[j-nsp] jdhcpd policer
Does anyone know what is the __jdhcpd_v4_count__ policer and what are the default values? I configured dhcp relay on an MX router and I see the policer counters increasing with an almost constant value of 4pps. Thanks, Mihai ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] ng-mvpn problem
Hello, You are always right :) Everything works as expected now. Thanks, Mihai On Wed, Oct 23, 2013 at 2:04 AM, Antonio Sanchez-Monge amo...@juniper.netwrote: Agreed, that should do the trick too :) On 10/23/13 1:01 AM, Stacy W. Smith st...@acm.org wrote: Agreed. The lt-1/1/10.770 interface which is in VRF mvpn on logical-system x must have PIM enabled (or multicast forwarding enabled). If running PIM, it must be the DR. I wasn't suggesting disabling PIM on the lt-1/1/10.770 interface which is in VRF mvpn on logical-system x, just disabling PIM on the remote end of the a-x link (in logical-system a). --Stacy On Oct 22, 2013, at 4:49 PM, Antonio Sanchez-Monge amo...@juniper.net wrote: You need PIM in the interface towards the source IMHO On 10/23/13 12:47 AM, Stacy W. Smith st...@acm.org wrote: Yes, that would also work, but since logical-system a is really just emulating a multicast source, there's really no need for it to run PIM. A typical multicast source would not be running PIM. --Stacy On Oct 22, 2013, at 4:44 PM, Antonio Sanchez-Monge amo...@juniper.net wrote: Solution would be setting a higher PIM priority in lt-1/1/10.770, so that it becomes the DR On 10/23/13 12:40 AM, Antonio Sanchez-Monge amo...@juniper.net wrote: That's a brilliant analysis Stacy, I think you nailed it (awaiting Mihai's confirmation). On 10/22/13 11:59 PM, Stacy W. Smith st...@acm.org wrote: On Oct 22, 2013, at 2:44 PM, Mihai mihaigabr...@gmail.com wrote: Removing PIM fromlt-1/1/10.770 is not a solution because the PE will not learn about the source and the multicast group. Actually, removing lt-1/1/10.770 from PIM would allow the source and multicast group to be learned, and fix the problem (as long as multicast routing was still enabled on the lt-1/1/10.770 interface). The problem is that there's a PIM neighbor relationship between a and x. Because of your IP addressing, a is the DR for the a-x LAN. Because you are injecting traffic with ping and bypass-routing interface lt-1/1/10.771 logical-system a is NOT the first-hop router. It's simply acting as a multicast source that's pumping traffic with destination IP 225.10.10.10 out the lt-1/1/10.771 interface. Logical-system x instance mvpn receives this traffic on lt-1/1/10.770 and does not forward it because it is not the DR. Therefore, the logical-system x instance mvpn doesn't learn about the active (S,G). Another way to solve this problem is disabling PIM on logical-system a. This will make lt-1/1/10.770 on logical-system x instance mvpn the DR, and cause it to learn about the active S,G (and therefore generate the NG-MVPN Type 5 route). I have mocked up your configuration in the lab and confirmed that removing PIM from logical-system a fixes the issue. --Stacy ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] ng-mvpn problem
Hello,
I have a basic setup with 2 PE's (X and Z) , one multicast source attached
to X and one receiver attached to Z.
I configured a NG-MVPN with rsvp-te between PE's but X doesn't send SA
autodiscovery to Z so the traffic is dropped.
x show configuration routing-instances
mvpn {
instance-type vrf;
interface lt-1/1/10.770;
interface lo0.777;
route-distinguisher 1:1;
provider-tunnel {
rsvp-te {
label-switched-path-template {
default-template;
}
}
}
vrf-target target:1:1;
vrf-table-label;
protocols {
pim {
rp {
local {
address 20.20.20.111;
}
}
interface all;
}
mvpn;
}
}
z show configuration routing-instances
mvpn {
instance-type vrf;
interface lt-1/1/10.772;
route-distinguisher 1:2;
provider-tunnel {
rsvp-te {
label-switched-path-template {
default-template;
}
}
}
vrf-target target:1:1;
vrf-table-label;
protocols {
pim {
interface all;
}
mvpn;
}
}
x show multicast route instance mvpn extensive
Instance: mvpn Family: INET
Group: 239.1.1.1
Source: 10.100.1.2/32
Upstream interface: lt-1/1/10.770
Session description: Organisational Local Scope
Statistics: 10 kBps, 10 pps, 1291 packets
Next-hop ID: 0
Upstream protocol: PIM
Route state: Active
Forwarding state: Pruned
Cache lifetime/timeout: 360 seconds
Wrong incoming interface notifications: 0
Uptime: 00:10:37
Instance: mvpn Family: INET6
x show route receive-protocol bgp 20.20.20.2 table mvpn.mvpn.0
mvpn.mvpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Prefix Nexthop MED LclprefAS path
1:1:2:20.20.20.2/240
* 20.20.20.2 100I
z show route receive-protocol bgp 20.20.20.1 table mvpn.mvpn.0
mvpn.mvpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Prefix Nexthop MED LclprefAS path
1:1:1:20.20.20.1/240
* 20.20.20.1 100I
x show mpls lsp p2mp
Ingress LSP: 1 sessions
P2MP name: 1:1:mvpn:mvpn, P2MP branch count: 1
To FromState Rt P ActivePath LSPname
20.20.20.2 20.20.20.1 Up 0 * 20.20.20.2:1
:1:mvpn:mvpn
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
P2MP name: 1:2:mvpn:mvpn, P2MP branch count: 1
To FromState Rt Style Labelin Labelout LSPname
20.20.20.1 20.20.20.2 Up 0 1 SE 16-
20.20.20.1:1:2:mvpn:mvpn
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Am i doing something wrong?
