[j-nsp] l2circuit in vrf

2009-01-08 Thread Marcus Eide 
Hi,
I don't know if this is even possible, but I thought I'd ask you: Does
anyone know if it's possible to connect an l2circuit to an vrf type
routing-instance?

I found some information that stated this could be done with logical tunnel
interfaces, so I tried the following:


interface lt-1/2/0 {
unit 0 {
encapsulation ethernet-ccc;
peer-unit 1;
family ccc;
}
unit 1 {
encapsulation ethernet;
peer-unit 0;
family inet {
address 192.168.3.1/24;
}
}
}

protocol l2circuit {
neighbor 172.16.0.2 {
interface lt-1/2/0.0 {
virtual-circuit-id ;
}
}
}

routing-instance VRF1003 {
instance-type vrf;
interface lo0.1003;
interface lt-1/2/0.1003;
route-distinguisher 65000:1003;
vrf-target target:65000:1003;
vrf-table-label;
}

The l2circuit shows up, but there's no traffic coming through.

Any thoughts on the subject is appreciated.

/Marcus
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] JUNOS funny or bad poetry :)

2009-01-08 Thread Masood Ahmad Shah 
JUNOS guys promise they would not make it boring! If you don't want to
configure something on JUNOS, spend some time with JUNOS haiku.

 

http://weblogs.com.pk/jahil/archive/2009/01/07/juniper-junos-funny-poetry.as
px

 

 

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] VPDN equivalent on juniper

2009-01-08 Thread Matthias Gelbhardt 

Hi!

We would like to offer DSL lines to our customers and have a provider  
of these lines on hand. They use a VPDN over a L2TP tunnel for the DSL  
lines. I was searching which is the equivalent of VPDN on the juniper  
side, as there examples are all cisco examples.


Regards,

Matthias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] l2circuit or l2vpn

2009-01-08 Thread Andrew Jimmy 
What are the major differences between l2cirucit and l2vpn in terms of
Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Keegan . Holley 
The main differences are related to the Martini and Kompella method of 
implementing the technology. For example l2vpn is based on MBGP with RSVP 
doing the LSP signaling and advertising the labels.  This means that the 
path of the circuit is handled as if it were a virtual circuit because 
RSVP signals and reserves the bandwidth before traffic is passed. 
l2circuit is based on LDP which sends hellos end to end but depends on the 
IGP for resource reservations.  The data forwarding is technically the 
same and you can achieve the same results with either though.  Personally, 
I'm a fan of l2vpn the use of RSVP allows for more tidy configuration and 
bandwidth reservations.  I think l2vpn is a little easier to troubleshoot 
as well, however YMMV.

Keegan




From:
"Andrew Jimmy" 
To:

Date:
01/08/2009 12:54 PM
Subject:
[j-nsp] l2circuit or l2vpn
Sent by:
juniper-nsp-boun...@puck.nether.net



What are the major differences between l2cirucit and l2vpn in terms of
Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp




___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Andrew Jimmy 
Well, this means that you need to have MPLS switching in both case either
l2ciruict or l2vpn. What if you want to use pseudo-wire services (like
L2TPv3 (Cisco)) when you don't have MPLS environment.

Second if l2vpn is multipoint than what's the usage of VPLS. Is there any
significant difference between l2vpn and VPLS. 

 

Can't you have pseudo-wire circuit on traditional IP network ( just like
cisco L2TPVv3).

 

 

 

 

From: keegan.hol...@sungard.com [mailto:keegan.hol...@sungard.com] 
Sent: Thursday, January 08, 2009 11:08 PM
To: Andrew Jimmy
Cc: juniper-nsp@puck.nether.net; juniper-nsp-boun...@puck.nether.net
Subject: Re: [j-nsp] l2circuit or l2vpn

 


The main differences are related to the Martini and Kompella method of
implementing the technology. For example l2vpn is based on MBGP with RSVP
doing the LSP signaling and advertising the labels.  This means that the
path of the circuit is handled as if it were a virtual circuit because RSVP
signals and reserves the bandwidth before traffic is passed.  l2circuit is
based on LDP which sends hellos end to end but depends on the IGP for
resource reservations.  The data forwarding is technically the same and you
can achieve the same results with either though.  Personally, I'm a fan of
l2vpn the use of RSVP allows for more tidy configuration and bandwidth
reservations.  I think l2vpn is a little easier to troubleshoot as well,
however YMMV. 

