[j-nsp] Config help for basic MPLS setup

Matthew Crocker matthew at corp.crocker.com
Mon Sep 24 16:03:53 EDT 2012 

Hello,

 I have an MX80 and 3 EX4200s connected via 10GigE running MPLS, OSPF, etc.  I have some ethernet-ccc links working between the gear.

I'm trying to setup my first MPLS based routing VRF (L3VPN ???) between a new SRX210 and the MX80 (going through the EX4200s).

Eventually the configuration will look like this

<Internal LAN> -> SRX210 --[MPLS]--> EX4200 --[MPLS]--> EX4200 -- [MPLS] --> MX80 --[Internal LAN] --> Firewall

The SRX210 is a PE router owned and controlled by me.  I have a couple other basic IP routes on it for other customers.

The idea here is that all traffic on ge-0/0/0.0 gets routed to the MX80 through an LSP in the routing-instance corp.crocker.com

For testing the SRX is connected directly to the MX80 bypassing the EX4200s

SRX has OSPF going with MX80 but does not have BGP configured.
MX80 has BGP with my upstreams and other border routers

I'm sure I'm missing some MPLS filters or something but I'm not sure what.


[SRX210 config]
 (for testing EX4200 is really the MX80 ge-1/1/8)

  ge-1/0/0 {
        mtu 9000;
        unit 0 {
            description "Link to EX4200-GFLD";
            family inet {
                address A.B.C.174/30;
            }
            family mpls;
        }

ge-0/0/0 {
    unit 0 {
        description "Corporate LAN";
        family inet {
            address 192.168.14.1/24;
        }
    }
}

    rsvp {
        interface ge-1/0/0.0;
    }
    mpls {
        label-switched-path lsp_to_1Federal {
            to A.B.C.129;
        }
        interface ge-1/0/0.0;
    }

routing-instances {
    corp.crocker.com {
        description "Crocker corporate network";
        instance-type vrf;
        interface ge-0/0/0.0;
        route-distinguisher 7849:7849;
        vrf-target target:7849:100;
        routing-options {
            static {
                route 0.0.0.0/0 {
                    lsp-next-hop lsp_to_1Federal;
                }
            }
}

security {
      forwarding-options {                
        family {
            mpls {
                mode packet-based;
            }
        }
    }

[MX80 config]

  ge-1/1/8 {
        mtu 9000;
        unit 0 {
            description "Link to 101 Munson SRX210";
            family inet {
                address A.B.C.173/30;
            }
            family mpls;
        }
    }
    ge-1/1/9 {
        unit 0 {
            description "Link to firewall corp.crocker.com";
            family inet {
                address 192.168.13.2/30;
            }
        }
    }

protocols {
    rsvp {
        interface lo0.0;
        interface xe-0/0/0.0;
        interface xe-0/0/1.0;
        interface ge-1/1/8.0;
    }
    mpls {
       
        label-switched-path lsp_to_101Munson {
            to A.B.C.174;
        }
        interface xe-0/0/0.0;
        interface xe-0/0/1.0;
        interface ge-1/1/8.0;
}

routing-instances {
    corp.crocker.com {
        description "Crocker corporate network";
        instance-type vrf;
        interface ge-1/1/9.0;
        route-distinguisher 7849:7849;
        vrf-target target:7849:100;
        routing-options {
            static {
                route 0.0.0.0/0 next-hop 192.168.13.1;
                route 192.168.14.0/24 {
                    lsp-next-hop lsp_to_101Munson;
                }
            }
        }
    }
}


srx210> show route instance corp.crocker.com detail 
corp.crocker.com:
  Description: Crocker corporate network                                       
  Router ID: 192.168.14.1
  Type: vrf               State: Active        
  Interfaces:
    ge-0/0/0.0
  Route-distinguisher: 7849:7849
  Vrf-import: [ __vrf-import-corp.crocker.com-internal__ ]
  Vrf-export: [ __vrf-export-corp.crocker.com-internal__ ]
  Vrf-import-target: [ target:7849:100 ]
  Vrf-export-target: [ target:7849:100 ]
  Fast-reroute-priority: low
  Tables:
    corp.crocker.com.inet.0: 3 routes (3 active, 0 holddown, 0 hidden)

srx210> show route table corp.crocker.com 

corp.crocker.com.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 01:00:42
                    > to A.B.C.173 via ge-1/0/0.0, label-switched-path lsp_to_1Federal
192.168.14.0/24    *[Direct/0] 00:10:29
                    > via ge-0/0/0.0
192.168.14.1/32    *[Local/0] 00:10:29
                      Local via ge-0/0/0.0


MX80-1> show route instance corp.crocker.com detail 
corp.crocker.com:
  Description: Crocker corporate network                                       
  Router ID: 192.168.13.2
  Type: vrf               State: Active        
  Interfaces:
    ge-1/1/9.0
  Route-distinguisher: 7849:7849
  Vrf-import: [ __vrf-import-corp.crocker.com-internal__ ]
  Vrf-export: [ __vrf-export-corp.crocker.com-internal__ ]
  Vrf-import-target: [ target:7849:100 ]
  Vrf-export-target: [ target:7849:100 ]
  Fast-reroute-priority: low
  Tables:
    corp.crocker.com.inet.0: 4 routes (4 active, 0 holddown, 0 hidden)

MX80-1> show route table corp.crocker.com 

corp.crocker.com.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 00:58:34
                    > to 192.168.13.1 via ge-1/1/9.0
192.168.13.0/30    *[Direct/0] 04:52:22
                    > via ge-1/1/9.0
192.168.13.2/32    *[Local/0] 5d 00:54:34
                      Local via ge-1/1/9.0
192.168.14.0/24    *[Static/5] 00:58:34
                    > to A.B.C.174 via ge-1/1/8.0, label-switched-path lsp_to_101Munson

I don't see any routes for the LSPs in the mpls.0 routing table for either routers.


--
Matthew S. Crocker
President
Crocker Communications, Inc.
PO BOX 710
Greenfield, MA 01302-0710

E: matthew at crocker.com
P: (413) 746-2760
F: (413) 746-3704
W: http://www.crocker.com

More information about the juniper-nsp mailing list