Thanks
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] IGMP problem
You should enable the sap protocol for the group you want to generate join
messages.
On Tue, Sep 10, 2013 at 2:18 PM, Vladislav Vasilev
vladislavavasi...@gmail.com wrote:
Robert,
Just noticed you actually have ip pim passive under the interface...
The ip igmp join-group in Cisco IOS generates IGMP joins (and PIM joins
upstream), and packets sent to the group address get sent up to the CPU
(the router would reply back to icmp-echo packets sent to the group address
- convenient for troubleshooting).
On the other hand, the ip igmp static-group in Cisco IOS generates IGMP
joins (and PIM joins upstream), but packets sent to the group address do
not get sent up to the CPU.
As Krasi said, in JunOS, you still have the PIM joins upstream, but no
IGMP joins are generated.
Regards,
Vladislav A. VASILEV
On 10 Sep 2013, at 11:24, Krasimir Avramski wrote:
Hello,
Actually this config generates PIM (*,G) joins upstream to RP.
I'm not aware of static igmp joins(generated) or igmp proxies support in
junos (excluding junosE) - though there is a feature that translates PIM
to IGMP/MLD
Krasi
On 10 September 2013 12:55, Vladislav Vasilev
vladislavavasi...@gmail.com wrote:
Hi Robert,
What you have below only adds the interface to the OIL for that group.
No IGMP joins are generated!
Regards,
Vladislav A. VASILEV
On 10 Sep 2013, at 07:51, Robert Hass wrote:
Hi
I would like to setup static IGMP joins between Cisco and Juniper.
But it's not working. Juniper is not sending IGMP Joins.
Same configuration Cisco + Cisco working without issues. Any clues ?
Interface configuration for Juniper at Cisco side:
interface GigabitEthernet1/1/1
description Juniper
no switchport
ip address 10.10.10.21 255.255.255.252
ip pim passive
!
Here is output of IGMP membership - none :(
cisco#sh ip igmp membership | include GigabitEthernet1/1/1
cisco#
Here is JunOS configuration:
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.10.22/30;
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.10.10.21;
}
}
protocols {
igmp {
interface ge-0/0/0.0 {
version 2;
static {
group 231.0.0.3;
group 231.0.0.4;
}
}
}
pim {
rp {
static {
address 10.10.10.255 {
version 2;
}
}
}
interface ge-0/0/0.0 {
mode sparse;
version 2;
}
join-load-balance;
}
}
Rob
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] data mdt is not created
Hello,
I use a simple topology to setup a Rosen 7 multicast vpn like this:
S1 - R1 (PE) - R3(P) - R5(PE)-Rec
The multicast traffic always stay on the default MDT even though the data
MDT is configured.
Am I doing something wrong?
r1# top show protocols bgp
group mvpn {
type internal;
local-address 172.27.255.1;
family inet-vpn {
unicast;
}
family inet-mdt {
signaling;
}
neighbor 172.27.255.5;
}
r1# top show routing-instances mvpn
instance-type vrf;
interface ge-1/1/5.360;
interface lo0.10;
route-distinguisher 1:1;
provider-tunnel {
pim-ssm {
group-address 232.2.2.2;
}
mdt {
threshold {
group 224.2.2.2/32 {
source 0.0.0.0/0 {
rate 10;
}
}
}
group-range 225.2.2.0/24;
}
}
vrf-target target:1:1;
vrf-table-label;
protocols {
pim {
vpn-tunnel-source 172.27.255.1;
mvpn {
autodiscovery {
inet-mdt;
}
}
rp {
local {
address 172.27.255.1;
}
}
interface all;
}
mvpn {
autodiscovery-only {
intra-as {
inclusive;
}
}
}
}
r1# run show multicast route extensive instance mvpn
Instance: mvpn Family: INET
Group: 224.2.2.2
Source: 172.27.0.30/32
Upstream interface: ge-1/1/5.360
Downstream interface list:
mt-1/1/10.100696064
Session description: Multimedia Conference Calls
Statistics: 122 kBps, 80 pps, 1434 packets
Next-hop ID: 1048588
Upstream protocol: PIM
Route state: Active
Forwarding state: Forwarding
Cache lifetime/timeout: 360 seconds
Wrong incoming interface notifications: 0
Uptime: 00:00:18
r1# run show pim mdt instance mvpn
Instance: PIM.mvpn
Tunnel direction: Outgoing
Tunnel mode: PIM-SSM
Default group address: 232.2.2.2
Default source address: 172.27.255.1
Default tunnel interface: mt-1/1/10.100696064
Default tunnel source: 172.27.255.1
Instance: PIM.mvpn
Tunnel direction: Incoming
Tunnel mode: PIM-SSM
Default group address: 232.2.2.2
Default source address: 172.27.255.5
Default tunnel interface: mt-1/1/10.101744640
Default tunnel source: 172.27.255.1
r3# run show multicast route extensive
Instance: master Family: INET
Group: 232.2.2.2
Source: 172.27.255.1/32
Upstream interface: ge-1/1/7.31
Downstream interface list:
ge-1/1/7.35
Session description: Source specific multicast
Statistics: 128 kBps, 82 pps, 6199 packets
Next-hop ID: 1048580
Upstream protocol: PIM
Route state: Active
Forwarding state: Forwarding
Cache lifetime/timeout: forever
Wrong incoming interface notifications: 0
Uptime: 00:01:25
Group: 232.2.2.2
Source: 172.27.255.5/32
Upstream interface: ge-1/1/7.35
Downstream interface list:
ge-1/1/7.31
Session description: Source specific multicast
Statistics: 0 kBps, 0 pps, 11 packets
Next-hop ID: 1048585
Upstream protocol: PIM
Route state: Active
Forwarding state: Forwarding
Cache lifetime/timeout: forever
Wrong incoming interface notifications: 0
Uptime: 00:01:24
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] VPLS route reflection
VPLS with RR works very well for me in a small lab (see the example below).
Make sure that your loopbacks are reachable through ldp and mpls is enabled
on the interfaces.
mx5t# top show logical-systems r1 protocols bgp
group rr-client {
type internal;
local-address 172.27.255.1;
family l2vpn {
signaling;
}
neighbor 172.27.255.5;
}
mx5t# top show logical-systems r2 protocols bgp
group rr-client {
type internal;
local-address 172.27.255.2;
family l2vpn {
signaling;
}
neighbor 172.27.255.5;
}
mx5t# top show logical-systems r5 protocols bgp
group rr {
type internal;
local-address 172.27.255.5;
family l2vpn {
signaling;
}
cluster 0.0.0.1;
neighbor 172.27.255.1;
neighbor 172.27.255.2;
}
mx5t# run show route protocol bgp logical-system r5 table bgp.l2vpn.0
bgp.l2vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
6L:1:1:1/96
*[BGP/170] 00:09:14, localpref 100, from 172.27.255.1
AS path: I, validation-state: unverified
to 172.27.0.26 via ge-1/1/6.53, Push 299808
6L:1:2:1/96
*[BGP/170] 00:09:14, localpref 100, from 172.27.255.2
AS path: I, validation-state: unverified
to 172.27.0.21 via ge-1/1/6.54, Push 299888
mx5t# run show route protocol bgp logical-system r1 table bgp.l2vpn.0
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
6L:1:2:1/96
*[BGP/170] 00:02:49, localpref 100, from 172.27.255.5
AS path: I, validation-state: unverified
to 172.27.0.2 via ge-1/1/7.12
mx5t# run show route protocol bgp logical-system r2 table bgp.l2vpn.0
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
6L:1:1:1/96
*[BGP/170] 00:03:00, localpref 100, from 172.27.255.5
AS path: I, validation-state: unverified
to 172.27.0.1 via ge-1/1/6.21
mx5t# run show vpls mac-table logical-system r1 | find Bridging
Bridging domain : __vpls-test__, VLAN : NA
MAC MAC Logical NH RTR
address flagsinterfaceIndex ID
64:87:88:5e:a5:1c Dvt-1/0/10.84934912
64:87:88:5e:a5:1d Dge-1/1/5.555
On Tue, Jul 2, 2013 at 7:07 AM, James Jun ja...@towardex.com wrote:
Hey all,
So, I've been trying to google for some sample configuration of
BGP-signalled VPLS setup using route-reflectors, and having some trouble
finding one. All of the sample BGP-signaled examples on Juniper site are
using full-mesh iBGP between PE's with no RR's in the middle.
A pretty simple and straight-forward iBGP topology like this, that we're
all used to in a typical SP network:
CE -- PE (rr client) - P (route-reflector) -- P (route-reflector
) - PE (rr client) -- CE
So, lacking any config examples, I've just enabled 'family l2vpn
signaling;' on existing iBGP sessions that are using the above topology.
Unfortunately, the route-reflector / P-router does not reflect the route
received from PE and vice versa -- it is behaving like non-RR client peer
that wants full mesh.
When viewing bgp.l2vpn.0 RIB, routers can only see l2vpn NLRI's received
from directly configured / meshed peer, but cannot see thru a
route-reflector (i.e. P router cannot see NLRIs from a PE that's attached
thru another P serving as route-reflector). Please note that unicast
inet.0 and inet6.0 RIBs are also carried by same iBGP session transports
across the topology -- and those routes obviously work flawlessly using
route-reflectors.
Setup looks like this on a P router:
bgp {
group teh-core {
type internal;
family inet {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
export mp64-ibgp-export-policy;
peer-as 64552;
neighbor 10.0.0.2 {
description core1.lab2;
}
neighbor 10.0.0.3 {
description core1.lab3;
}
}
group PE-edge-routers__RR-clients {
type internal;
family inet {
unicast;
}
family inet6 {
unicast;
}
family l2vpn {
signaling;
}
export mp64-ibgp-export-policy;
cluster 10.0.0.1;
peer-as 64552;
neighbor 10.0.1.1 {
description edge1.lab1;
}
neighbor 10.0.1.2 {
description edge2.lab1;
}
}
}
Thanks in advance!
james
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
Re: [j-nsp] Internet access from VRF issue
I don't have the book with me right now to check, but I tried your setup
without succes:)
A workaround for this would be a generated default route on R4 when
8.8.8.8 exists in customer.inet.0
mihai@mx#run show route table customer.inet.0 0.0.0.0/0 exact
customer.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Aggregate/130] 00:06:26
Reject
mihai@mx#show routing-instances customer routing-options generate
route 0.0.0.0/0 policy if-8.8.8.8-exist;
mihai@mx#show policy-options policy-statement if-8.8.8.8-exist
term 10 {
from {
protocol bgp;
route-filter 8.8.8.8/32 exact;
}
then accept;
}
term 20 {
then reject;
}
mihai@mx#run show route advertising-protocol bgp 172.27.255.3 0.0.0.0/0
bgp.l3vpn.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
Prefix Nexthop MED LclprefAS path
10:10:0.0.0.0/0
* Self 100I
On Tue, Jun 4, 2013 at 11:33 PM, Alexey alexey.saz...@yandex.ru wrote:
Mihai, Olivier,
thanks for your response, I also suggests that it could be related with
IBGP rules, but unfortunately making R4 route-reflector for R3 doesn't
resolve the issue:
R4@M7i-2# show protocols bgp
...
