from:"Colby Barth"

Re: [j-nsp] Avoid transit LSPs

2019-01-24 Thread Colby Barth

Luis-

You could probably set the overload bit.

-Colby

On 1/24/19, 1:10 PM, "juniper-nsp on behalf of Dave Bell" 
 wrote:

I'm not aware of any option that will do this.

The three solutions that I can think of are:
Link colouring like Adam suggests
An explicit path that avoids the interfaces you are worried about
Set the RSVP cost for the interfaces really high

Dave

On Thu, 24 Jan 2019 at 17:01, Luis Balbinot  wrote:

> It's a permanent thing.
>
> These boxes are PE routers that are not supposed to handle transit
> traffic but during certain network events a few FRR bypass LSPs are
> established through them because that's the only remaining path.
>
> Something easier like a "no-eligible-backup" toggle like the one we
> have with OSPF LFA would be nice.
>
> Luis
>
> On Thu, Jan 24, 2019 at 2:53 PM  wrote:
> >
> > > Luis Balbinot
> > > Sent: Thursday, January 24, 2019 4:45 PM
> > >
> > > Hi.
> > >
> > > How could I prevent a device from getting transit RSVP LSPs being
> > > established through it? I only want it to accept ingress LSPs destined
> to
> > that
> > > box.
> > >
> > If this is a permanent thing,
> > You could create a colouring scheme where all links connected to this
> node
> > have to be avoided by all LSPs with the exception of LSPs terminated on
> this
> > node (or originated by this node).
> >
> > If this is a maintenance thing,
> > There's a command that can be enabled to drain all transit LSPs out the
> box.
> > But, all the LSPs would need to be configured with this capability in 
the
> > first place.
> >
> >
> > adam
> >
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> 
https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_juniper-2Dnsp=DwICAg=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI=3lVLtwWQROCdl4DSF6Gy-pAupMaX1AvOyICNqk7ML5U=xjETS_MpBQ5yJFgNOTwIgxvck93EOjA7sbBBzWEr7sE=fIjs_f4CA6mUSiUhoRhAYrV4mmOT5lDwryzIvSgr-KU=
>
___
juniper-nsp mailing list juniper-nsp@puck.nether.net

https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_juniper-2Dnsp=DwICAg=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI=3lVLtwWQROCdl4DSF6Gy-pAupMaX1AvOyICNqk7ML5U=xjETS_MpBQ5yJFgNOTwIgxvck93EOjA7sbBBzWEr7sE=fIjs_f4CA6mUSiUhoRhAYrV4mmOT5lDwryzIvSgr-KU=


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Use cases for IntServ in MPLS backbones

2018-10-01 Thread Colby Barth

Adam-

There are a couple of clever Diffserv-TE (what your calling IntServ) 
deployments out there.  Both RDM & MAM are deployed.  Truthfully, they are 
pretty quiet, mainly, because the upfront planning that is required to go into 
them and the relative lack of variations in the deployments.  Diffserv-TE 
offers some interesting per class/sub-pool BW protection options that other 
deployments(see below) may not. Multi-class LSPs are also possible.

What is much more commonly deployed is what I would refer to as Class-Based 
Forwarding.  Your still combing COS based forwarding policies (like 
Diffserv-TE), in the data-plane, with LSP BW reservations in the control-plane 
but without the sub-pool BW reservations and relatively complicated BW sharing 
models offered by RDM or MAM.

Both have their place depending on your specific service requirements.

Hth,

-Colby


On 10/1/18, 6:45 AM, "juniper-nsp on behalf of adamv0...@netconsultings.com" 
 
wrote:

Hi folks,

Another pooling question from me, 
This time I'm interested on what are your thoughts on DiffServ vs IntServ in
MPLS backbones and what use cases for IntServ can you think of please.
So what I have in mind specifically is RSVP-TE in combination with DiffServ
(standard QoS) vs IntServ  (in all its glory i.e. BW pools and sub-pools,
allocation models RDM/MAM, etc..). 



adam


netconsultings.com
::carrier-class solutions for the telecommunications industry::


___
juniper-nsp mailing list juniper-nsp@puck.nether.net

https://urldefense.proofpoint.com/v2/url?u=https-3A__puck.nether.net_mailman_listinfo_juniper-2Dnsp=DwICAg=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI=3lVLtwWQROCdl4DSF6Gy-pAupMaX1AvOyICNqk7ML5U=3QGSTryRPkSQi9gbZ4EEoEZq15OCtNIEr95BxH8E4Io=L1GMCwDLD4n9VecEVDCtJmZnunojow1JU1KeHEnFPwo=


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Mixed Cisco/Juniper MPLS network

2013-08-14 Thread Colby Barth

In my experience, I have seen used the knob to only allocate labels for host 
routes or use a prefix-list match that covers ALL your nodes loopback addresses 
so that the prefix-list does not have to be constantly touched.
 router# configure terminal
 router(config)# mpls ldp label
 router(config-ldp-lbl)# allocate global host-routes
-Colby

On Aug 14, 2013, at 11:37 AM, Eric Van Tol e...@atlantech.net wrote:

 Hi all,
 We've had MPLS running on our network for years using JUNOS and until only 
 very recently, we haven't had to deal with any of our Cisco equipment needing 
 MPLS.  That changed when we started purchasing ME3600X switches so we could 
 provide VPN services in our metro fiber rings.
 
 I'm trying to wrap my head around how other people handle the label filtering 
 in Cisco-world.  As you know, JUNOS will only advertise a label for the local 
 loopback, but IOS will advertise anything it has a destination to.  Because 
 of this, we've had to implement label filtering on the Cisco switches.  While 
 this works, it seems kind of cumbersome, especially when we need to add a new 
 MPLS-capable device to the network, a prefix-list has to be updated.  If a 
 non-MPLS device is added, another prefix-list has to be updated.  
 
 Is this the normal way of doing things, or is there something I am missing?  
 I suppose we could assign a certain range of addresses out of our loopback 
 subnet to be used solely for non-MPLS devices, but what happens when one day 
 we need to add MPLS capabilities via a license or an entire hardware 
 replacement?
 
 Any ideas or clue-bats upside the head would be appreciated.
 
 THanks,
 evt
 
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 
 



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] BGP RR for Labeled Unicast Family

2013-02-16 Thread Colby Barth

You need to tell BGP to use rib inet.3 for the LU prefixes. 

Set protocols bgp family inet label-unicast rib inet.3 

... Or something like that. 

Hope that helps. 

-Colby 

Sent from my iPhone

On Feb 16, 2013, at 4:06 PM, Farhat Abbasse ab_ferha...@hotmail.co.uk wrote:

 
 
 
 HI Community,
 
 
 I wonder if anyone has already tried to configure RR for labeled Unicast 
 family ?
 I have configured the BGP RR for both families inet-vpn and  labeled-unicast 
 on the same router, the RR for the inet-vpn worked perfectly, however for 
 Labeled Unicast family it did not work.   
 
 Below are the topology and the Configurations that I have done:
 
 
 
 
   ---
   | RR  |
 //---\\ 
//   \\
   ---    
   | R1  | | R2   |
   ---  
 
 
 
 RR Router:
 
 group LU_M-iBGP {
type internal;
local-address 10.200.240.1;
family inet {
labeled-unicast 
}
 
family inet-vpn {
unicast;
}
export Export-Loopback;
cluster 10.200.240.1;
neighbor 10.200.240.2;
neighbor 10.200.240.11;
 }
 
 policy-options policy-statement Export-Loopback 
 term Loopback {
from interface lo0.0;
then accept;
 }
 
 
 
 R1:
 admin@R1# show protocols bgp 
 group LU_M-iBGP {
type internal;
local-address 10.200.240.2;
family inet {
labeled-unicast 
}
 
family inet-vpn {
unicast;
}
 
export Export-Loopback;
neighbor 10.200.240.1;
 
 }
 
 admin@R1# show policy-options policy-statement Export-Loopback 
 term Loopback {
from interface lo0.0;
then accept;
 }
 
 
 R2:
 
 admin@R2# show protocols bgp 
 group LU_M-iBGP {
type internal;
local-address 10.200.240.11;
family inet {
labeled-unicast 
}
 
family inet-vpn {
unicast;
}
 
export Export-Loopback;
neighbor 10.200.240.1;
 
 }
 
 admin@R2# show policy-options policy-statement Export-Loopback 
 term Loopback {
from interface lo0.0;
then accept;
 }
 
 
 I do not know if Labeled unicast family do support Route-Reflector ?
 
 Thanks in advance for your Support.
 
 BR/
 Farhat
   
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Traffic balancing over LSPs

2013-01-18 Thread Colby Barth

The dest prefix needs to resolve over the LSP.  IGP short-cuts is an easy way 
to make that happen and should work for you but I see you tried that already 
and had some issue.  I would suggest trying to understand why igp shortcuts 
breaks something else.  

You can also use a rib-group on the LSP head-end to populate inet3 as needed.

-cb

On Jan 18, 2013, at 10:11 AM, James Ashton wrote:

 All, Just to clarify a few things,
 
 The destination is not in inet.3.  I do not have a direct LSP to the 
 destination and cannot create one (The destination doesn't support MPLS nor 
 does it support BGP)
 
 
 
 The show route output is:
 jashton@cr01-re0 show route xx.xxx.xx.x/24
 
 inet.0: 448173 destinations, 3298320 routes (445123 active, 39 holddown, 
 465440 hidden)
 @ = Routing Use Only, # = Forwarding Use Only
 + = Active Route, - = Last Active, * = Both
 
 xx.xxx.xx.x/24 *[OSPF/150] 1d 12:35:24, metric 20, tag 0
 to xx.xxx.xx.x via xe-4/2/0.0
[BGP/170] 01:03:59, localpref 100, from xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-5/2/0.0
[BGP/170] 6d 19:17:07, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via ae3.0
[BGP/170] 6d 18:57:09, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via ae2.0
[BGP/170] 6d 19:03:11, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via ae2.0
[BGP/170] 6d 19:02:45, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via ae2.0
[BGP/170] 6d 19:18:02, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-4/2/0.0
[BGP/170] 6d 17:40:10, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-5/2/0.0
[BGP/170] 2d 13:54:44, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via ae6.0
[BGP/170] 6d 19:20:12, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-4/2/0.0
[BGP/170] 6d 17:31:28, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-5/2/0.0
[BGP/170] 6d 17:40:12, MED 20, localpref 100, from 
 xx.xxx.xx.x
  AS path: I
 to xx.xxx.xx.x via xe-5/2/0.0
 
 inet.3: 1232 destinations, 1248 routes (9 active, 0 holddown, 1232 hidden)
 
 - Original Message -
 From: Colby Barth cba...@juniper.net
 To: James Ashton ja...@gitflorida.com
 Sent: Friday, January 18, 2013 9:31:51 AM
 Subject: Re: [j-nsp] Traffic balancing over LSPs
 
 James-
 
 Could you possibly send the output of 'show route x.x.x.x/y' for one of the 
 destinations that you think should resolve over the LSP?
 
 I suspect that this destinations are not in inet3 for some reason.
 
 -Colby
 
 On Jan 18, 2013, at 8:49 AM, Phil Bedard wrote:
 
 Is it all one OSPF area or is the CMTS in an area other than 0? If the
 MX480 is an ABR you can restrict the OSPF routes and originate them on
 the MX480 as BGP instead using aggregate statements.
 
 Phil From: James Ashton
 Sent: 1/17/2013 11:07
 To: juniper-nsp@puck.nether.net
 Subject: [j-nsp] Traffic balancing over LSPs
 I have an interesting situation that has me stumped for the moment.
 
 I have an OSPF speaking device (ARRIS CMTS) hanging off from an EX Switch.
 That switch is uplinked to an MX480 which is part of the network core.
 It has several paths into it from rest of the network.
 From several major traffic centers in the network I have 3 LSPs
 created to the MX480.
 I am running mpls traffic-engineering mpls-forwarding throughout the 
 network.
 
 As the end users hanging off the CMTS are advertised onto the network
 via OSPF, and I cannot terminate LSPs on the CMTS, the traffic to
 these users is not being forwarded over the LSPs.
 I have tested enabling ospf traffic-engineering shortcuts but that
 is breaking several paths in the network to legacy areas with odd
 configs.
 
 My question is basically, how can I get this traffic into these LSPs
 in way that is more manageable at scale than a pile of static routes.
 
 
 I hope the above is clear,  I am low on Caffeine at the moment.
 
 Thank you in  advance for any help/ideas.
 
 James
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 
 
 
 



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] 6pe between Cisco and Juniper

2012-09-03 Thread Colby Barth

Mihai-

Based on the error message: 

peer: inet-unicast inet6-unicast inet6-labeled-unicast(273) us:
inet-unicast inet6-labeled-unicast(257)

You need to enable the unicast address family under ipv6

set protocols bgp group test family inet6 unicast

-cb

On Sep 3, 2012, at 11:04 AM, Mihai Gabriel wrote:

 Hello,
 Did any of you manage to  configure a bgp session between Cisco and Juniper
 using family inet6 labeled-unicast on Juniper? I am trying to configure 6PE
 but the bgp session does not come up because Juniper does not send
 ipv6-unicast capabity to Cisco
 
