EDU-JUN-JMV lab on vMX. Part1.
This time I'm going to continue my experiments with Juniper virtualMX I've started in this getting started post
It was written in Russian, but contains enough pictures and CLI issues which describe themselves.
Now I'll cover how to set up Junos MPLS and VPN's labs with vMX. That may be useful for companies with a low education budget as a way to spread knowledge among staff.
Objective
I intend to solve two main tasks. Firstly, I have to deploy an appropriate topology in a virtual environment and accomplish two basic labs: Lab-1 and Lab-6 so as to prepare baseline configurations used in the rest of labs. Secondly, I must see that it works :) thus I will perform Lab-12 LDP based VPLS - my beloved technology.
Physical topology. Almost physical)
Let's take a diagram from site provides Juniper labs for rent and make something similar.
It will take two vMX - vr1 and vr2 for the core network and a couple vMX as two PE routers called mx_-y. P1 and P4 would be default routers but P2,3,5,6 are logical-systems on the same vr's respectively. I use logical-systems because they can support mpls encapsulations. All client`s devices are virtual-instances on PE routers.
Only one problem is numbering of interfaces which don't match with those in the lab-guide. In red colour virbr instances are marked. They connect router's interface with KVM and through it - with another interface. 17 of them are needed and it is important to point mac addresses both in virbr configuration xml file and in interface container on virtual router.
I've downloaded newer image from pan.baidu.com jinstall-vmx-14.1R4.8-domestic.img I still do not understand is it a beta version or it stops working in 30 days. I would appreciate if somebody explained this. This image requires separate VM for forwarding, however we can enable built-in one and save some RAM
A number of important question about making connection to vMX from an external world, configuration backup and access control I will describe in the next post.
The most amazing thing is that it works! We can ping client router from another one and see some vpls statistics.
vr1 router config file
m1A-1 router config file
I'm still not sure that my lab won't turn into a pumpkin in 30 days after trial period expiration. Can all technologies mentioned in Junos MPLS and VPNs training work on the stand that I've deployed?
Only one problem is numbering of interfaces which don't match with those in the lab-guide. In red colour virbr instances are marked. They connect router's interface with KVM and through it - with another interface. 17 of them are needed and it is important to point mac addresses both in virbr configuration xml file and in interface container on virtual router.
Before we start
I've downloaded newer image from pan.baidu.com jinstall-vmx-14.1R4.8-domestic.img I still do not understand is it a beta version or it stops working in 30 days. I would appreciate if somebody explained this. This image requires separate VM for forwarding, however we can enable built-in one and save some RAM
root@% clear
root@% echo 'vm_local_rpio="1"' >> /boot/loader.conf
root@% grep rpio /boot/loader.conf
vm_local_rpio="1"
root@% reboot
There was one incident of losing connection with rpio. Restart chassis-control command helps.A number of important question about making connection to vMX from an external world, configuration backup and access control I will describe in the next post.
Lab 12. LDP VPLS
Configure all mx_-1,2 devices according to the lab-guide with amendments to the other interface numbers. On vr-device we configure basic ip connectivity and mpls\ldp\rsvp protocols and encapsulations. Configurations are presented below.
The most amazing thing is that it works! We can ping client router from another one and see some vpls statistics.
lab@m1A-2> show vpls connections Instance: vpn-1 VPLS-id: 100 Neighbor Type St Time last up # Up trans 192.168.1.1(vpls-id 100) rmt Up Jan 28 19:14:50 2016 1 Remote PE: 192.168.1.1, Negotiated control-word: No Incoming label: 800000, Outgoing label: 800001 Negotiated PW status TLV: No Local interface: vt-0/0/10.1048576, Status: Up, Encapsulation: ETHERNET Description: Intf - vpls vpn-1 neighbor 192.168.1.1 vpls-id 100 Flow Label Transmit: No, Flow Label Receive: No lab@m1A-1> ping 10.0.10.2 routing-instance c-router1-1 count 3 PING 10.0.10.2 (10.0.10.2): 56 data bytes 64 bytes from 10.0.10.2: icmp_seq=0 ttl=64 time=26.595 ms 64 bytes from 10.0.10.2: icmp_seq=1 ttl=64 time=11.398 ms 64 bytes from 10.0.10.2: icmp_seq=2 ttl=64 time=12.120 ms --- 10.0.10.2 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 11.398/16.704/26.595/7.000 ms lab@m1A-1> show vpls statistics VPLS statistics: Instance: vpn-1 Local interface: ge-0/0/4.610, Index: 346 Broadcast packets: 2 Broadcast bytes : 120 Multicast packets: 0 Multicast bytes : 0 Flooded packets : 0 Flooded bytes : 0 Unicast packets : 3 Unicast bytes : 306 Current MAC count: 1 (Limit 1024) Local interface: vt-0/0/10.1048576, Index: 349 Remote PE: 192.168.1.2 Broadcast packets: 1 Broadcast bytes : 60 Multicast packets: 0 Multicast bytes : 0 Flooded packets : 0 Flooded bytes : 0 Unicast packets : 4 Unicast bytes : 366 Current MAC count: 1 lab@m1A-1> show vpls mac-table MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC) Routing instance : vpn-1 Bridging domain : __vpn-1__, VLAN : NA MAC MAC Logical NH RTR address flags interface Index ID 52:54:02:01:00:06 D ge-0/0/4.610 56:54:02:01:00:06 D vt-0/0/10.1048576
vr1 router config file
m1A-1 router config file
Questions
I'm still not sure that my lab won't turn into a pumpkin in 30 days after trial period expiration. Can all technologies mentioned in Junos MPLS and VPNs training work on the stand that I've deployed?
Че родной русский уже забыл :)
ОтветитьУдалитьВыхожу на международный уровень) Ну и Миша же читает, надо соответствовать.
ОтветитьУдалитьPrivet, chto za labi takie?
ОтветитьУдалитьo unetlab slishal? :)
Привет, это лабы из курса JUNOS MPLS and VPN. Я его прошел и решил воспроизвести лабы. С unetlab я работаю, мы его используем в этом проекте http://ccie.linkmeup.ru/
Удалить