Routing

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

Reason no to use no-tunnel-services?

  • 1.  Reason no to use no-tunnel-services?

    Posted 07-26-2021 20:04
    I am trying to find the specifics between lsi- and vt- tunnel interfaces from a processing standpoint but most documentation leads me to believe that due to the bandwidth limitation on the tunnel-services PIC, specifying no-tunnel-services avoids that limitation with the same end result. I just cannot seem to understand the exact processing.

    https://www.juniper.net/documentation/us/en/software/junos/vpn-l2/topics/task/vpls-configuring-without-tunnel-services-pic.html
    Based on documentation, by default with a tunnel-services PIC:
    1. traffic ingress from a remote VPLS site will perform a lookup on the service label, a match is found and is mapped to a vt- interface which is associated with a VPLS instance
    2. the label is stripped and the packet is forwarded to the tunnel-services PIC
    3. The PIC forwards the packet back out the interface to perform the appropriate MAC learning and forwarding

    This vt- interface has reserved bandwidth to perform this function

    Based on documentation, by default with a tunnel-services PIC and no-tunnel-services set:
    1. traffic ingress from a remote VPLS site will perform a lookup on the service label, a match is found and is mapped to a lsi- interface which is associated with a VPLS instance
    2. the label is stripped and the packet is forwarded to the that interface to perform the appropriate MAC learning and forwarding

    Overall from an ethernet stand point it seems that the processing is the same except for vt- performs a second lookup when its forwarded between steps 2-3 and you lose visibility with statistics.

    Questions:
    1. Is my understanding of the process correct?
    2. How is MAC learning specifically done on the vt- interface? Specifically after the MPLS service label is stripped and sent to the tunnel-services PIC, it specifies sending an un-labled ethernet frame to the PIC. Is the vt- the ingress interface on the PIC? When the packet is looped back for the second lookup, what is the egress interface for that PIC?


  • 2.  RE: Reason no to use no-tunnel-services?

    Posted 08-21-2021 11:55
    It might no exactly answer to your question, but at least on MX gears, there are no tunnel services at all anyway, so no-tunnel-services is mandatory, therefore vt-interfaces (on this architecture) are now old history only :)

    ------------------------------
    Olivier Benghozi
    ------------------------------