So, I'm trying to figure out how to set up some MPLS LSPs to transport some "interesting" packets from remote routers back to a central site which does traffic analysis, but I'm running into a few problems. I'm specifically interested in using LSPs for this because I don't have tunnel PICs available in every router. I also don't care to take the time to make my analysis box speak MPLS, so the goal is to backhaul the packets to an LSP which terminates on a Juniper connected to the analysis box, then do ccc to switch each LSP to a vlan-ccc and look at the VLAN tag to determine which router the packets came from.
It actually seems to be working, except for the fact that I am already running LSPs to the central collection site router in question, and the analysis LSPs are a second path to the same destination. The sampling router ends up sending legitimate traffic down the analysis LSP, and setting a lower preference or using a different "to" address with a higher metric cost on the LSP doesn't seem to help it. I see an option "no-install-to-address" which looks vaguely like it was created for what I'm trying to do, but with this configured I can't inject traffic to the LSP using a static "route x.x.x.x/x lsp-next-hop ANALYSISLSP" (which is how I'm collecting the "interesting" packets, with a dedicated routing-instance which I can punt traffic in to from a firewall, and yes I'm importing all my interface/igp routes into it). It seems like the way this would be handled if it was a normal l2circuit would be a second stacked label to identify the transport traffic, but I don't see a way to configure this manually. Is there a better way to accomplish what I'm trying to do? The ccc remote-interface-switch for this is pretty obnoxious anyways, since I have to create a dummy LSP for the transmit data when all I want to do is receive data to this particular interface. There really must be a better way. :) -- Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp