Hi,

we currently have a small number of PoPs, each equippped with a Juniper M-series router. On each PoP we use a local Vlan 100 for the management with RFC1918 ip adresses - 192.168.0.0/16.

Unfortunately, this results in scalability problems as the network grows since it's not possible to manage and monitor all network devices (e.g. network switches) from one central point.

Therefore, we want to setup MPLS in our network and create a network wide VPN for the management. Since my experience with MPLS is very, very low (as in "there is none"), I could need some help here. So here we go:

The PoPs are connected over dedicated transport links and iBGP as well as OSPF is running fine so far. The transport link ends in a Foundry core-switch, the core-switch itself is connected via aggregated-ethernet to the juniper m-series router. On that ae-link, we're running dot1q vlan tagging.


First problem: what exactly will I need for my purpose? L2VPN? L3VPN? Something else? The management vpn shall be reachable from every management device on 2 or more PoPs.


I managed to got basic MPLS running as follows:


- enabled mpls under "protocols mpls" and created a label-switched-path
- enabled rsvp for the interface ospf and iBGP is running on


Here is where I'm stuck: what would be the next steps in order to create the desired management VPN? The routers itself doesn't need a RFC1918 adress within that VPN. What encapsulation would I need on the specific interface for the described setup?


Thanks for any help & best regards,
Jeff
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to