In the previous post we completed the Inter-AS design with Cisco.
Stage 1 - Build OSPF/ISIS Areas - COMPLETE
Stage 2 - Configure BGP, Create ASBRs/PEs, use RR via R7/R8 - COMPLETE
Stage 3 - Enable MPLS - COMPLETE
Stage 4 - Create InterAS OptC (multihop vpnv4 ebgp between RR lo) - COMPLETE
Stage 5 - Connect CEs, CUST1=OSPF CUST2=BGP - COMPLETE
Stage 6 - replace some routers with Juniper
In this final post, we will review the config required on the Juniper routers to take part in OSPF, ISIS and MPLS.
Our updated design looks like this, when we replace some of the Cisco routers with Juniper. To experiment, I have replaced R4, R7 and R10. This will give us a Juniper Route Reflector, ASBR and PE.
The core config required for Juniper is as follows (to remove the SRx security features that we don't need):
delete security
set security forwarding-options family inet6 mode packet-based
set security forwarding-options family mpls mode packet-based
set security forwarding-options family iso mode packet-based
Also some of the common commands that are needed (for the non Juniper amoung us) are:
set interfaces ge-0/0/0 unit 0 family inet address 10.0.210.2/30
set interfaces ge-0/0/1 unit 0 family inet address 10.0.110.2/30
set interfaces ge-0/0/2 unit 0 family inet address 10.0.103.2/30
set interfaces ge-0/0/3 unit 0 family inet address 10.0.107.2/30
set interfaces lo0 unit 0 family inet address 10.10.10.10/32
set system host R10
set system root-authentication encrypted-password "$1$Siw1mUfw$jKFGWROP5tRUrUe0idGXp."
[this sets it to Juniper1]
I won't go through all the steps to configure each router, since it is the same process as the Cisco units (just with the Juniper relevant command instead). The following are the configs for each of the devices:
R4
set interfaces ge-0/0/0 unit 0 family inet address 10.0.48.1/30
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 10.11.111.1/30
set interfaces ge-0/0/2 unit 0 family inet address 10.0.49.1/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/3 unit 0 family inet address 10.0.45.1/30
set interfaces ge-0/0/3 unit 0 family iso
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 4.4.4.4/32
set interfaces lo0 unit 0 family iso address 49.1111.0000.0000.0004.00
set routing-options router-id 4.4.4.4
set routing-options autonomous-system 111
set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface ge-0/0/3.0
set protocols bgp family inet labeled-unicast resolve-vpn
set protocols bgp family inet-vpn unicast
set protocols bgp group as111 type internal
set protocols bgp group as111 local-address 4.4.4.4
set protocols bgp group as111 neighbor 8.8.8.8 family inet labeled-unicast
set protocols bgp group as111 neighbor 8.8.8.8 family inet-vpn unicast
set protocols bgp group as111 neighbor 8.8.8.8 export next-hop-self
set protocols isis level 2 wide-metrics-only
set protocols isis interface all ldp-synchronization
set protocols isis interface all level 1 disable
set protocols ldp interface all
set policy-options policy-statement bgp-to-ospf term 1 from protocol bgp
set policy-options policy-statement bgp-to-ospf term 1 then accept
set policy-options policy-statement bgp-to-ospf term 2 then reject
set policy-options policy-statement next-hop-self then next-hop self
set policy-options policy-statement vpnexport term 1 from protocol ospf
set policy-options policy-statement vpnexport term 1 then community add cust1_comm
set policy-options policy-statement vpnexport term 1 then accept
set policy-options policy-statement vpnexport term 2 then reject
set policy-options policy-statement vpnimport term 1 from protocol bgp
set policy-options policy-statement vpnimport term 1 from community cust1_comm
set policy-options policy-statement vpnimport term 1 then accept
set policy-options policy-statement vpnimport term 2 then reject
set policy-options community cust1_comm members target:100:100
set security forwarding-options family inet6 mode packet-based
set security forwarding-options family mpls mode packet-based
set security forwarding-options family iso mode packet-based
set routing-instances CUST1 instance-type vrf
set routing-instances CUST1 interface ge-0/0/1.0
set routing-instances CUST1 route-distinguisher 1:1
set routing-instances CUST1 vrf-import vpnimport
set routing-instances CUST1 vrf-export vpnexport
set routing-instances CUST1 protocols ospf export bgp-to-ospf
set routing-instances CUST1 protocols ospf area 0.0.0.0 interface ge-0/0/1.0
R7
set interfaces ge-0/0/0 unit 0 family inet address 10.0.107.1/30
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 10.0.17.2/30
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 7.7.7.7/32
set routing-options router-id 7.7.7.7
set routing-options autonomous-system 21
set routing-options resolution
set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols bgp family inet labeled-unicast resolve-vpn
set protocols bgp group as21 type internal
set protocols bgp group as21 local-address 7.7.7.7
set protocols bgp group as21 family inet labeled-unicast
set protocols bgp group as21 family inet-vpn unicast
set protocols bgp group as21 cluster 7.7.7.7
set protocols bgp group as21 neighbor 2.2.2.2 family inet labeled-unicast
set protocols bgp group as21 neighbor 2.2.2.2 family inet-vpn unicast
set protocols bgp group as21 neighbor 6.6.6.6 family inet labeled-unicast
set protocols bgp group as21 neighbor 6.6.6.6 family inet-vpn unicast
set protocols bgp group as21 neighbor 1.1.1.1 family inet labeled-unicast
set protocols bgp group as21 neighbor 1.1.1.1 family inet-vpn unicast
set protocols bgp group as21 neighbor 10.10.10.10 family inet labeled-unicast
set protocols bgp group as21 neighbor 10.10.10.10 family inet-vpn unicast
set protocols bgp group as111 type external
set protocols bgp group as111 multihop no-nexthop-change
set protocols bgp group as111 local-address 7.7.7.7
set protocols bgp group as111 neighbor 8.8.8.8 multihop
set protocols bgp group as111 neighbor 8.8.8.8 family inet-vpn unicast
set protocols bgp group as111 neighbor 8.8.8.8 peer-as 111
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0
set protocols ospf area 0.0.0.0 interface all ldp-synchronization
set protocols ldp interface all
set security forwarding-options family inet6 mode packet-based
set security forwarding-options family mpls mode packet-based
set security forwarding-options family iso mode packet-based
R10
set interfaces ge-0/0/0 unit 0 family inet address 10.0.210.2/30
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 10.0.110.2/30
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 10.0.103.2/30
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/3 unit 0 family inet address 10.0.107.2/30
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 10.10.10.10/32
set routing-options router-id 10.10.10.10
set routing-options autonomous-system 21
set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface ge-0/0/3.0
set protocols mpls interface ge-0/0/1.0
set protocols bgp family inet labeled-unicast
set protocols bgp group as21 type internal
set protocols bgp group as21 local-address 10.10.10.10
set protocols bgp group as21 neighbor 7.7.7.7 family inet labeled-unicast
set protocols bgp group as21 neighbor 7.7.7.7 export next-hop-self
set protocols bgp group ebgp type external
set protocols bgp group ebgp local-address 10.0.103.2
set protocols bgp group ebgp neighbor 10.0.103.1 family inet labeled-unicast
set protocols bgp group ebgp neighbor 10.0.103.1 export TO-AS111
set protocols bgp group ebgp neighbor 10.0.103.1 peer-as 111
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0
set protocols ospf area 0.0.0.0 interface ge-0/0/3.0
set protocols ospf area 0.0.0.0 interface all ldp-synchronization
set protocols ldp interface all
set policy-options policy-statement TO-AS111 term 1 from route-filter 1.1.1.1/32 exact
set policy-options policy-statement TO-AS111 term 1 from route-filter 2.2.2.2/32 exact
set policy-options policy-statement TO-AS111 term 1 from route-filter 6.6.6.6/32 exact
set policy-options policy-statement TO-AS111 term 1 from route-filter 7.7.7.7/32 exact
set policy-options policy-statement TO-AS111 term 1 from route-filter 10.10.10.10/32 exact
set policy-options policy-statement TO-AS111 term 1 then accept
set policy-options policy-statement next-hop-self then next-hop self
set security forwarding-options family inet6 mode packet-based
set security forwarding-options family mpls mode packet-based
set security forwarding-options family iso mode packet-based
Once configured, you should find you have MPLS labels, routes and IGP/BGP peering up as per Cisco. A completed Inter-AS design, with Cisco and Juniper happily working together !
You can download the Juniper (only) config file HERE
Thanks for reading, and I wish you good learning in your journey towards CCIE (or any form of service provider knowledge). Feel free to leave a post or send me an email with any comments or questions !
No comments:
Post a Comment