Twisted LDP signaled VPLS scenario using Juniper SRX selective packet services
Junos - Twisted VPLS scenario with SRX selective packet services
Attachment:
http://www.juniper.net/us/en/local/pdf/ ... 192-en.pdfQuote from "BrANCh SrX SErIES ANd J SErIES SELECTIvE PACkET SErvICES" Juniper App note:
Quote:
IP routers have traditionally forwarded packets based on the destination IP address of each packet. The standard
processing sequence matches the destination IP address of a packet with an entry in the forwarding table, selects the
appropriate egress interface, and forwards the packet onto the physical medium (assuming the packet is in transit and
not one destined for the router itself).
...
This processing mode does not require any information about either previous or subsequent packets that belong to a
given connection. Each packet is individually processed, and any decision to allow or deny traffic is packet specific. Any
additional services such as firewall filtering, Network Address Translation (NAT), and IPsec result in increased overhead.
Firewalls and security devices take a session-based processing approach. Session-based or flow-mode processing
leverages session state to minimize packet-by-packet decision making, and this improves the overall performance of
SrX Series Services Gateways for the branch. In flow mode, traffic is inspected at the transport level using a five-tuple
match of source and destination addresses, source and destination ports (when applicable), and protocol with the source
and destination zones to determine if the packet belongs to a new or existing session. For any new traffic, route and policy
lookups are performed. After lookups, all subsequent packets in the session are “fast path” processed using the action
determined by the first packet. As long as future traffic matches the initial session, the processing continues unabated.
The main advantage of packet forwarding is that routers do not have to keep track of all session information or analyze
how sessions are established, which optimizes packet processing. In some cases, the forwarding path is implemented
using ASICs to achieve high, deterministic performance. Firewalls, on the other hand, only use ASICs to accelerate the
packet forwarding once a session is established.
Flow-mode forwarding, however, allows for more granular traffic control at the expense of implementation complexity
and lower, nondeterministic performance. For example, the following services benefit when sessions are monitored:
• Stateful inspection
• NAT
• Intrusion prevention system (IPS)
• Unified threat management (UTM) (such as antivirus, content filtering, Web filtering, antispam, etc.)
• J-Flow
Traffic is processed by the packet-based forwarding module providing all of the following services:
• routing
• Quality of service (QoS)
• Link fragmentation and interleaving (LFI)
• Generic routing encapsulation (GrE) and IP over IP (IP-IP) tunneling (no fragmentation and reassembly)
• L2 switching
• MPLS
• IPv6
• Compressed real-Time Transport Protocol (CrTP)
The flow-based forwarding module was able to provide all of the above and also deliver the following services:
• Stateful inspection firewall (including screens)
• NAT
• IPsec
• J-Flow
• Intrusion detection and prevention
• UTM
• GrE fragmentation and reassembly
To overcome the limitation of having to choose between the forwarding engines and the associated service trade-offs,
Junos OS 9.6 introduces the ability to use both modes simultaneously. Packet filters are used to selectively mark traffic
that requires packet mode forwarding, while unmarked traffic is sent to the default flow-based forwarding module.
Here is my diagram:
Details of this lab:
- server is a Pentium 3 running FreeBSD7 with only one routing table compiled in the kernel.
- CEs devices are Server 192.168.6.2 and cameron (srx100) fe-0/0/5 - 192.168.6.1 interface.
- PE devices are cameron fe-0/0/4 and daniel fe-0/0/5 interfaces.
- P device is one SRX 220 running two MPLS dedicated routing instances (MPLS-1 and MPLS-2) with logical tunnel (lt) interfaces between them.
Scope is to have ping between server and cameron interface fe-0/0/5.
