IN THIS PAGE
Example 1: Connecting a Static Customer – Internet Only (Customer A)
Example 2: Connecting a Static Customer – Internet2 Only (Customer B)
Example 3: Connecting a Static Customer – Access to All Three Networks (Customer C)
Example 4: BGP Customer – Creating a Single Peering Session (Customer D)
Example 5: BGP Customer – Creating Multiple Peering Sessions (Customer E)
Example: Configuring Virtual Routers for Educational Networks
This example provides details on configuring virtual router routing instances for network peering using SRX Series or J Series devices as implemented by a network user (Educational Network, in this document called “New University”) connected to multiple other networks to exchange traffic.
See Using Virtual Routers to Provide Customer Peering for overview information.
This topic includes the following sections:
Requirements
This example uses the following three devices:
J2350 Services Router as the New University peering device
EX3200 Ethernet Switch as the service provider network
SRX210 Services Gateway as the customer device
This configuration example has been tested using the software release listed and is assumed to work on all later releases.
Network Topology
In this example, New University is connected to multiple other networks to exchange traffic through peering. The example shows a few customer solutions to explain various ways to accommodate statically attached customers of New University and discusses various methods of connecting to customers’ devices/networks using BGP.
Figure 1 shows the relationship of the virtual router routing instances for customer connectivity. This example explores each of the connectivity models in subsequent sections.
Example 1: Connecting a Static Customer – Internet Only (Customer A)
New University provides the customer connectivity by advertising the customer’s IP address to upstream providers. The users must configure their Internet-facing device to have a default route pointing to New University.
In the example topology, the user (Customer A) network is requesting a simple connection from New University using static rules.
Figure 2 shows the topology of the static customer connectivity.
This topic includes the following sections:
Configuring the New University Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the New University device:
- Create a virtual router routing instance (static-cust-inet). user@host# set routing-instances static-cust-inet instance-type virtual-router
- Assign the ge-0/0/0.60 interface to the virtual
router routing instance.user@host# set routing-instances static-cust-inet interface ge-0/0/0.60
- Create the static-cust-inet-interfaces RIB
group for the interfaces.user@host# set routing-instances static-cust-inet routing-options interface-routes rib-group inet static-cust-inet-interfaces
The static-cust-inet-interfaces RIB group places the Customer A interfaces into both the static-cust-inet virtual router routing instance and the internet virtual router routing instance. Looking at the route for 10.0.4.0/30, which is the link between the New University router and the customer network router, you can see that the interface route is now in the routing tables of both virtual routers.
This is important to maintain reachability for Internet traffic (BGP requires valid next-hops for a route to be active and advertised).
- Create the static-cust-inet RIB group for the
static routes.user@host# set routing-instances static-cust-inet routing-options static rib-group inet static-cust-inet
The RIB group configuration shares the Customer A networks between the static-cust-inet virtual router routing instance and the internet virtual router routing instance. These static routes are now available for the internet virtual router routing instance to advertise to its upstream providers. To ensure that only New University prefixes are shared upstream, the addition of a BGP community (cust-routes) is added to the static routes for later use by the export policy on the Internet peering session. The customer’s IP address block is 192.168.30/24.
- Configure the static routes to be installed in the routing
table by specifying the destination of the generated route, and also
the next-hop destination (table).user@host# set routing-instances static-cust-inet routing-options static route 0.0.0.0/0 next-table internet.inet.0
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(IP address).user@host# set routing-instances static-cust-all-feeds routing-options static route 192.168.30.0/24 next-hop 10.0.4.1
- Use the run show route route-ip-address command to display the details for the 10.0.4.0/30 route, which is the link between the New University router and the
customer network router.
user@J2350-2-R2# run show route 10.0.4.0/30internet.inet.0: 40 destinations, 63 routes (40 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both 10.0.4.0/30 *[Direct/0] 05:05:59 > via ge-0/0/0.60 10.0.4.2/32 *[Local/0] 04:06:47 Local via ge-0/0/0.60 static-cust-inet.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.0.4.0/30 *[Direct/0] 3d 00:26:15 > via ge-0/0/0.60 10.0.4.2/32 *[Local/0] 3d 00:26:15 Local via ge-0/0/0.60
- Use the run show route route-ip-address command to display the details for route 192.168.30/24.
