In the networking world, newbies spend a significant amount of time dedicating their resources to self-development. I thought of investing some time and sharing a series of self-learning configuration/troubleshooting kits that can help you to understand the basics/advanced technologies like IPv6, multicast, L2VPN, L3VPN, INTER-AS VPN, etc.
"Service provider networks" is one such area that people love to explore. It helps in understanding and experimenting with trending technologies as well as to keep up with trending technologies. However, on the downside, you need multiple routers playing the role of Customer, Provider Edge, and Provider routers to build a service provider network in LAB.
As everyone knows, Juniper Networks routers are ideally suited for your next-generation network and Junos OS is a powerful operating system. We can do miracles!
For many years, engineers have combined power supplies, routing hardware and software, forwarding hardware and software, and physical interfaces into a networking device known as a router. Networking vendors have created large routers and small routers, but all routers have been placed into service as individual devices. As a result, the router has been considered a single physical device for most of its history.
The concept of logical systems breaks this tradition. With the Junos® operating system (Junos OS), you can partition a single router into multiple logical devices that perform independent routing tasks.
I will help you in building a basic service provider network with a single box! All you need is a single box with a single physical loop.
You can also use a virtual vMX box deployed in ESXi or KVM with a virtual loop!
Requirement:
Operating system: Junos OS Release 9.3 or higher
Box: EX Series, M Series, MX Series, PTX Series, T Series [any box that supports logical systems]
Interconnecting the logical systems can be achieved with lt interface [logical tunnel] or with physical interfaces.
Interfaces Supported: Ethernet Interfaces ge/xe that supports 802.1Q VLAN
I will start with a single physical loop cable with multiple VLANs for each subunit.
+----------+
| |<-Loop Cable
| |
+------+++--------+++--------+
| +-+ +-+ |
| Interface 1 Interface 2 |
| |
| |
| One Physical |
| EX, M, MX, PTX, T Series |
| |
+----------------------------+
Steps:
- Loop two physical interfaces in the box.
- Copy the following configuration template to a word editor and replace the string interface1/interface2 with the actual interfaces you have looped.
- Load the configuration to the box with “load merge terminal relative”.
Topology:
This is an MPLS L3VPN topology with IGP as OSPF and RSVP LSP for MPLS. There is direct IBGP peering between r1 and r2.
+----------------------------------------------------------------------------+
|r0 lo0.100 192.168.1.100 | | MPLS CLOUD |
|r1 lo0.101 192.168.1.101 | | IGP-OSPF |
|r2 lo0.102 192.168.1.102 | +-----+ | MPLS-RSVP-LSP|
|r3 lo0.103 192.168.1.103 | I2.24| R4 | I1.43 +--------------|
|r4 lo0.104 192.168.1.104 | +----+ P3 +----+ |
|r5 lo0.105 192.168.1.105 | | +-----+ | |
|r6 lo0.106 192.168.1.106 | | | |
+-------------------------+ | AS 100 | |
| <----ebgp-----> | | <-----ebgp-----> |
| I1.24 | | I2.43 |
| +-----I1.1 +-----+ +--+--+I1.23 +--+--+ +-----+I1.56 +-----+ |
| | R0 +-----+ R1 |I1.12 | R2 +---------+ R3 I1.35 | R5 +------+ R6 | |
| | CE1 | | PE1 +------+ P1 | | P2 +------+ PE2 | I2.56| CE2 | |
| +-----+ I2.1-----+ I2.12+-----+ I2.23+-----+ I2.35-----+ +-----+ |
|AS 64512 AS 64512|
| <-------------------MP-BGP----------------> |
| |
+----------------------------------------------------------------------------+
|Template -MPLS L3VPN - IGP-OSPF # MPLS RSVP LSP # PE-CE Protocol BGP # NO RR|
+----------------------------------------------------------------------------+
Configuration Template:
logical-systems {
r0 {
interfaces {
interface1 {
unit 1 {
vlan-id 1;
family inet {
address 1.1.1.1/30;
}
family mpls;
}
}
lo0 {
unit 100 {
family inet {
address 192.168.1.100/32;
}
}
}
}
protocols {
bgp {
export connected_to_bgp;
group PE_PEERING {
neighbor 1.1.1.2 {
local-address 1.1.1.1;
peer-as 100;
}
}
}
}
policy-options {
policy-statement connected_to_bgp {
from protocol direct;
then accept;
}
}
routing-options {
autonomous-system 64512;
}
}
r1 {
interfaces {
interface1 {
unit 12 {
vlan-id 12;
family inet {
address 1.1.12.1/30;
}
family mpls;
}
}
interface2 {
unit 1 {
vlan-id 1;
family inet {
address 1.1.1.2/30;
}
family mpls;
}
}
lo0 {
unit 101 {
family inet {
address 192.168.1.101/32;
}
}
}
}
protocols {
rsvp {
interface interface1.12;
}
mpls {
label-switched-path r1-to-r5 {
to 192.168.1.105;
}
interface interface1.12;
}
bgp {
group ibgp {
type internal;
local-address 192.168.1.101;
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family inet-mvpn {
signaling;
}
neighbor 192.168.1.105;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.101;
interface interface1.12;
}
}
}
routing-instances {
vpna {
instance-type vrf;
interface interface2.1;
route-distinguisher 100:11111;
vrf-target target:100:111111;
protocols {
bgp {
group vpna {
neighbor 1.1.1.1 {
local-address 1.1.1.2;
peer-as 64512;
as-override;
}
}
}
}
}
}
routing-options {
autonomous-system 100;
}
}
r2 {
interfaces {
interface1 {
unit 23 {
vlan-id 23;
family inet {
address 1.1.23.1/30;
}
family mpls;
}
unit 24 {
vlan-id 24;
family inet {
address 1.1.24.1/30;
}
family mpls;
}
}
interface2 {
unit 12 {
vlan-id 12;
family inet {
address 1.1.12.2/30;
}
family mpls;
}
}
lo0 {
unit 102 {
family inet {
address 192.168.1.102/32;
}
}
}
}
protocols {
rsvp {
interface interface2.12;
interface interface1.23;
interface interface1.24;
}
mpls {
interface interface2.12;
interface interface1.23;
interface interface1.24;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface interface2.12;
interface lo0.102;
interface interface1.23;
interface interface1.24;
}
}
}
}
r3 {
interfaces {
interface1 {
unit 35 {
vlan-id 35;
family inet {
address 1.1.35.1/30;
}
family mpls;
}
}
interface2 {
unit 23 {
vlan-id 23;
family inet {
address 1.1.23.2/30;
}
family mpls;
}
unit 43 {
vlan-id 43;
family inet {
address 1.1.43.2/30;
}
family mpls;
}
}
lo0 {
unit 103 {
family inet {
address 192.168.1.103/32;
}
}
}
}
protocols {
rsvp {
interface interface2.23;
interface interface2.43;
interface interface1.35;
}
mpls {
interface interface2.23;
interface interface2.43;
interface interface1.35;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface interface2.23;
interface lo0.103;
interface interface2.43;
interface interface1.35;
}
}
}
}
r4 {
interfaces {
interface1 {
unit 43 {
vlan-id 43;
family inet {
address 1.1.43.1/30;
}
family mpls;
}
}
interface2 {
unit 24 {
vlan-id 24;
family inet {
address 1.1.24.2/30;
}
family mpls;
}
}
lo0 {
unit 104 {
family inet {
address 192.168.1.104/32;
}
}
}
}
protocols {
rsvp {
interface interface2.24;
interface interface1.43;
}
mpls {
interface interface2.24;
interface interface1.43;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface interface2.24;
interface lo0.104;
interface interface1.43;
}
}
}
}
r5 {
interfaces {
interface1 {
unit 56 {
vlan-id 56;
family inet {
address 1.1.56.1/30;
}
family mpls;
}
}
interface2 {
unit 35 {
vlan-id 35;
family inet {
address 1.1.35.2/30;
}
family mpls;
}
}
lo0 {
unit 105 {
family inet {
address 192.168.1.105/32;
}
}
}
}
protocols {
rsvp {
interface interface2.35;
}
mpls {
label-switched-path r5-to-r1 {
to 192.168.1.101;
}
interface interface2.35;
}
bgp {
group ibgp {
type internal;
local-address 192.168.1.105;
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family inet-mvpn {
signaling;
}
neighbor 192.168.1.101;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface interface2.35;
interface lo0.105;
}
}
}
routing-instances {
vpna {
instance-type vrf;
interface interface1.56;
route-distinguisher 100:11111;
vrf-target target:100:111111;
protocols {
bgp {
group vpna {
neighbor 1.1.56.2 {
local-address 1.1.56.1;
peer-as 64512;
as-override;
}
}
}
}
}
}
routing-options {
autonomous-system 100;
}
}
r6 {
interfaces {
interface2 {
unit 56 {
vlan-id 56;
family inet {
address 1.1.56.2/30;
}
family mpls;
}
}
lo0 {
unit 106 {
family inet {
address 192.168.1.106/32;
}
}
}
}
protocols {
bgp {
export connected_to_bgp;
group PE_PEERING {
neighbor 1.1.56.1 {
local-address 1.1.56.2;
peer-as 100;
}
}
}
}
policy-options {
policy-statement connected_to_bgp {
from protocol direct;
then accept;
}
}
routing-options {
autonomous-system 64512;
}
}
}
interfaces {
interface1 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
}
interface2 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
}
}
Troubleshooting Commands:
Sample Output:
Interface 1: ge-0/0/2
Interface 2: ge-0/0/3
lab> show ospf neighbor logical-system all
logical-system: r3
Address Interface State ID Pri Dead
1.1.35.2 ge-0/0/2.35 Full 192.168.1.105 128 31
1.1.23.1 ge-0/0/3.23 Full 192.168.1.102 128 30
1.1.43.1 ge-0/0/3.43 Full 192.168.1.104 128 38
-----
logical-system: r2
1.1.23.2 ge-0/0/2.23 Full 192.168.1.103 128 37
1.1.24.2 ge-0/0/2.24 Full 192.168.1.104 128 36
1.1.12.1 ge-0/0/3.12 Full 192.168.1.101 128 37
-----
logical-system: r1
1.1.12.2 ge-0/0/2.12 Full 192.168.1.102 128 35
-----
logical-system: r6
OSPF instance is not running
-----
logical-system: r4
1.1.43.2 ge-0/0/2.43 Full 192.168.1.103 128 37
1.1.24.1 ge-0/0/3.24 Full 192.168.1.102 128 39
-----
logical-system: r0
OSPF instance is not running
-----
logical-system: r5
1.1.35.1 ge-0/0/3.35 Full 192.168.1.103 128 32
-----
logical-system: default
OSPF instance is not running
lab> show mpls lsp logical-system all
logical-system: r3
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 2 sessions
To From State Rt Style Labelin Labelout LSPname
192.168.1.101 192.168.1.105 Up 0 1 FF 299792 299776 r5-to-r1
192.168.1.105 192.168.1.101 Up 0 1 FF 299776 3 r1-to-r5
Total 2 displayed, Up 2, Down 0
-----
logical-system: r2
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 2 sessions
To From State Rt Style Labelin Labelout LSPname
192.168.1.101 192.168.1.105 Up 0 1 FF 299776 3 r5-to-r1
192.168.1.105 192.168.1.101 Up 0 1 FF 299792 299776 r1-to-r5
Total 2 displayed, Up 2, Down 0
-----
logical-system: r1
Ingress LSP: 1 sessions
To From State Rt P ActivePath LSPname
192.168.1.105 192.168.1.101 Up 0 * r1-to-r5
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To From State Rt Style Labelin Labelout LSPname
192.168.1.101 192.168.1.105 Up 0 1 FF 3 - r5-to-r1
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
-----
logical-system: r4
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
-----
logical-system: r5
Ingress LSP: 1 sessions
To From State Rt P ActivePath LSPname
192.168.1.101 192.168.1.105 Up 0 * r5-to-r1
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To From State Rt Style Labelin Labelout LSPname
192.168.1.105 192.168.1.101 Up 0 1 FF 3 - r1-to-r5
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
lab>
lab> set cli logical-system r1
Logical system: r1
lab:r1> show route summary
Autonomous system number: 100
Router ID: 192.168.1.101
inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)
Direct: 2 routes, 2 active
Local: 1 routes, 1 active
OSPF: 9 routes, 9 active
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
RSVP: 1 routes, 1 active
vpna.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
Direct: 1 routes, 1 active
Local: 1 routes, 1 active
BGP: 4 routes, 3 active
mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
MPLS: 4 routes, 4 active
VPN: 1 routes, 1 active
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
BGP: 2 routes, 2 active
lab:r1> show bgp summary
Groups: 2 Peers: 2 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
2 2 0 0 0 0
bgp.l2vpn.0
0 0 0 0 0 0
bgp.mvpn.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.1 64512 10 6 0 0 3:03 Establ
vpna.inet.0: 1/2/2/0
192.168.1.105 100 10 3 0 0 1:52 Establ
bgp.l3vpn.0: 2/2/2/0
bgp.l2vpn.0: 0/0/0/0
bgp.mvpn.0: 0/0/0/0
vpna.inet.0: 2/2/2/0
lab:r1> show route receive-protocol bgp 192.168.1.105
inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
vpna.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.1.56.0/30 192.168.1.105 100 I
* 192.168.1.106/32 192.168.1.105 100 64512 I
mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
100:11111:1.1.56.0/30
* 192.168.1.105 100 I
100:11111:192.168.1.106/32
* 192.168.1.105 100 64512 I
lab:r1> show route advertising-protocol bgp 192.168.1.105
vpna.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 1.1.1.0/30 Self 100 I
* 192.168.1.100/32 Self 100 64512 I
lab:r1> show bgp summary
Groups: 2 Peers: 2 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
2 2 0 0 0 0
bgp.l2vpn.0
0 0 0 0 0 0
bgp.mvpn.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.1 64512 8 4 0 0 2:04 Establ
vpna.inet.0: 1/2/2/0
192.168.1.105 100 8 1 0 0 53 Establ
bgp.l3vpn.0: 2/2/2/0
bgp.l2vpn.0: 0/0/0/0
bgp.mvpn.0: 0/0/0/0
vpna.inet.0: 2/2/2/0
lab:r1> show mpls lsp
Ingress LSP: 1 sessions
To From State Rt P ActivePath LSPname
192.168.1.105 192.168.1.101 Up 0 * r1-to-r5
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To From State Rt Style Labelin Labelout LSPname
192.168.1.101 192.168.1.105 Up 0 1 FF 3 - r5-to-r1
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
lab:r1> show mpls lsp extensive
Ingress LSP: 1 sessions
192.168.1.105
From: 192.168.1.101, State: Up, ActiveRoute: 0, LSPname: r1-to-r5
ActivePath: (primary)
LSPtype: Static Configured, Penultimate hop popping
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
*Primary State: Up
Priorities: 7 0
SmartOptimizeTimer: 180
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 3)
1.1.12.2 S 1.1.23.2 S 1.1.35.2 S
Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID):
1.1.12.2 1.1.23.2 1.1.35.2
8 Jan 7 03:40:14.543 Self-ping ended successfully
7 Jan 7 03:40:13.542 Selected as active path
6 Jan 7 03:40:13.541 Record Route: 1.1.12.2 1.1.23.2 1.1.35.2
