[j-nsp] l2circuit communities
Truman Boyes
truman at suspicious.org
Mon May 17 22:34:40 EDT 2010
Hi Richard,
You can likely achieve this a different way, (although you approach has interested me to check it out), by using CBF based on communities. I would use communities for the l2circuits, then associate those communities with a cos-next-hop-map, and have a forwarding policy exported to the FIB.
Of course this is only useful if you feel like making l2circuits use a specific cos mapping in your network.
Truman
On 17/05/2010, at 3:51 AM, Richard A Steenbergen wrote:
> I'm trying to do something similar to the example here:
>
> http://www.juniper.net/techpubs/en_US/junos10.0/information-products/topic-collections/config-guide-vpns/vpns-configuring-policies-for-layer-2-circuits.html
>
> Using a community tag on an l2circuit and a install-nexthop lsp-regex
> policy to control which LSPs get used for transport customers. The goal
> is to make dedicated LSPs for l2circuits, and have them be completely
> separate from the LSPs used for regular IP traffic.
>
> But in this example, it doesn't say anything about how to keep the
> regular IP traffic-engineering/shortcuts routes from load balancing with
> the transport LSPs, which it wants to do by default. I tried changing
> the preference on the transport LSPs to make them less preferred, but
> install-nexthop doesn't seem to actually do anything to block the other
> non-matching LSPs being being used, so with the better preference they
> still end up being selected by the l2ckts.
>
> I tried using the "install-nexthop except", but it didn't quite work
> like I expected either. The documentation on it says "To prevent the
> installation of any matching next hops, include the install-nexthop
> statement with the except option:", so I figured you might need to
> explicitly block the other LSPs using it. If you try to put the "except"
> in the same term as the match, it combined them all into a single
> statement like so:
>
> term TRANSPORT-GOLD {
> from community TRANSPORT_GOLD;
> then {
> install-nexthop lsp-regex TRANSPORT-.*-GOLD except IP-.*;
> accept;
> }
> }
>
> And it doesn't seem to actually do anything (the regular IP LSPs are
> still being used). I also tried it in a different term, like so:
>
> term TRANSPORT-NO-IP {
> from community [ TRANSPORT_GOLD TRANSPORT_SILVER TRANSPORT_BRONZE ];
> then {
> install-nexthop except lsp-regex "^IP.*";
> }
> }
> term TRANSPORT-GOLD {
> from community TRANSPORT_GOLD;
> then {
> install-nexthop lsp-regex TRANSPORT-.*-GOLD;
> accept;
> }
> }
>
> But it doesn't work either. What am I missing here? I'm hoping there is
> something simple and elegant I'm missing short of having to a no-install
> on all of the regular LSPs, then match everything without the transport
> communities and install them to lsp-regexp IP.*.
>
> --
> Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
> GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list