group vpnv4-r3 {
type internal;
local-address 172.27.255.4;
family inet-vpn {
unicast;
}
cluster 0.0.0.1;
neighbor 172.27.255.3;
}
[edit]
R4@M7i-2#
R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3
bgp.l3vpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
Restart Complete
Prefix Nexthop MED LclprefAS path
172.27.255.4:100:2.2.2.2/32
* Self 1001 I
172.27.255.4:100:172.27.0.4/30
* Self 100I
[edit]
R4@M7i-2#
Earlier I also try to use rib-group inet0-vrf which imports routes to
inet.0 and Customer.inet.0 tables, ospf routes get into Customer.inet.0 but
still don't get advertised to R3:
R4@M7i-2# show protocols ospf
rib-group inet0-vrf;
R4@M7i-2# show routing-options rib-groups
inet0-vrf {
import-rib [ inet.0 Customer.inet.0 ];
}
The same ospf route in both tables of R4:
R4@M7i-2# run show route protocol ospf 172.27.0.0/30
inet.0: 32 destinations, 37 routes (30 active, 0 holddown, 2 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
172.27.0.0/30 *[OSPF/10] 00:07:35, metric 100
to 172.27.0.10 via ge-1/3/0.41
inet.3: 7 destinations, 11 routes (2 active, 0 holddown, 7 hidden)
Restart Complete
Customer.inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0
hidden)
+ = Active Route, - = Last Active, * = Both
172.27.0.0/30 *[OSPF/10] 00:07:35, metric 100
to 172.27.0.10 via ge-1/3/0.41
[edit]
R4@M7i-2#
But still no ospf routes advertised to R3:
R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3
bgp.l3vpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
Restart Complete
Prefix Nexthop MED LclprefAS path
172.27.255.4:100:2.2.2.2/32
* Self 1001 I
172.27.255.4:100:172.27.0.4/30
* Self 100I
[edit]
R4@M7i-2#
--
Alexey S.
Leading engineer
Network solutions team
CCIE RS
alexey.saz...@yandex.ru
04.06.2013, 21:09, Mihai mihaigabr...@gmail.com:
for R3, sorry :)
On 06/04/2013 07:56 PM, Mihai wrote:
Hello,
Maybe I am wrong, but as long as R1,R3,R4 are internal bgp neighbors,
R4
should be route reflector for R4.
Regards,
Mihai
On 06/04/2013 06:44 PM, Alexey wrote:
Hi guys,
Now I'm preparing for JNCIE-SP certification, and faced with problem
providing internet-access for VPN users.
I attach my test topology to email.
R4 and R3 are PE routers which holds vrf table Customer, R1 router
holds ipv4 static route 8.8.8.8/32 to represent Internet routes.
Between R4 and R3 there is vpnv4 IBGP session and Between R4 and R1 -
ipv4 IBGP.
I use rib-group to import IPv4 routes received from R1 also in table
Customer.inet.0. Routes are imported as expected and I see
8.8.8.8/32
in vrf Customer:
R4# run show route table Customer 8.8.8.8
Customer.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
hidden)
+ = Active Route, - = Last Active, * = Both
8.8.8.8/32 *[BGP/170] 00:50:35, localpref 100, from 172.27.255.1
AS path: I
to 172.27.0.10 via ge-1/3/0.41, label-switched-path r4-to-r1
[edit]
R4@M7i-2#
But the problem is that R4 doesn't pass this route from VRF to R3 via
MP-BGP.
R4@M7i-2# run show route advertising-protocol bgp 172.27.255.3
Customer.inet.0: 4 destinations,
[j-nsp] next-hop self and RR
Hello,
Is Juniper's implementation of next-hop self on a RR a violation of
RFC1966?
In some implementations, modification of the BGP path attribute,
NEXT_HOP is possible. For example, there could be a need for a RR to
modify NEXT_HOP for EBGP learned routes sent to its internal peers.
However, it must not be possible for an RR to set on reflected IBGP
routes as this breaks the basic principle of Route Reflection and
will result in potential black holeing of traffic.
Testing this feature in a topology with 3 routers, r1 (client) - r3 (rr) -
r2 (client) , a route originated from r1 and advertised to r2 via it's RR
will have a next-hop of RR when an export policy is applied to r2:
mihai@mx5t# run show route receive-protocol bgp 10.0.6.1 logical-system r3
192.168.10.0
inet.0: 32 destinations, 33 routes (32 active, 0 holddown, 0 hidden)
Prefix Nexthop MED LclprefAS path
* 192.168.10.0/24 10.0.6.1 100I
mihai@mx5t# show protocols bgp group 65000 neighbor 10.0.6.2
export nh-self;
show policy-options policy-statement nh-self
from {
protocol bgp;
neighbor 10.0.6.1;
}
then {
next-hop self;
}
mihai@mx5t# run show route advertising-protocol bgp 10.0.6.2 logical-system
r3 match-prefix 192.168.10.0
inet.0: 32 destinations, 33 routes (32 active, 0 holddown, 0 hidden)
Prefix Nexthop MED LclprefAS path
* 192.168.10.0/24 Self 100I
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] MX480 : slow pseudo-terminal
Yes I have accounting configured but the deactivation of it doesn't help at all. On Mon, Nov 5, 2012 at 12:41 AM, Ben Dale bd...@comlinx.com.au wrote: On 04/11/2012, at 3:12 AM, Mihai mihaigabr...@gmail.com wrote: Hello, I have an MX480 running 11.4R2.14 with a weird behavior of the pseudo-terminal (always ttyp3) allocated to the first user that login through telnet.After I enter the password I have to press ENTER twice to access the cli, but the cli is useless due to a very slow response. The second user telneting the router always receives ttyp8 and has no problem. A restart of mgd and inetd did’nt solve this issue. Any adice? Check that you don't have system accounting configured but referencing a missing/down server. If so, every command you enter (including login) will be passed back to RADIUS/TACACS, with obligatory timeout and retry intervals. Though if your other terminal is working fine, then this sounds unlikely. Ben ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Layer 2 circuit - Traffic not flowing between Cisco and Juniper with mismatched VLAN ID
I configured something similar (vpls instead vlan-ccc) with something like
this on Juniper:
Interfaces {
ge-1/1/6 {
unit 901 {
description C-PE2 to S-CE2;
encapsulation vlan-vpls;
vlan-id 901;
input-vlan-map {
swap;
vlan-id 801;
}
output-vlan-map swap;
}
}
On Thu, Nov 1, 2012 at 2:26 PM, Arun Kumar narain.a...@gmail.com wrote:
i m trying to do VLAN mode.
