Routing
Routing

How can I assign a VRF through a specific MPLS path ?

[ Edited ]
‎03-10-2020 07:54 PM

My topology

VRFs.PNG

Site A has 4 Customers C1,C2,C3,C4, Site B also has 4 Customers C1,C2,C3,C4.

C1 and C2 use the same prefix, C3 and C4 use the same prefix.

 

MPLS cloud include MX-PE1 and MX-PE2, MX-RR (route reflector) and MX-P.

MX-PE1 <-------> MX-RR <-------> MX-PE2  (ISIS as IGP)

MX-PE1 <-------> MX-P <-------> MX-PE2 (OSPF as IGP)

C1 VRF JCust-1

C2 VRF JCust-2

C3 VRF JCust-3

C4 VRF JCust-4

Site-A router includes 4 logical systems.

Siet-B router includes 4 logical systems.

I am trying to do the followings:

VRFs JCust-1 and JCust-2 go through MX-PE1 <-------> MX-RR <-------> MX-PE2

VRFs JCust-3 and JCust-3 go through MX-PE1 <-------> MX-P  <--------> MX-PE2

 

I have done VRFs JCust-1 and JCust-2 go through MX-PE1 <-------> MX-RR <-------> MX-PE2

How can I make VRFs JCust-3 and JCust-4 go through MX-PE1 <-------> MX-P  <--------> MX-PE2 ?

 

thanks !!

Here is configuration

CE1
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 mac 00:05:86:71:7a:00
set interfaces ge-0/0/1 mac 00:05:86:71:7a:01

set logical-systems JCust-1 interfaces ge-0/0/0 unit 11 vlan-id 11
set logical-systems JCust-1 interfaces ge-0/0/0 unit 11 family inet address 10.11.1.2/24
set logical-systems JCust-1 interfaces lo0 unit 1 family inet address 1.1.1.1/32
set logical-systems JCust-1 protocols ospf area 0.0.0.10 interface ge-0/0/0.11
set logical-systems JCust-1 protocols ospf area 0.0.0.10 interface lo0.1

set logical-systems JCust-2 interfaces ge-0/0/0 unit 12 vlan-id 12
set logical-systems JCust-2 interfaces ge-0/0/0 unit 12 family inet address 10.11.1.2/24
set logical-systems JCust-2 interfaces lo0 unit 2 family inet address 2.2.2.2/32
set logical-systems JCust-2 protocols ospf area 0.0.0.10 interface ge-0/0/0.12
set logical-systems JCust-2 protocols ospf area 0.0.0.10 interface lo0.2


MX-PE1
Facing CE1
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 unit 11 vlan-id 11
set interfaces ge-0/0/0 unit 11 family inet address 10.11.1.1/24
set interfaces ge-0/0/0 unit 12 vlan-id 12
set interfaces ge-0/0/0 unit 12 family inet address 10.11.1.1/24

set routing-instances JCust-1 instance-type vrf
set routing-instances JCust-1 interface ge-0/0/0.11
set routing-instances JCust-1 route-distinguisher 10.11.1.1:1
set routing-instances JCust-1 vrf-target import target:65111:1
set routing-instances JCust-1 vrf-target export target:65111:1
set routing-instances JCust-1 protocols ospf area 0.0.0.10 interface ge-0/0/0.11
set routing-instances JCust-1 protocols ospf export BGP2Local

set routing-instances JCust-2 instance-type vrf
set routing-instances JCust-2 interface ge-0/0/0.12
set routing-instances JCust-2 route-distinguisher 10.11.1.1:2
set routing-instances JCust-2 vrf-target import target:65111:2
set routing-instances JCust-2 vrf-target export target:65111:2
set routing-instances JCust-2 protocols ospf area 0.0.0.10 interface ge-0/0/0.12
set routing-instances JCust-2 protocols ospf export BGP2Local

set policy-options policy-statement BGP2Local term t1 from protocol bgp
set policy-options policy-statement BGP2Local term t1 then accept

Facing MX-RR
set interfaces lo0 unit 0 family inet address 172.17.20.1/32
set interfaces lo0 unit 0 family iso address 49.4234.1720.1702.0001.00
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.1/30
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls

set protocols isis level 1 disable
set protocols isis interface ge-0/0/1.0
set protocols isis interface lo0.0

set protocols mpls interface ge-0/0/1.0
set protocols rsvp interface all
set protocols ldp interface ge-0/0/1.0

set routing-options autonomous-system 65123
set protocols bgp group ToMX-RR type internal
set protocols bgp group ToMX-RR local-address 172.17.20.1
set protocols bgp group ToMX-RR family inet unicast
set protocols bgp group ToMX-RR family inet-vpn any
set protocols bgp group ToMX-RR neighbor 172.17.20.3

MX-RR
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.2/30
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.2.2/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 172.17.20.3/32
set interfaces lo0 unit 0 family iso address 49.4651.1720.1702.0003.00

set protocols isis interface ge-0/0/1.0
set protocols isis interface ge-0/0/2.0
set protocols isis interface lo0.0

set protocols ldp interface ge-0/0/1.0
set protocols ldp interface ge-0/0/2.0
set protocols rsvp interface ge-0/0/2.0
set protocols rsvp interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface ge-0/0/1.0

set routing-options autonomous-system 65123
set protocols bgp group ToMXPE type internal
set protocols bgp group ToMXPE local-address 172.17.20.3
set protocols bgp group ToMXPE family inet unicast
set protocols bgp group ToMXPE family inet-vpn any
set protocols bgp group ToMXPE cluster 172.17.20.3
set protocols bgp group ToMXPE neighbor 172.17.20.1
set protocols bgp group ToMXPE neighbor 172.17.20.2
set protocols bgp group ToMXPE export NHS

set policy-options policy-statement NHS then next-hop self

MX-PE2

set interfaces ge-0/0/2 unit 0 family inet address 172.16.2.1/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 172.17.20.2/32
set interfaces lo0 unit 0 family iso address 49.4651.1720.1702.0002.00

set protocols isis level 1 disable
set protocols isis interface ge-0/0/2.0
set protocols isis interface lo0.0

set protocols rsvp interface ge-0/0/2.0
set protocols mpls interface ge-0/0/2.0
set protocols ldp interface ge-0/0/2.0

set routing-options autonomous-system 65123
set protocols bgp group ToMX-RR type internal
set protocols bgp group ToMX-RR local-address 172.17.20.2
set protocols bgp group ToMX-RR family inet unicast
set protocols bgp group ToMX-RR family inet-vpn any
set protocols bgp group ToMX-RR neighbor 172.17.20.3

Facing CE2
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 unit 11 vlan-id 11
set interfaces ge-0/0/0 unit 11 family inet address 10.12.1.1/24
set interfaces ge-0/0/0 unit 12 vlan-id 12
set interfaces ge-0/0/0 unit 12 family inet address 10.12.1.2/24

set routing-instances JCust-1 instance-type vrf
set routing-instances JCust-1 interface ge-0/0/0.11
set routing-instances JCust-1 route-distinguisher 10.12.1.1:1
set routing-instances JCust-1 vrf-target import target:65111:1
set routing-instances JCust-1 vrf-target export target:65111:1
set routing-instances JCust-1 protocols rip group rip-group neighbor ge-0/0/0.11
set routing-instances JCust-1 protocols rip group rip-group export BGP2Local

set routing-instances JCust-2 instance-type vrf
set routing-instances JCust-2 interface ge-0/0/0.12
set routing-instances JCust-2 route-distinguisher 10.12.1.1:2
set routing-instances JCust-2 vrf-target import target:65111:2
set routing-instances JCust-2 vrf-target export target:65111:2
set routing-instances JCust-2 protocols ospf area 0.0.0.10 interface ge-0/0/0.12
set routing-instances JCust-2 protocols ospf export BGP2Local

set policy-options policy-statement BGP2Local term t1 from protocol bgp
set policy-options policy-statement BGP2Local term t1 then accept

CE2
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 mac 00:05:86:71:7a:00

set logical-systems JCust-1 interfaces ge-0/0/0 unit 11 vlan-id 11
set logical-systems JCust-1 interfaces ge-0/0/0 unit 11 family inet address 10.12.1.2/24
set logical-systems JCust-1 interfaces lo0 unit 1 family inet address 11.11.11.11/32
set logical-systems JCust-1 protocols rip group rip-group export exp2RIP
set logical-systems JCust-1 protocols rip group rip-group neighbor ge-0/0/0.11
set logical-systems JCust-1 policy-options policy-statement exp2RIP term t1 from interface lo0.1
set logical-systems JCust-1 policy-options policy-statement exp2RIP term t1 then accept

set logical-systems JCust-2 interfaces ge-0/0/0 unit 12 vlan-id 12
set logical-systems JCust-2 interfaces ge-0/0/0 unit 12 family inet address 10.12.2.2/24
set logical-systems JCust-2 interfaces lo0 unit 2 family inet address 22.22.22.22/32
set logical-systems JCust-2 protocols ospf area 0.0.0.10 interface ge-0/0/0.12
set logical-systems JCust-2 protocols ospf area 0.0.0.10 interface lo0.2

