I got this strange behaviour where the IPv6 doesn't work correctly or not working at all on LT interfaces.
http://www.juniper.net/techpubs/en_US/junos12.2/topics/concept/logical-systems-restrictions.html
Logical systems have the following operations and restrictions:
* You can configure only Frame Relay interface encapsulation on a logical tunnel interface (lt-) when it is configured with an IPv6 address.
So if you are using Logical Systems on Juniper and you have to do IPv6 labs avoid encapsulation ethernet.
Example
root@jnlab# show
interfaces {
lt-2/2/0 {
unit 46 {
encapsulation frame-relay;
dlci 100;
peer-unit 45;
family inet {
address 172.27.0.58/30;
}
family inet6 {
address 2008:4489:0:0::1/64;
}
}
}
}
root@jnlab# run ping 2008:4489::2 logical-system c1
PING6(56=40+8+8 bytes) 2008:4489::1 --> 2008:4489::2
16 bytes from 2008:4489::2, icmp_seq=0 hlim=64 time=0.427 ms
16 bytes from 2008:4489::2, icmp_seq=1 hlim=64 time=0.281 ms
^C
--- 2008:4489::2 ping6 statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.281/0.354/0.427/0.073 ms
10/27/2012
10/22/2012
IGP-TE
Configuring Node-Link Protection for OSPF
You can configure node-link protection on any interface for which OSPF is enabled. Node-link protection establishes an alternate path through a different routing device altogether for all destination routes that traverse a protected interface. Node-link protection assumes that the entire routing device, or node, has failed. The Junos OS therefore calculates a backup path that avoids the primary next-hop routing device.
Node-link protection is supported on:
- OSPFv2 and OSPFv3 interfaces
- OSPFv3 unicast realms
- OSPFv2 unicast topologies
- All routing instances supported by OSPFv2 and OSPFv3
- Logical systems
To configure node-link protection for an OSPF interface:
- Include the node-link-protection statement at the [edit protocols (ospf | ospf3) area area-idinterface interface-name] hierarchy level.
Best Practice: You must also configure a per-packet load-balancing routing policy to ensure that the routing protocol process installs all the next hops for a given route in the routing table.
|
In the following example, the OSPF interface so-0/0/0.0 in area 0.0.0.0 is configured for node-link protection. If a link for a destination route that traverses this interface becomes unavailable, the Junos OS creates a loop-free backup path through a different routing device altogether, thus avoiding the primary next-hop routing device.
[edit]protocols {ospf {area 0.0.0.0 {interface so-0/0/0.0 {node-link-protection;}}}}
Freenode
IRC Freenode is something really useful. It's amazing that people still prefer to use a real-time chat services rather than forums and mailing lists.
10/16/2012
JunOS Conditional routing
It's really lovely how straight-forward the JunOS conditional routing is. There is a quick example how to configure it. In the example we are monitoring the IS-IS route 172.27.255.2/32 and if it's in the routing table we will generate 172.27.0.0/16 route. The important bit here is the generate route and the policy which is in the end of the 'generate route' statement.
[edit logical-systems r1 routing-options]
root@m# show
generate {
route 172.27.0.0/16 policy isis-present;
root@m# show
generate {
route 172.27.0.0/16 policy isis-present;
}
policy-statement isis-present {
term 1 {
from {
protocol isis;
level 1;
route-filter 172.27.255.2/32 exact;
}
then accept;
}
term 2 {
then reject;
}
}
policy-statement isis-present {
term 1 {
from {
protocol isis;
level 1;
route-filter 172.27.255.2/32 exact;
}
then accept;
}
term 2 {
then reject;
}
}
Juniper IS-IS summary
- #####################################################################################################
- ## ISIS
- #####################################################################################################
- # Be sure to set family iso on the interface to be placed into ISIS
- set interfaces <interface> family iso
- # By default Junos places interfaces as L1/L2
- # Default route leaking:
- L1 to L2 - all internal routes
- L2 to L1 - 0/0 route
- # L1/L2 will send the attached-bit down to L1 and it will act as a NSSA-like area. When the L1 interface
- # receives the attached-bit it will inject a 0/0 route into the RIB point to the L1/L2 interface.
- # To disable the attached bit use:
- set protocols isis ignore-attached-bit
- # Be careful with the "interface all" command, as it may have some unexpected consequences such as trying
- # to establish a neighbor on your fxp0 management interface. Use explicit interface names. If you must
- # use the "interface all" command, remember that if you also define another explicit interface such as
- # "interface ge-0/0/0.0 <options>" that it _doesn't_ inherit the "interface all" options.
- # ALWAYS include the interface lo0.0
- # L2 backbone must be contiguous.
- # Human-readable hostnames via TLV 137. Good to quickly verify that the router has the proper adjcancies .
- show isis hostname
- # Set LSP authentication (per area knob)
- set protocols isis level <level> authentication-type (simple|md5)
- set protocols isis level <level> authentication-key <key>
- # Set hello authentication (per interface knob)
- set protocols isis interface <interface> hello-authentication-type (simple|md5)
- set protocols isis interface <interface> hello-authentication-key <key>
- # Set lsp-interval
- set interfaces ge-0/0/0.0 lsp-interval <milliseconds>
- # L2 to L1 route summarization
- ## set aggregate route in routing-options
- set routing-options aggregate route 10/8
- ## set policy-options - what prefix to match
- set policy-options policy-statement isis-export term 1 from protocol aggregate route-filter 10/8 exact
- ## set policy-options - what level to go _to_
- set policy-options policy-statement isis-export term 1 to level 1
- ## set action
- set policy-options policy-statement isis-export term 1 then accept
- # L1 to L2 route summarization
- ## set aggregate route in routing-options
- set routing-optiong aggregate route 10/8
- ## set policy-options
- ### match exact route
- set policy-options policy-statement isis-export term 1 from protocol aggregate router-filter 10/8 exact
- ## set policy-options - what level to go _to_
- set policy-options policy-statement isis-export term 1 to level 2
- ## set action
- set policy-options policy-statement isis-export term 1 then accept
- ### suppress more specific routes (to prevent advertisements of both aggregate and more specific routes)
- set policy-options policy-statement isis-export term 2 from protocol isis
- set policy-options policy-statement isis-export term 2 from level 1
- set policy-options policy-statement isis-export term 2 to level 2
- ## set action
- set policy-options policy-statement isis-export term 2 then reject
- # Verify that a route is internal or external
- show route protocol isis <prefix> exact
- show isis database <sysid> detail
- # When using wide-metrics-only it makes the route internal. When there is a situtation where the L1 routers
- # are wide-metrics-only and are exporting external routes into the L1 area, they will appear as internal
- # routes. Also if there are any L1/L2 routers in the area that exported prefix will be automatically
- # redistributed from L1 into L2 because it's showing as an internal route. If narrow-metrics were used, the
- # L1/L2 routers would have to have an export policy to redistributed the prefix from L1 to L2.
- # Set DIS priority
- set protocols isis interface <interface> level <level> priority <level>
- ## Remember that the highest MAC address is the tie-breaker if the priorities are equal
- ## view current DIS
- show isis interface
Subscribe to:
Posts (Atom)