Junos¢® OS Layer 2 VPNs and VPLS User Guide for ... ConfiguringClassofServiceforVPNs|125 VPNsandClassofService|125

  • View
    18

  • Download
    0

Embed Size (px)

Text of Junos¢® OS Layer 2 VPNs and VPLS User Guide for ... ConfiguringClassofServiceforVPNs|125...

  • Junos® OS

    Layer 2 VPNs and VPLS User Guide for Routing Devices

    Published

    2019-12-10

  • Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net

    Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners.

    Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

    Junos® OS Layer 2 VPNs and VPLS User Guide for Routing Devices 19.4R1 Copyright © 2019 Juniper Networks, Inc. All rights reserved.

    The information in this document is current as of the date on the title page.

    YEAR 2000 NOTICE

    Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

    END USER LICENSE AGREEMENT

    The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the EndUser License Agreement (“EULA”) posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you agree to the terms and conditions of that EULA.

    ii

    https://support.juniper.net/support/eula/

  • Table of Contents

    About the Documentation | xxix

    Documentation and Release Notes | xxix

    Using the Examples in This Manual | xxix

    Merging a Full Example | xxx

    Merging a Snippet | xxxi

    Documentation Conventions | xxxi

    Documentation Feedback | xxxiv

    Requesting Technical Support | xxxiv

    Self-Help Online Tools and Resources | xxxv

    Creating a Service Request with JTAC | xxxv

    Common Configuration for All VPNs1 VPNs Overview | 3

    VPLS | 3

    Types of VPNs | 3

    Layer 2 VPNs | 4

    Layer 3 VPNs | 5

    VPLS | 5

    Virtual-Router Routing Instances | 6

    VPNs and Logical Systems | 7

    Layer 2 VPNs | 7

    Routers in a VPN | 8

    Assigning Routing Instances to VPNs | 9

    Configuring Routing Instances on PE Routers in VPNs | 9

    Configuring the Routing Instance Name for a VPN | 10

    Configuring the Description | 10

    Configuring the Instance Type | 11

    Configuring Interfaces for VPN Routing | 12

    General Configuration for VPN Routing | 12

    Configuring Interfaces for Layer 3 VPNs | 13

    iii

  • Configuring Interfaces for Carrier-of-Carriers VPNs | 13

    Configuring Unicast RPF on VPN Interfaces | 13

    Configuring the Route Distinguisher | 14

    Configuring Automatic Route Distinguishers | 14

    Configuring Virtual-Router Routing Instances in VPNs | 15

    Configuring a Routing Protocol Between the Service Provider Routers | 16

    Configuring Logical Interfaces Between Participating Routers | 16

    Configuring Path MTU Checks for VPN Routing Instances | 17

    Enabling Path MTU Checks for a VPN Routing Instance | 18

    Assigning an IP Address to the VPN Routing Instance | 18

    Distributing Routes in VPNs | 19

    Enabling Routing Information Exchange for VPNs | 19

    Configuring IBGP Sessions Between PE Routers in VPNs | 19

    Configuring Aggregate Labels for VPNs | 21

    Configuring a Signaling Protocol and LSPs for VPNs | 22

    Using LDP for VPN Signaling | 23

    Using RSVP for VPN Signaling | 24

    Configuring Policies for the VRF Table on PE Routers in VPNs | 27

    Configuring the Route Target | 27

    Configuring the Route Origin | 28

    Configuring an Import Policy for the PE Router’s VRF Table | 29

    Configuring an Export Policy for the PE Router’s VRF Table | 31

    Applying Both the VRF Export and the BGP Export Policies | 32

    Configuring a VRF Target | 33

    Configuring the Route Origin for VPNs | 34

    Configuring the Site of Origin Community on CE Router A | 35

    Configuring the Community on CE Router A | 36

    Applying the Policy Statement on CE Router A | 36

    Configuring the Policy on PE Router D | 37

    Configuring the Community on PE Router D | 37

    Applying the Policy on PE Router D | 38

    iv

  • Distributing VPN Routes with Target Filtering | 41

    Configuring BGP Route Target Filtering for VPNs | 41

    BGP Route Target Filtering Overview | 42

    Configuring BGP Route Target Filtering for VPNs | 42

    Example: BGP Route Target Filtering for VPNs | 43

    Example: Configuring BGP Route Target Filtering for VPNs | 46

    Configure BGP Route Target Filtering on Router PE1 | 46

    Configure BGP Route Target Filtering on Router PE2 | 49

    Configure BGP Route Target Filtering on the Route Reflector | 52

    Configure BGP Route Target Filtering on Router PE3 | 54

    Configuring Static Route Target Filtering for VPNs | 57

    Understanding Proxy BGP Route Target Filtering for VPNs | 57

    Example: Configuring Proxy BGP Route Target Filtering for VPNs | 58

    Example: Configuring an Export Policy for BGP Route Target Filtering for VPNs | 79

