Routing

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
  • 1.  Multiple NATs to individual gateways with DHCP relay

    Posted 12-07-2022 14:54

    Hello,

    We are looking to run multiple public IPs from two ISPs into our building with an MX204. These will be 100G connections. Each IP will go to its own gateway. We will also need to setup a DHCP relay to our current router running our 10G office network. We have some networking experience, but are new to this level of networking. I am hoping for some assistance or direction.  

    Thanks



    ------------------------------
    SETH STANFILL
    ------------------------------


  • 2.  RE: Multiple NATs to individual gateways with DHCP relay

    Posted 12-11-2022 13:50

    On the MX series you would be using carrier grade nat for the distribution.  There is a free Juniper Day one book with example configurations for that process here.

    https://www.juniper.net/documentation/en_US/day-one-books/DO_CGNAT_UpRunning.zip


    DHCP forwarding configurations are in this documentation.

    https://www.juniper.net/documentation/us/en/software/junos/dhcp/topics/topic-map/dhcp-relay-agent-security-devices.html



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Multiple NATs to individual gateways with DHCP relay

    Posted 12-15-2022 14:29
    How do I activate the premium license for this switch?

    ------------------------------
    SETH STANFILL
    ------------------------------



  • 4.  RE: Multiple NATs to individual gateways with DHCP relay

    Posted 12-16-2022 08:20
    Licensing install varies by the feature.  Best bet is to ask the reseller for the specific instructions for the one purchased but the overall MX documentation is here.
    https://www.juniper.net/documentation/us/en/software/license/licensing/topics/topic-map/software_licensing_requirements.html

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------



  • 5.  RE: Multiple NATs to individual gateways with DHCP relay

    Posted 3 days ago

    Thanks for the help on this. We have everything working, but now we are looking to add in a second ISP with a different IP range and size. We have our default next hop setup with the original ISP. We are using 1 service set for all our rules with dnat-44 and basic-nat44 translation for our 1:1 internal to external IPs. The new ISP IPs will be setup in the same way as the first.  Will this require redoing what is already done? Doing some research, I am reading a lot about setting up ribs and modifying routing tables. 

    This is the the same MX204.

    et-0/0/0 - ISP1

    et-0/0/1 - ISP2

    et-0/0/2 - Spine distribution port 1

    et-0/0/3 - spine distribution port 2

    Thanks for the assistance.



    ------------------------------
    SETH STANFILL
    ------------------------------



  • 6.  RE: Multiple NATs to individual gateways with DHCP relay

    Posted 3 days ago
    From your description it looks like your simplest solution would allow the existing setup to stay as is.

    For this you would create a virtual router routing instance.  This creates an isolated router and routing table.  Here you would land the new ISP and all the downstream interfaces that are served by this one.   This virtual router has it's own default route then to the new ISP.

    https://www.juniper.net/documentation/en_US/release-independent/nce/topics/concept/virtual-router-srx-use-case-edu-overview.html

    You will likely need a connection from this virtual router to the main instance just in order to forward the dhcp forwarding and other services.  But this can be just the needed subnets exchanged by BGP or other internal routing. This connection can use a virtual pair of logical tunnel interfaces so as not to need two physical interfaces on the mx for the communications.

    https://www.juniper.net/documentation/us/en/software/junos/interfaces-encryption/topics/topic-map/configuring-tunnel-interfaces.html

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------