user@J2350-2-R2# run show route 192.168.30/24internet.inet.0: 40 destinations, 63 routes (40 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both 192.168.30.0/24 *[Static/5] 04:16:03 > to 10.0.4.1 via ge-0/0/0.60 static-cust-inet.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.30.0/24 *[Static/5] 04:16:03 > to 10.0.4.1 via ge-0/0/0.60
Results
Use the show routing-instances routing-instance-name command to display the sample configuration of the New University virtual router routing instances.
user@J2350-2-R2> show routing-instances static-cust-inetUse the show routing-options command to display a sample configuration of the RIB groups.
user@J2350-2-R2> show routing-optionsUse the show policy-options policy-statement policy-name command to display a sample configuration of the RIB groups policy. To allow only interfaces to be copied from inet.0, the RIB groups policy is created and applied to the RIB groups.
user@J2350-2-R2> show policy-options policy-statement
non-bgp-cust-ribgroup-policyConfiguring the Customer Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the customer device:
- Create a virtual router routing instance (cust-a). user@host# set routing-instances cust-a instance-type virtual-router
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(IP address).user@host# set routing-instances cust-d routing-options static route 0.0.0.0/0 next-hop 10.0.4.2
- Use the run show route route-ip-address command to display the Customer A network details from the
ISP routing table.
user@EX-3200-1# run show route 192.168.30/24C1.inet.0: 38 destinations, 70 routes (38 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.30.0/24 *[BGP/170] 3d 01:43:32, localpref 100 AS path: 65000 I > to 172.16.0.5 via vlan.230 [BGP/170] 3d 01:43:32, localpref 100 AS path: 65020 65000 I > to 8.8.8.2 via ge-0/0/14.800 C2.inet.0: 47 destinations, 79 routes (47 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.30.0/24 *[BGP/170] 3d 01:43:32, localpref 100 AS path: 65000 I > to 172.16.0.25 via vlan.270 [BGP/170] 3d 01:43:32, localpref 100 AS path: 65010 65000 I > to 8.8.8.1 via ge-0/0/15.801
Results
Use the run show routing-options command to display the sample configuration of the customer device’s RIB groups.
user@SRX210-A-R3# run show routing-optionsExample 2: Connecting a Static Customer – Internet2 Only (Customer B)
In this example, the user (Customer B) network is requesting a simple connection from New University along with access to specialized networks such as Internet2 (I2). In this scenario, the customers’ connection to New University is placed in the static-cust-i2 virtual router routing instances, and routing constraints are limited to the virtual router connectivity model.
Figure 3 shows the topology of the static customer connectivity.
This topic includes the following section:
Configuring the New University Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the New University device:
- Create a virtual router routing instance (static-cust-i2). user@host# set routing-instances static-cust-i2 instance-type virtual-router
- Assign the ge-0/0/0.20 interface to the virtual
router routing instance. user@host# set routing-instances static-cust-all-feeds interface ge-0/0/0.20
- Create the static-cust-i2-interfaces RIB group
for the interfaces.user@host# set routing-instances static-cust-all-feeds routing-options interface-routes rib-group inet static-cust-i2-interfaces
The RIB group static-cust-i2-interfaces places the Customer B interfaces into both the static-cust-i2 and internet2 virtual router routing instances. The route 10.0.4.8/30 is the link between the New University router and the customer network routers, and it is available in the routing tables of both virtual routers. This is important to maintain reachability for Internet traffic (BGP requires valid next-hops for a route to be active and advertised).