Part 1. Configuration - the two SRX 100 (daniel & cameron) run in full packet mode while srx 220 runs in selective packet mode (quoted explanation above).Code:
root@daniel# show | except SECRET-DATA
## Last changed: 2013-05-21 14:28:45 UTC
version 11.4R7.5;
interfaces {
fe-0/0/0 {
mtu 1548;
unit 0 {
family inet {
mtu 1500;
address 10.1.1.82/30;
}
family mpls {
mtu 1534;
}
}
}
fe-0/0/5 {
flexible-vlan-tagging;
encapsulation vlan-vpls;
unit 0 {
encapsulation vlan-vpls;
vlan-id 530;
family vpls;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.27.1/32;
}
}
}
}
routing-options {
autonomous-system 64515;
}
protocols {
mpls {
interface all;
}
bgp {
tcp-mss 1200;
group ibgp {
type internal;
family inet-vpn {
any;
}
neighbor 192.168.27.2 {
local-address 192.168.27.1;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
export ibgp-export;
}
}
}
ospf {
area 0.0.0.1 {
interface lo0.0 {
passive;
}
interface fe-0/0/0.0 {
hello-interval 2;
dead-interval 6;
}
}
}
ldp {
interface fe-0/0/0.0;
interface fe-0/0/1.0;
interface lo0.0;
}
lldp {
interface all;
}
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
inactive: policies {
default-policy {
permit-all;
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
all;
}
}
}
}
routing-instances {
MPLS-VPLS-cameron {
instance-type vpls;
interface fe-0/0/5.0;
route-distinguisher 192.168.27.1:2;
vrf-target target:64515:2;
protocols {
vpls {
interface fe-0/0/5.0;
no-tunnel-services;
site Cameron-fe005 {
site-identifier 1;
}
vpls-id 1;
}
}
}
}
Code:
root@cameron# show | except SECRET-DATA
## Last changed: 2013-05-21 15:15:22 UTC
version 11.4R7.5;
interfaces {
fe-0/0/0 {
mtu 1548;
unit 0 {
family inet {
mtu 1500;
address 10.1.1.90/30;
}
family mpls {
mtu 1534;
}
}
}
fe-0/0/4 {
flexible-vlan-tagging;
encapsulation vlan-vpls;
unit 0 {
encapsulation vlan-vpls;
vlan-id 530;
family vpls;
}
}
fe-0/0/5 {
vlan-tagging;
unit 0 {
vlan-id 530;
family inet {
address 192.168.6.1/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.27.2/32;
}
}
}
}
routing-options {
static {
defaults {
community no-export;
}
route 0.0.0.0/0 next-hop 10.1.1.65;
route 192.168.3.0/24 {
lsp-next-hop 10.1.1.65;
}
}
autonomous-system 64515;
}
protocols {
mpls {
interface all;
interface lo0.0;
interface fe-0/0/0.0;
}
bgp {
tcp-mss 1200;
group ibgp {
type internal;
neighbor 192.168.27.1 {
local-address 192.168.27.2;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
export ibgp-export;
}
}
}
ospf {
area 0.0.0.1 {
interface lo0.0 {
passive;
}
interface fe-0/0/1.0 {
hello-interval 2;
dead-interval 6;
}
interface fe-0/0/0.0 {
hello-interval 2;
dead-interval 6;
}
}
}
ldp {
interface fe-0/0/0.0;
interface fe-0/0/1.0;
interface lo0.0;
}
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
routing-instances {
MPLS-VPLS-daniel {
instance-type vpls;
interface fe-0/0/4.0;
route-distinguisher 192.168.27.2:2;
vrf-target target:64515:2;
protocols {
vpls {
no-tunnel-services;
site Thor-XL0 {
site-identifier 4;
multi-homing;
interface fe-0/0/4.0;
}
}
}
}
}
Part 2 - SRX 220 - apollo - P core configuration:
Code:
[edit]
user@apollo# show routing-instances MPLS-1
instance-type virtual-router;
interface lt-0/0/0.8;
interface ge-0/0/7.101;
