Routing

Hello everyone,

 

working on an MPLS lab setup with 4 SRXs (two 210s and two 650s - these things can do almost everything!!!), and finally after much pain got multicast working between CE devices in a L3 VPN implementation using the draft-rosen method of NG VPN.

 

However, i'm confused as to why its working --

 

the Multicast traffic woud not work, and the remote PE could not discover the source of the stream until I created another loopback interface (lo0.1) and bound it to the customer L3VPN Routing-instance, which is what the NG VPN configuration PDF says to do.  My question here is, why is this required?  I guess i'm just not clear on what function its serving, or why it couldn't use the interface IP that exists in the L3 VPN already.

 

Before I had added the lo0.1 interface, a show pim interfaces instance <instance-name> showed me the customer-facing and interface, and the pe-0/0/0.xxxx interface.

 

When I added lo0.1, I then got lo0.1, and another interface, mt-0/0/0.xxxxx as additional pim interfaces in the instance.

 

Really i'm just unclear on why the loopback was needed for the mt-0/0/0.xx interface to get created vs using the customer-facing interface.

 

 

Also, i'd like to also try doing the same test, but instead of draft-rosen PIM, using p2mp LSPs.  Does anyone have a configuration example of this working?  I tried it earlier (before I got draft-rosen working though), and couldn't make any headway with it.

 

Thanks!

 

Will

It's great to see you getting so much millage out of your SRX's!  They really are something special even if I do say so myself.

 

I am by no means an expert on this subject matter but please let me try and give you some help on your spefic questoin.

 

We establish the C-PIM instance with the VRF instance lo0 and not the main instance lo0, and this is why the loopback lo0.1 needs to be configured. I can take a guess that you question comes because this is not the same as Cisco who establish the C-PIM instance with the main loopback. 

 

Also, I hope you don't mind me pointing out that draft-rosen is MVPN or legacy MVPN, not Next Gen-MVPN. 

 

It is the goal of Next Generation MVPN to address limitations of draft-rosen MVPNs and to provide a robust framework for Multicast VPNs,  You can read more about NG-MVPN here MBGP-Based Multicast VPNs and Considerations about Multicast for BGP/MPLS VPN Standardization written by contributors from FT, BT, NTT, BT, DT and Verizon, demonstrating the wide acceptance of this as the way forward.

 

Sorry I don't have any configuration examples but you may find this app note and white paper of some use to you:

 

NG MVPN BGP Route Types and Encodings

examples of NG MVPN route types and their encodings. ...

These examples apply to NG MVPN using the BGP control plane. NG MVPN BGP Route Types and Encodings ...
www.juniper.net/us/en/local/pdf/app-notes/3500142-en.pdf

 

Internal Policies and Policy Evaluation for NG MVPNs

When you configure a PE router to support NG MVPNs, five internal policies are created.

Example: A typical MVPN routing-instance configuration is as follows ...
www.juniper.net/us/en/local/pdf/whitepapers/2000313-en.pdf

 

MPLS Applications is also this great book by Ina Minei and Julian Lucek which covers this subject in detail (shameless advertising on behalf of friends  ).

 

 (1)

 

#MVPN
#Multicast
#draft-rosen
#SRX
#NG-MVPN
#MPLS

ahh ok so it is only needed because the C-PIM will only establish off of a loopback, not a physical interface.  I guess I undestand the reason for this, just couldn't find an explanation anywhere!

 

and no, wasn't curious because of how Cisco does it -- where I work we make a point to do as little with Cisco as possible, and kick them out of accounts 😉

 

 

its been a few days now since I messed with my lab setup (had to work on some UAC stuff!), and I think its gotten obliterated by some co-workers . . . may rebuild it this week and try to do the NG VPN with p2mp LSPs and see if I can finally get that working!

 

thanks for the reply!

 

Will

"and no, wasn't curious because of how Cisco does it -- where I work we make a point to do as little with Cisco as possible, and kick them out of accounts"

 

We like that here 🙂

Can P2MP LSP be leveraged in anyway when doing inter-AS multicast distribution?

In other words, does MPVN or NG-MVPN work with P2MP LSP?

 

 

NG-MVPN is based on RSVP P2MP LSPs and MP-BGP for inter-AS communications. 

 

"These examples apply to NG MVPN using the BGP control plane

Type 1 Example: Intra-AS I-PMSI AD Route

originated by all PE routers participating in NG MVPN.

1:10.255.170.100:1:10.255.170.100 

Type 2 Example: Inter-AS I-PMSI AD Route

Originated by all ASBR PE routers.

2:10.255.170.100:1:65000

." - APPLICATION NOTE- NG MVPN BGP Route Types and Encodings

 

Details can be found in the RFCs & The Links given above

 

 

For the inter-AS option B, if one AS runs PIM-SM, can the other AS be PIM-SM free when using NG-VPN?

Just to be clear today we don't support inter-AS NG-MVPN, there are solutions for it in the draft and we will implement them but it is a matter of scheduling and resourcing. Of course Option A should just work.

As for your question: "If it is NG-MVPN in both ASes, then each AS can be using different tunnels e.g. one side could be running PIM-GRE tunnels and the other side RSVP-P2MP. That is a key advantage of inter-AS NG-MVPN, each As can make independent choices about what tunnels to use."  This came from someone who has much more knowledge than I.

What if one AS simply uses PIM-SM but LPD whereas second AS uses NG-MVPN on RSVP-TE based P2MP LSPs? Can option B still be used?