Installing the JunosVM for CSD-Topology
The CSD-Topology runs Junos in a virtual machine (JunosVM) that uses routing protocols to communicate with the network and dynamically learn the network topology. To provide real-time updates of the network topology, the JunosVM, which is based on a virtual route reflector (VRR), establishes a BGP-link state (LS) peering session with one or more routers from the existing MPLS TE backbone network.
The VRR feature allows you to implement route reflector capability using a general purpose virtual machine that can be run on a 64-bit Intel-based blade server or appliance. Because a route reflector works in the control plane, it can run in a virtualized environment. A virtual route reflector on an Intel-based blade server or appliance works the same as a route reflector on a router, providing a scalable alternative to full mesh internal BGP peering. For more information regarding VRR, see Understanding Virtual Route Reflector
VRR supports different physical PCI devices such as E1000 and VRRNET3. The procedure in this section is specific to E1000 and VRRNET3 devices.
The JunosVM (VRR) software image is located at https://www.juniper.net/support/downloads/?p=vrr#sw.
The IP address of the JunosVM is configurable in the northstar.cfg file. The name of the property is ntad_host and it defaults to 172.16.16.2. In the sample configuration scenario described in this topic, an IP address is assigned to the Ethernet interface, eth1, of the CSD-Topology VM, and an IP address is assigned to the management Ethernet interface, em0, of the JunosVM.
The configuration discussed in this section assumes that
the JunosVM can be reached at the 172.16.16.2 address. If a different
address is used for the connection between the JunosVM and CSD-Topology
VM, you must update the /opt/csd-topology/data/northstar.cfg file (the property name is ntad_host=172.16.16.2) to point to the
correct address where the JunosVM can be reached.
The interfaces, eth0 and eth2, of the CSD-Topology VM must be connected to the management Ethernet interfaces, em1 and em2, respectively, of the JunosVM or the Hypervisor. The connection between eth0 and em1 is the router-facing link, whereas the connection between eth2 and em2 is the management link.
The procedure for installing the JunosVM for CSD-Topology bundle 5.1 has been validated only for Junos OS Release 18.4R3.
To install VRR with vSphere for E1000 and VRRNET3 adapters and configure the JunosVM (VRR VM) for CSD-Topology, perform these tasks:
Setting Up the Datastore
To upload VRR to the ESXi datastore:
- Download the VRR software package for VMware from the VRR page.
- Launch the vSphere Web Client for your ESXi server and log in to the server.
- Click the Summary tab, select the datastore
under Storage, right-click, and select Browse Datastore.
- In the Datastore Browser, click the Upload button,
select Upload File, and upload the
jinstall64-vrr*.ovafiles for the package contents
Creating VRR VMs
To create a JunosVM or VRR VM:
- In the left navigation pane, select the ESXi server. In
the Getting Started tab, click Create a new virtual machine.
The Create New Virtual Machine wizard appears.
- In the Configuration pane, select the Custom button and click Next.
- In the Name and Location pane, specify the name of the
VM and click Next. For example, CSD-Topology_JunosVM for the JunosVM.
- In the Storage pane, select appropriate datastore (for
example, datastore1) for the destination storage of the
VM and click Next.
- In the Virtual Machine Version pane, select the Virtual
Machine Version: 8 button and click Next.
- In the Guest Operating System pane, select the Other button, select Other (64-bit) from the list, and click Next.
- In the CPUs pane, select 2 for the number of
cores per virtual socket and click Next.
- In the Memory pane, select 2 GB from the Memory
Size list for the VM and click Next.
- In the Network pane, select 3 from the list,
assign the proper vswitch to the E1000 adapters, and click Next.
- In the SCSI Controller pane, select the LSI Logic
SAS button (default option is LSI Logic Parallel) and click Next.
- In the Select a Disk pane, select the Use an existing
virtual disk button and click Next.
- In the Select Existing Disk pane, click Browse to select the appropriate
jinstall64-vmx*file from the datastore and click Next.
- In the Advanced Options pane, click Next to
accept the default options.
- In the Ready to Complete pane, click Finish.
Configuring the JunosVM
To configure the JunosVM:
- Enter the following commands from the Junos OS CLI interface.