Keegan 





From: 

"Andrew Jimmy"  


To: 

 


Date: 

01/08/2009 12:54 PM 


Subject: 

[j-nsp] l2circuit or l2vpn 


Sent by: 

juniper-nsp-boun...@puck.nether.net

 

  _  




What are the major differences between l2cirucit and l2vpn in terms of
Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
 
https://puck.nether.net/mailman/listinfo/juniper-nsp





___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread sthaug 
> The main differences are related to the Martini and Kompella method of 
> implementing the technology. For example l2vpn is based on MBGP with RSVP 
> doing the LSP signaling and advertising the labels.  This means that the 
> path of the circuit is handled as if it were a virtual circuit because 
> RSVP signals and reserves the bandwidth before traffic is passed. 
> l2circuit is based on LDP which sends hellos end to end but depends on the 
> IGP for resource reservations.  The data forwarding is technically the 
> same and you can achieve the same results with either though.  Personally, 
> I'm a fan of l2vpn the use of RSVP allows for more tidy configuration and 
> bandwidth reservations.  I think l2vpn is a little easier to troubleshoot 
> as well, however YMMV.

It should also be noted:

- Both methods require MPLS. In that respect neither of them can
replace an L2TPv3 based pseudowire, since L2TPv3 can ride on top of
standard IP.

- l2circuit is interoperable (for instance between Juniper and Cisco),
while l2vpn is not.

Steinar Haug, Nethelp consulting, sth...@nethelp.no
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Keegan . Holley 
I think I missed this in the original post and just mentioned the MPLS 
technologies.  I know at least the ERX series supports L2TP.  I have never 
done this on juniper equipment so I'm not much help in this respect.  If I 
had the choice I'd implement a simple MPLS configuration though since it 
will allow more advanced features such as traffic engineering and mapping 
the circuits over specific links through admin groups or SRO/RRO (RSVP). 
Also, l2circuit/l2vpn is not multipoint, that is the purpose of vpls..

HTH,

Keegan




From:
"Andrew Jimmy" 
To:

Cc:

Date:
01/08/2009 01:19 PM
Subject:
RE: [j-nsp] l2circuit or l2vpn



Well, this means that you need to have MPLS switching in both case either 
l2ciruict or l2vpn. What if you want to use pseudo-wire services (like 
L2TPv3 (Cisco)) when you don?t have MPLS environment.
Second if l2vpn is multipoint than what?s the usage of VPLS. Is there any 
significant difference between l2vpn and VPLS. 
 
Can?t you have pseudo-wire circuit on traditional IP network ( just like 
cisco L2TPVv3).
 
 
 
 
From: keegan.hol...@sungard.com [mailto:keegan.hol...@sungard.com] 
Sent: Thursday, January 08, 2009 11:08 PM
To: Andrew Jimmy
Cc: juniper-nsp@puck.nether.net; juniper-nsp-boun...@puck.nether.net
Subject: Re: [j-nsp] l2circuit or l2vpn
 

The main differences are related to the Martini and Kompella method of 
implementing the technology. For example l2vpn is based on MBGP with RSVP 
doing the LSP signaling and advertising the labels.  This means that the 
path of the circuit is handled as if it were a virtual circuit because 
RSVP signals and reserves the bandwidth before traffic is passed. 
l2circuit is based on LDP which sends hellos end to end but depends on the 
IGP for resource reservations.  The data forwarding is technically the 
same and you can achieve the same results with either though.  Personally, 
I'm a fan of l2vpn the use of RSVP allows for more tidy configuration and 
bandwidth reservations.  I think l2vpn is a little easier to troubleshoot 
as well, however YMMV. 

Keegan 



From: 
"Andrew Jimmy"  
To: 
 
Date: 
01/08/2009 12:54 PM 
Subject: 
[j-nsp] l2circuit or l2vpn 
Sent by: 
juniper-nsp-boun...@puck.nether.net
 




What are the major differences between l2cirucit and l2vpn in terms of
Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp




___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread David Ball 
  I've found better vendor interop using l2circuit, as someone else on
the list mentioned, and have had them working between JNPR, Foundry,
Cisco, and even lower-end MRV switches.  I find the configuration of
L2circuits simpler in JUNOS as well.  However, if better traffic eng
is what you need, the comments made by others in this thread are very
pertinent as well.

  If you're talking multipoint and using VPLS, BGP-signalled VPLS is
nice in JUNOS because of the autodiscovery, whereas LDP-signalled VPLS
requires that you visit every PE that a given VPLS customer touches if
you add 1 more site on a new PE (although vendors like Foundry are
adding some kind of autodiscovery to account for this I
think...perhaps Juniper will too).  Also, likely better vendor interop
here too, with LDP-signalled.

