[j-nsp] L3 VPN on 5.6
Daniel
telecom at servidor.unam.mx
Fri Mar 14 13:25:16 EST 2003
On Fri, 14 Mar 2003, Daniel wrote:
Josef, If you were talking about a static route.. i tried that too.. and
it didnt work.. and I dont remember needing it before..
anyways here are the results.. I even tried with ge-2/3/0.0.. and it didnt
work.. i guess you just can't ping the local CE interface
on JunOS anymore...Thanks
PE1>VRF1 {
instance-type vrf;
interface ge-0/0/0.0;
route-distinguisher 1:1;
vrf-import VRFIMP1;
vrf-export VRFEXP1;
routing-options {
static {
route 10.10.15.2/32 next-hop 10.10.15.2;
}
policy-statement VRFEXP1 {
term a {
from protocol direct;
then {
community add COMM1;
accept;
}
}
term b {
from {
protocol static;
route-filter 10.10.15.2/32 exact;
}
then {
community add COMM1;
accept;
}
}
term d {
then reject;
}
}
PE2> show route table VRF1
VRF1.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.10.15.0/24 *[BGP/170] 00:01:09, localpref 100, from 10.10.104.3
AS path: I
> via so-2/2/0.0, Push 100003, Push 100001(top)
10.10.15.2/32 *[BGP/170] 00:01:09, localpref 100, from 10.10.104.3
AS path: I
> via so-2/2/0.0, Push 100003, Push 100001(top)
10.10.16.0/24 *[Direct/0] 18:41:11
> via ge-2/3/0.0
10.10.16.1/32 *[Local/0] 18:41:12
Local via ge-2/3/0.0
PE2> ping routing-instance VRF1 10.10.15.2
PING 10.10.15.2 (10.10.15.2): 56 data bytes
^C
--- 10.10.15.2 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
PE2> ping routing-instance VRF1 interface ge-2/3/0.0 10.10.15.2
PING 10.10.15.2 (10.10.15.2): 56 data bytes
^C
--- 10.10.15.2 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
> On Fri, 14 Mar 2003, Josef Buchsteiner wrote:
>
> Hi Josef, Thanks but i went over that document and i still can't fix this
> issue. I used the local and vpn-interface with the ping and
> still nothing (im not sure that this is supported on the 5.6 they are not
> on the help cli) and like i said it's just a directly connected
> CE so im not supposed to see this routes on bgp.l3 table right? just on
> the VRF1 table..
> So maybe you can't ping the directly conected interface on a VRF anymore?
> thanks
>
> PE1> show route table bgp.l3
>
> bgp.l3vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 1:1:10.10.16.0/24
> *[BGP/170] 17:49:37, localpref 100, from 10.10.104.4
> AS path: I
> > to 10.10.105.17 via ge-0/1/0.0, Push 100000
>
> PE1> show route table VRF1
>
> VRF1.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 10.10.15.0/24 *[Direct/0] 17:54:54
> > via ge-0/0/0.0
> 10.10.15.1/32 *[Local/0] 17:54:54
> Local via ge-0/0/0.0
> 10.10.16.0/24 *[BGP/170] 17:49:44, localpref 100, from 10.10.104.4
> AS path: I
> > to 10.10.105.17 via ge-0/1/0.0, Push 100000
>
> These are the pingss outputs
>
>
> PE1>ping 10.10.16.1 vpn-interface ge-0/0/0 local 10.10.15.1 count 3
> PING 10.10.16.1 (10.10.16.1): 56 data bytes
>
> --- 10.10.16.1 ping statistics ---
> 3 packets transmitted, 0 packets received, 100% packet loss
>
>
> PE1>ping routing-instance VRF1 10.10.16.1 local 10.10.15.1 count 3
> PING 10.10.16.1 (10.10.16.1): 56 data bytes
>
> --- 10.10.16.1 ping statistics ---
> 3 packets transmitted, 0 packets received, 100% packet loss
>
> > At 02:43 AM 3/14/2003, Daniel wrote:
> >
> > > Hi, I know that there are some changes on L3VPNs between 5.6 and 5.5 but
> > >i thought it was only the part of not running mpls on the pe-ce interface.
> >
> > you just don't need to configure family mpls on the pe-ce interface anymore
> > as the software does it for you so this is still inherited.
> >
> > >I loaded my working config from 5.5 and I can see the routes on the PE
> > >router but i can't ping it I'm using 5.6 rev2.
