Skip to content

Instantly share code, notes, and snippets.

@dsundarraj

dsundarraj/mx-config.txt

Created March 15, 2016 20:28
Show Gist options
  • Save dsundarraj/b33ebbeff9f380f6e684 to your computer and use it in GitHub Desktop.
Save dsundarraj/b33ebbeff9f380f6e684 to your computer and use it in GitHub Desktop.
Download ZIP
MX Configuration Steps for Floating IP
Raw
mx-config.txt
Step 1: Enable tunnel services
for example: for an mx480 with two fpcs for redundant logical tunnels
fpc 1 {
pic 0 {
tunnel-services;
inline-services {
bandwidth 10g;
}
}
pic 1 {
inline-services {
bandwidth 10g;
}
}
}
fpc 2 {
pic 0 {
tunnel-services;
inline-services {
bandwidth 10g;
}
}
pic 1 {
inline-services {
bandwidth 10g;
}
}
}
Step 2: Commit config
Step 3: Check for lt interface created it’ll be like lt-1/0/0, lt-2/0/0
Step 4: Create lt interfaces and loopback interfaces
interfaces{
lt-1/0/0{
unit 100 {
encapsulation frame-relay;
dlci 100;
peer-unit 101;
family inet;
}
unit 101 {
encapsulation frame-relay;
dlci 100;
peer-unit 100;
family inet;
}
}
lt-2/0/0{
unit 200 {
encapsulation frame-relay;
dlci 200;
peer-unit 201;
family inet;
}
unit 201 {
encapsulation frame-relay;
dlci 200;
peer-unit 200;
family inet;
}
}
lo0 {
unit 0 {
family inet {
address 10.128.192.20/32;
}
}
unit 101 {
family inet {
address 10.130.1.1/32;
}
}
}
}
Step 5: Create a static route for your virtual network subnet to be defined in Contrail
routing-options
{
static
{
route <subnet> next-hop [ lt-1/0/0.100 lt-2/0/0.200 ];
}
}
Step 6:
Create a loopback interface for the MX and use that for router-id and route-distinguisher-id. Set the MX’s AS number
routing-options
{
router-id 10.128.192.20;
route-distinguisher-id 10.128.192.20;
autonomous-system 65000;
}
Step 7:
Configure dynamic-tunnels configuration to the subnet where all vRouters reside. It maybe the /16 subnet which encompasses all the racks.
routing-options
{
dynamic-tunnels {
dynamic-tunnels-overlay { <name>
source-address 10.128.192.20; <loopback address of the MX >
gre;
destination-networks {
10.128.0.0/21; <super net for all vRouters>
}
}
}
Step 9:
Enable BGP and establish peering with contrail controllers
protocols {
bgp {
family inet-vpn {
unicast;
}
group Contrail {
type internal;
keep all;
family inet-vpn {
unicast;
}
family route-target;
neighbor 10.128.0.10; <contrail-controller-1>
neighbor 10.128.0.138; <contrail-controller-2>
neighbor 10.128.1.10; <contrail-controller-3>
}
}
}
Step 10:
Create a VRF for the virtual network in Contrail that needs external (non-overlay) routed access
<VRF-NAME> {
instance-type vrf;
interface lt-1/0/0.101;
interface lt-2/0/0.201;
interface lo0.101; <This is a loopback interface>
vrf-target target:65000:30007; <Same Route Target to be used in Contrail>
vrf-table-label;
routing-options {
static {
route <subnet> discard;
route 0.0.0.0/0 next-hop [ lt-1/0/0.101 lt-2/0/0.201 ];
}
}
}
Step 11:
Check the following
