[j-nsp] Config help for basic MPLS setup

sthaug at nethelp.no sthaug at nethelp.no
Mon Sep 24 18:18:18 EDT 2012


>  I have an MX80 and 3 EX4200s connected via 10GigE running MPLS, OSPF, etc.  I have some ethernet-ccc links working between the gear.
> 
> I'm trying to setup my first MPLS based routing VRF (L3VPN ???) between a new SRX210 and the MX80 (going through the EX4200s).
> 
> Eventually the configuration will look like this
> 
> <Internal LAN> -> SRX210 --[MPLS]--> EX4200 --[MPLS]--> EX4200 -- [MPLS] --> MX80 --[Internal LAN] --> Firewall
> 
> The SRX210 is a PE router owned and controlled by me.  I have a couple other basic IP routes on it for other customers.
> 
> The idea here is that all traffic on ge-0/0/0.0 gets routed to the MX80 through an LSP in the routing-instance corp.crocker.com
> 
> For testing the SRX is connected directly to the MX80 bypassing the EX4200s
> 
> SRX has OSPF going with MX80 but does not have BGP configured.
> MX80 has BGP with my upstreams and other border routers
> 
> I'm sure I'm missing some MPLS filters or something but I'm not sure what.

I see a couple of problems here:

1. MPLS L3VPNs use BGP to distribute the VPN label. Thus you *must*
have a full BGP mesh between your PEs (or you can of course use route
reflectors/confederations).

2. As far as I know the EX switches can only handle *one* MPLS label.
You need at least two labels for MPLS L3VPNs.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no


More information about the juniper-nsp mailing list