> >
> >
> > Please look at the troubleshooting guidance and see what you need to
> > do if you want to ping multi-access address on the PE-CE connection
> > and then all will work ;-)
> >
> > http://www.juniper.net/techpubs/software/junos/junos56/swconfig56-vpns/html/vpnl3-trouble.html
> >
> > thanks
> > Josef
> >
> >
> >
> >
> > >PE1-P-PE2
> > >
> > >PE1> show route table VRF1
> > >
> > >VRF1.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
> > >+ = Active Route, - = Last Active, * = Both
> > >
> > >10.10.15.0/24 *[Direct/0] 00:05:58
> > > > via ge-0/0/0.0
> > >10.10.15.1/32 *[Local/0] 00:05:58
> > > Local via ge-0/0/0.0
> > >10.10.16.0/24 *[BGP/170] 00:00:48, localpref 100, from 10.10.104.4
> > > AS path: I
> > > > to 10.10.105.17 via ge-0/1/0.0, Push 100000
> > >
> > >PE1> ping routing-instance VRF1 10.10.15.1
> > >PING 10.10.15.1 (10.10.15.1): 56 data bytes
> > >64 bytes from 10.10.15.1: icmp_seq=0 ttl=255 time=7.853 ms
> > >64 bytes from 10.10.15.1: icmp_seq=1 ttl=255 time=0.362 ms
> > >64 bytes from 10.10.15.1: icmp_seq=2 ttl=255 time=0.321 ms
> > >^C
> > >--- 10.10.15.1 ping statistics ---
> > >3 packets transmitted, 3 packets received, 0% packet loss
> > >round-trip min/avg/max/stddev = 0.321/2.845/7.853/3.541 ms
> > >
> > >daniel at m20-2> ping routing-instance VRF1 10.10.16.1
> > >PING 10.10.16.1 (10.10.16.1): 56 data bytes
> > >^C
> > >--- 10.10.16.1 ping statistics ---
> > >3 packets transmitted, 0 packets received, 100% packet loss
> > >
> > >
> > >
> > >configs are at the bottom
> > >
> > >PE1.---
> > >
> > >interfaces {
> > > ge-0/0/0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.15.1/24;
> > > }
> > > family iso;
> > > }
> > > }
> > > ge-0/1/0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.105.18/30;
> > > }
> > > family iso;
> > > family mpls;
> > > }
> > > }
> > > lo0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.104.3/32;
> > > }
> > >
> > >protocols {
> > > mpls {
> > > interface ge-0/1/0.0;
> > > }
> > > bgp {
> > > group MVPN {
> > > type internal;
> > > local-address 10.10.104.3;
> > > neighbor 10.10.104.4 {
> > > family inet-vpn {
> > > unicast;
> > > }
> > > }
> > > }
> > > }
> > > ospf {
> > > area 0.0.0.0 {
> > > interface ge-0/1/0.0;
> > > interface so-1/0/0.0;
> > > interface lo0.0;
> > > }
> > > }
> > > ldp {
> > > interface ge-0/1/0.0;
> > > interface lo0.0;
> > > }
> > >
> > >policy-options {
> > > policy-statement VRFIMP1 {
> > > term a {
> > > from {
> > > protocol bgp;
> > > community COMM1;
> > > }
> > > then accept;
> > > }
> > > term b {
> > > then reject;
> > > }
> > > }
> > > policy-statement VRFEXP1 {
> > > term a {
> > > from protocol direct;
> > > then {
> > > community add COMM1;
> > > accept;
> > > }
> > > }
> > > term b {
> > > then reject;
> > > }
> > > }
> > >community COMM1 members target:1:1;
> > >
> > >routing-instances {
> > > VRF1 {
> > > instance-type vrf;
> > > interface ge-0/0/0.0;
> > > route-distinguisher 1:1;
> > > vrf-import VRFIMP1;
> > > vrf-export VRFEXP1;
> > > }
> > >
> > >
> > >P
> > >
> > >interfaces {
> > > so-0/1/0
> > > unit 0 {
> > > family inet {
> > > address 10.10.105.42/30;
> > > }
> > > family mpls;
> > > }
> > > }
> > > ge-0/2/0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.105.17/30;
> > > }
> > > family mpls;
> > > }
> > > }
> > > lo0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.104.2/32;
> > > }
> > >protocols {
> > > mpls {
> > > interface so-0/1/0.0;
> > > interface ge-0/2/0.0;
> > > }
> > > ospf {
> > > area 0.0.0.0 {
> > > interface so-0/1/0.0;
> > > interface ge-0/2/0.0;
> > > interface lo0.0;
> > > }
> > > }
> > > ldp {
> > > interface so-0/1/0.0;
> > > interface ge-0/2/0.0;
> > > interface lo0.0;
> > > }
> > >}
> > >
> > >
> > >PE
> > >
> > >interfaces {
> > > so-2/2/0
> > > unit 0 {
> > > family inet {
> > > address 10.10.105.41/30;
> > > }
> > > family mpls;
> > > }
> > > }
> > > ge-2/3/0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.16.1/24;
> > > }
> > > lo0 {
> > > unit 0 {
> > > family inet {
> > > address 10.10.104.4/32;
> > > }
> > >protocols {
> > > mpls {
> > > interface so-2/2/0.0;
> > > }
> > > bgp {
> > > group MPVN {
> > > type internal;
> > > local-address 10.10.104.4;
> > > neighbor 10.10.104.3 {
> > > family inet-vpn {
> > > unicast;
> > > }
> > > }
> > > }
> > > }
> > > ospf {
> > > area 0.0.0.0 {
> > > interface so-1/2/0.0;
> > > interface so-2/2/0.0;
> > > interface lo0.0;
> > > }
> > > }
> > > ldp {
> > > interface so-2/2/0.0;
> > > interface lo0.0;
> > > }
> > >policy-options {
> > > policy-statement VRFIMP1 {
> > > term a {
> > > from {
> > > protocol bgp;
> > > community COMM1;
> > > }
> > > then accept;
> > > }
> > > term b {
> > > then reject;
> > > }
> > > }
> > > policy-statement VRFEXP1 {
> > > term a {
> > > from protocol [ direct local ];
> > > then {
> > > community add COMM1;
> > > accept;
> > > }
> > > }
> > > term b {
> > > then reject;
> > > }
> > > community COMM1 members target:1:1;
> > >
> > >routing-instances {
> > > VRF1 {
> > > instance-type vrf;
> > > interface ge-2/3/0.0;
> > > route-distinguisher 1:1;
> > > vrf-import VRFIMP1;
> > > vrf-export VRFEXP1;
> > > }
> > >
> > >
> > >
> > >_______________________________________________
> > >juniper-nsp mailing list juniper-nsp at puck.nether.net
> > >http://puck.nether.net/mailman/listinfo/juniper-nsp
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list