My $0.02

David


2009/1/8 Andrew Jimmy :
> What are the major differences between l2cirucit and l2vpn in terms of
> Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.
>
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Phil Bedard 
Like someone else said, l2circuit is a Martini-style pw where you need  
to specify the remote end of the pw as a targeted ldp session  
"protocols l2circuit".  There is no dynamic control protocol for the  
setup/teardown of those sessions.   l2vpn is the Kompella-style which  
uses MP-BGP as the control protocol for the setup of those sessions.


There is no direct replacement for L2TPv3 pw on the Juniper platform,  
since it doesn't support L2TPv3; it must run over MPLS.   You can do  
MPLS over a GRE tunnel if you want to go over an IP network in the  
middle.


Phil


On Jan 8, 2009, at 12:50 PM, Andrew Jimmy wrote:


What are the major differences between l2cirucit and l2vpn in terms of
Juniper JUNOS. Which is best in replacing Cisco L2TPv3 pseudo-wr.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Christopher E. Brown 

David Ball wrote:

  I've found better vendor interop using l2circuit, as someone else on
the list mentioned, and have had them working between JNPR, Foundry,
Cisco, and even lower-end MRV switches.  I find the configuration of
L2circuits simpler in JUNOS as well.  However, if better traffic eng
is what you need, the comments made by others in this thread are very
pertinent as well.

  If you're talking multipoint and using VPLS, BGP-signalled VPLS is
nice in JUNOS because of the autodiscovery, whereas LDP-signalled VPLS
requires that you visit every PE that a given VPLS customer touches if
you add 1 more site on a new PE (although vendors like Foundry are
adding some kind of autodiscovery to account for this I
think...perhaps Juniper will too).  Also, likely better vendor interop
here too, with LDP-signalled.

My $0.02
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



The fun question...


Is there a way to accept many l2circuits and switch traffic between them 
in a VPLS like fashion without burning many physical interfaces?



Example, 15 remotes running l2 circuits from a vlan subint on the remote 
to a central , that runs a switching instance between 
all the l2circuits within the group _without_ an actual physical 
interface on the central box to terminate each l2circuit.



Think poor mans VPLS, where many remotes are available, but only support 
EoMPLS/l2circuit and not true VPLS.


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] VPDN equivalent on juniper

2009-01-08 Thread Truman Boyes 
VPDN terminology in Cisco really equates to a concept rather than a  
technology. The tunneling technology is L2TP or L2F. If you are  
looking to offer IP termination of DSL lines, then you likely want to  
use L2TP and be the "LNS" while the wholesaling provider will maintain  
the LAC. The JUNOSe documentation in the BRAS section will fill in  
some details on how this works.


Basically, you can terminate the users into specific VPN contexts  
(virtual-routers or VRFS) by associating RADIUS VSAs of the  
appropriate routing context against the usernames.


You can also terminate L2TP subscribers on JUNOS platforms (acting as  
LNS).


Truman



On 8/01/2009, at 11:39 AM, Matthias Gelbhardt wrote:


Hi!

We would like to offer DSL lines to our customers and have a  
provider of these lines on hand. They use a VPDN over a L2TP tunnel  
for the DSL lines. I was searching which is the equivalent of VPDN  
on the juniper side, as there examples are all cisco examples.


Regards,

Matthias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] multiple lsp between 2 router

2009-01-08 Thread Truman Boyes 

Hi there,

Let's assume you have a 100Mbps link and you plan to carry gold,  
silver and bronze traffic. These types of traffic will likely have  
different markings (either DSCP or some behavior aggregate  
classifier). You can apply a policer based on these dcsp markings, etc.


Additionally, you can apply a policer to an individual LSP (to limit  
it to 20Mbps for example). There are benefits and drawbacks to doing  
this. For example, if you wanted to have bronze traffic be able to use  
all of the 100Mbps if the other traffic classes were not transmitting,  
you would not be able to do this if you were hard policing of a  
particular rate.


You also bring up another point. Getting different CoS to take a  
particular path. You need to look at Class Based Forwarding to make  
this happen, otherwise assuming the LSP1, LSP2, and LSP3 are all  
between the same PE, the traffic will just pick some LSP and ride  
across it. In order to provide the mapping of a forwarding class to a  
particular LSP, a forwarding table policy will need to be installed.


