[j-nsp] VRRP with Juniper, what is needed around?

Jeff Meyers Jeff.Meyers at gmx.net
Fri Dec 14 21:24:36 EST 2007 

Prasanna Kumar A.S schrieb:

Hi,

>   I guess your topology with two m10s will look this
> 
> Uplink1 - +-------+ - +-------------+
> Uplink2 - | M10 1 |ae0| Core-Switch | - Customers
>           +-------+ - +             |
>                       |             |
> Uplink1 - +-------+ - +             |
> Uplink2 - | M10 2 |ae0|             | 
>           +-------+ - +-------------+

exactly, yes.

> And
> - You will have to replicate the BGP configurations on the second M10
> box, ( hope you are advertising the ae-ifl's subnet into BGP)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

What do you mean by that? What is ae-ifl? (aggregated ethernet interface 
l...?)

> - configure VRRP on the ae ifls of both the m10 boxes connecting to the
> core-switch and you can configure VRRP in two ways 
> 1) Configure separate ip address as the VR-IP/VIP, Here only one router
> will be doing the FWding at any point of time

At least outgoing, yes. As long as the customer does not use the IP of 
M10-2 as his default gateway.

> 2) configure two vrrp-groups on each ifl, one with interface ip of M10-1
> as VIP and other group with interface ip of m10-2 as VIP, and here you
> can do load sharing by configuring 50% of the customers with gateway as
> m10-1 and rest with m10-2, this way you achieve load sharing (when both
> the boxes are up) as well as redundancy(when any one of the box is down)

I guess we will go with option #1.

> I am not sure how we can provide redundancy at switch level as the
> costumer can connect to only one switch with one physical link.

The next step will be a 2nd switch where a customer can get another 
uplink if he wants.

> Please get me the current configuration of your m10 box to understand
> your topology better

Pretty basic stuff:

- a couple of prefixes being announced to two transit providers
- 2x GigE member links on ae0
- 1x GigE for Upstream #1
- Upstream #2 is connected to the core switch
- All subnets are assigned to various vlans on ae0, e.g. ae0.100 for 
customer1, ae0.101 for customer2 and so on..

Just BGP, no IGP is running there. Only one router for everything and 
the Switch is doing Layer2 only.


Best regards,
Jeff

More information about the juniper-nsp mailing list