    Reducing Network Resource Use with Static Route Target Filtering for VPNs | 101

    Configuring Forwarding Options for VPNs | 103

    Chained Composite Next Hops for VPNs and Layer 2 Circuits | 103

    Benefits of chained composite next hops | 104

    Example: Configuring Chained Composite Next Hops for Direct PE-PE Connections in VPNs | 104

    Configuring Graceful Restart for VPNs | 113

    VPN Graceful Restart | 113

    Benefit of a VPN graceful restart | 114

    Configuring Graceful Restart for VPNs | 114

    Enabling Unicast Reverse-Path Forwarding Check for VPNs | 117

    Understanding and Preventing Unknown Unicast Forwarding | 117

    Verifying That Unknown Unicast Packets Are Forwarded to a Single Interface | 118

    Configuring Unknown Unicast Forwarding (ELS) | 119

    Configuring Unknown Unicast Forwarding on EX4300 Switches | 119

    Configuring Unknown Unicast Forwarding on EX9200 Switches | 120

    Verifying That Unknown Unicast Packets Are Forwarded to a Trunk Interface | 122

    Configuring Unknown Unicast Forwarding (CLI Procedure) | 123

    v

  • Configuring Class of Service for VPNs | 125

    VPNs and Class of Service | 125

    Rewriting Class of Service Markers and VPNs | 125

    Pinging VPNs | 127

    Pinging VPNs, VPLS, and Layer 2 Circuits | 127

    Setting the Forwarding Class of the Ping Packets | 128

    Pinging a VPLS Routing Instance | 128

    Pinging a Layer 2 VPN | 129

    Pinging a Layer 3 VPN | 129

    Pinging a Layer 2 Circuit | 130

    Pinging Customer Edge Device IP Address | 130

    VPLS or EVPN Use Case | 130

    H-VPLS Use Case | 132

    Supported and Unsupported Features for CE-IP Ping | 134

    Common Configuration for Layer 2 VPNs and VPLS2 Overview | 139

    Understanding Layer 2 VPNs | 139

    Layer 2 VPN Applications | 140

    Supported Layer 2 VPN Standards | 141

    Layer 2 VPNs Configuration Overview | 143

    Introduction to Configuring Layer 2 VPNs | 143

    Configuring the Local Site on PE Routers in Layer 2 VPNs | 145

    Configuring a Layer 2 VPN Routing Instance | 145

    Configuring the Site | 146

    Configuring the Remote Site ID | 147

    Configuring the Encapsulation Type | 148

    Configuring a Site Preference and Layer 2 VPN Multihoming | 149

    vi

  • Tracing Layer 2 VPN Traffic and Operations | 150

    Disabling Normal TTL Decrementing for VPNs | 151

    Layer 2 VPN Configuration Example | 151

    Simple Full-Mesh Layer 2 VPN Overview | 152

    Enabling an IGP on the PE Routers | 152

    Configuring MPLS LSP Tunnels Between the PE Routers | 153

    Configuring IBGP on the PE Routers | 154

    Configuring Routing Instances for Layer 2 VPNs on the PE Routers | 156

    Configuring CCC Encapsulation on the Interfaces | 159

    Configuring VPN Policy on the PE Routers | 160

    Layer 2 VPN Configuration Summarized by Router | 163

    Summary for Router A (PE Router for Sunnyvale) | 164

    Summary for Router B (PE Router for Austin) | 167

    Summary for Router C (PE Router for Portland) | 171

    Example: Configuring MPLS-Based Layer 2 VPNs | 174

    Transmitting Nonstandard BPDUs in Layer 2 VPNs and VPLS | 192

    Configuring Layer 2 Interfaces | 195

    Configuring CCC Encapsulation for Layer 2 VPNs | 195

    Configuring TCC Encapsulation for Layer 2 VPNs and Layer 2 Circuits | 196

    Configuring the MTU for Layer 2 Interfaces | 198

    Disabling the Control Word for Layer 2 VPNs | 199

    Configuring Path Selection for Layer 2 VPNs and VPLS | 201

    Understanding BGP Path Selection | 201

    Routing Table Path Selection | 203

    BGP Table path selection | 205

    Effects of Advertising Multiple Paths to a Destination | 206

    Enabling BGP Path Selection for Layer 2 VPNs and VPLS | 207

    vii

  • Creating Backup Connections with Redundant Pseudowires | 211

    Redundant Pseudowires for Layer 2 Circuits and VPLS | 211

    Types of Redundant Pseudowire Configuratio