FW: [j-nsp] L3VPN management

Chris Hellberg Chris.Hellberg at telecom.co.nz
Fri Jul 18 00:56:56 EDT 2003


You need to kick-start the customer VPN to be able to export routes to the management VPN like so:

set routing-instance custvpn-a routing-options auto-export enable

Then in your management import policy, you'll have something like this:

policy-statement mgmt-import {

      term from-custvpn-a {
             from {
                 community community-cust-a
                 }
              then accept
          }
}

> -----Original Message-----
> From: Adam Szymajda [mailto:aszymajd at wp.pl]
> Sent: Thursday, 17 July 2003 23:49
> To: Chris Hellberg
> Cc: juniper-nsp at puck.nether.net
> Subject: Odp: FW: [j-nsp] L3VPN management
> 
> 
> I have 5.7.
> Do you mean sth like:
> policy-statement mgmt-import {
>     term 1 {
>         from instance
>     or  
>         from rib ?
>         
> I have tried to do it, but with no effect at all :-(
> 
> Adam.    
> 
> Dnia 17-07-2003 o godz. 13:22 Chris Hellberg napisał(a):
> > resent to the list......
> > 
> > > -----Original Message-----
> > > From: Chris Hellberg 
> > > Sent: Thursday, 17 July 2003 23:19
> > > To: 'Adam Szymajda'; juniper-nsp at puck.nether.net
> > > Subject: RE: [j-nsp] L3VPN management
> > > 
> > > 
> > > Upgrade to 5.6. It really is a *big* hassle using rib-groups 
> > > for what you want to do on < 5.6. With 5.6, there's some 
> > > funky internal mechanism to import routes from other VRFs on 
> > > the same PE by just matching the community (without the 
> > > protocol BGP bit) when you define your import policy.
> > > 
> > > > -----Original Message-----
> > > > From: Adam Szymajda [mailto:aszymajd at wp.pl]
> > > > Sent: Thursday, 17 July 2003 23:08
> > > > To: juniper-nsp at puck.nether.net
> > > > Subject: [j-nsp] L3VPN management
> > > > 
> > > > 
> > > > Hi all, 
> > > > 
> > > > I want to create a management network for L3VPN, by simply 
> > > > adding an additional VRF on one of the PE's. It is 
> supposed to 
> > > > import the loopback addressess of all the CE's, while all 
> other 
> > > > VRF's are to import the route to the management network. 
> While 
> > > > this is quite easy to do with separate route target for 
> the CE's 
> > > > attached to any other PE, it won't work for the CE 
> attached to 
> > > > the same PE as the management network (the CE's loopbacks 
> won't 
> > > > be placed in bgp.l3vpn.0 table on this particular PE). The 
> only 
> > > > thing that goes through my mind is to creat rib-groups, 
> but that 
> > > > requires a lot of configuration when there's significant 
> amount 
> > > > of the VRF's (two rib-groups per each vrf). My question is 
> > > > whether you know any other, more convenient way to do it. 
> > > > Hope this is clear :-) 
> > > > Best regards, 
> > > > Adam. 
> > > > 
> > > > 
> > > > ----------------------------------------------------------
> > > > Jesteś w Trójmieście? Zajrzyj na Gdynia Summer Jazz Days!
> > > > Więcej < http://www.gsjd.wp.pl >
> > > > 
> > > > 
> > > > 
> > > > _______________________________________________
> > > > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > > > http://puck.nether.net/mailman/listinfo/juniper-nsp
> > > > 
> > > > 
> > > 
> > 
> > ---------------------------------------------------------------
> ---------------
> > "This communication, including any attachments, is 
> confidential. 
> > If you are not the intended recipient, you should not read
> > it - please contact me immediately, destroy it, and do not
> > copy or use any part of this communication or disclose
> > anything about it. Thank you."
> > ---------------------------------------------------------------
> ---------------
> > 
> > 
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/juniper-nsp
> > 
> 
> --------------------------------------------------------------
> ---------
> Festiwal Filmowy Era Nowe Horyzonty, 17-27 lipca.
> Cieszyn zaprasza! < http://film.wp.pl/www/film/2003/eranowehoryzonty >
> 
> 
> 
> 
> 

------------------------------------------------------------------------------
"This communication, including any attachments, is confidential. 
If you are not the intended recipient, you should not read
it - please contact me immediately, destroy it, and do not
copy or use any part of this communication or disclose
anything about it. Thank you."
------------------------------------------------------------------------------




More information about the juniper-nsp mailing list