks, Inc.

  • Page 690: Types Of Interfaces To Configure In The Vpws Instance

    VPWS L2VPN. host1(config-if)#l2vpn exampleco local-site-id 1 remote-site-id 2 host1(config-if)#exit Repeat for all customer-facing interfaces in the VPWS. host1(config)#interface fastEthernet 4/1 host1(config-if)#l2vpn exampleco local-site-id 1 remote-site-id 3 host1(config-if)#exit Related Topics interface fastEthernet l2vpn local-site-id remote-site-id Copyright © 2010, Juniper Networks, Inc.

  • Page 691: Local Cross-Connects For Vpws Overview

    Configure the correct local and remote site IDs on the two local interfaces that are being cross-connected. host1(config)#interface fastEthernet 4/0 host1(config-if)#l2vpn exampleco local-site-id 1 remote-site-id 2 host1(config-if)#exit host1(config)#interface fastEthernet 4/1 host1(config-if)#l2vpn exampleco local-site-id 2 remote-site-id 1 host1(config-if)#exit Copyright © 2010, Juniper Networks, Inc.

  • Page 692: Bgp Loopback Interface And Router Id Overview

    Table 134 on page 656 lists the commands used in this section to configure BGP signaling for VPWS. Table 134: Commands to Configure BGP Signaling for VPWS address-family l2vpn neighbor next-hop-self address-family vpws neighbor remote-as exit-address-family neighbor update-source Copyright © 2010, Juniper Networks, Inc.

  • Page 693: Configuring Bgp Signaling For Vpws

    VPWS instance configured on the router. You must issue the address-family vpws command separately for each VPWS instance configured on the router. host1(config-router)#address-family vpws l2vpnA host1(config-router)#address-family vpws l2vpnB Related Topics Configuring BGP Routing on page 3 Copyright © 2010, Juniper Networks, Inc.

  • Page 694: Mpls Lsps For Vpws Overview

    192.168.5.5 255.255.255.0 Enable MPLS on the core-facing interface. host1(config-subif)#mpls Enable LDP and topology-driven LSPs on the core-facing interface. host1(config-subif)#mpls ldp host1(config-subif)#exit Related Topics Configuring MPLS on page 275 atm pvc interface atm ip address mpls Copyright © 2010, Juniper Networks, Inc.

  • Page 695: Example: Configuring Vpws On Local And Remote Routers

    MPLS LSPs on the core-facing interfaces to connect PE 1 and PE 2 through the P router across the service provider core. Finally, you must configure BGP on both PE 1 and PE 2 to provide signaling for both L2VPNs. Copyright © 2010, Juniper Networks, Inc.

  • Page 696: Configuration On Pe 1 (Local Pe Router)

    ! Configure BGP signaling. host1(config)#router bgp 738 host1(config-router)#neighbor 10.1.1.1 remote-as 738 host1(config-router)#neighbor 10.1.1.1 update-source loopback 0 host1(config-router)#neighbor 10.1.1.1 next-hop-self host1(config-router)#address-family l2vpn signaling host1(config-router-af)#neighbor 10.1.1.1 activate host1(config-router-af)#neighbor 10.1.1.1 next-hop-self host1(config-router-af)#exit-address-family host1(config-router)#address-family vpws l2vpnA host1(config-router-af)#exit-address-family host1(config-router)#address-family vpws l2vpnB Copyright © 2010, Juniper Networks, Inc.

  • Page 697: Configuration On Pe 2 (Remote Pe Router)

    ! in L2VPN instance l2vpnB. host2(config)#interface gigabitEthernet 0/1 host2(config-subif)#l2vpn l2vpnB local-site-id 4 remote-site-id 2 host2(config-if)#exit ! Configure a loopback interface on PE 2 and assign it an IP address. host2(config)#interface loopback 0 host2(config-if)#ip address 10.2.2.2 255.255.255.255 host2(config-if)#exit Copyright © 2010, Juniper Networks, Inc.
  • Page 698 192.168.4.4 255.255.255.0 ! Enable MPLS, LDP, and topology-driven LSPs on the on the core-facing interface. host2(config-subif)#mpls host2(config-subif)#mpls ldp host2(config-subif)#exit ! Enable MPLS, LDP, and topology-driven LSPs on the core-facing interface. host1(config-subif)#mpls host1(config-subif)#mpls ldp host1(config-subif)#exit Copyright © 2010, Juniper Networks, Inc.

  • Page 699: Monitoring Vpws

    Clearing the Wait for the End-of-RIB Marker for the L2VPN Address Family on page 664 Clearing BGP Reachability Information for the L2VPN Address Family To clear BGP reachability information for a specific VPWS instance in the L2VPN address family: Copyright © 2010, Juniper Networks, Inc.

