Security

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.

You should be able to use Local Interface Switching for a Layer 2 Circuit to connect the two R2 subinterfaces.  Then configure the interfaces on R1 & R3 as layer 3 neighbors for your IGP peers.

https://www.juniper.net/documentation/us/en/software/nce/nce-078-layer-2-circuits/topics/task/layer-two-circuits-local-interface-switching-solutions.html

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.

Hi Steve,

How can we sure this traffic pass through card NAT (MS-MPC) in R2.

Can we use mams interface as l2-interface?

You should be able to use Local Interface Switching for a Layer 2 Circuit to connect the two R2 subinterfaces.  Then configure the interfaces on R1 & R3 as layer 3 neighbors for your IGP peers.

https://www.juniper.net/documentation/us/en/software/nce/nce-078-layer-2-circuits/topics/task/layer-two-circuits-local-interface-switching-solutions.html

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.

Sorry, I don't understand what you mean by NAT MS-MPC card.  What is the function you or configuration sample you are referring to?

Hi Steve,

How can we sure this traffic pass through card NAT (MS-MPC) in R2.

Can we use mams interface as l2-interface?

You should be able to use Local Interface Switching for a Layer 2 Circuit to connect the two R2 subinterfaces.  Then configure the interfaces on R1 & R3 as layer 3 neighbors for your IGP peers.

https://www.juniper.net/documentation/us/en/software/nce/nce-078-layer-2-circuits/topics/task/layer-two-circuits-local-interface-switching-solutions.html

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.

Hi Steve,

I want to configure R2 as layer 3 transparent so that R1 and R3 can peer IGP and MPLS directly.

But traffic between R1 and R3 has to pass through NAT card in R2. 

Can we make NAT card as a part of L2 bridge in R2?

Sorry, I don't understand what you mean by NAT MS-MPC card.  What is the function you or configuration sample you are referring to?

Hi Steve,

How can we sure this traffic pass through card NAT (MS-MPC) in R2.

Can we use mams interface as l2-interface?

You should be able to use Local Interface Switching for a Layer 2 Circuit to connect the two R2 subinterfaces.  Then configure the interfaces on R1 & R3 as layer 3 neighbors for your IGP peers.

https://www.juniper.net/documentation/us/en/software/nce/nce-078-layer-2-circuits/topics/task/layer-two-circuits-local-interface-switching-solutions.html

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.

I don't have any experience with the CG NAT features, but looking a the overview blog and documentation, it seems that all that is needed is the configure the inside and and outside interfaces for the flow.  It would seem that could be the two interfaces on R2 that would be configured as the l2circuit in this scenario.  But a lab test would be a good idea.

Blog overview:

https://community.juniper.net/blogs/ricardo-dominguez/2023/08/03/centralized-deterministic-cgnat

Documentation

https://www.juniper.net/assets/us/en/local/pdf/implementation-guides/8010076-en.pdf

Hi Steve,

I want to configure R2 as layer 3 transparent so that R1 and R3 can peer IGP and MPLS directly.

But traffic between R1 and R3 has to pass through NAT card in R2. 

Can we make NAT card as a part of L2 bridge in R2?

Sorry, I don't understand what you mean by NAT MS-MPC card.  What is the function you or configuration sample you are referring to?

Hi Steve,

How can we sure this traffic pass through card NAT (MS-MPC) in R2.

Can we use mams interface as l2-interface?

You should be able to use Local Interface Switching for a Layer 2 Circuit to connect the two R2 subinterfaces.  Then configure the interfaces on R1 & R3 as layer 3 neighbors for your IGP peers.

https://www.juniper.net/documentation/us/en/software/nce/nce-078-layer-2-circuits/topics/task/layer-two-circuits-local-interface-switching-solutions.html

Hi team,

I have a topo as below:

All routers are MX-series.

R2 has an MS-MPC card.

Can I make R2 as transparent, so R1 and R3 can peer IGP, MPLS directly.

And traffic between R1 and R3 will pass through MS-MPC card in R2.

Please give me some ideas.

Thanks.