Replace the variables with actual values to suit your network needs
set system host-name csd_topology_junosvm set system root-authentication encrypted-password xxxx set system login announcement "This JunOS VM is running in non-persistent mode.\nIf you make any change on this JunOS VM,\nPlease make sure you save to the Host using net_setup.py utility, otherwise the config will be lost if this VM is restarted.\n\n" set system processes routing force-32-bit set interfaces em0 unit 0 family inet address Management IP address on JunosVM set interfaces em2 unit 0 family inet address Management IP address on JunosVM set interfaces lo0 unit 0 family inet filter input protect-re set interfaces lo0 unit 0 family mpls set routing-options static route 0.0.0.0/0 next-hop next-hop-address set routing-options autonomous-system 36000 set protocols topology-export set protocols mpls traffic-engineering database import igp-topology set protocols mpls traffic-engineering database import policy TE set protocols bgp group csdtopology type internal set protocols bgp group csdtopology description "csdtopology BGP-TE Pering" set protocols bgp group csdtopology local-address JunosVM management IP address set protocols bgp group csdtopology family traffic-engineering unicast set protocols bgp group csdtopology allow 0.0.0.0/0 set protocols isis traffic-engineering igp-topology set policy-options prefix-list internal-net csdtopology server IP address set policy-options policy-statement TE term 1 from family traffic-engineering set policy-options policy-statement TE term 1 then accept set policy-options policy-statement TE from family traffic-engineering set policy-options policy-statement TE then accept set firewall interface-set mgmt-intf em0.0 set firewall filter protect-re term mgmt-intf from interface-set mgmt-intf set firewall filter protect-re term mgmt-intf then accept set firewall filter protect-re term internal-net from prefix-list internal-net set firewall filter protect-re term internal-net then accept set firewall filter protect-re term ssh from protocol tcp set firewall filter protect-re term ssh from port ssh set firewall filter protect-re term ssh then accept set firewall filter protect-re term bgp from protocol tcp set firewall filter protect-re term bgp from port bgp set firewall filter protect-re term bgp then accept set firewall filter protect-re term ntp from protocol udp set firewall filter protect-re term ntp from port ntp set firewall filter protect-re term ntp then accept set firewall filter protect-re term ospf from protocol ospf set firewall filter protect-re term ospf then accept set firewall filter protect-re term icmp from protocol icmp set firewall filter protect-re term icmp then accept set firewall filter protect-re term traceroute from protocol udp set firewall filter protect-re term traceroute from port 33200-33600 set firewall filter protect-re term traceroute then accept set firewall filter protect-re term default-discard then syslog set firewall filter protect-re term default-discard then discard
Configuring the CSD-Topology Server with the JunosVM IP Address
To associate the CSD-Topology VM with JunosVM:
- Establish an SSH session with the server running the CSD-Topology software.
- Edit
northstar.cfgfile as follows:modify /opt/csd-topology/data/northstar.cfg ntad_host=Management IP address of the JunosVMwhere
ntad_hostis the name of the topology discovery process running on the JunosVM. In this example, the management IP address of the JunosVM is 172.16.16.2. - Restart the JunosVM services.service csd_topology restart all
Verifying the Connectivity Between the CSD-Topology Server and JunosVM
To verify the connectivity between the CSD-Topology server and JunosVM:
- Establish a session with the server running the CSD-Topology software.
- Run the netstat command to verify that connectivity
is established between the CSD-Topology server and JunosVM.
[root@csd-topo ~]# netstat -an | grep 450 tcp 0 0 172.16.16.1:35178 172.16.16.2:450 ESTABLISHED
Verifying That the CSD-Topology Services Are Running
To verify that the CSD-Topology services are running correctly:
- Access CSD-Topology server VM.
- Run the csd_topology status command.
service csd_topology status infra:cassandra RUNNING pid 1881, uptime 4 days, 21:12:20 infra:ha_agent RUNNING pid 1880, uptime 4 days, 21:12:20 infra:haproxy RUNNING pid 1877, uptime 4 days, 21:12:20 infra:nodejs RUNNING pid 2558, uptime 4 days, 21:10:47 infra:rabbitmq RUNNING pid 1879, uptime 4 days, 21:12:20 infra:zookeeper RUNNING pid 1878, uptime 4 days, 21:12:20 listener1:listener1_00 RUNNING pid 1876, uptime 4 days, 21:12:20 northstar:mladapter RUNNING pid 2707, uptime 4 days, 21:10:04 northstar:npat RUNNING pid 2661, uptime 4 days, 21:10:15 northstar:npat_ro RUNNING pid 2658, uptime 4 days, 21:10:15 northstar:pceserver RUNNING pid 2586, uptime 4 days, 21:10:36 northstar:pcserver RUNNING pid 2620, uptime 4 days, 21:10:25 northstar:toposerver RUNNING pid 2659, uptime 4 days, 21:10:15
Stopping Firewall on theCSD-Topology Server
You can optionally stop firewall services. To stop firewall services on the CSD-Topology server:
- Access CSD-Topology server VM.