  • Page 700: Family

    Monitoring BGP-Related Settings for VPWS L2VPNS Purpose This section provides examples of some of the show ip bgp commands that you can use to monitor VPWS configurations. Copyright © 2010, Juniper Networks, Inc.

  • Page 701: Table 135: Commands For Monitoring Bgp Settings For The Vpws Address

    The l2vpn all keywords display layer 2 NLRI for all VPWS instances in the L2VPN address family. The output for this version of the command also includes information about any VPLS instances configured in the L2VPN address family. Copyright © 2010, Juniper Networks, Inc.
  • Page 702 The last restart was not graceful Local-RIB version 6. FIB version 6. (No neighbors are configured) To display information for the route that matches the specified prefix (2:1) for a VPWS instance named customer1 in the VPWS address family: Copyright © 2010, Juniper Networks, Inc.

  • Page 703: Table 137: Show Ip Bgp L2Vpn Output Fields

    Table 137: show ip bgp l2vpn Output Fields Field Name Field Description Local BGP identifier IP address of the local PE router local AS Autonomous system number Local-RIB version Version number of the local routing information base Copyright © 2010, Juniper Networks, Inc.
  • Page 704 Status Vector Hexadecimal representation of the status vector bits attached to the route Related Topics show ip bgp show ip bgp advertised-routes show ip bgp community show ip bgp community-list show ip bgp dampened-paths Copyright © 2010, Juniper Networks, Inc.

  • Page 705: Monitoring Bgp Next Hops For Vpws L2Vpns

    BGP next-hop attribute received in the BGP update message Resolution Describes where the indirect next hop is resolved (the IP routing table, the IP tunnel routing table, or both) and whether this is in a VR or VRF Copyright © 2010, Juniper Networks, Inc.

  • Page 706: Monitoring Vpws Connections

    Local-Site-Id Remote-Site-Id state state --------------- ------------- -------------- ------- ----- FastEthernet4/1 enabled Connections status code: UP = Operational SC = Local and Remote Site Identifier Collision EM = Encapsulation Mismatch OR = Out of Range Copyright © 2010, Juniper Networks, Inc.
  • Page 707 To display detailed information about connections for a specific VPWS instance: host1#show l2vpn connections instance l2vpn1 details L2VPN: l2vpn1 Encapsulation Type ATM AAL5 SDU VCC transport Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Copyright © 2010, Juniper Networks, Inc.

  • Page 708: Table 139: Show L2Vpn Connections Output Fields

    CE device in the event of a network failure in the multihomed configuration; indicates also that the site is multihomed Route Targets Route targets configured for the VPWS instance Interface Layer 2 interface that is a member of the VPWS instance Copyright © 2010, Juniper Networks, Inc.

  • Page 709: Monitoring Vpws Instances

    L2VPN: l2vpn1 Encapsulation Type Ethernet Use of control word is preferred Send sequence numbers Route Distinguisher 100:11 Site Range 10 Sites: Site Name boston Site Id 1 Route Targets: Route Target: RT:100:1 both Copyright © 2010, Juniper Networks, Inc.

  • Page 710: Table 140: Show L2Vpn Instance Output Fields

    Name of VPWS instance Encapsulation Type Encapsulation type configured for the VPWS instance Use of control word Local preference for control word, preferred or not preferred sequence numbers Local preference for sequence number, send or don’t send Copyright © 2010, Juniper Networks, Inc.

  • Page 711: Monitoring L2Vpn Interfaces For Vpws

    Remote site ID is 2 Control word is preferred by default Do send sequence numbers by default Relay format is atm-aal5-sdu-vcc by default Administrative state is enabled Operational state is up Operational MTU is 9180 Copyright © 2010, Juniper Networks, Inc.

  • Page 712: Table 141: Show L2Vpn Interface Output Fields

    MPLS shim interface UID UID automatically assigned to the MPLS shim interface when it is created Lower interface UID UID automatically assigned to the MPLS major interface when it is created Copyright © 2010, Juniper Networks, Inc.

  • Page 713: Monitoring Mpls Forwarding Table For Vpws

    Table 141: show l2vpn interface Output Fields (continued) Field Name Field Description Condensed location Internal, platform-dependent, 32-bit representation of the interface location, used by Juniper Networks Customer support for troubleshooting. Received Number of packets, bytes, errors and discards received on the interface...

