10/27/2012

IPv6 on LT interfaces

I got this strange behaviour where the IPv6 doesn't work correctly or not working at all on LT interfaces.


http://www.juniper.net/techpubs/en_US/junos12.2/topics/concept/logical-systems-restrictions.html


 Logical systems have the following operations and restrictions:

 * You can configure only Frame Relay interface encapsulation on a logical tunnel interface (lt-) when it is configured with an IPv6 address.

So if you are using Logical Systems on Juniper and you have to do IPv6 labs avoid encapsulation ethernet.

Example


root@jnlab# show
interfaces {
    lt-2/2/0 {
        unit 46 {
            encapsulation frame-relay;
            dlci 100;
            peer-unit 45;
            family inet {
                address 172.27.0.58/30;
            }
            family inet6 {
                address 2008:4489:0:0::1/64;
            }
        }
    }
}


root@jnlab# run ping 2008:4489::2 logical-system c1  
PING6(56=40+8+8 bytes) 2008:4489::1 --> 2008:4489::2
16 bytes from 2008:4489::2, icmp_seq=0 hlim=64 time=0.427 ms
16 bytes from 2008:4489::2, icmp_seq=1 hlim=64 time=0.281 ms
^C
--- 2008:4489::2 ping6 statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.281/0.354/0.427/0.073 ms



Публикуван от в
Етикети: ,

10/22/2012

IGP-TE


Configuring Node-Link Protection for OSPF

You can configure node-link protection on any interface for which OSPF is enabled. Node-link protection establishes an alternate path through a different routing device altogether for all destination routes that traverse a protected interface. Node-link protection assumes that the entire routing device, or node, has failed. The Junos OS therefore calculates a backup path that avoids the primary next-hop routing device.
Node-link protection is supported on:
  • OSPFv2 and OSPFv3 interfaces
  • OSPFv3 unicast realms
  • OSPFv2 unicast topologies
  • All routing instances supported by OSPFv2 and OSPFv3
  • Logical systems
To configure node-link protection for an OSPF interface:
  • Include the node-link-protection statement at the [edit protocols (ospf | ospf3) area area-idinterface interface-name] hierarchy level.
Best Practice: You must also configure a per-packet load-balancing routing policy to ensure that the routing protocol process installs all the next hops for a given route in the routing table.
In the following example, the OSPF interface so-0/0/0.0 in area 0.0.0.0 is configured for node-link protection. If a link for a destination route that traverses this interface becomes unavailable, the Junos OS creates a loop-free backup path through a different routing device altogether, thus avoiding the primary next-hop routing device.
[edit]protocols {ospf {area 0.0.0.0 {interface so-0/0/0.0 {node-link-protection;}}}}
Публикуван от в
Етикети: ,

Freenode

IRC Freenode is something really useful. It's amazing that people still prefer to use a real-time chat services rather than forums and mailing lists.
Публикуван от в
Етикети:

10/16/2012

JunOS Conditional routing

It's really lovely how straight-forward the JunOS conditional routing is. There is a quick example how to configure it. In the example we are monitoring the IS-IS route 172.27.255.2/32 and if it's in the routing table we will generate 172.27.0.0/16 route. The important bit here is the generate route and the policy which is in the end of the 'generate route' statement.



[edit logical-systems r1 routing-options]
root@m# show
generate {
route 172.27.0.0/16 policy isis-present;
}

policy-statement isis-present {
term 1 {
from {
protocol isis;
level 1;
route-filter 172.27.255.2/32 exact;
}
then accept;
}
term 2 {
then reject;
}
}
Публикуван от в
Етикети:

Juniper IS-IS summary


  1. #####################################################################################################
  2. ## ISIS
  3. #####################################################################################################
  5. # Be sure to set family iso on the interface to be placed into ISIS
  6. set interfaces <interface> family iso
  8. # By default Junos places interfaces as L1/L2
  10. # Default route leaking:
  11.         L1 to L2 - all internal routes
  12.         L2 to L1 - 0/0 route
  14. # L1/L2 will send the attached-bit down to L1 and it will act as a NSSA-like area.  When the L1 interface
  15. # receives the attached-bit it will inject a 0/0 route into the RIB point to the L1/L2 interface.
  16. # To disable the attached bit use:
  17. set protocols isis ignore-attached-bit
  19. # Be careful with the "interface all" command, as it may have some unexpected consequences such as trying
  20. # to establish a neighbor on your fxp0 management interface.  Use explicit interface names.  If you must
  21. # use the "interface all" command, remember that if you also define another explicit interface such as
  22. # "interface ge-0/0/0.0 <options>" that it _doesn't_ inherit the "interface all" options.
  24. # ALWAYS include the interface lo0.0
  26. # L2 backbone must be contiguous.
  28. # Human-readable hostnames via TLV 137.  Good to quickly verify that the router has the proper adjcancies .
  29. show isis hostname
  31. # Set LSP authentication (per area knob)
  32. set protocols isis level <level> authentication-type (simple|md5)
  33. set protocols isis level <level> authentication-key <key>
  35. # Set hello authentication (per interface knob)
  36. set protocols isis interface <interface> hello-authentication-type (simple|md5)
  37. set protocols isis interface <interface> hello-authentication-key <key>
  39. # Set lsp-interval
  40. set interfaces ge-0/0/0.0 lsp-interval <milliseconds>
  42. # L2 to L1 route summarization
  43. ## set aggregate route in routing-options
  44. set routing-options aggregate route 10/8
  45. ## set policy-options - what prefix to match
  46. set policy-options policy-statement isis-export term 1 from protocol aggregate route-filter 10/8 exact
  47. ## set policy-options - what level to go _to_
  48. set policy-options policy-statement isis-export term 1 to level 1
  49. ## set action
  50. set policy-options policy-statement isis-export term 1 then accept
  52. # L1 to L2 route summarization
  53. ## set aggregate route in routing-options
  54. set routing-optiong aggregate route 10/8
  55. ## set policy-options
  56. ### match exact route
  57. set policy-options policy-statement isis-export term 1 from protocol aggregate router-filter 10/8 exact
  58. ## set policy-options - what level to go _to_
  59. set policy-options policy-statement isis-export term 1 to level 2
  60. ## set action
  61. set policy-options policy-statement isis-export term 1 then accept
  62. ### suppress more specific routes (to prevent advertisements of both aggregate and more specific routes)
  63. set policy-options policy-statement isis-export term 2 from protocol isis
  64. set policy-options policy-statement isis-export term 2 from level 1
  65. set policy-options policy-statement isis-export term 2 to level 2
  66. ## set action
  67. set policy-options policy-statement isis-export term 2 then reject
  69. # Verify that a route is internal or external
  70. show route protocol isis <prefix> exact
  71. show isis database <sysid> detail
  73. # When using wide-metrics-only it makes the route internal.  When there is a situtation where the L1 routers
  74. # are wide-metrics-only and are exporting external routes into the L1 area, they will appear as internal
  75. # routes.  Also if there are any L1/L2 routers in the area that exported prefix will be automatically
  76. # redistributed from L1 into L2 because it's showing as an internal route.  If narrow-metrics were used, the
  77. # L1/L2 routers would have to have an export policy to redistributed the prefix from L1 to L2.
  79. # Set DIS priority
  80. set protocols isis interface <interface> level <level> priority <level>
  81. ## Remember that the highest MAC address is the tie-breaker if the priorities are equal
  82. ## view current DIS
  83. show isis interface
Публикуван от в
Етикети: ,
Subscribe to: Posts (Atom)