Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Virtual Routing Instances

 

Understanding Virtual Routing Instances on EX Series Switches

Virtual routing instances allow administrators to divide a Juniper Networks EX Series Ethernet Switch into multiple independent virtual routers, each with its own routing table. Splitting a device into many virtual routing instances isolates traffic traveling across the network without requiring multiple devices to segment the network.

You can use virtual routing instances to isolate customer traffic on your network and to bind customer-specific instances to customer-owned interfaces.

Virtual routing and forwarding (VRF) is often used in conjunction with Layer 3 subinterfaces, allowing traffic on a single physical interface to be differentiated and associated with multiple virtual routers. Each logical Layer 3 subinterface can belong to only one routing instance.

EX Series switches support IPv4 and IPv6 unicast and multicast VRF traffic. See Feature Explorer for details on VRF support by switch per Junos OS release.

Configuring Virtual Routing Instances on EX Series Switches

Use virtual routing and forwarding (VRF) to divide an EX Series switch into multiple virtual routing instances. VRF allows you to isolate traffic traversing the network without using multiple devices to segment your network. VRF is supported on all Layer 3 interfaces.

Before you begin, make sure to set up your VLANs. See Configuring VLANs for EX Series Switches, Configuring VLANs for EX Series Switches with ELS Support (CLI Procedure), or Configuring VLANs for EX Series Switches (J-Web Procedure).

To configure virtual routing instances:

  1. Create a routing instance:
    [edit routing-instances]user@switch# set routing-instance-name instance-type virtual-router
    Note

    EX Series switches only support the virtual-router instance type.

  2. Bind each routing instance to the corresponding physical interfaces:
    [edit routing-instances]user@switch# set routing-instance-name interface interface-name.logical-unit-number
  3. Create the logical interfaces that are bound to the routing instance.
    • To create a logical interface with an IPv4 address:

      [edit interfaces]user@switch# set interface-name unit logical-unit-number family inet address ip-address
    • To create a logical interface with an IPv6 address:

      [edit interfaces]user@switch# set interface-name unit logical-unit-number family inet6 address ipv6–address
    Note

    Do not create a logical interface using the family ethernet-switching option in this step. Binding an interface using the family ethernet-switching option to a routing instance can cause the interface to shutdown.

  4. Enable VLAN tagging on each physical interface that was bound to the routing instance:
    [edit interfaces]user@switch# set interface-name vlan-tagging

Example: Using Virtual Routing Instances to Route Among VLANs on EX Series Switches

Virtual routing instances allow each EX Series switch to have multiple routing tables on a device. With virtual routing instances, you can segment your network to isolate traffic without setting up additional devices.

This example describes how to create virtual routing instances:

Requirements

This example uses the following hardware and software components:

  • One EX Series switch

  • Junos OS Release 9.2 or later for EX Series switches

Before you create the virtual routing instances, make sure you have:

Overview and Topology

In a large office, you may need multiple VLANs to properly manage your traffic. This configuration example shows a simple topology wherein a LAN is segmented into two VLANs, each of which is associated with an interface and a virtual routing instance, on the EX Series switch. This example also shows how to use policy statements to import routes from one of the virtual routing instances to the other.

Configuration

CLI Quick Configuration

To quickly create and configure virtual routing instances, copy the following commands and paste them into the switch terminal window:

[edit]
set interfaces ge-0/0/3 vlan-tagging
set interfaces ge-0/0/3 unit 0 vlan-id 1030 family inet address 10.1.1.1/24
set interfaces ge-0/0/3 unit 1 vlan-id 1031 family inet address 10.1.1.1/24
set interfaces ge-0/0/1 unit 0 family inet address 10.11.1.1/24
set interfaces ge-0/0/2 unit 0 family inet address 10.12.1.1/24
set routing-instances r1 instance-type virtual-router
set routing-instances r1 interface ge-0/0/1.0
set routing-instances r1 interface ge-0/0/3.0
set routing-instances r1 routing-options instance-import import-from-r2
set routing-instances r2 instance-type virtual-router
set routing-instances r2 interface ge-0/0/2.0
set routing-instances r2 interface ge-0/0/3.1
set routing-instances r2 routing-options instance-import import-from-r1
set policy-options policy-statement import-from-r1 term 1 from instance r1
set policy-options policy-statement import-from-r1 term 1 then accept
set policy-options policy-statement import-from-r2 term 1 from instance r2
set policy-options policy-statement import-from-r2 term 1 then accept

Step-by-Step Procedure

To configure virtual routing instances:

  1. Create a VLAN-tagged interface:
    [edit]user@switch# set interfaces ge-0/0/3 vlan-tagging
  2. Create one or more subinterfaces on the interfaces to be included in each routing instance:
    [edit]user@switch# set interfaces ge-0/0/3 unit 0 vlan-id 1030 family inet address 10.1.1.1/24
    user@switch# set interfaces ge-0/0/3 unit 1 vlan-id 1031 family inet address 10.1.1.1/24
    user@switch# set interfaces ge-0/0/1 unit 0 family inet address 10.11.1.1/24
    user@switch# set interfaces ge-0/0/2 unit 0 family inet address 10.12.1.1/24
  3. Create two virtual routing instances:
    [edit]user@switch# set routing-instances r1 instance-type virtual-router
    user@switch# set routing-instances r2 instance-type virtual-router
  4. Set the interfaces for the virtual routing instances:
    [edit]user@switch# set routing-instances r1 interface ge-0/0/1.0
    user@switch# set routing-instances r1 interface ge-0/0/3.0
    user@switch# set routing-instances r2 interface ge-0/0/2.0
    user@switch# set routing-instances r2 interface ge-0/0/3.1
  5. Apply a policy to routes being imported into each of the virtual routing instances:
    [edit]user@switch# set routing-instances r1 routing-options instance-import import-from-r2
    user@switch# set routing-instances r2 routing-options instance-import import-from-r1
  6. Create a policy that imports routes from routing instances r1 to r2 and another policy that imports routes from routing instances r2 to r1:
    [edit]user@switch# set policy-options policy-statement import-from-r1 term 1 from instance r1
    user@switch# set policy-options policy-statement import-from-r1 term 1 then accept
    user@switch# set policy-options policy-statement import-from-r2 term 1 from instance r2
    user@switch# set policy-options policy-statement import-from-r2 term 1 then accept

Results

Check the results of the configuration:

user@switch> show configuration

Verification

To confirm that the configuration is working properly, perform these tasks:

Verifying That the Routing Instances Were Created

Purpose

Verify that the virtual routing instances were properly created on the switch.

Action

Use the show route instance command:

user@switch> show route instance

Meaning

Each routing instance created is displayed, along with its type, information about whether it is active or not, and its primary routing table.

Verifying That Virtual Routing Instances Are Working on EX Series Switches

Purpose

After creating a virtual routing instance, make sure it is set up properly.

Action

  1. Use the show route instance command to list all of the routing instances and their properties:
    user@switch> show route instance
  2. Use the show route forwarding-table command to view the forwarding table information for each routing instance:

Meaning

The output confirms that the virtual routing instances are created and the links are up and displays the routing table information.