interface ge-0/0/7.102;
interface lo0.1;
protocols {
ospf {
area 0.0.0.1 {
interface lo0.1 {
passive;
}
interface lt-0/0/0.8 {
hello-interval 4;
dead-interval 10;
}
interface ge-0/0/7.101 {
hello-interval 2;
dead-interval 6;
}
}
}
ldp {
interface lt-0/0/0.8;
interface ge-0/0/7.101;
interface lo0.1;
}
}
[edit]
user@apollo# show routing-instances MPLS-2
instance-type virtual-router;
interface lt-0/0/0.9;
interface ge-0/0/7.103;
interface ge-0/0/7.104;
interface lo0.2;
protocols {
ospf {
area 0.0.0.1 {
interface lt-0/0/0.9 {
hello-interval 4;
dead-interval 10;
}
interface lo0.2;
interface ge-0/0/7.104 {
hello-interval 2;
dead-interval 6;
}
}
}
ldp {
interface lt-0/0/0.9;
interface ge-0/0/7.104;
interface lo0.2;
}
}
[edit]
user@apollo# show interfaces lt-0/0/0.8
encapsulation ethernet;
peer-unit 9;
family inet {
mtu 1500;
filter {
input packet-mode;
}
address 10.1.1.69/30;
}
family mpls {
mtu 1534;
filter {
input mpls-packet-mode;
}
}
[edit]
user@apollo# show interfaces lt-0/0/0.9
encapsulation ethernet;
peer-unit 8;
family inet {
mtu 1500;
filter {
input packet-mode;
}
address 10.1.1.70/30;
}
family mpls {
mtu 1534;
filter {
input mpls-packet-mode;
}
}
[edit]
user@apollo# show interfaces lo0.1
family inet {
address 172.16.2.11/32;
}
[edit]
user@apollo# show interfaces lo0.2
family inet {
address 172.16.2.12/32;
}
user@apollo# show interfaces ge-0/0/7.101
vlan-id 101;
family inet {
mtu 1500;
filter {
input packet-mode;
}
address 10.1.1.81/30;
}
family mpls {
filter {
input mpls-packet-mode;
}
}
[edit]
user@apollo# show interfaces ge-0/0/7.104
vlan-id 104;
family inet {
mtu 1500;
filter {
input packet-mode;
}
address 10.1.1.89/30;
}
family mpls {
filter {
input mpls-packet-mode;
}
}
[edit]
user@apollo# show firewall family inet filter packet-mode
term 0 {
then {
packet-mode;
accept;
}
}
[edit]
user@apollo# show firewall family mpls filter mpls-packet-mode
term main {
then {
count mpls;
packet-mode;
accept;
}
}
[edit]
user@apollo#
For the device running in selective packet mode, it is
important to set packet mode for both mpls and inet families. This is because bgp traffic between cameron and daniel will be pure inet and between CEs will be mpls encapsulated !!!!!!!! Missing this detail will block bgp peering between CEsTesting VPLS connection between CEs:
Code:
# ping -c 1 -s 1472 192.168.6.1
PING 192.168.6.1 (192.168.6.1): 1472 data bytes
1480 bytes from 192.168.6.1: icmp_seq=0 ttl=64 time=2.724 ms
--- 192.168.6.1 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 2.724/2.724/2.724/0.000 ms
To show that fragmentation does occur only after 1500 bytes (IP mtu), this is tcpdump output:
Code:
# tcpdump -nni vlan530 -v icmp
tcpdump: listening on vlan530, link-type EN10MB (Ethernet), capture size 65535 bytes
17:17:05.762275 IP (tos 0x0, ttl 64, id 25538, offset 0, flags [none], proto ICMP (1), length 1500)
192.168.6.2 > 192.168.6.1: ICMP echo request, id 22303, seq 0, length 1480
17:17:05.764316 IP (tos 0x0, ttl 64, id 25538, offset 0, flags [none], proto ICMP (1), length 1500)
192.168.6.1 > 192.168.6.2: ICMP echo reply, id 22303, seq 0, length 1480
Result: One 1500 bytes IP packet for request and one 1500 bytes IP packet for reply.
