L3VPN with VR attached ( MX480 and SRX340 )
Jean-luc KRIKER
Owned by Jean-luc KRIKER
| SRX340 full config | # check the lt and apply the BW
L3VPN: LDP, VRF and VR Â Expand source
1- Interface, LLDP, MPLS and LDP 2- RID, AS#, BGP 3- L3VPN: VRF, RD, RT 4- virtual CE: VR #1- Interface, LLDP, MPLS & LDP ( on SRX340 ) #--------------------------- set interfaces ge-0/0/5 unit 0 family inet address 10.17.0.1/24 set interfaces ge-0/0/5 unit 0 family mpls set protocols mpls interface ge-0/0/5.0 set protocols ldp interface ge-0/0/5.0 set protocols lldp interface ge-0/0/5 set protocols lldp interface all #2- RID, AS#, BGP ( on SRX340 ) #------------------------------- set routing-options router-id 10.30.95.210 set routing-options autonomous-system 1.65535 set protocols bgp group iBGP type internal set protocols bgp group iBGP local-address 10.17.0.1 set protocols bgp group iBGP neighbor 10.17.0.2 set protocols bgp group iBGP family inet-vpn unicast #3- L3VPN VRF, RD, RT ( on SRX340 ) ----------------------------------- set interfaces lo0.210 family inet address 10.210.1.1/32 set routing-instances vrf_1 interface lt-0/0/0.31 set routing-instances vrf_1 interface lo0.210 set routing-instances vrf_1 instance-type vrf set routing-instances vrf_1 route-distinguisher 65535:1717 set routing-instances vrf_1 vrf-target import target:65536L:1717 set routing-instances vrf_1 vrf-target export target:65536L:1717 set routing-instances vrf_1 routing-options router-id 10.210.1.1 set routing-instances vrf_1 routing-options autonomous-system 1101 set routing-instances vrf_1 protocols bgp group eBGP type external set routing-instances vrf_1 protocols bgp group eBGP local-address 10.217.1.2 set routing-instances vrf_1 protocols bgp group eBGP neighbor 10.217.1.1 peer-as 101 #CE configuration: #----------------- set interfaces lt-0/0/0 unit 30 encapsulation ethernet set interfaces lt-0/0/0 unit 30 peer-unit 31 set interfaces lt-0/0/0 unit 30 family inet address 10.217.1.1/30 set interfaces lt-0/0/0 unit 31 encapsulation ethernet set interfaces lt-0/0/0 unit 31 peer-unit 30 set interfaces lt-0/0/0 unit 31 family inet address 10.217.1.2/30 set interfaces lo0 unit 217 family inet address 10.217.0.1/32 set routing-instances ce_vr instance-type virtual-router set routing-instances ce_vr interface lt-0/0/0.30 set routing-instances ce_vr interface lo0.217 set routing-instances ce_vr routing-options router-id 10.217.0.1 set routing-instances ce_vr routing-options autonomous-system 101 set routing-instances ce_vr protocols bgp group eBGP type external set routing-instances ce_vr protocols bgp group eBGP local-address 10.217.1.1 set routing-instances ce_vr protocols bgp group eBGP neighbor 10.217.1.2 peer-as 1101 # export protocol direct into BGP set policy-options policy-statement exp_protocol_direct from protocol direct set policy-options policy-statement exp_protocol_direct then accept set routing-instances ce_vr protocols bgp group eBGP export exp_protocol_direct
security zone and policy Expand source
#SRX Secuirty Zones: set security zones security-zone vCE_2_vPE interfaces lt-0/0/0.30 set security zones security-zone vCE_2_vPE interfaces lo0.217 set security zones security-zone vCE_2_vPE host-inbound-traffic system-services all set security zones security-zone vCE_2_vPE host-inbound-traffic protocols all set security zones security-zone vPE_2_vCE interfaces lt-0/0/0.31 set security zones security-zone vPE_2_vCE interfaces lo0.210 set security zones security-zone vPE_2_vCE host-inbound-traffic protocols all set security zones security-zone vPE_2_vCE host-inbound-traffic system-services all |
| MX480 full config |
MX480: L3VPNÂ Expand source
1- Interface, LLDP, MPLS & LDP 2- RID, AS#, BGP 3- L3VPN: VRF, RD, RT 4- virtual CE: VR #1- Interface, LLDP, MPLS & LDP ( on the MX480 ) #--------------------------- set interfaces ge-1/3/4 unit 0 family inet address 10.17.0.2/24 set protocols lldp interface all set protocols mpls interface ge-1/3/4.0 set protocols ldp interface ge-1/3/4.0 set protocols ldp interface fxp0.0 disable set interfaces lo0.210 family inet address 10.210.2.2/32 set routing-instances vrf_1 interface lo0.210 #2- RID, AS#, BGP ( on the MX480 ) #-------------------- set routing-options router-id 10.30.92.193 set routing-options autonomous-system 1.65535 set protocols bgp group iBGP type internal set protocols bgp group iBGP local-address 10.17.0.2 set protocols bgp group iBGP family inet-vpn unicast set protocols bgp group iBGP neighbor 10.17.0.1 #3- L3PVN: VRF, RD, RT ( on the MX480 ) #--------------------------------------- set routing-instances vrf_1 interface lt-1/0/10.31 set routing-instances vrf_1 routing-options router-id 10.210.2.2 set routing-instances vrf_1 routing-options autonomous-system 1101 set routing-instances vrf_1 protocols bgp group eBGP type external set routing-instances vrf_1 protocols bgp group eBGP local-address 10.217.2.2 set routing-instances vrf_1 protocols bgp group eBGP neighbor 10.217.2.1 peer-as 102 #set routing-instances vrf_1 protocols bgp group eBGP family inet #CE config on MX480 #------------------- set interfaces lt-1/0/10 unit 30 encapsulation ethernet set interfaces lt-1/0/10 unit 30 peer-unit 31 set interfaces lt-1/0/10 unit 30 family inet address 10.217.2.1/30 set interfaces lt-1/0/10 unit 31 encapsulation ethernet set interfaces lt-1/0/10 unit 31 peer-unit 30 set interfaces lt-1/0/10 unit 31 family inet address 10.217.2.2/30 set interfaces lo0 unit 217 family inet address 10.217.0.2/32 set routing-instances ce_vr instance-type virtual-router set routing-instances ce_vr interface lt-1/0/10.30 set routing-instances ce_vr interface lo0.217 set routing-instances ce_vr routing-options router-id 10.217.0.2 set routing-instances ce_vr routing-options autonomous-system 102 set routing-instances ce_vr protocols bgp group eBGP type external set routing-instances ce_vr protocols bgp group eBGP local-address 10.217.2.1 set routing-instances ce_vr protocols bgp group eBGP neighbor 10.217.2.2 peer-as 1101 set policy-options policy-statement exp_protocol_direct from protocol direct set policy-options policy-statement exp_protocol_direct then accept set routing-instances ce_vr protocols bgp group eBGP export exp_protocol_direct show LDP root@mx480-re0> show route table inet.3
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.255.50/32 *[LDP/9] 17:41:40, metric 1
> to 10.17.0.1 via ge-1/3/4.0
|