below is the previous config that I tried,
nieg@LAB-MX-PE5# show interfaces ge-1/1/0.601
encapsulation vlan-ccc;
vlan-id 601
input-vlan-map pop;
output-vlan-map push;
[edit]
nieg@LAB-MX-PE5# show protocols l2circuit
neighbor 10.20.0.2 {
interface ge-1/1/0.601 {
virtual-circuit-id 6012;
}
}
Cisco side:
interface GigabitEthernet0/1.610
encapsulation dot1Q 610
xconnect 10.20.0.5 6012 encapsulation mpls
end
even tried as per the config you asked for but still the same result, VC
stays up but no data flowing
nieg@LAB-MX-PE5# run show l2circuit connections extensive
Neighbor: 10.20.0.2
Interface Type St Time last up # Up trans
ge-1/1/0.601(vc 6012) rmt Up Nov 1 17:50:20 2012 1
Remote PE: 10.20.0.2, Negotiated control-word: Yes (Null)
Incoming label: 299792, Outgoing label: 40
Negotiated PW status TLV: No
Local interface: ge-1/1/0.601, Status: Up, Encapsulation: VLAN
Connection History:
Nov 1 17:50:20 2012 status update timer
Nov 1 17:50:20 2012 PE route changed
Nov 1 17:50:20 2012 Out lbl Update40
Nov 1 17:50:20 2012 In lbl Update 299792
Nov 1 17:50:20 2012 loc intf up ge-1/1/0.601
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Layer 2 circuit - Traffic not flowing between Cisco and Juniper with mismatched VLAN ID
Using vlan 610 on Cisco (the configuration is correct) and vlan 601 on
Juniper, the Juniper configuration should look like this:
vlan-id 601;
input-vlan-map {
swap;
vlan-id 610;
}
output-vlan-map swap;
}
On Thu, Nov 1, 2012 at 4:03 PM, Mike Devlin juni...@meeksnet.ca wrote:
vlan 610 on Cisco side, VS vlan 601 on Juniper side?
Is that my dyslexia, or yours?
On Thu, Nov 1, 2012 at 8:49 AM, Mihai Gabriel mihaigabr...@gmail.comwrote:
I configured something similar (vpls instead vlan-ccc) with something like
this on Juniper:
Interfaces {
ge-1/1/6 {
unit 901 {
description C-PE2 to S-CE2;
encapsulation vlan-vpls;
vlan-id 901;
input-vlan-map {
swap;
vlan-id 801;
}
output-vlan-map swap;
}
}
On Thu, Nov 1, 2012 at 2:26 PM, Arun Kumar narain.a...@gmail.com wrote:
i m trying to do VLAN mode.
below is the previous config that I tried,
nieg@LAB-MX-PE5# show interfaces ge-1/1/0.601
encapsulation vlan-ccc;
vlan-id 601
input-vlan-map pop;
output-vlan-map push;
[edit]
nieg@LAB-MX-PE5# show protocols l2circuit
neighbor 10.20.0.2 {
interface ge-1/1/0.601 {
virtual-circuit-id 6012;
}
}
Cisco side:
interface GigabitEthernet0/1.610
encapsulation dot1Q 610
xconnect 10.20.0.5 6012 encapsulation mpls
end
even tried as per the config you asked for but still the same result, VC
stays up but no data flowing
nieg@LAB-MX-PE5# run show l2circuit connections extensive
Neighbor: 10.20.0.2
Interface Type St Time last up # Up
trans
ge-1/1/0.601(vc 6012) rmt Up Nov 1 17:50:20 2012
1
Remote PE: 10.20.0.2, Negotiated control-word: Yes (Null)
Incoming label: 299792, Outgoing label: 40
Negotiated PW status TLV: No
Local interface: ge-1/1/0.601, Status: Up, Encapsulation: VLAN
Connection History:
Nov 1 17:50:20 2012 status update timer
Nov 1 17:50:20 2012 PE route changed
Nov 1 17:50:20 2012 Out lbl Update40
Nov 1 17:50:20 2012 In lbl Update 299792
Nov 1 17:50:20 2012 loc intf up ge-1/1/0.601
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper MX5 vs Brocade CER
I replaced some months ago a 7600-SUP32 with one Brocade CER2024 and I was very satisfied about their performance. Some features tested by me: bgp. Ospf, ldp, mpls, vrf, eompls, spanning-tree,ipv6, wire speed 10G ports. The olny feature not supported at that time was ipv6 in vrf,but they promised this will be supported this year. On Mon, Oct 22, 2012 at 5:12 AM, Jerry Jones jjo...@danrj.com wrote: Number of 10G ports just knocked the CER out of consideration for a customer of mine. Also if you want to do any services such as BRAS which many 7200 are used for, then Juniper is a clear winner. On Oct 21, 2012, at 8:55 PM, Skeeve Stevens skeeve+juniper...@eintellego.net wrote: Hey all, I have a customer asking us about upgrading their border routers. They currently use Cisco 7200's. We obviously have been recommending Juniper, but they've been looking around and have come back to us asking us about the Brocade CER200-RT units. By the specs and price, they certainly look good, but they are asking us 'why not' ? So beyond all the website/vendor marketing hype... is there anything that people have had experience with that would help me guide them towards Juniper? Or are these units just too good to beat? ...Skeeve * * *Skeeve Stevens, CEO - *eintellego Pty Ltd ske...@eintellego.net ; www.eintellego.net Phone: 1300 753 383; Cell +61 (0)414 753 383 ; skype://skeeve facebook.com/eintellego ; http://twitter.com/networkceoau linkedin.com/in/skeeve twitter.com/networkceoau ; blog: www.network-ceo.net The Experts Who The Experts Call Juniper - Cisco – IBM - Cloud ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] 6pe between Cisco and Juniper