Let's try with 1501 bytes:
Code:
# ping -c 1 -s 1473 192.168.6.1
PING 192.168.6.1 (192.168.6.1): 1473 data bytes
1481 bytes from 192.168.6.1: icmp_seq=0 ttl=64 time=4.375 ms
--- 192.168.6.1 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 4.375/4.375/4.375/0.000 ms
192.168.6.2 > 192.168.6.1: ICMP echo request, id 37663, seq 0, length 1480
17:17:46.837541 IP (tos 0x0, ttl 64, id 63707, offset 1480, flags [none], proto ICMP (1), length 21)
192.168.6.2 > 192.168.6.1: ip-proto-1
17:17:46.841715 IP (tos 0x0, ttl 64, id 45434, offset 0, flags [+], proto ICMP (1), length 1500)
192.168.6.1 > 192.168.6.2: ICMP echo reply, id 37663, seq 0, length 1480
17:17:46.841753 IP (tos 0x0, ttl 64, id 45434, offset 1480, flags [none], proto ICMP (1), length 21)
192.168.6.1 > 192.168.6.2: ip-proto-1
so the first packet contains first 1472 bytes of icmp payload and next packet contains the 1473rd one (size 21 = 20 bytes IP + 1 byte)
Let's check
inet.0,
inet.3 and
mpls.0 for both CEs (cameron/daniel) and P routing instances:
First, P routing instances:
Code:
user@apollo> show route table MPLS-1.inet.0
MPLS-1.inet.0: 12 destinations, 15 routes (12 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.68/30 *[Direct/0] 4w3d 00:46:09
> via lt-0/0/0.8
10.1.1.69/32 *[Local/0] 4w3d 00:46:09
Local via lt-0/0/0.8
10.1.1.80/30 *[Direct/0] 2d 07:55:49
> via ge-0/0/7.101
10.1.1.81/32 *[Local/0] 4w3d 00:46:09
Local via ge-0/0/7.101
10.1.1.84/30 *[Direct/0] 2d 07:55:50
> via ge-0/0/7.102
10.1.1.85/32 *[Local/0] 4w3d 00:46:09
Local via ge-0/0/7.102
10.1.1.88/30 *[OSPF/10] 2d 07:55:49, metric 2
> to 10.1.1.70 via lt-0/0/0.8
172.16.2.11/32 *[Direct/0] 4w3d 00:46:09
> via lo0.1
172.16.2.12/32 *[LDP/9] 2d 07:56:15, metric 1
> to 10.1.1.70 via lt-0/0/0.8
[OSPF/10] 4w3d 00:45:53, metric 1
> to 10.1.1.70 via lt-0/0/0.8
192.168.27.1/32 *[LDP/9] 2d 07:55:45, metric 1
> to 10.1.1.82 via ge-0/0/7.101
[OSPF/10] 2d 07:55:46, metric 1
> to 10.1.1.82 via ge-0/0/7.101
192.168.27.2/32 *[LDP/9] 2d 07:55:41, metric 1
> to 10.1.1.70 via lt-0/0/0.8, Push 300224
[OSPF/10] 2d 07:55:42, metric 2
> to 10.1.1.70 via lt-0/0/0.8
224.0.0.5/32 *[OSPF/10] 4w3d 00:46:11, metric 1
MultiRecv
user@apollo> show route table MPLS-1.inet.3
MPLS-1.inet.3: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.2.12/32 *[LDP/9] 2d 07:56:17, metric 1
> to 10.1.1.70 via lt-0/0/0.8
192.168.27.1/32 *[LDP/9] 2d 07:55:47, metric 1
> to 10.1.1.82 via ge-0/0/7.101
192.168.27.2/32 *[LDP/9] 2d 07:55:43, metric 1
> to 10.1.1.70 via lt-0/0/0.8, Push 300224
user@apollo> show route table MPLS-1.mpls.0
MPLS-1.mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
300160 *[LDP/9] 2d 07:56:22, metric 1
> to 10.1.1.70 via lt-0/0/0.8, Pop
300160(S=0) *[LDP/9] 2d 07:56:22, metric 1
> to 10.1.1.70 via lt-0/0/0.8, Pop
300192 *[LDP/9] 2d 07:55:52, metric 1
> to 10.1.1.82 via ge-0/0/7.101, Pop
