[j-nsp] SRX for MPLS
Paul Stewart
paul at paulstewart.org
Fri Oct 22 10:54:55 EDT 2010
Has anyone done much l2vpn on them? I know that's related for sure..;)
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Miroslav Georgiev
Sent: Friday, October 22, 2010 10:05 AM
To: Will McLendon
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] SRX for MPLS
Unfortunately there are some vpls limitations on SRX and J-series
routers. You should check them first.
Besides that everything works.
On 10/22/2010 04:28 PM, Will McLendon wrote:
> you can definitely do MPLS on J-series and SRX gateways. It even says so
on the datasheet -- however, as was mentioned, you must put the device in
packet-based mode, and thus lose ALL security features (everything that is
configured under [edit security] -- so Zones, Stateful Policies, NAT, etc.
are all not available)
>
> to add-on to Tim's comment, you will want to use the command 'delete
security' to wipe out that hierarchy, and then enable the packet-based mode:
>
> set security forwarding-options family mpls mode packet-based.
>
> there are other statements in that hierarchy to enable packet-based for
inet6 etc, but i've never turned that on...just the MPLS statement will turn
it into a regular router.. My main fear for your deployment would be the
environmental conditions. I don't believe the SRX is specifically hardened
for that kind of environment (that isn't to say it wouldn't work, though).
>
> Also, you aren't planning to put an entire BGP table into them are you?
I'm not sure how well that would work on the smaller boxes. I think i've
heard of it being done, but never done it myself so I can't speak to the
stability of such a scenario.
>
> Good luck,
>
> Will
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
--
Regards,,,
Miroslav Georgiev
SpectrumNet Jsc.
+(359 2)4890604
+(359 2)4890619
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list