Routing
Routing

L3 VPN question

‎04-05-2010 08:51 PM

I have two sites with PE and L3VPN configuration in it.

 

There are 2 more link configured between the PE with multiple LSP between it.

 

I wonder how we can explicitly set the L3VPN traffic to flow via specific LSP.

 

Regards,

1 REPLY 1
Highlighted
Routing

Re: L3 VPN question

‎04-11-2010 05:19 PM

Rizal,

 

JUNOS allows you to assign a policy which controls next-hop installation.  This policy needs to match something in the routing table, and will control which next-hop (in your case, an LSP) is installed for a given set of routes.

 

So, if you want your L3VPN to take a specific LSP (or group of LSPs), you will want to match on something that uniquely identifies your VRF instance.  I find that matching the route-target for a given L3VPN is the most efficient way to do this.

 

The JUNOS Docs have a simple example here:

http://www.juniper.net/techpubs/en_US/junos10.1/topics/example/policy-lsp-forwarding-next-hop-assign...

 

Now, before you add this configuration, let's look at how this works:

 

- JUNOS will look at the BGP next-hop in the L3VPN, and will lookup any labeled-paths or LSPs in the inet.3 routing table.  This is the first stage, and will automatically filter the possible LSPs to those going to your chosen destination.

- If you have more than one LSP, then adding the forwarding table policy will match your specific L3VPN routes and will allow you to select a specific LSP (either by name or regex). 

- If your policy specifies an LSP that cannot be located, JUNOS will be lenient and choose another available LSP.  However, if you want to restrict the OS to only use the LSP you specified, be sure and add the "strict" keyword after the install-nexthop statement.

 

Below is an example I've used to map a BGP-based VPLS instance to an LSP regex.  This shows a VPLS instance, but L3VPN will work identically (as both use the same type of route-target community).

 

routing-options {
    forwarding-table {
        export LSP-policy;
    }
}
protocols {
    mpls {
        label-switched-path site1-site2-blue {
            to 10.1.1.1;
            bandwidth 2500000000;
            priority 6 6;
        }
    }
}
policy-options {
    policy-statement LSP-policy {
        term a {
            from community blue;
        }
        then {
            install-nexthop lsp-regex .*-blue;
            accept;
        }
    }
    community blue members [ target:65000:100 ];
}
routing-instances {
    blue {
        instance-type vpls;
        vlan-id 860;
        interface ge-5/0/2.0;
        vrf-target target:65000:100;
        protocols {
            vpls {
                interface ge-5/0/2.0;
                no-tunnel-services;
                site MX480 {
                    site-identifier 40;
                }
            }
        }
    }
}

 

I hope this helps,

 

Dan Backman
JNCIE-ER #6 / JNCIE-M #265 / JNCI