  • Page 714: Table 142: Show Mpls Forwarding Output Fields

    Spoof check Type and location of spoof checking performed on the MPLS packet, router, or interface Action Action taken for MPLS packets arriving with that label in pkts Number of packets sent with the label Copyright © 2010, Juniper Networks, Inc.
  • Page 715 Number of packets that are discarded due to lack of buffer space before being sent Interface Layer 2 interface that is a member of an L2VPN Related Topics show mpls forwarding Copyright © 2010, Juniper Networks, Inc.
  • Page 716 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.
  • Page 717 PART 6 Index Index on page 683 Copyright © 2010, Juniper Networks, Inc.
  • Page 718 JunosE 11.2.x BGP and MPLS Configuration Guide Copyright © 2010, Juniper Networks, Inc.

  • Page 719: Index

    MPLs packets....526 defining................604 for concatenation of multiple cells AS (autonomous system)............3 and transmission over a single advertising networks in..........50 pseudowire............526 confederation..............141 IGP (interior gateway protocol)........7 managing a large-scale..........141 AS path filtering...............85 Copyright © 2010, Juniper Networks, Inc.
  • Page 720 ASs........50 limit on total number of........528 advertising routes conditionally........61 performance impact ........528 advertising two best routes........52 unified ISSU and..........528 aggregator path attribute..........11 Copyright © 2010, Juniper Networks, Inc.
  • Page 721 AS numbers capability......123 speaker.................3 graceful restart .............123 synchronization..............131 and BFD..............138 troubleshooting.............157 IBGP..................6 update message..............7 inheritance of configuration values......21 VPLS, configuring............596 keepalive message............7 bgp commands...............113 keepalives and BFD.............138 bgp advertise-best-external-to-internal....52 L2VPNs, configuring...........656 bgp advertise-inactive..........61 Copyright © 2010, Juniper Networks, Inc.
  • Page 722 VR, peering with VRF........454 fallback global example.........463, 465 path failure, ECMP............384 fast reconvergence.............454 peering between VRF and parent VR....454 filtering routes..............413 platform considerations...........393 full mesh VPN...............425 provider core routers..........386 provider edge routers..........386 Copyright © 2010, Juniper Networks, Inc.
  • Page 723 VRF...................388 BGP hard................96 Bidirectional Forwarding Detection. See BFD BGP soft................96 Border Gateway Protocol. See BGP clear bgp ipv6 commands bridge commands clear bgp ipv6..............96 bridge acquire...............593 clear bgp ipv6 dampening.........99 bridge address..............593 bridge aging-time............593 Copyright © 2010, Juniper Networks, Inc.
  • Page 724 RIP data path failure........266 connectivity verification disable-dynamic-redistribute command......54 at egress nodes discovery, LDP in point-to-multipoint MPLS LSPs....246 basic.................250 using ping feature for extended.................250 point-to-multipoint LDP LSPs, distance bgp command..........134, 135 unsupported.............247 connectivity, verify and troubleshoot MPLS....244 Copyright © 2010, Juniper Networks, Inc.
  • Page 725 IETF draft, Detecting Data Plane Failures setting the BGP/MPLS VPN........428 in Point-to-Multipoint Multiprotocol use..................431 Label Switching (MPLS) - Extensions to export map command............431 LSP Ping ............247 extended communities type value, 12..............248 BGP................12, 95 route target..............389 Copyright © 2010, Juniper Networks, Inc.
  • Page 726 VCI/VPI values as the data hard clear of BGP sessions..........96 cells..............526 hardware limitations inter-AS (interprovider) services with ATM line modules IPv4...................401 and support of multiple VCs over a single IPv6..................408 pseudowire............525 Copyright © 2010, Juniper Networks, Inc.
  • Page 727 See mpls commands; using in echo requests mpls bandwidth that contain RSVP P2MP Session ip vrf commands sub-TLV.............250 ip vrf...................421 IPv6 VPNs ip vrf forwarding..........433, 435 carrier-of-carriers............475 global export maps.............433 inter-AS services............408 intra-AS services............399 Copyright © 2010, Juniper Networks, Inc.
  • Page 728 VPLS signaling......604 configuring shim interfaces....515, 533, 534 discovery mechanisms..........250 control word..............512 extended discovery.............250 control word support for ATM FEC aggregation............288 passthrough...............518 FEC deaggregation.............288 Ethernet aggregation..........539 graceful restart.............256 graceful restart configuration tasks.....289 Copyright © 2010, Juniper Networks, Inc.
  • Page 729 BGP/MPLS VPN.......452 export................429 maximum route warning threshold, BGP/MPLS global export............432, 433 VPN..................452 global import..............432 maximum routes command..........453 import................432 maximum-paths command..........443 member interface command...........541 meshed peers, reduce BGP..........141 messages, BGP................7 Copyright © 2010, Juniper Networks, Inc.