300192(S=0) *[LDP/9] 2d 07:55:52, metric 1
> to 10.1.1.82 via ge-0/0/7.101, Pop
300240 *[LDP/9] 2d 07:55:48, metric 1
> to 10.1.1.70 via lt-0/0/0.8, Swap 300224
user@apollo> show route table MPLS-2.inet.0
MPLS-2.inet.0: 12 destinations, 15 routes (12 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.68/30 *[Direct/0] 4w3d 00:46:23
> via lt-0/0/0.9
10.1.1.70/32 *[Local/0] 4w3d 00:46:23
Local via lt-0/0/0.9
10.1.1.80/30 *[OSPF/10] 2d 07:56:03, metric 2
> to 10.1.1.69 via lt-0/0/0.9
10.1.1.84/30 *[Direct/0] 2d 07:56:04
> via ge-0/0/7.103
10.1.1.86/32 *[Local/0] 4w3d 00:46:23
Local via ge-0/0/7.103
10.1.1.88/30 *[Direct/0] 2d 07:56:04
> via ge-0/0/7.104
10.1.1.89/32 *[Local/0] 4w3d 00:46:23
Local via ge-0/0/7.104
172.16.2.11/32 *[LDP/9] 2d 07:56:29, metric 1
> to 10.1.1.69 via lt-0/0/0.9
[OSPF/10] 4w3d 00:46:02, metric 1
> to 10.1.1.69 via lt-0/0/0.9
172.16.2.12/32 *[Direct/0] 4w3d 00:46:23
> via lo0.2
192.168.27.1/32 *[LDP/9] 2d 07:55:59, metric 1
> to 10.1.1.69 via lt-0/0/0.9, Push 300192
[OSPF/10] 2d 07:56:00, metric 2
> to 10.1.1.69 via lt-0/0/0.9
192.168.27.2/32 *[LDP/9] 2d 07:55:55, metric 1
> to 10.1.1.90 via ge-0/0/7.104
[OSPF/10] 2d 07:55:56, metric 1
> to 10.1.1.90 via ge-0/0/7.104
224.0.0.5/32 *[OSPF/10] 4w3d 00:46:25, metric 1
MultiRecv
user@apollo> show route table MPLS-2.inet.3
MPLS-2.inet.3: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.2.11/32 *[LDP/9] 2d 07:56:32, metric 1
> to 10.1.1.69 via lt-0/0/0.9
192.168.27.1/32 *[LDP/9] 2d 07:56:02, metric 1
> to 10.1.1.69 via lt-0/0/0.9, Push 300192
192.168.27.2/32 *[LDP/9] 2d 07:55:58, metric 1
> to 10.1.1.90 via ge-0/0/7.104
user@apollo> show route table MPLS-2.mpls.0
MPLS-2.mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
300128 *[LDP/9] 2d 07:56:37, metric 1
> to 10.1.1.69 via lt-0/0/0.9, Pop
300128(S=0) *[LDP/9] 2d 07:56:37, metric 1
> to 10.1.1.69 via lt-0/0/0.9, Pop
300208 *[LDP/9] 2d 07:56:07, metric 1
> to 10.1.1.69 via lt-0/0/0.9, Swap 300192
300224 *[LDP/9] 2d 07:56:03, metric 1
> to 10.1.1.90 via ge-0/0/7.104, Pop
300224(S=0) *[LDP/9] 2d 07:56:03, metric 1
> to 10.1.1.90 via ge-0/0/7.104, Pop
Code:
root@daniel> show route | no-more
inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.1/32 *[Local/0] 2w0d 09:42:03
Reject
10.1.1.53/32 *[Local/0] 2w0d 09:42:12
Reject
10.1.1.65/32 *[Local/0] 2w0d 09:42:04
Reject
10.1.1.68/30 *[OSPF/10] 2d 07:58:24, metric 2
> to 10.1.1.81 via fe-0/0/0.0
10.1.1.74/32 *[Local/0] 2w0d 09:42:12
Reject
10.1.1.80/30 *[Direct/0] 2w0d 09:42:00
> via fe-0/0/0.0
10.1.1.82/32 *[Local/0] 2w0d 09:42:04
Local via fe-0/0/0.0
10.1.1.88/30 *[OSPF/10] 2d 07:58:24, metric 3
> to 10.1.1.81 via fe-0/0/0.0
172.16.2.11/32 *[OSPF/10] 2d 07:58:24, metric 1
> to 10.1.1.81 via fe-0/0/0.0
172.16.2.12/32 *[OSPF/10] 2d 07:58:24, metric 2
> to 10.1.1.81 via fe-0/0/0.0
192.168.27.1/32 *[Direct/0] 2w0d 09:42:28
> via lo0.0
192.168.27.2/32 *[OSPF/10] 2d 07:58:20, metric 3
> to 10.1.1.81 via fe-0/0/0.0
224.0.0.2/32 *[PIM/0] 2w0d 09:42:38
MultiRecv
224.0.0.5/32 *[OSPF/10] 2w0d 09:42:39, metric 1
MultiRecv
224.0.0.13/32 *[PIM/0] 2w0d 09:42:38
MultiRecv
224.0.0.22/32 *[IGMP/0] 2w0d 09:42:11
MultiRecv
inet.1: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
224.0.1.39,192.168.27.1/32*[PIM/105] 2w0d 09:42:28
Multicast (IPv4) Composite
224.0.1.40,192.168.27.1/32*[PIM/105] 2w0d 09:40:42
Multicast (IPv4) Composite
inet.3: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.2.11/32 *[LDP/9] 2d 07:58:23, metric 1
> to 10.1.1.81 via fe-0/0/0.0
172.16.2.12/32 *[LDP/9] 2d 07:58:23, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Push 300160
192.168.27.2/32 *[LDP/9] 2d 07:58:19, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Push 300240
mpls.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 2w0d 09:42:38, metric 1
Receive
1 *[MPLS/0] 2w0d 09:42:38, metric 1
Receive
2 *[MPLS/0] 2w0d 09:42:38, metric 1
Receive
262156 *[VPLS/7] 00:15:42
> via lsi.1049089, Pop
299872 *[LDP/9] 2d 07:58:23, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Pop
299872(S=0) *[LDP/9] 2d 07:58:23, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Pop
299888 *[LDP/9] 2d 07:58:23, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Swap 300160
299904 *[LDP/9] 2d 07:58:19, metric 1
> to 10.1.1.81 via fe-0/0/0.0, Swap 300240
lsi.1049089 *[VPLS/7] 00:15:42, metric2 1
> to 10.1.1.81 via fe-0/0/0.0, Push 262153, Push 300240(top)
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
ff02::2/128 *[PIM/0] 2w0d 09:42:38
MultiRecv
ff02::d/128 *[PIM/0] 2w0d 09:42:38
MultiRecv
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.27.2:2:4:1/96
*[BGP/170] 00:15:42, localpref 100, from 192.168.27.2
AS path: I
> to 10.1.1.81 via fe-0/0/0.0, Push 300240
MPLS-VPLS-cameron.l2vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.27.1:2:1:1/96
*[L2VPN/170/-101] 1w4d 04:39:01, metric2 1
Indirect
192.168.27.2:2:4:1/96
*[BGP/170] 00:15:42, localpref 100, from 192.168.27.2
AS path: I
> to 10.1.1.81 via fe-0/0/0.0, Push 300240
root@daniel> show route forwarding-table family vpls
Routing table: MPLS-VPLS-cameron.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 565 1
fe-0/0/5.0 user 0 comp 603 2
lsi.1049089 user 0 comp 613 2
00:40:ca:18:30:c9/48 dynm 0 indr 262143 4
10.1.1.81 Push 262153, Push 300240(top) 608 2 fe-0/0/0.0
80:71:1f:38:f9:45/48 dynm 0 ucst 601 3 fe-0/0/5.0
Code:
root@cameron> show route | no-more
inet.0: 17 destinations, 17 routes (17 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.2/32 *[Local/0] 2w0d 09:42:31
Reject
10.1.1.54/32 *[Local/0] 2w0d 09:42:41
Reject
10.1.1.66/32 *[Local/0] 2w0d 09:42:31
Reject
10.1.1.68/30 *[OSPF/10] 2d 07:58:30, metric 2
> to 10.1.1.89 via fe-0/0/0.0
10.1.1.80/30 *[OSPF/10] 2d 07:58:30, metric 3