- Create the static-cust-i2 RIB group for the
static routes.user@host# set routing-instances static-cust-all-feeds routing-options static rib-group inet static-cust-i2
The RIB group static-cust-i2 shares the Customer B network routes between the static-cust- inet virtual router routing instance and the internet virtual router routing instance. These static routes are now available for the internet virtual router to advertise to its upstream providers. To ensure that only New University prefixes are shared upstream, the addition of a BGP community (cust-routes) is added to the static routes for use by the export policy on the Internet peering session. The customer’s IP address block is 192.168.40/24.
- Create an import policy for the instance RIB.user@host# set routing-instances static-cust-all-feeds routing-options instance-import i2-nlr-bgp-instance-import
- Configure the static routes to be installed in the routing
table by specifying the destination of the generated route and an
option to reach the next-hop to another table.user@host# set routing-instances static-cust-all-feeds routing-options static route 0.0.0.0/0 next-table i2.inet.0
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(IP address).user@host# set routing-instances static-cust-all-feeds routing-options static route 192.168.40.0/24 next-hop 10.0.4.9
- Use the run show route route-ip-address command to display the details for route 10.0.4.8/30, which is the link between the New University router and the customer
network router.
user@J2350-2-R2# run show route 10.0.4.8/30i2.inet.0: 23 destinations, 29 routes (23 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.0.4.8/30 *[Direct/0] 05:30:07 > via ge-0/0/0.20 10.0.4.10/32 *[Local/0] 04:30:55 Local via ge-0/0/0.20 static-cust-i2.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.0.4.8/30 *[Direct/0] 3d 00:50:23 > via ge-0/0/0.20 10.0.4.10/32 *[Local/0] 3d 00:50:23 Local via ge-0/0/0.20
- Use the run show route route-ip-address command to display the details for the New University routing
table.
user@J2350-2-R2# run show route 192.168.40.0/24i2.inet.0: 23 destinations, 29 routes (23 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.40.0/24 *[Static/5] 04:31:31 > to 10.0.4.9 via ge-0/0/0.20 static-cust-i2.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.40.0/24 *[Static/5] 04:31:31 > to 10.0.4.9 via ge-0/0/0.20
- Use the run show route route-ip-address command to display the Customer B network details from the
ISP routing table.
user@EX-3200-1# run show route 192.168.40/24T1.inet.0: 22 destinations, 39 routes (22 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.40.0/24 *[BGP/170] 3d 00:53:37, localpref 100 AS path: 65000 I > to 172.16.0.13 via vlan.210 [BGP/170] 3d 00:40:18, localpref 100, from 130.130.2.2 AS path: 65000 I > to 172.16.0.13 via vlan.210 T2.inet.0: 23 destinations, 40 routes (23 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.40.0/24 *[BGP/170] 3d 00:40:18, localpref 100 AS path: 65000 I > to 172.16.0.17 via vlan.280 [BGP/170] 3d 00:53:37, localpref 100, from 130.130.1.1 AS path: 65000 I > to 172.16.0.17 via vlan.280
Results
Use the show routing-instances routing-instance-name command to display the sample configuration of New University virtual router routing instances.
user@J2350-2-R2> show routing-instances static-cust-i2Use the show routing-options command to display the configuration of the RIB groups.
user@J2350-2-R2> show routing-optionsUse the show policy-options policy-statement policy-name command to display the configuration of the RIB groups policy.
user@J2350-2-R2> show policy-options policy-statement
non-bgp-custribgroup-policyExample 3: Connecting a Static Customer – Access to All Three Networks (Customer C)
In this example, the user (Customer C) network is requesting multiple connections simultaneously from New University. The user is depending on New University to provide the best route to each destination based on New University routing policies.
Figure 4 shows the topology of the static customer connectivity.
In this example, a static route to the internet.inet.0 table is maintained, but additional prefixes are imported in the virtual router’s routing table from i2.inet.0 and nlr.inet.0. This configuration reduces the size of the routing table, and the route is preferred for the specialized networks to the traditional Internet.
This topic includes the following section:
Configuring the New University Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the New University device:
- Create a virtual router routing instance (static-cust-all-feeds). user@host# set routing-instances static-cust-all-feeds instance-type virtual-router
- Assign the ge-0/0/0.10 interface to the virtual
router routing instance. user@host# set routing-instances static-cust-all-feeds interface ge-0/0/0.10
- Create the static-cust-all-feeds-interfaces RIB group for the interfaces.user@host# set routing-instances static-cust-all-feeds routing-options interface-routes rib-group inet static-cust-all-feeds-interfaces
- Create the static-cust-all-feeds RIB group
for the static routes.user@host# set routing-instances static-cust-all-feeds routing-options static rib-group inet static-cust-all-feeds
- Create an import policy for the instance RIB.user@host# set routing-instances static-cust-all-feeds routing-options instance-import i2-nlr-bgp-instance-import
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(table).user@host# set routing-instances static-cust-all-feeds routing-options static route 0.0.0.0/0 next-table internet.inet.0
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(IP address).user@host# set routing-instances static-cust-all-feeds routing-options static route 192.168.50.0 next-hop 10.0.4.13
- Use the run show route table route-table-name command to display the details for the routing table.
user@J2350-2-R2# run show route table static-cust-all-feedsstatic-cust-all-feeds.inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 05:01:00 to table internet.inet.0 10.0.4.12/30 *[Direct/0] 3d 01:20:28 > via ge-0/0/0.10 10.0.4.14/32 *[Local/0] 3d 01:20:28 Local via ge-0/0/0.10 10.10.1.0/24 *[BGP/170] 3d 01:20:28, localpref 110, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 10.10.2.0/24 *[BGP/170] 3d 01:20:28, localpref 110, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 10.10.3.0/24 *[BGP/170] 3d 01:20:28, localpref 110, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 10.10.4.0/24 *[BGP/170] 3d 01:20:28, localpref 110 AS path: 65222 I > to 172.16.0.14 via ge-0/0/0.210 to 172.16.0.18 via ge-0/0/0.280 10.10.5.0/24 *[BGP/170] 3d 01:20:28, localpref 110, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 10.10.11.0/24 *[BGP/170] 05:07:15, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.12.0/24 *[BGP/170] 05:07:15, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.13.0/24 *[BGP/170] 05:07:15, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.14.0/24 *[BGP/170] 05:07:15, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 120.120.0.0/16 *[BGP/170] 05:07:15, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 130.130.0.0/16 *[BGP/170] 3d 01:20:28, localpref 110, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 192.168.50.0/24 *[Static/5] 05:01:00 > to 10.0.4.13 via ge-0/0/0.10
Results
Use the show routing-instances routing-instance-name command to display the sample configuration of New University virtual router routing instances.
user@J2350-2-R2> show routing-instances static-cust-all-feedsUse the show policy-options policy-statement policy-name command to display a sample configuration of the RIB groups policy.
user@J2350-2-R2> show policy-options policy-statement
i2-nlr-bgp-instanceimportWhen you configure the policy, consider the following:
Configure the policy statement to define matching criteria and the actions to be taken for traffic that matches the criteria. The use of the BGP community ensures that only those routes learned from upstream peers, and not other New University peers, are accepted into the static-cust-all-feeds routing table.
Import the i2.inet.0 and the nlr.inet.0 routes into the static-cust-all-feeds virtual router routing instances, and configure this policy under the instance-import option of the default routing instance.
Only the specific prefixes for the I2 and NLR networks are populated in the routing table. For all other destinations, the default route points to the internet.inet.0 virtual router routing table.
Example 4: BGP Customer – Creating a Single Peering Session (Customer D)
In this example, the user (Customer D) network is requesting multiple connections simultaneously from New University and to configure some of the routing-related options themselves.
Figure 5 shows the topology of the static customer connectivity.
In this configuration, a single BGP peering session is provided to the customer where the customer can configure part of it. However, configurations related to route preference and control over active prefixes for the customer connection are controlled and maintained by New University.
