[j-nsp] Managing MX480 fxp0

Truman Boyes truman at suspicious.org
Thu Jul 8 03:33:18 EDT 2010 

Putting fxpX or meX interfaces into a VRF is not a good idea. I understand that you want to have a management VPN, that idea is fine, but the host routing from the routing engine should not have to rely on other features/line cards of the box that may need to be serviced.

I tend to use loopback addresses inside l3vpns that I can reach via my OSS networks, and this works perfectly for basic NMS-type of operations. 

Even still, a routing-engine that suffers in booting a line card that provides MPLS uplinks would be out of commission if the VRF routing was not working.

Cheers,
Truman

On 8/07/2010, at 6:22 AM, Chris Evans wrote:

> Send a bitch email to juniper. I have been begging for the capability to put
> the fxp into a vrf.
> 
> On Jul 7, 2010 3:53 PM, "Jim Devane" <jdevane at switchnap.com> wrote:
> 
> Hello,
> 
> I need some ideas/help on a scenario I am sure comes up a lot but having
> problems with.
> 
> I have an MX480. I want to be able to manage this MX from an internal (1918)
> network through the fxp0 port. The internal network is not flat but routed
> and there are several subnets which may contact the MX for
> management/polling. I was thinking/hoping to set up a VRF for this port and
> set routes/default route for the VRF to connect. It turns out I am not able
> to put fxp0 into a routing-instance. (errors on config checkout)
> So I put everything production in to a logical system leaving the fxp in the
> master instance and installing a default route for the master instance. This
> works, but now the MS-DPC will not export flows if it is in a logical
> system. So the logical system is out b/c the MS-DPC has to be in the master
> instance. But I can't but the fxp0 into a logical/routing instance.
> 
> What is the BCP/recommended method for managing this box if fxp0 is not a
> "public" routed interface?
> 
> Unfortunately, I don't have another port to place into a VRF besides the
> fxp0 (all other ports are 10G)
> 
> Thanks for any help/ideas!
> Jim
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list