 Juniper config:
 
 group test {
 type internal;
 local-address 10.10.10.10;
 import pol-reject-any;
 family inet {
unicast;
 }
 family inet6 {
labeled-unicast {
explicit-null;
}
 }
 export pol-reject-any;
 neighbor 10.10.10.20;
 
 Cisco config:
 
 neighbor test peer-group
 neighbor test remote-as 65500
 neighbor test update-group loopback0
 
 address-family ipv4
 neighbor test send-community
 neighbor test send-label
 neighbor 10.10.10.10 activate
 
 address-family ipv6
 neighbor test send-community
 neighbor test send-label
 neighbor 10.10.10.10 activate
 
 
 and the error:
 
 Sep  3 17:33:31  juniper rpd[2115]: bgp_process_caps: mismatch NLRI with
 10.10.10.20 (Internal AS 65500):
 peer: inet-unicast inet6-unicast inet6-labeled-unicast(273) us:
 inet-unicast inet6-labeled-unicast(257)
 
 Any advice?
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Cisco IGP fast convergence

2012-05-29 Thread Colby Barth

All-

JUNOS has a few config options and we have interop'd in the field for sometime 
with Cisco's IGP FC config's:

SPF IW value defaults:

  IOS-XR default: IW: 50ms, 2ndaryW: 200ms, MaxW: 5000ms
  JUNOS defaults: IW: 200ms, MaxW: 5000ms, RRs: 3
The Cisco alg. is an exponentially increasing timer, whereas ours is not.  As 
an example, if a router receives a new LSP at time 0, Cisco will run a full SPF 
50ms later.  If a 2nd LSP is rx'd, the router will not run another SPF 
computation for a minimum of 200ms.  If a 3rd LSP is rx'd then the next SPF IW 
timer is 400 msec and so on and so forth until the maximum wait achieved.
In the JUNOS implementation, we will run consecutive full SPFs on 200 ms 
intervals 3 times and then we wait the holddown interval before we run another 
full SPF.  Forcing the implementations to approach one another requires config 
on both sides.  The end result is you really want to tune the IW values to 
match, reduce the IOS-XR secondary wait timer and reduce both the JUNOS and 
IOS-XR holddown timers to approach SPF alignment.
JUNSO config:
spf-options {
delay 50;
holdtime 3000;
rapid-runs 3;
}

IOS-XR SPF configuration:
  spf-interval initial-wait 50 secondary-wait 100 maximum-wait 3200 level 2

I don't agree that you want the SPF IW to = 0.  In the case of SRLG's in the 
network you may want to have a bit of delay in there to try and capture all the 
incoming LSPs before running an SPF.  This is a personal preference and network 
dependent but would be my recommendation.  Your also gonna want to change the 
IOS-XR lsp generation timers.

IOS-XR SPF configuration
  spf-interval initial-wait 50 secondary-wait 100 maximum-wait 3200 level 2

This will align JUNOS and IOS-XR in that regard.

There are also changes recommended for cnsp intervals, LSP generation intervals 
 lsp intervals that require changes (mostly in IOS-XR) that you should 
consider.  Unicast me if you are interested in a thorough explanation and JUNOS 
and IOS-XR config's.

thanks,

-Colby


On May 29, 2012, at 2:38 PM, Saku Ytti wrote:

On (2012-05-29 07:08 -0700), Doug Hanks wrote:

Or just use BFD ...

Not really solution for SPF timers though. Juniper is clearly lacking in
SPF configuration options. What you operationally want is 0 delay for SPF
calculation to start, to cover typical event of single link going down as
rapidly as possible. (Sure for some topologies LFA will cover that)
But if LSPs keep coming in, you want to exponentially back-off, to run SPF
less and less frequently.

Same thing as interface up/down dampening, here also JunOS has just static
values, no exponential back-off.

Both cause you to choose rather conservative value in JunOS, while in IOS
you can rock aggressive values.

--
 ++ytti
___
juniper-nsp mailing list 
juniper-nsp@puck.nether.netmailto:juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Avoid transit LSPs

Re: [j-nsp] Use cases for IntServ in MPLS backbones

Re: [j-nsp] Mixed Cisco/Juniper MPLS network

Re: [j-nsp] BGP RR for Labeled Unicast Family

Re: [j-nsp] Traffic balancing over LSPs

Re: [j-nsp] 6pe between Cisco and Juniper

Re: [j-nsp] Cisco IGP fast convergence

7 matches

Site Navigation

Mail list logo

Footer information