and move all the traffic through RR? :) On Tue, Sep 4, 2012 at 4:47 PM, Olivier Benghozi olivier.bengh...@wifirst.fr wrote: Maybe you could try to configure next-hop-self on the Cisco's side, on all AFI? Le 4 sept. 2012 à 13:12, Mihai Gabriel a écrit : You are partially right. The bgp session is established without inet6-unicast capability advertised by Juniper, but as soon as Juniper receives an ipv6 prefix with a native ipv6 next-hop from Cisco, it will immediately close the session . My Cisco router is a route reflector with a lot of clients and some of them are advertising ipv6 prefixes with a native ipv6 next-hop and also ipv4 prefixes.In this setup,closing the session will affect all services.. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] 6pe between Cisco and Juniper
Hello,
Did any of you manage to configure a bgp session between Cisco and Juniper
using family inet6 labeled-unicast on Juniper? I am trying to configure 6PE
but the bgp session does not come up because Juniper does not send
ipv6-unicast capabity to Cisco
Juniper config:
group test {
type internal;
local-address 10.10.10.10;
import pol-reject-any;
family inet {
unicast;
}
family inet6 {
labeled-unicast {
explicit-null;
}
}
export pol-reject-any;
neighbor 10.10.10.20;
Cisco config:
neighbor test peer-group
neighbor test remote-as 65500
neighbor test update-group loopback0
address-family ipv4
neighbor test send-community
neighbor test send-label
neighbor 10.10.10.10 activate
address-family ipv6
neighbor test send-community
neighbor test send-label
neighbor 10.10.10.10 activate
and the error:
Sep 3 17:33:31 juniper rpd[2115]: bgp_process_caps: mismatch NLRI with
10.10.10.20 (Internal AS 65500):
peer: inet-unicast inet6-unicast inet6-labeled-unicast(273) us:
inet-unicast inet6-labeled-unicast(257)
Any advice?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] 6pe between Cisco and Juniper
I thought so,but Juniper doesn't let me :
juniper# commit check
re0:
[edit protocols]
'bgp'
Error in neighbor 10.10.10.20 of group test:
peer cannot have both inet6 unicast and inet6 labeled-unicast nlri
On Mon, Sep 3, 2012 at 6:22 PM, Colby Barth cba...@juniper.net wrote:
Mihai-
Based on the error message:
peer: inet-unicast inet6-unicast inet6-labeled-unicast(273) us:
inet-unicast inet6-labeled-unicast(257)
You need to enable the unicast address family under ipv6
set protocols bgp group test family inet6 unicast
-cb
On Sep 3, 2012, at 11:04 AM, Mihai Gabriel wrote:
Hello,
Did any of you manage to configure a bgp session between Cisco and
Juniper
using family inet6 labeled-unicast on Juniper? I am trying to configure
6PE
but the bgp session does not come up because Juniper does not send
ipv6-unicast capabity to Cisco
Juniper config:
group test {
type internal;
local-address 10.10.10.10;
import pol-reject-any;
family inet {
unicast;
}
family inet6 {
labeled-unicast {
explicit-null;
}
}
export pol-reject-any;
neighbor 10.10.10.20;
Cisco config:
neighbor test peer-group
neighbor test remote-as 65500
neighbor test update-group loopback0
address-family ipv4
neighbor test send-community
neighbor test send-label
neighbor 10.10.10.10 activate
address-family ipv6
neighbor test send-community
neighbor test send-label
neighbor 10.10.10.10 activate
and the error:
Sep 3 17:33:31 juniper rpd[2115]: bgp_process_caps: mismatch NLRI with
10.10.10.20 (Internal AS 65500):
peer: inet-unicast inet6-unicast inet6-labeled-unicast(273) us:
inet-unicast inet6-labeled-unicast(257)
Any advice?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Problem with L3VPN
vrf-table-label missing? On Thu, Aug 30, 2012 at 10:44 AM, Johan Borch johan.bo...@gmail.com wrote: Hi I have a problem with getting traffic to flow between L3VPN VRF's, I can see LSP's ingress egress, routes are installed in both VRF's but I can't get any traffic got pass if I try to ping from on the VRF to the other. Ideas what this could be? Regards Johan ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] bgp regexp
Hello, I am reading the bgp regexp examples on Juniper site ( http://www.juniper.net/techpubs/en_US/junos10.2/topics/usage-guidelines/policy-configuring-as-path-regular-expressions-to-use-as-routing-policy-match-conditions.html) and I cannot understand this sentence: Path whose second AS number might be 56 or 78: dot (56 | 78)? The matching is: 1234 78 39 or 794 78 2 How could this regexp match 1234 78 39 when there is not at least a dot at the end of expression? Regards, ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] mpls node-protection: LSP down
