Junos/IOS L3 VPN configuration

<Juniper PE router configuration>

## Topology diagram at the end ##

root@Juniper> show configuration routing-instances

vpn-a { ### create a user-defined VPN in routing instance

instance-type vrf; ## set the instance as VRF

interface em2.0; ## interface belongs to this VPN

route-distinguisher 65010:1111; ## RD for this VPN

vrf-target target:65010:1111; ## RT for this VPN

protocols { ## CE-PE protocol configuration

ospf {

area 0.0.0.0 {

interface em2.0;

}

}

}

}

root@Juniper> show configuration protocols bgp

group sp-internal {

type internal;

local-address 2.2.2.2;

family inet-vpn { ## include this command to negotiate VPN NLRI

unicast;

}

neighbor 1.1.1.1;

}

root@Juniper> show configuration routing-options

autonomous-system 65010;

root@Juniper> show route table vpn-a

vpn-a.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)

+ = Active Route, – = Last Active, * = Both

10.2.3.0/24                  *[Direct/0] 00:45:04

> via em2.0

10.2.3.2/32                   *[Local/0] 00:45:04

Local via em2.0

192.168.1.0/24              *[OSPF/150] 00:29:50, metric 20, tag 0

> to 10.2.3.1 via em2.0

224.0.0.5/32                  *[OSPF/10] 00:45:07, metric 1

MultiRecv

root@Juniper> show route table inet.3   ## LSP established to remote-PE router

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)

+ = Active Route, – = Last Active, * = Both

1.1.1.1/32                  *[RSVP/7] 00:39:56, metric 2

> to 10.1.2.1 via em0.0, label-switched-path to-R1

to 10.2.2.1 via em1.0, label-switched-path to-R1

root@Juniper> show mpls lsp ingress up

Ingress LSP: 2 sessions

To                  From                State            Rt      ActivePath          P        LSPname

1.1.1.1          2.2.2.2             Up 0           via-R0                *         to-R1

Total 1 displayed, Up 1, Down 0

root@Juniper> show route advertising-protocol bgp 1.1.1.1 detail

vpn-a.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)

* 10.2.3.0/24 (1 entry, 1 announced)

BGP group sp-internal type Internal

Route Distinguisher: 65010:1111

VPN Label: 100000

Nexthop: Self

Flags: Nexthop Change

Localpref: 100

AS path: [65010] I

Communities: target:65010:1111

* 192.168.1.0/24 (1 entry, 1 announced)

BGP group sp-internal type Internal

Route Distinguisher: 65010:1111

VPN Label: 100000

Nexthop: Self

Flags: Nexthop Change

MED: 20

Localpref: 100

AS path: [65010] I

Communities: target:65010:1111 rte-type:0.0.0.0:5:1

root@Juniper>

<Cisco PE router configuration>

!

ip vrf vpn-a

rd 65010:1111

route-target export 65010:1111

route-target import 65010:1111

!

mpls traffic-eng tunnels

!

interface FastEthernet1/0

ip vrf forwarding vpn-a

ip address 10.2.1.1 255.255.255.0

duplex auto

speed auto

!

router bgp 65010

no synchronization

bgp log-neighbor-changes

neighbor 2.2.2.2 remote-as 65010

neighbor 2.2.2.2 update-source Loopback0

no auto-summary

!

address-family vpnv4

neighbor 2.2.2.2 activate

neighbor 2.2.2.2 send-community extended

exit-address-family

!

address-family ipv4 vrf vpn-a

no synchronization

exit-address-family

!

R1#show ip route vrf vpn-a

Routing Table: vpn-a

B          10.2.3.0 [200/0]     via 2.2.2.2,  00:20:34

B          192.168.1.0/24 [200/20]    via 2.2.2.2,  00:20:34 ## Routes from site-1 CE router reaches VPN table of remote PE.

R1#

Topology:

Advertisements
This entry was posted in bgp, IOS, jncis, Junos and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s