[j-nsp] MPLS for management VPN question
Jeff Meyers
Jeff.Meyers at gmx.net
Wed Jun 3 08:09:38 EDT 2009
Hi,
we currently have a small number of PoPs, each equippped with a Juniper
M-series router. On each PoP we use a local Vlan 100 for the management
with RFC1918 ip adresses - 192.168.0.0/16.
Unfortunately, this results in scalability problems as the network grows
since it's not possible to manage and monitor all network devices (e.g.
network switches) from one central point.
Therefore, we want to setup MPLS in our network and create a network
wide VPN for the management. Since my experience with MPLS is very, very
low (as in "there is none"), I could need some help here. So here we go:
The PoPs are connected over dedicated transport links and iBGP as well
as OSPF is running fine so far. The transport link ends in a Foundry
core-switch, the core-switch itself is connected via aggregated-ethernet
to the juniper m-series router. On that ae-link, we're running dot1q
vlan tagging.
First problem: what exactly will I need for my purpose? L2VPN? L3VPN?
Something else? The management vpn shall be reachable from every
management device on 2 or more PoPs.
I managed to got basic MPLS running as follows:
- enabled mpls under "protocols mpls" and created a label-switched-path
- enabled rsvp for the interface ospf and iBGP is running on
Here is where I'm stuck: what would be the next steps in order to create
the desired management VPN? The routers itself doesn't need a RFC1918
adress within that VPN.
What encapsulation would I need on the specific interface for the
described setup?
Thanks for any help & best regards,
Jeff
More information about the juniper-nsp
mailing list