This is the topology: http://img52.imageshack.us/img52/5512/avpn.png Sorry On Fri, Aug 10, 2012 at 11:57 AM, Mihai Gabriel mihaigabr...@gmail.comwrote: Hello, I am trying to test the node-protection feature in a lab using an MX5 router with logical-systems and I can't find the reason why is not working.The topology I use is here: http://imageshack.us/photo/my-images/849/avpn.png/ All routers are configured for mls,rsvp,ospf,link-protection, but when I disable the interface between P1 and PE1, the LSP between PE1 and PE2 goes down and stay that way: Before disabling the interface: mumulox@mx5t show mpls lsp logical-system PE1 extensive Ingress LSP: 1 sessions 192.168.1.2 From: 192.168.1.1, State: Up, ActiveRoute: 0, LSPname: pe1-to-pe2 ActivePath: strict-path (primary) Node/Link protection desired LSPtype: Static Configured LoadBalance: Random Encoding type: Packet, Switching type: Packet, GPID: IPv4 Revert timer: 1 *Primary strict-path State: Up Priorities: 7 0 OptimizeTimer: 1 SmartOptimizeTimer: 2 Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID): 192.168.5.1(flag=0x29) 172.22.210.2(flag=9 Label=301600) 192.168.5.2(flag=0x29) 172.22.201.2(flag=9 Label=301472) 192.168.5.3(flag=0x21) 172.22.206.2(flag=1 Label=301200) 192.168.1.2(flag=0x20) 172.22.212.1(Label=3) mumulox@mx5t show mpls path strict-path logical-system PE1 Path nameAddress strict/loose if-id strict-path 172.22.210.2strictempty mumulox@mx5t show rsvp session logical-system PE1 Ingress RSVP: 2 sessions To FromState Rt Style Labelin Labelout LSPname 192.168.1.2 192.168.1.1 Up 0 1 SE - 301600 pe1-to-pe2 192.168.5.2 192.168.1.1 Up 0 1 SE - 301296 Bypass-172.22.210.2-172.22.201.2 Total 2 displayed, Up 2, Down 0 mumulox@mx5t show route table inet.3 logical-system PE1 192.168.1.2 extensive inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden) 192.168.1.2/32 (1 entry, 1 announced) State: FlashAll *RSVP Preference: 7/1 Next hop type: Router, Next hop index: 1048577 Address: 0x2c74010 Next-hop reference count: 7 Next hop: 172.22.210.2 via ge-1/1/7.100 weight 0x1, selected Label-switched-path pe1-to-pe2 Label operation: Push 301600 Label TTL action: prop-ttl Next hop: 172.22.211.2 via ge-1/1/7.104 weight 0x8001 Label-switched-path Bypass-172.22.210.2-172.22.201.2 Label operation: Push 301472, Push 301296(top) Label TTL action: prop-ttl, prop-ttl(top) State: Active Int Local AS: 65512 Age: 4:33 Metric: 4 Task: RSVP Announcement bits (1): 1-Resolve tree 1 AS path: I After disabling the interface: mumulox@mx5t show mpls lsp extensive logical-system PE1 Ingress LSP: 1 sessions 192.168.1.2 From: 192.168.1.1, State: Dn, ActiveRoute: 0, LSPname: pe1-to-pe2 ActivePath: (none) Node/Link protection desired LSPtype: Static Configured LoadBalance: Random Encoding type: Packet, Switching type: Packet, GPID: IPv4 Revert timer: 1 Primary strict-path State: Dn Priorities: 7 0 OptimizeTimer: 1 SmartOptimizeTimer: 2 199 Aug 10 12:04:44.607 Deselected as active 198 Aug 10 12:04:44.607 172.22.205.1: Non-RSVP capable router detected 197 Aug 10 12:04:44.607 Link-protection Down 196 Aug 10 12:04:44.606 Session preempted 195 Aug 10 12:04:44.504 172.22.210.1: Tunnel local repaired 194 Aug 10 12:04:44.504 172.22.210.1: Down 198 Aug 10 12:04:44.607 172.22.205.1: Non-RSVP capable router detected seems to be very clear,but it is not, because all routers are rsvp enabled mumulox@mx5t show rsvp neighbor logical-system P2 RSVP neighbor: 3 learned AddressIdle Up/Dn LastChange HelloInt HelloTx/Rx MsgRcvd 172.22.201.1 0 13/12 23:491 84288/84248 2908 172.22.206.2 0 1/0 2d 20:02:201 92707/92707 4944 172.22.205.2 0 1/0 2d 18:30:331 92114/92114 6789 Any advice? Thanks ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] MX5-T logical-routers question
Hello,
I am trying to test some features with an MX5-T router with
logical-systems but my results are below expectations and I don't
understand what's wrong.
The topology and the config are very simple: R1 --- R2 ---R3 :
mx5t# run show version
Hostname: mx5t
Model: mx5-t
JUNOS Base OS boot [11.4R2.14]
JUNOS Base OS Software Suite [11.4R2.14]
JUNOS Kernel Software Suite [11.4R2.14]
JUNOS Packet Forwarding Engine Support (MX80) [11.4R2.14]
JUNOS Online Documentation [11.4R2.14]
JUNOS Routing Software Suite [11.4R2.14]
mx5t# show chassis
fpc 1 {
pic 0 {
tunnel-services {
bandwidth 1g;
}
inactive: adaptive-services {
service-package layer-2;
}
}
pic 1 {
tunnel-services {
bandwidth 1g;
}
}
}
network-services ip;
mx5t# show R1
interfaces {
lt-1/1/10 {
unit 12 {
encapsulation ethernet;
peer-unit 21;
family inet {
address 10.10.10.1/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1000 {
family inet {
address 1.1.1.1/32;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
label-switched-path mihai {
to 3.3.3.3;
no-cspf;
}
interface all;
}
isis {
interface all;
}
}
mx5t# show R2
interfaces {
lt-1/1/10 {
unit 21 {
encapsulation ethernet;
peer-unit 12;
family inet {
address 10.10.10.2/24;
}
family iso;
family mpls;
}
unit 23 {
encapsulation ethernet;
peer-unit 32;
family inet {
address 10.10.20.2/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1001 {
family inet {
address 2.2.2.2/32;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
interface all;
}
isis {
interface all;
}
}
mx5t# show R3
interfaces {
lt-1/1/10 {
unit 32 {
encapsulation ethernet;
peer-unit 23;
family inet {
address 10.10.20.3/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1003 {
family inet {
address 3.3.3.3/24;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
interface all;
}
isis {
interface all;
}
}
While a ping from R1 loopback to R3 loopback is successful , a traceroute
from R1 to R3 doesn't show the transit router R2 (I tried with and without
mpls), and a lsp from R1 to R3 is failing to come up.