 

 

11 REPLIES 11
Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-10-2020 09:55 PM

Hello,

Yes You can, check out this page for "install-nexthop" knob  https://www.juniper.net/documentation/en_US/junos/topics/example/policy-lsp-forwarding-next-hop-assi...

and this for community matching https://www.juniper.net/documentation/en_US/junos/topics/usage-guidelines/vpns-configuring-policies-...

 

"install-nexthop lsp" works only for equal-cost LSPs and only for RSVP. LDP and Segment Routing are not supported.

 

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-10-2020 09:58 PM

Hi , one of the option is to assign one more IP to lo0.0 interface of your MX-PE2 and advertise announces of this vrf with next-hop of this new IP(you can change this via policy).

show configuration policy-options policy-statement changeNH
term 1 {
    from rib PRIO_VRF.l3vpn.0;
    then {
        next-hop your_second_ip_on_lo0;
    }
}

And configure lsp from mxpe1 to mxpe2 with options
to primary-ip-of_lo0_mxpe2
no-install-to-address
install your_second_ip_on_lo0

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-10-2020 09:59 PM

And do not forget to add vpn-apply-export under protocol bgp 

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 05:00 AM

thanks !   I will give a try.

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 05:01 AM

thanks!   I will give a try.

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 05:02 AM

thanks for your information. I will give a try.

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 07:26 AM

Hi gongyayu,

 

Here is a very good blog on this:

 

https://packetcorner.wordpress.com/2012/09/02/policy-to-control-lsp-selection/

 

This is what I would do:

 

set policy-options policy-statement test-lsp term 1 from protocol bgp

set policy-options policy-statement test-lsp term 1 from community customer-1 <<< you can use route-filter instead of community

set policy-options policy-statement test-lsp term 1 then install-nexthop lsp lsp-name

 

set routing-options forwarding-table export test-lsp

 

To verify if the lsp is getting used or not:

 

show mpls lsp statistics name lsp-name

 

PS: Please accept my response as solution if it answers your query, kudos are appreciated too!

 

Thanks

Vishal

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 07:34 AM

Do I have configure LSP manually ?

 

thanks !!

Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

[ Edited ]
‎03-11-2020 07:41 AM

Hello,

 


@gongyayu wrote:

Do I have configure LSP manually ?

 

 

Yes, You do, for both solutions. 

And before You ask - the solution with secondary loopback IP from akushner allows non-equal-cost LSP to be used whereas solution with "install-nexthop" knob works only with equal-cost LSP.

HTH

Thx

Alex

 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-11-2020 08:17 AM

I came across another issue.

If I configure another IP on lo0 and I use that IP as local-address for bgp. I will get route hidden.

JCust-1.inet.0: 6 destinations, 6 routes (4 active, 0 holddown, 2 hidden)
1.1.1.1/32 (1 entry, 0 announced)
         BGP    Preference: 170/-101
                Route Distinguisher: 10.11.1.1:1
                Next hop type: Unusable
                Address: 0x9293e84
                Next-hop reference count: 8
                State: <Secondary Hidden Int Ext ProtectionCand>
                Local AS: 65123 Peer AS: 65123
                Age: 38:25      Metric: 1
                Validation State: unverified
                Task: BGP_65123.172.18.20.1+179
                AS path: I
                Communities: target:65111:1 rte-type:0.0.0.10:1:0
                Import Accepted
                VPN Label: 300048
                Localpref: 100
                Router ID: 172.17.20.1
                Primary Routing Table bgp.l3vpn.0
                Indirect next hops: 1
                        Protocol next hop: 172.18.20.1
                        Label operation: Push 300048
                        Label TTL action: prop-ttl
                        Load balance label: Label 300048: None;
                        Indirect next hop: 0x0 - INH Session ID: 0x0
Highlighted
Routing

Re: How can I assign a VRF through a specific MPLS path ?

‎03-12-2020 07:22 AM

thanks !!

Feedback