This topic includes the following sections:
Configuring the New University Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the New University device:
- Create a virtual router routing instance (bgp-customer). user@host# set routing-instances bgp-customer instance-type virtual-router
- Assign the ge-0/0/0.30 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.30
- Create the bgp-customer-rg-interfaces RIB group
for the interfaces.user@host# set routing-instances bgp-customer routing-options interface-routes rib-group inet bgp-customer-rg-interfaces
- Create the bgp-customers-rg RIB group for the
static routes.user@host# set routing-instances bgp-customer routing-options static rib-group inet bgp-customers-rg
- Create an import policy for the instance RIB.user@host# set routing-instances bgp-customer routing-options instance-import bgp-cust-instance-import
- Configure the family type to be unicast. user@host# set routing-instances bgp-customer protocols bgp family inet unicast rib-group bgp-customers-rg
This configuration is required to enable the BGP peers to carry the unicast routes that are being used for unicast forwarding purposes.
- Set the BGP group customer type to external.user@host# set routing-instances bgp-customer protocols bgp group customer type external
- Configure a BGP neighbor (peer). user@host# set routing-instances bgp-customer protocols bgp group customer neighbor 10.0.4.5 peer-as 65100
- Configure the cust-d-export BGP group export
policy.user@host# set routing-instances bgp-customer protocols bgp group customer neighbor 10.0.4.5 export cust-d-export
Results
Use the show routing-instances routing-instance-name command to display the sample configuration of New University virtual router routing instances.
user@J2350-2-R2> show routing-instances bgp-customerTo allow only interfaces to be copied from inet.0, you must configure a policy and apply it to the RIB group.
Use the show policy-options policy-statement policy-name command to display the sample configuration of the RIB groups policy.
user@J2350-2-R2> show policy-options policy-statement
bgp-cust-instanceimportIn the previous policy configuration:
Using the instance-import policy, the local preference is configured to meet the requirements of the downstream customers. The customers do not see the change in the local-preference, but those prefixes that are shared with the customer are the only active prefixes available to the customer. If a failure occurs that limits connectivity to one of the specialized networks, then the standard routes become active and are advertised to the customer router.
The use of BGP allows customers to peer with New University in a single session. An additional RIB group is created to ensure that Customer D’s networks are propagated to all three upstream networks.
Use the show routing-instances routing-instance-name protocols bgp command to display the sample configuration of the BGP group policy.
user@J2350-2-R2> show routing-instances bgp-customer
protocols bgpIn the previous configuration, BGP is configured in the standard way. One benefit of the hierarchical configuration is that a standard peer-group can be used to handle many distinct customers. By placing the peer-specific information under the neighbor statement, the need to create individual groups is reduced.
Use the show routing-options rib-groups rib-groups-name command to display the sample configuration of the RIB groups.
user@J2350-2-R2> show routing-options rib-groups
bgp-customers-rgIn the previous configuration, the internet.inet.0, i2.inet.0, and the nlr.inet.0. routes are imported into the inet bgp-customer-rg-interfaces virtual router routing instance, and this policy is configured under the instance-import option of the default routing instance. This configuration combines three provider networks.
Use the show policy-options policy-statement policy-name command to verify the instance-import policy.
user@J2350-2-R2> show policy-options policy-statement
static-all-feeds-cust-ribgroup-policyThe RIB group and associated policy have additional configuration to enable prepending of prefixes. Prepending is used only for the Internet virtual router. Since most New University networks peer to the Internet and I2, and customers prefer the use of the faster Internet2 network. Prepending a prefix with two additional AS-PATH attributes on the Internet links ensures that those prefixes are preferred through the Internet2 peering sessions (shorter AS-PATH).