x5t# run show route logical-system R1
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[Direct/0] 01:07:53
via lo0.1000
2.2.2.2/32 *[IS-IS/15] 01:02:44, metric 10
to 10.10.10.2 via lt-1/1/10.12
3.3.3.0/24 *[IS-IS/15] 01:02:20, metric 20
to 10.10.10.2 via lt-1/1/10.12
3.3.3.3/32 *[IS-IS/15] 01:02:20, metric 20
to 10.10.10.2 via lt-1/1/10.12
10.10.10.0/24 *[Direct/0] 01:07:53
via lt-1/1/10.12
10.10.10.1/32 *[Local/0] 01:07:53
Local via lt-1/1/10.12
10.10.20.0/24 *[IS-IS/15] 01:02:44, metric 20
to 10.10.10.2 via lt-1/1/10.12
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
49.0001../56
*[Direct/0] 01:02:59
via lo0.1000
mpls.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 01:00:09, metric 1
Receive
1 *[MPLS/0] 01:00:09, metric 1
Receive
2 *[MPLS/0] 01:00:09, metric 1
Receive
mx5t# run show route logical-system R2
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[IS-IS/15] 01:03:04, metric 10
to 10.10.10.1 via lt-1/1/10.21
2.2.2.2/32 *[Direct/0] 01:08:13
via lo0.1001
3.3.3.0/24 *[IS-IS/15] 01:02:40, metric 10
to 10.10.20.3 via lt-1/1/10.23
3.3.3.3/32 *[IS-IS/15] 01:02:40,
Re: [j-nsp] MX5-T logical-routers question
Using a physical loop with vlans solved the problem according with your
suggestion.
Thank you all for help!
Regards
On Tue, May 22, 2012 at 4:58 PM, Magnus Bergroth bergr...@nordu.net wrote:
Juniper has a bug in their LT interface implementation on MX80 in 11.4,
that misses to decrement ttl on logical tunnel interfaces. That's why
you don't see R2 in the traceroute. They haven't released in which
version they are going to fix it yet.
Kindly
Magnus
On 2012-05-22 14:32, Mihai Gabriel wrote:
Hello,
I am trying to test some features with an MX5-T router with
logical-systems but my results are below expectations and I don't
understand what's wrong.
The topology and the config are very simple: R1 --- R2 ---R3 :
mx5t# run show version
Hostname: mx5t
Model: mx5-t
JUNOS Base OS boot [11.4R2.14]
JUNOS Base OS Software Suite [11.4R2.14]
JUNOS Kernel Software Suite [11.4R2.14]
JUNOS Packet Forwarding Engine Support (MX80) [11.4R2.14]
JUNOS Online Documentation [11.4R2.14]
JUNOS Routing Software Suite [11.4R2.14]
mx5t# show chassis
fpc 1 {
pic 0 {
tunnel-services {
bandwidth 1g;
}
inactive: adaptive-services {
service-package layer-2;
}
}
pic 1 {
tunnel-services {
bandwidth 1g;
}
}
}
network-services ip;
mx5t# show R1
interfaces {
lt-1/1/10 {
unit 12 {
encapsulation ethernet;
peer-unit 21;
family inet {
address 10.10.10.1/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1000 {
family inet {
address 1.1.1.1/32;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
label-switched-path mihai {
to 3.3.3.3;
no-cspf;
}
interface all;
}
isis {
interface all;
}
}
mx5t# show R2
interfaces {
lt-1/1/10 {
unit 21 {
encapsulation ethernet;
peer-unit 12;
family inet {
address 10.10.10.2/24;
}
family iso;
family mpls;
}
unit 23 {
encapsulation ethernet;
peer-unit 32;
family inet {
address 10.10.20.2/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1001 {
family inet {
address 2.2.2.2/32;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
interface all;
}
isis {
interface all;
}
}
mx5t# show R3
interfaces {
lt-1/1/10 {
unit 32 {
encapsulation ethernet;
peer-unit 23;
family inet {
address 10.10.20.3/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 1003 {
family inet {
address 3.3.3.3/24;
}
family iso {
address 49.0001...00;
}
}
}
}
protocols {
rsvp {
interface all;
}
mpls {
interface all;
}
isis {
interface all;
}
}
While a ping from R1 loopback to R3 loopback is successful , a traceroute
from R1 to R3 doesn't show the transit router R2 (I tried with and
without
mpls), and a lsp from R1 to R3 is failing to come up.
x5t# run show route logical-system R1
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[Direct/0] 01:07:53
via lo0.1000
2.2.2.2/32 *[IS-IS/15] 01:02:44, metric 10
to 10.10.10.2 via lt-1/1/10.12
3.3.3.0/24 *[IS-IS/15] 01:02:20, metric 20
to 10.10.10.2 via lt-1/1/10.12
3.3.3.3/32 *[IS-IS/15] 01:02:20, metric 20
to 10.10.10.2 via lt-1/1/10.12
10.10.10.0/24 *[Direct/0] 01:07:53
via lt-1/1/10.12
10.10.10.1/32 *[Local/0] 01:07:53
Local via lt-1/1/10.12
10.10.20.0/24 *[IS-IS/15] 01:02:44, metric 20
to 10.10.10.2 via lt-1/1/10.12
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
49.0001../56
