Skip to content

Instantly share code, notes, and snippets.

@oglok

oglok/gist:7491f2f30f564e9a4fabad19bb5ddc34

Last active October 30, 2018 14:07
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save oglok/7491f2f30f564e9a4fabad19bb5ddc34 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save oglok/7491f2f30f564e9a4fabad19bb5ddc34 to your computer and use it in GitHub Desktop.
Download ZIP
L3VPN Junos
Raw
gistfile1.txt
Junos01
-----------------
show configuration
em1 {
unit 0 {
family inet {
address 169.254.0.2/24;
address 193.168.30.150/24;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 11.11.11.11/32;
}
}
}
}
forwarding-options {
storm-control-profiles default {
all;
}
}
routing-options {
router-id 193.168.30.150;
autonomous-system 30;
}
protocols {
mpls {
traffic-engineering {
mpls-forwarding;
}
label-switched-path vpn {
from 193.168.30.150;
to 193.168.30.160;
}
interface em1.0;
}
bgp {
group JunosVPN {
local-address 193.168.30.150;
family inet-vpn {
unicast;
}
peer-as 30;
local-as 30;
neighbor 193.168.30.160;
}
}
ldp {
interface em1.0;
}
igmp-snooping {
vlan default;
}
}
routing-instances {
red {
instance-type vrf;
interface lo0.0;
route-distinguisher 30:30;
vrf-target target:30:30;
vrf-table-label;
protocols {
ospf {
area 0.0.0.0 {
interface lo0.0;
}
}
}
}
}
vlans {
default {
vlan-id 1;
}
}
Junos02
------------------
show configuration
em1 {
unit 0 {
family inet {
address 169.254.0.2/24;
address 193.168.30.160/24;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 22.22.22.22/32;
}
}
}
}
forwarding-options {
storm-control-profiles default {
all;
}
}
routing-options {
router-id 193.168.30.160;
autonomous-system 30;
}
protocols {
mpls {
traffic-engineering {
mpls-forwarding;
}
label-switched-path vpn {
from 193.168.30.160;
to 193.168.30.150;
}
interface em1.0;
}
bgp {
group JunosVPN {
local-address 193.168.30.160;
family inet-vpn {
unicast;
}
peer-as 30;
local-as 30;
neighbor 193.168.30.150;
}
}
ldp {
interface em1.0;
}
igmp-snooping {
vlan default;
}
}
routing-instances {
red {
instance-type vrf;
interface lo0.0;
route-distinguisher 30:30;
vrf-target target:30:30;
vrf-table-label;
protocols {
ospf {
area 0.0.0.0 {
interface lo0.0;
}
}
}
}
}
vlans {
default {
vlan-id 1;
}
}
From Junos01 to Juno02
root@vqfx-re> ping 193.168.30.160
PING 193.168.30.160 (193.168.30.160): 56 data bytes
64 bytes from 193.168.30.160: icmp_seq=0 ttl=64 time=0.493 ms
64 bytes from 193.168.30.160: icmp_seq=1 ttl=64 time=0.574 ms
root@vqfx-re> ping 22.22.22.22 routing-instance red
PING 22.22.22.22 (22.22.22.22): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
Commands
-----------
Junos 01
set interfaces em1 unit 0 family inet address 193.168.30.150/24
set protocols bgp local-address 193.168.30.150 family inet-vpn unicast
set protocols bgp local-as 20
set protocols bgp group JunosVPN peer-as 20
set protocols bgp group JunosVPN neighbor 193.168.30.160
set routing-options router-id 193.168.30.150
set protocols mpls interface em1
set protocols mpls label-switched-path vpn from 193.168.30.150 to 193.168.30.160
set protocols mpls traffic-engineering bgp
set protocols mpls traffic-engineering mpls-forwarding
set interfaces em1 unit 0 family mpls
set protocols mpls interface em1.0
set protocols ldp interface em1
set routing-instances red instance-type vrf
set routing-instances red interface lo0
set routing-instances red protocols ospf area 0.0.0.0 interface lo0
set routing-instances red route-distinguisher 30:30
set routing-instances red vrf-target target:30:30
set routing-instances red vrf-table-label
set routing-options router-id 193.168.30.150
set routing-options autonomous-system 30
Junos 02
set interfaces em1 unit 0 family inet address 193.168.30.160/24