Kind regards,
Truman Boyes



On 8/01/2009, at 12:26 AM, The Drifter wrote:



On top of this is it possible to assign b/w onto each LSP? For  
example on a 100mbps link


1. 20mbps on LSP1 mapped to COS Gold
2. 30mbps on LSP2 mapped to COS Silver
3. 50mbps on LSP3 mapped to COS bronze

Thanks,
Jimmy> From: jeff.richm...@frontiercorp.com> To: s...@clarke-3.demon.nl 
; faizal...@gmail.com> Date: Wed, 7 Jan 2009 09:01:57 -0500> CC: juniper-nsp@puck.nether.net 
> Subject: Re: [j-nsp] multiple lsp between 2 router> > To confirm  
what Sean says, it does work just like this. I have a number of  
places that have multiple LSPs that load balance, and I have others  
that have multiple LSPs that I bypass load balancing with policies  
for various reasons (for example, to test different path latencies,  
etc.).> > -Jeff> > > > From: juniper-nsp-boun...@puck.nether.net 
 [juniper-nsp-boun...@puck.nether.net] On Behalf Of Sean Clarke [s...@clarke-3.demon.nl 
]> Sent: Tuesday, January 06, 2009 9:14 PM> To: Faizal Rachman> Cc: juniper-nsp@puck.nether.net 
> Subject: Re: [j-nsp] multiple lsp between 2 router> > Faizal  
Rachman wrote:> > Hi All,> > Did anywone know how to config 2 lsp in  
2 back-to-back routers while> > implementing mpls loadbalancing?> >  
Thank you.> >> > Faizal R> >  
___> > juniper-nsp  
mailing list juniper-nsp@puck.nether.net> > https://puck.nether.net/mailman/listinfo/juniper-nsp 
> >> >> >> You can configure as many RSVP signalled LSP's as you  
like.> > Configure per-packet load balancing, and it should just  
work.> > # show routing-options forwarding-table> export lbpp;> > #  
show policy-options policy-statement lbpp> then {> load-balance per- 
packet;> }> > > # show protocols mpls> label-switched-path LSP-1 {>  
to 2.2.2.2;> }> label-switched-path LSP-2 {> to 2.2.2.2;> }> > > > >  
cheers> Sean> > ___>  
juniper-nsp mailing list juniper-nsp@puck.nether.net> https://puck.nether.net/mailman/listinfo/juniper-nsp 
> ___> juniper-nsp  
mailing list juniper-nsp@puck.nether.net> https://puck.nether.net/mailman/listinfo/juniper-nsp

_
More than messages–check out the rest of the Windows Live™.
http://www.microsoft.com/windows/windowslive/
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] l2circuit or l2vpn

2009-01-08 Thread Phil Bedard 

On Jan 8, 2009, at 4:14 PM, Christopher E. Brown wrote:


David Ball wrote:

 I've found better vendor interop using l2circuit, as someone else on
the list mentioned, and have had them working between JNPR, Foundry,
Cisco, and even lower-end MRV switches.  I find the configuration of
L2circuits simpler in JUNOS as well.  However, if better traffic eng
is what you need, the comments made by others in this thread are very
pertinent as well.
 If you're talking multipoint and using VPLS, BGP-signalled VPLS is
nice in JUNOS because of the autodiscovery, whereas LDP-signalled  
VPLS
requires that you visit every PE that a given VPLS customer touches  
if

you add 1 more site on a new PE (although vendors like Foundry are
adding some kind of autodiscovery to account for this I
think...perhaps Juniper will too).  Also, likely better vendor  
interop

here too, with LDP-signalled.
My $0.02
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



The fun question...


Is there a way to accept many l2circuits and switch traffic between  
them in a VPLS like fashion without burning many physical interfaces?



Example, 15 remotes running l2 circuits from a vlan subint on the  
remote to a central , that runs a switching  
instance between all the l2circuits within the group _without_ an  
actual physical interface on the central box to terminate each  
l2circuit.



Think poor mans VPLS, where many remotes are available, but only  
support EoMPLS/l2circuit and not true VPLS.






If the aggregation side supports LDP-based VPLS the end node doesn't  
necessarily need to know it's VPLS.  I know vendor "A" supports doing  
this on their larger agg side devices that support VPLS.  They use an  
internal "connector" mechanism to tie an Eth PW service into a VPLS  
service.  This allows multipoint connectivity for the spokes, where  
MAC learning is done on the hub and the spokes just blindly send  
traffic out.   You might be able to do something similar with Vendor C  
and the more advanced linecards, since they support connecting a  
virtual switch interface to a remote site via EoMPLS.  Not sure if you  
can connect that to multiple sites though.  The same thing may be  
doable on the MX960 but I've only seen mention of tying a VPLS  
instance to a bridge-domain, not a l2circuit.


Otherwise you are stuck doing the cable out and back in type of trick,  
which should work on the MX960, would probably only require two ports,  
given the ability for the device to bridge vlans together or rewrite  
vlan-ids.


Phil


Phil







___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] What SW are you running on M boxes

2009-01-08 Thread Robert Kern 
Hi all,

I would just like to gather info what Junos versions are you running in the
production network. Especially interested in SP network and M320 boxes.

Thanks,

Robert
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp