Routing

last person joined: 4 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  First VPLS attempt need help!!!!

    Posted 01-22-2015 12:11
    Note this is a VPLS/DIA link. Portion is used from for DIA other portion is used for our corporate MPLS.
     
    The configs below are my attempt at setting this up. I can see the route in the routing table and the route was NOT in a reject state. 
    Performing a traceroute or ping produced no results, but I could see a trickle amount of traffic over the link.
     
    Am I missing something?
    Config below
    set routing-options static route 0.0.0.0/0 next-hop 216.1.170.253
    set routing-options static route 0.0.0.0/0 qualified-next-hop 97.77.62.9 preference 100
    set interfaces ge-0/0/8 vlan-tagging
    set interfaces ge-0/0/8 mtu 9000
    set interfaces ge-0/0/8 unit 100 vlan-id 100
    set interfaces ge-0/0/8 unit 100 family inet address 216.1.170.254/30
    set interfaces ge-0/0/8 unit 900 family inet address 10.160.255.5/26
    set interfaces ge-0/0/8 unit 900 vlan-id 900
    set security zones security-zone UNTRUST interfaces ge-0/0/8.100 host-inbound-traffic system-services all
    set security zones security-zone PLN1-MPLS-WAN interfaces ge-0/0/8.900 host-inbound-traffic system-services all


  • 2.  RE: First VPLS attempt need help!!!!

     
    Posted 01-22-2015 12:32

    What exactly are you trying to do?  I'm not sure what this configuration has to do with VPLS, either.  What device are you working on here?  I assume this is an SRX based on the fact that you have zones defined here, but I dislike making assumptions.  What are you trying to ping to/from?  There's very little information here that can be used to determine a solution to your problem.  If you could respond with more details, someone here can likely help you out.



  • 3.  RE: First VPLS attempt need help!!!!

    Posted 01-22-2015 12:35

     

    I just updated the orignal message with more info. We were provided with a VPLS/DIA connection from our carrier. I'm trying to setup and use the service.

     

    After the config above, I was just trying to ping the next hop that is in the configuration but could not.

     

    This is an SRX240.



  • 4.  RE: First VPLS attempt need help!!!!

     
    Posted 01-22-2015 12:42

    Okay.

     

    Are you running the ping as such?

     

    srx240> ping 216.1.170.253 source 216.1.170.254

     Does anything show up in the ARP cache if after you run the ping?

     

    srx240> show arp no-resolve

     Are you trying to ping from the trust interface to the untrust interface next-hop?  If this is the case, you will need to set up a source NAT rule to NAT this traffic from the junos-host zone:

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB26372



  • 5.  RE: First VPLS attempt need help!!!!

    Posted 01-22-2015 12:51

    I can't test this very second because we are in production at this time.

     

    But I can say that "set routing-options static route 0.0.0.0/0 qualified-next-hop 97.77.62.9 preference 10"

    works without issue, can ping the next hop, and can route traffic out, going from TRUST to UNTRUST.

     

    The static route below does not, even though its going from TRUST to UNTRUST like the one above.

    "set routing-options static route 0.0.0.0/0 next-hop 216.1.170.253"



  • 6.  RE: First VPLS attempt need help!!!!

     
    Posted 01-22-2015 22:16

    Can you please attach you complete config so others can have a look at the complete config en try to help you with it



  • 7.  RE: First VPLS attempt need help!!!!
    Best Answer

     
    Posted 01-23-2015 05:32

    OP told me privately that he was going to check with the provider, as it doesn't appear that the circuit is quite ready for prime time.