set protocols bgp local-address 193.168.30.160 family inet-vpn unicast
set protocols bgp local-as 20
set protocols bgp group JunosVPN peer-as 20
set protocols bgp group JunosVPN neighbor 193.168.30.150
set routing-options router-id 193.168.30.160
set protocols mpls interface em1
set protocols mpls label-switched-path vpn from 193.168.30.160 to 193.168.30.150
set protocols mpls traffic-engineering bgp
set protocols mpls traffic-engineering mpls-forwarding
set interfaces em1 unit 0 family mpls
set protocols mpls interface em1.0
set protocols ldp interface em1
set routing-instances red instance-type vrf
set routing-instances red interface lo0
set routing-instances red protocols ospf area 0.0.0.0 interface lo0
set routing-instances red route-distinguisher 30:30
set routing-instances red vrf-target target:30:30
set routing-instances red vrf-table-label
set routing-options router-id 193.168.30.160
set routing-options autonomous-system 30
Since we don't have VMs acting as CE routers, we will use loopback interfaces to simulate customer traffic, so that's why we add that lo0 to the vrf called "red". If we add an IP address to each of the loopbacks:
Junos 01
set interfaces lo0 unit 0 family inet address 11.11.11.11/32
Junos 02
set interfaces lo0 unit 0 family inet address 22.22.22.22/32
root@vqfx-re> ping 22.22.22.22 routing-instance red
PING 22.22.22.22 (22.22.22.22): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
In Junos01
------------
root@vqfx-re> show route
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
@ = Routing Use Only, # = Forwarding Use Only
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Access-internal/12] 00:20:53
> to 192.168.10.1 via em0.0
169.254.0.0/24 *[Direct/0] 00:21:10
> via em1.0
169.254.0.2/32 *[Local/0] 00:21:10
Local via em1.0
192.168.10.0/24 *[Direct/0] 00:20:53
> via em0.0
192.168.10.150/32 *[Local/0] 00:20:53
Local via em0.0
193.168.30.0/24 *[Direct/0] 00:20:46
> via em1.0
193.168.30.150/32 *[Local/0] 00:20:46
Local via em1.0
224.0.0.2/32 *[LDP/9] 00:20:46, metric 1
MultiRecv
red.inet.0: 3 destinations, 3 routes (2 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
11.11.11.11/32 *[Direct/0] 00:08:46
> via lo0.0
224.0.0.5/32 *[OSPF/10] 00:08:47, metric 1
MultiRecv
mpls.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:20:46, metric 1
to table inet.0
0(S=0) *[MPLS/0] 00:20:46, metric 1
to table mpls.0
1 *[MPLS/0] 00:20:46, metric 1
Receive
2 *[MPLS/0] 00:20:46, metric 1
to table inet6.0
2(S=0) *[MPLS/0] 00:20:46, metric 1
to table mpls.0
13 *[MPLS/0] 00:20:46, metric 1
Receive
16 *[VPN/0] 00:08:46
> via lsi.0 (red), Pop
bgp.l3vpn.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
red.inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
fe80::200:f:fc00:0/128
*[Direct/0] 00:08:46
> via lo0.0
Check out the hidden routes:
root@vqfx-re> show route table red.inet.0 hidden extensive
red.inet.0: 3 destinations, 3 routes (2 active, 0 holddown, 1 hidden)
22.22.22.22/32 (1 entry, 0 announced)
BGP Preference: 170/-101
Route Distinguisher: 30:30
Next hop type: Unusable, Next hop index: 0
Address: 0x95b54c4
Next-hop reference count: 2
State: <Secondary Hidden Int Ext ProtectionCand>
Local AS: 30 Peer AS: 30
Age: 8:49
Validation State: unverified
Task: BGP_30_30.193.168.30.160
AS path: I
Communities: target:30:30
Import Accepted
VPN Label: 16
Localpref: 100
Router ID: 193.168.30.160
Primary Routing Table bgp.l3vpn.0
Indirect next hops: 1
Protocol next hop: 193.168.30.160
Label operation: Push 16
Label TTL action: prop-ttl
Load balance label: Label 16: None;
Indirect next hop: 0x0 - INH Session ID: 0x0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment