Hello list, we operate a relatively small network with one Juniper M10 router for everything. Since availability becomes more and more important, we want to raise this by installing a second M10 with VRRP.
Our current setup is pretty simple: Uplink1 - +-----+ - +-------------+ Uplink2 - | M10 |ae0| Core-Switch | - Customers +-----+ - +-------------+ Where Uplink 2 is physically connected to the Core-Switch and the logical connection is done with dot1q Vlans. We just do very basic BGP and configure all default gateways for the customers directly on logical units on ae0. Unfortunately, my experience with VRRP and IGPs is very limited and I did not find helpful documentation on how a VRRP setup affects everything else. Here is the way I think it works: - a second router needs to have at least one full-table upstream on it's own - the routers have to do iBGP with each other - I have to configure VRRP on both sides for specific subnets(just a few, not all) - the routers have to do some IGP with each other(which would you suggest?) Please correct me here if I am wrong. The first step is only 2 routers for Layer3 redundancy. We consider that necessary because we had too many problems in the past with the juniper box. The Core-Switch is redundant in several ways(and doing it's job rock stable), so for now we won't install a 2nd Core-Switch. However, if we did: how would that affect the setup? Which extra links would be necessary in which configuration? As far as I know, the following links usually exist with this setup: - Router 1 <-> Router 2 - Router 1 <-> Switch 1 - Router 1 <-> Switch 2 - Router 2 <-> Switch 1 - Router 2 <-> Switch 2 - Switch 1 <-> Switch 2 Obviously, Router 1 and Router 2 share a more or less identical configuration for VRRP with the same VLAN-IDs and so on.. But what about the link each router has to each switch? Since that is "real" router interfaces, VLAN 200 from Link #1(to Switch1) is not equal to VLAN 200 from Link #2(to Switch2). Which extra configuration(e.g. Spanning-Tree) should be done here? I suppose it's obvious that I am having some trouble here finding the correct solution. I hope some of you can help destroy some misunderstanding and enlighten me and maybe some other guys too ;) Looking forward to your answers! Regards, Jeff _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp