[j-nsp] Juniper MPLS VPN using PE-P and P-PE LSPs !

Mark Tinka mtinka at globaltransit.net
Sun Dec 25 08:02:28 EST 2011 

On Sunday, December 25, 2011 06:22:18 PM vaibhava varma 
wrote:

> I am working on a requirement to enable the MPLS Backbone
> with MPLS TE in such a way that I have LSPs running from
> PE-P routers and P-PE routers to avoid full mesh of
> LSPs.

So you mean H-LSP's (RFC's 4206, 6107)

> I can not make it working with RSVP as I think I need to
> enable LDP on the RSVP TE Tunnel but unable to find a
> way to do so..

You mean LDPoRSVP (LDP Tunneling, in Juniper speak):

tinka at lab# show groups mpls-group 
protocols {
    mpls {
        icmp-tunneling;
        label-switched-path <*> {
            ldp-tunneling;
            least-fill;
            node-link-protection;
            adaptive;
        }
        interface <xe-*>;
        interface <ge-*>;
        interface <ae*>;
    }
}

{master}[edit]
tinka at lab#


You're interested in the 'ldp-tunneling' command as noted 
above.

> The MPLS Backbone has separate dedicated
> VPNv4 RRs . On RRs and PEs I have used a Discard Default
> Route under inet.3 which helps to reflect the vpnv4
> routes from RR and accept them on PEs.

Why don't you consider the installation of the IGP routes 
toward the BGP next-hops into 'inet.3' and 'inet6.3' 
instead? We do the same (as we don't run MPLS on our 
dedicated route reflectors) as below (you're interested in 
the 'rib-group' piece mostly):

tinka at lab# show groups isis-group 
protocols {
    isis {
        lsp-lifetime 65535;
        ignore-attached-bit;
        rib-group inet IGP-RIB;
        topologies ipv6-unicast;
        overload;
        level 1 disable;
        level 2 {
            authentication-key "<hidden>"; ## SECRET-DATA
            authentication-type md5;
            wide-metrics-only;
        }
        interface lo0.0 {
            passive;
        }
        interface <ge-*>;
    }
}

{master}[edit]
tinka at lab#


tinka at lab# show routing-options rib-groups 
IGP-RIB {
    import-rib [ inet.0 inet.3 inet6.3 ];
}

{master}[edit]
tinka at lab#


That should sort you out on the route reflectors so you 
don't have to hassle with static default routes.

> Now how can I solve the issue of passing MPLS VPN Traffic
> across broken LSPs in the backbone..

Just a question - have you not considered just running LDP, 
or RSVP-TE a must?

Cheers,

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20111225/6e668108/attachment.sig>

More information about the juniper-nsp mailing list