- Stop firewall services on the CSD-Topology server.
[root@csd_topo csd_topology_bundle]# service iptables stop
Configuring Peer Routers and Topology Acquisition on the JunosVM
To configure the peer route settings on the JunosVM for BGP peering:
- Configure a policy.[edit policy-options]user@PE1# set policy-statement TE term 1 from family traffic-engineeringuser@PE1# set policy-statement TE term 1 then accept
Configure BGP-link state (LS) distribution on the CSD-Topology for topology acquisition
- Specify the autonomous system (AS) number for the node
(BGP peer).[edit routing-options]user@csd_topology_junosvm# set autonomous-system AS_number
- Specify the BGP group name and type for the node.[edit protocols bgp]user@csd_topology_junosvm# set group group_1 type internal
- Specify a description for the BGP group for the node.[edit protocols bgp group group_1]user@csd_topology_junosvm# set description “CSD-Topology BGP-TE Peering”
- Specify the address of the local end of a BGP session.
This is the IP address for the JunosVM external IP address which is used to accept incoming connections to the JunosVM peer and to establish connections to the remote peer.
[edit protocols bgp group group_1]user@csd_topology_junosvm# set local-address <junosVM IP address> - Enable the traffic engineering features for the BGP routing
protocol.[edit protocols bgp group group_1]user@csd_topology_junosvm# set family traffic-engineering unicast
- Specify the IP address for the neighbor router that connects
with the CSD-Topology.[edit protocols bgp group group_1]user@csd_topology_junosvm# set neighbor <router loopback IP address>
Note You can specify the router loopback address if it is reachable by the BGP peer on the other end. But for loopback to be reachable, usually some IGP has to be enabled between the CSD-Topology JunosVM and the peer on the other end.
- Specify the autonomous system (AS) number for the node
(BGP peer).
- Import the routes into the traffic-engineering database.[edit protocols mpls traffic-engineering database]user@PE1# set import policy TE
- Configure a BGP group by specifying the IP address of
the router that peers with the CSD-Topology as the local address (typically
the loopback address) and the JunosVM external IP address as the neighbor.[edit routing-options]user@PE1# set autonomous-system AS Number[edit protocols bgp group csd-topology]user@PE1# set type internaluser@PE1# set description “CSD-Topology BGP-TE Peering”user@PE1# set local-address <router-IP-address>user@PE1# set family traffic-engineering unicastuser@PE1# set export TEuser@PE1# set neighbor <JunosVM IP-address>
Specifying the Topology Details in the Connectivity Services Director GUI
To specify the topology preferences on the Connectivity Services Director server:
- From the Junos Space user interface, click the System icon on the Connectivity Services Director banner.
The options that you can configure in System mode are displayed in a drop-down menu.
- Select Preferences from the drop-down menu
to open the Preferences page.
The Preferences page opens with User Preferences as the default tab.
- Click the Topology tab to configure the CSD-Topology
preference settings.
The settings that you can configure on the Topology tab are displayed.
- In the L3 Topology Settings section, do the following:
- Select the Use PCEP check box to use the Path
Computation Element Protocol (PCEP) for discovery of LSPs. PCEP enables
communication between a PCC and the CSD-Topology to learn about the
network and LSP path state and communicate with the Path Computation
Clients (PCCs). If you select the Use PCEP check box, the
LSP data is collected by using PCEP.
By default, this check box is not selected. If you do not enable this option to use PCEP for discovery of LSPs, Connectivity Services Director discovers the LSPs by parsing the configuration statements and operational command outputs of the devices that it manages.
- In the Topology Server field, specify the topology server IP address, which is the IP address of the system on which the CSD-Topology application is running.
- In the UserName and Password fields, specify the username and password of the user to allow the Connectivity Services Director to connect to the topology server.
- Click Validate beside the Password field, which triggers a task to examine and verify the entered credentials for connecting to the CSD-Topology server. A dialog box is displayed to indicate whether the specified credentials are valid or not.
- Click OK to close the dialog box. If the login credentials for communicating with the CSD-Topology are invalid, correct the username and password values and revalidate them.
- Select the Use PCEP check box to use the Path
Computation Element Protocol (PCEP) for discovery of LSPs. PCEP enables
communication between a PCC and the CSD-Topology to learn about the
network and LSP path state and communicate with the Path Computation
Clients (PCCs). If you select the Use PCEP check box, the
LSP data is collected by using PCEP.
- Click OK to save the settings.
You are prompted to confirm the changes you made to topology preferences.
- Click Yes to confirm.
The Preferences page is closed. A dialog box is displayed to confirm the successful saving of topology preferences. Click OK to close the dialog box.