> to 10.1.1.89 via fe-0/0/0.0
10.1.1.88/30 *[Direct/0] 2w0d 09:42:26
> via fe-0/0/0.0
10.1.1.90/32 *[Local/0] 2w0d 09:42:31
Local via fe-0/0/0.0
172.16.2.11/32 *[OSPF/10] 2d 07:58:30, metric 2
> to 10.1.1.89 via fe-0/0/0.0
172.16.2.12/32 *[OSPF/10] 2d 07:58:30, metric 1
> to 10.1.1.89 via fe-0/0/0.0
192.168.6.0/24 *[Direct/0] 2w0d 09:42:21
> via fe-0/0/5.0
192.168.6.1/32 *[Local/0] 2w0d 09:42:31
Local via fe-0/0/5.0
192.168.27.1/32 *[OSPF/10] 2d 07:58:30, metric 3
> to 10.1.1.89 via fe-0/0/0.0
192.168.27.2/32 *[Direct/0] 2w0d 09:42:54
> via lo0.0
224.0.0.2/32 *[PIM/0] 2w0d 09:43:05
MultiRecv
224.0.0.5/32 *[OSPF/10] 2w0d 09:43:07, metric 1
MultiRecv
224.0.0.13/32 *[PIM/0] 2w0d 09:43:05
MultiRecv
224.0.0.22/32 *[IGMP/0] 2w0d 09:42:31
MultiRecv
inet.3: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.2.11/32 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Push 300128
172.16.2.12/32 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0
172.17.0.0/16 *[MPLS/100/1] 2w0d 09:42:26, metric 0
> to 10.1.1.89 via fe-0/0/0.0, Push 912
192.168.27.1/32 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Push 300208
[MPLS/100/1] 2w0d 09:42:26, metric 0
> to 10.1.1.89 via fe-0/0/0.0, Push 912
mpls.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 2w0d 09:43:05, metric 1
Receive
1 *[MPLS/0] 2w0d 09:43:05, metric 1
Receive
2 *[MPLS/0] 2w0d 09:43:05, metric 1
Receive
262153 *[VPLS/7] 00:15:50
> via lsi.1049089, Pop
299872 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Pop
299872(S=0) *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Pop
299888 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Swap 300128
299904 *[LDP/9] 2d 07:58:29, metric 1
> to 10.1.1.89 via fe-0/0/0.0, Swap 300208
lsi.1049089 *[VPLS/7] 00:15:50, metric2 1
> to 10.1.1.89 via fe-0/0/0.0, Push 262156, Push 300208(top)
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
ff02::2/128 *[PIM/0] 2w0d 09:43:05
MultiRecv
ff02::d/128 *[PIM/0] 2w0d 09:43:05
MultiRecv
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.27.1:2:1:1/96
*[BGP/170] 00:15:50, localpref 100, from 192.168.27.1
AS path: I
> to 10.1.1.89 via fe-0/0/0.0, Push 300208
MPLS-VPLS-daniel.l2vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.27.1:2:1:1/96
*[BGP/170] 00:15:50, localpref 100, from 192.168.27.1
AS path: I
> to 10.1.1.89 via fe-0/0/0.0, Push 300208
192.168.27.2:2:4:1/96
*[L2VPN/170/-101] 2w0d 09:42:54, metric2 1
Indirect
root@cameron> show route forwarding-table family vpls
Routing table: MPLS-VPLS-daniel.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 541 1
fe-0/0/4.0 user 0 comp 582 2
lsi.1049089 user 0 comp 579 2
00:40:ca:18:30:c9/48 dynm 0 ucst 581 3 fe-0/0/4.0
80:71:1f:38:f9:45/48 dynm 0 indr 262142 4
10.1.1.89 Push 262156, Push 300208(top) 550 2 fe-0/0/0.0
OSPF: Dangers of non-standard area design - Juniper way
News 
Site map 
SitemapIndex 
RSS Feed 