show route table inet.3 for tunnels created to all compute hosts where you have a VM in the external routed network
inet.3: 54 destinations, 54 routes (54 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.128.0.0/21 *[Tunnel/300] 19w3d 17:15:26
Tunnel
10.128.0.10/32 *[Tunnel/300] 2w1d 07:01:14
> via gr-1/0/0.33844
10.128.0.11/32 *[Tunnel/300] 2w1d 11:53:38
> via gr-2/0/0.33810
10.128.0.12/32 *[Tunnel/300] 2w1d 11:53:35
> via gr-2/0/0.33821
• Check lt status
show interfaces terse lt-1/0/0 
Interface Admin Link Proto Local Remote
lt-1/0/0 
lt-1/0/0.100 up up inet
show interfaces terse lt-2/0/0 
Interface Admin Link Proto Local Remote
lt-2/0/0 
lt-2/0/0.200 up up inet
◦ Check BGP status, you will see all VRFs which are exchanging routes between MX and Contrail controllers
show bgp summary
Groups: 3 Peers: 9 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
 1663 561 0 0 0 0
bgp.l2vpn.0
 34 6 0 0 0 0
bgp.rtarget.0
 108 16 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.128.0.10 65000 627218 71606 0 5 1w5d 22:47:24 Establ
bgp.l3vpn.0: 465/465/465/0
bgp.rtarget.0: 16/28/28/0
PR_BOSH.inet.0: 1/1/1/0
PR_BOSHSVC.inet.0: 92/92/92/0
PR_CF.inet.0: 242/242/242/0
SB_BOSH.inet.0: 1/1/1/0
SB_PCF.inet.0: 50/50/50/0
SB_PCF_BOSH.inet.0: 3/3/3/0
SB_PCF_BOSH_SVC.inet.0: 76/76/76/0
10.128.0.138 65000 37519 186148 0 6 1w5d 22:46:55 Establ
bgp.l3vpn.0: 10/35/35/0
bgp.rtarget.0: 0/28/28/0
PR_BOSHSVC.inet.0: 2/6/6/0
PR_CF.inet.0: 8/24/24/0
SB_PCF.inet.0: 0/4/4/0
SB_PCF_BOSH_SVC.inet.0: 0/1/1/0
10.128.1.10 65000 688473 158798 0 5 1w5d 22:47:23 Establ
bgp.l3vpn.0: 0/450/450/0
bgp.rtarget.0: 0/28/28/0
PR_BOSH.inet.0: 0/1/1/0
PR_BOSHSVC.inet.0: 0/90/90/0
PR_CF.inet.0: 0/234/234/0
SB_BOSH.inet.0: 0/1/1/0
SB_PCF.inet.0: 0/46/46/0
SB_PCF_BOSH.inet.0: 0/3/3/0
SB_PCF_BOSH_SVC.inet.0: 0/75/75/0
• Check individual VM /32 routes in the VRF to see if Contrail Controller has propagate it to the MX correctly using the BGP peering
For example:
show route table SB_BOSH.inet.0
SB_BOSH.inet.0: 8 destinations, 13 routes (5 active, 0 holddown, 4 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 19w3d 17:18:35
> via lt-1/0/0.103
via lt-2/0/0.203
[BGP/170] 19w3d 17:17:17, localpref 100, from 10.128.192.21
AS path: I, validation-state: unverified
> to 10.128.192.107 via ae3.20, Push 23
10.129.32.0/20 *[Static/5] 19w3d 17:21:48
Discard
[BGP/170] 19w3d 17:17:17, localpref 100, from 10.128.192.21
AS path: I, validation-state: unverified
> to 10.128.192.107 via ae3.20, Push 23
10.129.47.205/32 *[BGP/170] 4d 18:37:58, localpref 200, from 10.128.0.10
AS path: ?, validation-state: unverified
> via gr-2/0/0.33843, Push 37
[BGP/170] 4d 18:37:58, localpref 200, from 10.128.192.21
AS path: ?, validation-state: unverified
> via gr-2/0/0.33843, Push 37
[BGP/170] 4d 18:37:58, localpref 200, from 10.128.1.10
AS path: ?, validation-state: unverified
> via gr-2/0/0.33843, Push 37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment