Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
  • 1.  Layer2 Wholesale Sample not working - errors with family vpls

    Posted 02-09-2022 15:08
    Hello,

    We are trying to replace some transparent dynamic-auto-vlan setup from some other vendor with a mx480 box. 
    Using this Sample:
    https://www.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-wholesale/subscriber-mgmt-wholesale.pdf

     Page 98 and going


    Im sure that the Sample isnt complete, so maybe im missing something here, hopefully someone else has already some solution for a layer2 wholesale concept, where the wholesaler doesnt do dhcp just connecting c-vlans with the provider? 

    If i enable the family vpls, i get some errors - without it, the subinterface gets created but not attached to the routing-instance. 

    set dynamic-profiles Subscriber_Profile_Retail1 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family vpls
    i get some strange errors in the debug log, like:

    Feb  9 13:39:37 ERR: bbe_autoconf_l2bsa_inner_vlan_id_get: Failed to get l2bsa_ri_node for RI Retailer_Instance1

    Feb  9 13:39:37 ERR: bbe_autoconf_update_trunk_inner_vlan 3877: RI Retailer_Instance1. Failed to allocate trunk vlan 99 inner vlan 100 for session 450

    if i remove the family vpls, the box created the vlan but doesnt add it into the routing-instance.

    freeradius:

    DEFAULT    Cleartext-Password := "bla"

    ERX-Virtual-Router-Name = "Retailer_Instance1",

    ERX-Vlan-Map-Id = "99",

    ERX-Inner-Vlan-Map-Id = "100"


    config from the box (some not needed stuff excluded)


    set version 20.4R3-S1.3

    set groups groups

    set groups global system login apply-groups global

    set groups global system login user remote uid 2000

    set groups global system login user remote class super-user

    set groups global system authentication-order password

    set groups re0 system host-name ROUTER1-RE0

    set groups BNG-TRACES system auto-configuration traceoptions file jtac_autoconf.log

    set groups BNG-TRACES system auto-configuration traceoptions file size 10m

    set groups BNG-TRACES system auto-configuration traceoptions file files 10

    set groups BNG-TRACES system auto-configuration traceoptions level verbose

    set groups BNG-TRACES system auto-configuration traceoptions flag all

    set groups BNG-TRACES system processes general-authentication-service traceoptions file jtac_authlog.log

    set groups BNG-TRACES system processes general-authentication-service traceoptions file size 10m

    set groups BNG-TRACES system processes general-authentication-service traceoptions file files 10

    set groups BNG-TRACES system processes general-authentication-service traceoptions flag radius

    set groups BNG-TRACES system processes smg-service traceoptions file jtac_smg-service.log

    set groups BNG-TRACES system processes smg-service traceoptions file size 10m

    set groups BNG-TRACES system processes smg-service traceoptions file files 10

    set groups BNG-TRACES system processes smg-service traceoptions level all

    set groups BNG-TRACES system processes smg-service traceoptions flag all

    set groups BNG-TRACES system processes dhcp-service traceoptions file jtac_dhcp.log

    set groups BNG-TRACES system processes dhcp-service traceoptions file size 10m

    set groups BNG-TRACES system processes dhcp-service traceoptions file files 10

    set groups BNG-TRACES protocols ppp-service traceoptions file jtac_pppserv.log

    set groups BNG-TRACES protocols ppp-service traceoptions file size 10m

    set groups BNG-TRACES protocols ppp-service traceoptions file files 10

    set groups BNG-TRACES protocols ppp-service traceoptions level all

    set groups BNG-TRACES protocols ppp-service traceoptions flag all

    set groups BNG-TRACES protocols ppp traceoptions file jtac_ppp.log

    set groups BNG-TRACES protocols ppp traceoptions file size 10m

    set groups BNG-TRACES protocols ppp traceoptions file files 10

    set groups BNG-TRACES protocols ppp traceoptions level all

    set groups BNG-TRACES protocols ppp traceoptions flag all

    set apply-groups global

    set apply-groups re0

    set apply-groups re1

    set apply-groups BNG-TRACES

    set system root-authentication encrypted-password XXXX

    set system configuration-database max-db-size 698343424

    set system services ssh root-login allow

    set system services subscriber-management enable

    set system domain-name AS64512

    set system time-zone Europe/Vienna

    set system arp gratuitous-arp-on-ifup

    set system syslog user * any emergency

    set system syslog file messages any notice

    set system syslog file messages authorization info

    set system syslog file interactive-commands interactive-commands any

    set system syslog time-format

    set system auto-configuration

    set system processes smg-service

    set chassis aggregated-devices ethernet device-count 10

    set chassis pseudowire-service device-count 20

    set chassis fpc 1 pic 0 tunnel-services bandwidth 10g

    set chassis alarm management-ethernet link-down ignore

    set chassis network-services enhanced-ip

    set access-profile AccessProfile

    set interfaces xe-1/0/0 flexible-vlan-tagging

    set interfaces xe-1/0/0 mtu 9216

    set interfaces xe-1/0/0 encapsulation flexible-ethernet-services

    set interfaces xe-1/0/0 unit 5 description inet-test

    set interfaces xe-1/0/0 unit 5 vlan-id 5

    set interfaces xe-1/0/0 unit 5 family inet mtu 1500

    set interfaces xe-1/0/0 unit 5 family inet address 10.10.244.1/29

    set interfaces xe-1/0/1 flexible-vlan-tagging

    set interfaces xe-1/0/1 mtu 9500

    set interfaces xe-1/0/1 encapsulation flexible-ethernet-services

    set interfaces xe-1/0/1 unit 10 vlan-id 10

    set interfaces xe-1/0/1 unit 10 family inet mtu 9216

    set interfaces xe-1/0/1 unit 10 family inet address 10.10.255.111/31

    set interfaces xe-1/0/1 unit 10 family mpls

    set interfaces xe-1/1/0 flexible-vlan-tagging

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges dynamic-profile Subscriber_Profile_Retail1 accept dhcp-v4

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges dynamic-profile Subscriber_Profile_Retail1 ranges any,any

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges authentication packet-types dhcp-v4

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges authentication password bla

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges authentication username-include vlan-tags

    set interfaces xe-1/1/0 auto-configure stacked-vlan-ranges access-profile AccessProfile

    set interfaces xe-1/1/0 encapsulation flexible-ethernet-services

    set interfaces xe-1/1/1 encapsulation ethernet-vpls

    set interfaces xe-1/1/1 unit 0 family vpls core-facing

    set interfaces irb mtu 9216

    set interfaces irb gratuitous-arp-reply

    set interfaces lo0 unit 0 family inet address 10.10.255.205/32

    set interfaces lo0 unit 0 family mpls

    set access profile AccessProfile authentication-order radius

    set access profile AccessProfile radius authentication-server 10.10.244.2

    set access profile AccessProfile radius-server 10.10.244.2 secret "$9$H.mTu0IEhr.PA0B1yr"

    set access profile AccessProfile radius-server 10.10.244.2 source-address 10.10.244.1

    set access profile AccessProfile subscriber 99-100 password "$9$Kb1W87aJDiHm"

    set access profile AccessProfile subscriber 99-100 target-routing-instance Retailer_Instance1

    set routing-instances Retailer_Instance1 protocols vpls mac-table-size 6000

    set routing-instances Retailer_Instance1 protocols vpls interface-mac-limit 2000

    set routing-instances Retailer_Instance1 protocols vpls site ROUTER1 site-identifier 1

    set routing-instances Retailer_Instance1 protocols vpls site-range 10

    set routing-instances Retailer_Instance1 protocols vpls no-tunnel-services

    set routing-instances Retailer_Instance1 vlan-model one-to-one

    set routing-instances Retailer_Instance1 instance-role access

    set routing-instances Retailer_Instance1 instance-type l2backhaul-vpn

    set routing-instances Retailer_Instance1 no-local-switching

    set routing-instances Retailer_Instance1 interface xe-1/1/1.0

    set routing-instances Retailer_Instance1 route-distinguisher 10.10.255.205:17

    set routing-instances Retailer_Instance1 vrf-target target:64512:17

    set routing-options router-id 10.10.255.205

    set routing-options autonomous-system 64512

    set policy-options policy-statement RR term 1 from rib inetflow.0

    set policy-options policy-statement RR term 1 then accept

    set policy-options policy-statement RR term 10 from community AS64512_vpls_wildcard

    set policy-options policy-statement RR term 10 then accept

    set policy-options policy-statement RR term 99 then reject

    set policy-options community AS64512_vpls_wildcard members target:64512:.*

    set protocols bgp path-selection always-compare-med

    set protocols bgp group AS64512-RR type internal

    set protocols bgp group AS64512-RR description "AS64512 RR"

    set protocols bgp group AS64512-RR local-address 10.10.255.205

    set protocols bgp group AS64512-RR import RR

    set protocols bgp group AS64512-RR family inet unicast

    set protocols bgp group AS64512-RR family inet-vpn unicast

    set protocols bgp group AS64512-RR family l2vpn signaling

    set protocols bgp group AS64512-RR export RR

    set protocols bgp group AS64512-RR neighbor 10.10.255.3 

    set protocols bgp authentication-algorithm md5

    set protocols l2iw

    set protocols ldp interface xe-1/0/1.10

    set protocols ldp interface lo0.0

    set protocols mpls traffic-engineering mpls-forwarding

    set protocols mpls no-propagate-ttl

    set protocols mpls interface lo0.0

    set protocols mpls interface xe-1/0/1.10

    set protocols ospf traffic-engineering

    set protocols ospf area 0.0.0.0 interface xe-1/0/1.10

    set protocols ospf area 0.0.0.0 interface lo0.0 passive

    set protocols ospf reference-bandwidth 100g

    set protocols rsvp interface lo0.0

    set protocols rsvp interface xe-1/0/1.10 link-protection

    set protocols l2-learning global-mac-move log

    set protocols l2-learning global-mac-statistics

    set protocols lldp interface all

    set protocols lldp interface xe-1/1/1 disable

    set protocols lldp-med interface all

    set protocols lldp-med interface xe-1/1/1 disable

    set dynamic-profiles Subscriber_Profile_Retail1 routing-instances "$junos-routing-instance" interface "$junos-interface-name"

    set dynamic-profiles Subscriber_Profile_Retail1 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" encapsulation vlan-vpls

    set dynamic-profiles Subscriber_Profile_Retail1 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags outer "$junos-stacked-vlan-id"

    set dynamic-profiles Subscriber_Profile_Retail1 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags inner "$junos-vlan-id"

    set dynamic-profiles Subscriber_Profile_Retail1 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family vpls



  • 2.  RE: Layer2 Wholesale Sample not working - errors with family vpls

    Posted 07-02-2024 08:39

    Replying to this post since it's the only thing google finds for "ERR: bbe_autoconf_l2bsa_inner_vlan_id_get: Failed to get l2bsa_ri_node for RI"

    I've yet to get direct stacked vlan to stacked vlan working and from what I've been told by Juniper staff it's not possible. Despite what the public documentation might say.

    What I have gotten working is single vlan (C-TAG) access to a stacked vlan (S-TAG, C-TAG) NNI. Using push-swap / pop-swap vlan maps. 

    I worked around the stacked vlan on the access side by using PHWT and pop / pushing the S-TAG at the remote end of the pseudo wire. That way the BNG only every sees the C-TAG and I don't have to worry about C-TAG over.

    If any Juniper staff think I've been given incorrect  information on the vlan handling capabilities of Layer 2 wholesale, please chip in. 



    ------------------------------
    CRAIG ASKINGS
    ------------------------------