Re: [j-nsp] MX80 bridge-domain QinQ question
On Wed, Sep 19, 2012 at 4:07 PM, Doug Hanks wrote:
> Use a SP-style IFL using 802.1ad for telco. Use a SP-style IFL using
> 802.1q for the EX4200. The BD will automatically pop and push tags for
> you.
Could you give an example? I searched high and low in the KB and
elsewhere. What I am doing now is below. The physical interfaces
obviously have many other things connected and are setup with
flexible-vlan-tagging and encap flexible-ethernet-services.
interface ge-1/1/8.14281 {
description "customer office via telco network";
encapsulation vlan-bridge;
vlan-tags outer 1428 inner 423;
family bridge;
}
interface xe-0/0/3.423 {
description "customer servers via EX4200";
encapsulation vlan-bridge;
vlan-id 423;
family bridge;
}
bridge-domain vl423 {
interface ge-1/1/8.14281;
interface xe-0/0/3.423;
}
The above configuration works. Unfortunately, I must duplicate the
above stanzas for each CVLAN. If I try to use vlan-id-list [ 423 424
] on the EX4200-facing port, the IFL sees 0 packets. For example:
interface xe-0/0/3.423 {
description "customer servers via EX4200";
encapsulation vlan-bridge;
vlan-id-list [ 423 424 ];
family bridge;
}
That commits but xe-0/0/3.423 never sees any packets arrive, and the
BD never learns any MACs from it. Certainly it doesn't work as I
thought it might.
Using interface-mode trunk and configuring a vlan-id-list in the BD is
not possible, as far as I can understand, because I can't work out how
to configure the telco-facing IFL to push/pop as needed to get the
outer-tag on it. It seems I can't use input/output-vlan-mapping in
concert with a BD configured with a vlan-id-list in order to utilize
mode trunk.
Thanks
--
Jeff S Wheeler
Sr Network Operator / Innovative Network Concepts
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] MX80 bridge-domain QinQ question
Use a SP-style IFL using 802.1ad for telco. Use a SP-style IFL using 802.1q for the EX4200. The BD will automatically pop and push tags for you. Does that help? On 9/19/12 1:00 PM, "Jeff Wheeler" wrote: >Dear List, > >I am having trouble figuring out how to configure a bridge-domain setup >for >customer traffic with QinQ outer-tags on some interfaces, but not all. My >topology is as follows: > >CE---telco network---MX80---EX4200---CE > >In this case, the vlans between MX80 and EX4200 are single-tagged; but an >outer-tag must be pushed toward the telco to direct them to the customer >site. This is possible by creating a distinct bridge-domain, and logical >interfaces, per each CVLAN. However, it will not work with vlan-id-lists >or similar, which may allow me to avoid all that extra config per CVLAN. > Various restrictions on when input/output-vlan-map can be used, etc. >prevent me from configuring it. > >Obviously the savvy thing to do is simply push an outer tag using the >EX4200, which then may be swapped as needed; but is it possible to >configure this as I want, without distinct bridge-domain and logical units >per each CVLAN? The restriction against doing push/pop operations on >outer >tags when vlan-id-list is in use seem to be stopping me. FYI I have tried >on 10.4 and 11.4 boxes, so I do have interface-mode trunk; but it is >unhelpful given the push/pop limits. > >Thanks >-- >Jeff S Wheeler >Sr Network Operator / Innovative Network Concepts >___ >juniper-nsp mailing list juniper-nsp@puck.nether.net >https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] MX80 bridge-domain QinQ question
Dear List, I am having trouble figuring out how to configure a bridge-domain setup for customer traffic with QinQ outer-tags on some interfaces, but not all. My topology is as follows: CE---telco network---MX80---EX4200---CE In this case, the vlans between MX80 and EX4200 are single-tagged; but an outer-tag must be pushed toward the telco to direct them to the customer site. This is possible by creating a distinct bridge-domain, and logical interfaces, per each CVLAN. However, it will not work with vlan-id-lists or similar, which may allow me to avoid all that extra config per CVLAN. Various restrictions on when input/output-vlan-map can be used, etc. prevent me from configuring it. Obviously the savvy thing to do is simply push an outer tag using the EX4200, which then may be swapped as needed; but is it possible to configure this as I want, without distinct bridge-domain and logical units per each CVLAN? The restriction against doing push/pop operations on outer tags when vlan-id-list is in use seem to be stopping me. FYI I have tried on 10.4 and 11.4 boxes, so I do have interface-mode trunk; but it is unhelpful given the push/pop limits. Thanks -- Jeff S Wheeler Sr Network Operator / Innovative Network Concepts ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] OSPF cost : change traffic path
Metric the interface under the: config > protocols > ospf > area x.x.x.x > interface fe-x/x/x.x section. Add a metric of 10 for example to your backup interface and it'll take effect without interrupting traffic (Ofc, do it both sides of the link). --Lee On 19/09/2012 18:46, Rachid DHOU wrote: Hello Experts, We have 4 routers : A,B,C and D. A and B are M7i C and D are M10i A connected to C , FE ==> Link 1 B connected to D, FE ==> Link 2 *OSPF and BFD* are runing in each link. but we made a high cost in link 2 (same area). The goal is that link doesn't forwoard traffic. For your opinion what is the best way to switch traffic from link 1 to Link 2. (i mean best way : the small dowtime and easy operation ) 1) In OSPF configuration Reduce cost on Link 2 2) Disable interface on Router A Don't forget BFD is runing on both links. Thanks for all your feedbacks. Kind regards, Rachid DHOU ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] OSPF cost : change traffic path
Could just add a metric to the interface you don't want passing traffic? That should take into immediate effect.. Morgan On Wed, Sep 19, 2012 at 10:46 AM, Rachid DHOU wrote: > Hello Experts, > > We have 4 routers : A,B,C and D. > > A and B are M7i > C and D are M10i > > A connected to C , FE ==> Link 1 > B connected to D, FE ==> Link 2 > > *OSPF and BFD* are runing in each link. but we made a high cost in link 2 > (same area). The goal is that link doesn't forwoard traffic. > > For your opinion what is the best way to switch traffic from link 1 to Link > 2. (i mean best way : the small dowtime and easy operation ) > > 1) In OSPF configuration Reduce cost on Link 2 > 2) Disable interface on Router A > > > Don't forget BFD is runing on both links. > > Thanks for all your feedbacks. > > > Kind regards, > Rachid DHOU > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] OSPF cost : change traffic path
Hello Experts, We have 4 routers : A,B,C and D. A and B are M7i C and D are M10i A connected to C , FE ==> Link 1 B connected to D, FE ==> Link 2 *OSPF and BFD* are runing in each link. but we made a high cost in link 2 (same area). The goal is that link doesn't forwoard traffic. For your opinion what is the best way to switch traffic from link 1 to Link 2. (i mean best way : the small dowtime and easy operation ) 1) In OSPF configuration Reduce cost on Link 2 2) Disable interface on Router A Don't forget BFD is runing on both links. Thanks for all your feedbacks. Kind regards, Rachid DHOU ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] filter
Hi all I have the below setup I have a server connected via two interfaces to my router (mx480 acting as a core) And i have an uplink connected to another router (border) The issue am facing is that the outgoing traffic passed through the LAN interface of the server and then go to the border via a filter Now , the incoming traffic should go to the WAN interface when coming back but it does not as the interface on the router is irb interface and acting as the gateway for all customers Now the returned traffic is not going to the server because the router will go through the direct interface for sure as the returned traffic prefer the direct over the routing instance configured Any ideas to force the traffic to go to the server even if the irb is directly connected on the same router? Thanks BR, Mohammad ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
