[j-nsp] Routing Instance for fxp0
Alex
alex.arseniev at gmail.com
Mon Nov 30 06:14:59 EST 2009
Hi there,
Please make sure you read JNPR tech docs regarding limitations for logical
systems (new name for logical routers since 9.3)
http://www.juniper.net/techpubs/en_US/junos10.0/information-products/topic-collections/feature-guide/logical-systems-overview-solutions.html
For simple management via telnet/SSH and nothing else I can see this one is
most relevant:
When a configuration session is in use, users who are tied to the same
logical system cannot commit configuration changes.
HTH
Rgds
Alex
----- Original Message -----
From: "Brian Fitzgerald" <FitzgeraldB at camosun.bc.ca>
To: "Alfred Schweder" <alf at all.de>; <juniper-nsp at puck.nether.net>
Sent: Monday, November 30, 2009 4:27 AM
Subject: Re: [j-nsp] Routing Instance for fxp0
> Hi All
>
> Assuming you are on a M/MX/T series, you have the option of using a
> logical
> router (logical system in 9.x and later). This allows you to totally
> isolate the fxp0 OOB within it's own environment.
>
> It's really simple with one RE
>
> logical-systems {
> MGMT {
> interfaces {
> fxp0 {
> unit 0 {
> family inet {
> address 192.168.1.123/24;
> }
> }
> }
> }
> routing-options {
> static {
> route 0.0.0.0/0 next-hop 192.168.1.1;
> }
> }
> }
> }
>
> With 2 REs its a little more complex. You can use pply-groups to
> configure
> both RE's fxp0 interfaces with a live OOB IP, plus an IP that tracks with
> the active (master) RE.
>
> groups {
> re0 {
> logical-systems {
> MGMT {
> interfaces {
> fxp0 {
> unit 0 {
> family inet {
> address 192.168.1.121/24;
> address 192.168.1.123.24 {
> master-only;
> }
> }
> }
> }
> }
> }
> }
> }
> re1 {
> logical-systems {
> MGMT {
> interfaces {
> fxp0 {
> unit 0 {
> family inet {
> address 192.168.1.122/24;
> address 192.168.1.123/24 {
> master-only;
> }
> }
> }
> }
> }
> }
> }
> }
> }
> apply-groups [ re0 re1 ];
> logical-systems {
> MGMT {
> routing-options {
> static {
> route 0.0.0.0/0 next-hop 192.168.1.1;
> }
> }
> }
> }
>
> If you have a J/E/EX etc., I am afraid I am less help - don't have much
> experience with those platforms.
>
> Hope that helps
>
>
> Brian Fitzgerald
> Sr. Network & Security Admin.
> ITS, Camosun College, Victoria, BC.
>
>
>
>
>
>
>
> On 09-11-28 3:09 AM, "Alfred Schweder" <alf at all.de> wrote:
>
>> Hello
>>
>> I'd like to seperate the routing instance of fxp0 for a real outband Mgmt
>> Access.
>> At our ciscos we configure:
>>
>> ip vrf InternalMgmt
>> rd 42:42
>> int eth0
>> ip vrf forwarding InternalMgmt
>> ip address 192.168.1.123 255.255.255.0
>> ip route vrf InternalMgmt 0.0.0.0 0.0.0.0 192.168.1.1
>>
>> So we can make an outband mgmt acces, but the mgmt interface is seperated
>> from
>> the global routing, and the network can used for other purpose.
>>
>>
>> At junos I cant configure it the same way:
>>
>> alf at M7i# set routing-instances mgmt instance-type no-forwarding interface
>> fxp0.0
>> alf at M7i# commit confirmed
>> [edit routing-instances mgmt]
>> 'interface fxp0.0'
>> RT Instance: Interface fxp0.0 not supported under routing-instances.
>> error: configuration check-out failed
>>
>>
>> Is there an other way to do this seperation ?
>>
>> Thanks and regards,
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list