  • Page 730 RSVP-TE............240 EXP bits................221 ordered control.............227 experimental bits............221 OSPF, configuring............301 explicit null label............220 overview..............209, 218 explicit path path options for backup..........252 configured..............235 penultimate hop popping........220 configuring dynamic.........288 platform considerations..........215 platform label space...........221 Copyright © 2010, Juniper Networks, Inc.
  • Page 731 282, 596, 658 including P2MP Responder Identifier TLV in mpls atm vci range............282 tracing the path from ingress node.....249 mpls atm vpi range.............282 Copyright © 2010, Juniper Networks, Inc.
  • Page 732 MPLS L2VPNs over LAG between two ATM ports........526 on CE-side, overview...........521 over a single pseudowire.........526 mpls ldp commands using the RSVP configuration mpls ldp..........278, 282, 596, 658 on the same ATM port........526 mpls ldp advertise-labels.........278 Copyright © 2010, Juniper Networks, Inc.
  • Page 733 ATMx port state...........526 mpls rsvp bfd-liveness-detection......300 Multiprotocol Label Switching. See MPLS mpls rsvp disable............282 (Multiprotocol Label Switching) mpls rsvp egress-router..........279 multiservice layer 2 services..........515 mpls rsvp profile........279, 281, 282 mpls rsvp signalling hello.........297 Copyright © 2010, Juniper Networks, Inc.
  • Page 734 .........123 distributing between PEs.........479 neighbor graceful-restart restart-time....123 distributing from CE to PE.......479 neighbor graceful-restart stalepaths-time............123 distributing from PE to CE.......479 routing information, preserving......479 Copyright © 2010, Juniper Networks, Inc.
  • Page 735 IPv4 Egress Address P2MP Responder nonstandard..............307 Identifier.............249 per-hop scheduling class..........307 IPv4 Node Address P2MP Responder performance impact Identifier.............249 on routers and transmission of multiple ATM VCs over single pseudowire..........528 PHB. See per-hop behavior Copyright © 2010, Juniper Networks, Inc.
  • Page 736 VC platform considerations on an ATM subinterface........560 BGP..................14 used for cell relay for multiple VCs BGP/MPLS VPNs............393 on an ATM port...........560 L2VPNs................649 layer 2 services over MPLS........510 MPLS.................215 VPLS................586 Copyright © 2010, Juniper Networks, Inc.
  • Page 737 RFC 4816—Pseudowire Emulation Edge-to-Edge conditionally advertising BGP........61 (PWE3) Asynchronous Transfer Mode (ATM) processing of received routes for BGP/MPLS Transparent Cell Transport Service (February VPNs................459 2007)..................511 redistributing into BGP..........53 using BGP................153 routing and forwarding instance. See VRF Copyright © 2010, Juniper Networks, Inc.
  • Page 738 MD5 authentication...........294 set metric................71 overview................240 set metric-type..............71 peer reachability............260 set mpls-label..............459 purging learned routes..........266 Copyright © 2010, Juniper Networks, Inc.
  • Page 739 IBGP peers............34 show ldp profile............339 soft clear of BGP sessions..........96 show ldp statistics............340 speakers, BGP................3 show ldp targeted-hello...........342 route reflection and.............145 show ldp vpls..............630 srefresh messages...............240 subscriber policies for VPLS..........577 Copyright © 2010, Juniper Networks, Inc.
  • Page 740 VCC (virtual channel connection) cell relay and ping feature in point-to-multipoint encapsulation, ATM LSPs..............248 configuring..............535 sent by ingress nodes overview................518 in point-to-multipoint LSPs......248 transit service................12 transparent bridging and VPLS........576 transport virtual router, configure for VPLS....590 Copyright © 2010, Juniper Networks, Inc.
  • Page 741 L2VPN address family......579, 596 module support..........586 loopback interface and router ID, overview..............574 configuring............595 subscriber policies..........577 sample topology, configuring......598 platform considerations...........586 signaling overview..........579 references...............587 subscriber policies on..........577 transparent bridging, comparison to....576 Copyright © 2010, Juniper Networks, Inc.
  • Page 742 BGP signaling, configuring........656 assigning with route maps.........110 BGP/MPLS VPNs............643 CE (customer edge device)........642 clear BGP reachability..........663 BGP route flap dampening......664 BGP wait for end-of-RIB marker....664 components..............642 configuration example..........659 configure address families..........656 BGP signaling............656 L2VPN instances..........652 Copyright © 2010, Juniper Networks, Inc.

This manual is also suitable for:

Junose 11.2.x

Table of Contents