5 Jan 7 03:40:13.541 Up
4 Jan 7 03:40:13.541 Self-ping started
3 Jan 7 03:40:13.540 Self-ping enqueued
2 Jan 7 03:40:13.478 Originate Call
1 Jan 7 03:40:13.478 CSPF: computation result accepted 1.1.12.2 1.1.23.2 1.1.35.2
Created: Sat Jan 7 03:38:45 2017
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
192.168.1.101
From: 192.168.1.105, LSPstate: Up, ActiveRoute: 0
LSPname: r5-to-r1, LSPpath: Primary
Suggested label received: -, Suggested label sent: -
Recovery label received: -, Recovery label sent: -
Resv style: 1 FF, Label in: 3, Label out: -
Time left: 6214, Since: Sat Jan 7 03:40:13 2017
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 1 receiver 1957 protocol 0
Enhanced FRR: Enabled (Upstream)
PATH rcvfrom: 1.1.12.2 (ge-0/0/2.12) 1 pkts
incoming message handle: P-1/1, Message ID: 17, Epoch: 7027206
Adspec: received MTU 1500
PATH sentto: localclient
RESV rcvfrom: localclient , Entropy label: Yes
RESV
outgoing message state: refreshing, Message ID: 17, Epoch: 7027206
Record route: 1.1.35.2 1.1.23.2 1.1.12.2 <self>
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
lab:r1> show route 192.168.1.105
inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.105/32 *[OSPF/10] 00:02:13, metric 3
> to 1.1.12.2 via ge-0/0/2.12
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.105/32 *[RSVP/7/1] 00:01:55, metric 3
> to 1.1.12.2 via ge-0/0/2.12, label-switched-path r1-to-r5
lab:r1> show route forwarding-table destination 192.168.1.105
Logical system: r1
Routing table: default.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
192.168.1.105/32 user 1 1.1.12.2 ucst 1080 12 ge-0/0/2.12
Logical system: r1
Routing table: __master.anon__.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 783 1
Logical system: r1
Routing table: vpna.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 796 1
lab:r1> show route table inet.3
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.105/32 *[RSVP/7/1] 00:22:17, metric 3
> to 1.1.12.2 via ge-0/0/2.12, label-switched-path r1-to-r5
lab:r1> ping routing-instance vpna 1.1.56.1
PING 1.1.56.1 (1.1.56.1): 56 data bytes
64 bytes from 1.1.56.1: icmp_seq=0 ttl=60 time=0.859 ms
64 bytes from 1.1.56.1: icmp_seq=1 ttl=60 time=0.763 ms
64 bytes from 1.1.56.1: icmp_seq=2 ttl=60 time=14.656 ms
64 bytes from 1.1.56.1: icmp_seq=3 ttl=60 time=0.823 ms
64 bytes from 1.1.56.1: icmp_seq=4 ttl=60 time=0.866 ms
64 bytes from 1.1.56.1: icmp_seq=5 ttl=60 time=0.755 ms
^C
--- 1.1.56.1 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.755/3.120/14.656/5.159 ms
lab:r1>
Few Command Lists For Troubleshooting/Isolation/Understanding:
Global Instance:
show ospf neighbor logical-system all
show mpls lsp logical-system all
From Specific Logical Router R1 [PE]:
set cli logical-system r1
show route summary
show bgp summary
show mpls lsp
show mpls lsp extensive
show rsvp session extensive
show bgp summary
show route 192.168.1.105
show route forwarding-table destination 192.168.1.105
show route table inet.3
show route advertising-protocol bgp 192.168.1.105 detail
show route receive-protocol bgp 192.168.1.105 detail
show route advertising-protocol bgp 192.168.1.105
show route receive-protocol bgp 192.168.1.105
To check Connectivity from R1[PE] to R6[CE]
ping routing-instance vpna 1.1.56.1
To come back to global Instance:
clear cli logical-system
And this is just a start… Check back again to see new additions!
If my series helps you, feel free to click the "Kudos" icon.
-Python