Configuring the Customer Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
To configure the customer device:
- Create a virtual router routing instance (cust-d). user@host# set routing-instances cust-d instance-type virtual-router
- Assign the fe-0/0/0.30 interface to the virtual
router routing instance. user@host# set routing-instances cust-d interface fe-0/0/0.30
- Assign the lo0.30 interface to the virtual
router routing instance. user@host# set routing-instances cust-d interface lo0.30
- Configure the static routes to be installed in the routing
table by specifying the destination of the generated route, and the
destination where packets should not be forwarded (discard).user@host# set routing-instances cust-d routing-options static route 192.168.60.0/24 discard
- Specify the device’s AS number as assigned by the
Network Information Center (NIC) in the United States.user@host# set routing-instances cust-d routing-options autonomous-system 65100
- Apply one or more policies to routes being exported from
the routing table into a routing protocol.user@host# set routing-instances cust-d protocols bgp group provider-ebgp export cust-d-export
- Configure a BGP neighbor (peer). user@host# set routing-instances cust-d protocols bgp group provider-ebgp peer-as 65000
- Configure a BGP neighbor (peer) with IP address 10.0.4.6. user@host# set routing-instances cust-d protocols bgp group provider-ebgp neighbor 10.0.4.6
Results
Use the show routing-instances routing-instance-name command to display the complete configuration. The sample output in this example is truncated to provide only the details relevant to the virtual routers configuration.
user@SRX210-A-R3> show routing-instances cust-dThe only disadvantage of this solution is that the upstream prefixes are replicated between several virtual router routing tables.
Example 5: BGP Customer – Creating Multiple Peering Sessions (Customer E)
In this example, the BGP user (Customer E) network is requesting multiple connections from New University along with configuration privileges. This configuration requires a single PE-CE link and multiple BGP peering sessions for each upstream provider feed using multihop external BGP (EBGP).
Figure 6 shows the topology of the static customer connectivity.
In this example, each group contains a BGP group for customers. These customer peering statements must use the EBGP multihop option since they are peering to a loopback address in each of the virtual router routing instances. You must also add the interface routes to a RIB group for each instance. This configuration propagates the loopback interfaces to the bgp-cust-2 virtual router, so that it can form a BGP peering session with the customer.
This section contains the following procedures:
Configuring the New University Device for the Internet Virtual Router Routing Instance
Configuring the New University Device for the Internet2 Virtual Router Routing Instance
Configuring the New University Device for the NLR Virtual Router Routing Instance
Configuring the New University Device
Step-by-Step Procedure
The following configuration includes basic steps to configure the device. For samples of a detailed configuration, see Appendix A - Device Configuration Details.
In this configuration, the virtual router routing instances provide multiple BGP sessions for each network. The primary BGP connectivity is contained within each provider of the virtual router.
To configure the New University virtual router routing instance:
- Create a virtual router routing instance (bgp-cust-2). user@host# set routing-instances bgp-cust-2 instance-type virtual-router
- Assign the bgp-cust-2 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.40
- Create a RIB group for the interfaces.user@host# set routing-instances bgp-cust-2 routing-options interface-routes rib-group inet bgp-cust2-interfaces
Configuring the New University Device for the Internet Virtual Router Routing Instance
Step-by-Step Procedure
To configure the New University virtual router for the internet virtual router routing instance:
- Create a virtual router routing instance (internet). user@host# set routing-instances internet instance-type virtual-router
- Assign the ge-0/0/0.230 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.230
- Assign the ge-0/0/0.270 interface to the virtual
router routing instance.user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.270
- Assign the lo0.2 interface to the virtual router
routing instance. user@host# set routing-instances bgp-cust-2 interface lo0.2
- Create the bgp-cust2-inet-interfaces RIB group
for the interfaces.user@host# set routing-instances internet routing-options interface-routes rib-group inet bgp-cust2-inet-interfaces
- Configure the BGP group customer type as external.user@host# set routing-instances internet protocols bgp group customers type external
- Configure the BGP group multihop with a time-to-live (TTL)
value of 2.
This enables external peering session, which allows unconnected third-party next-hops.
user@host# set routing-instances internet protocols bgp multihop ttl 2 - Specify the address of the local end of a BGP session
as 1.1.1.1.user@host# set routing-instances internet protocols bgp local-address 1.1.1.1
- Configure the BGP group by including the advertise-inactive statement.
The BGP advertises the best route even if the routing table does not select it to be the active route.
user@host# set routing-instances internet protocols bgp advertise-inactive - Configure the BGP group policy cust-routes-import.
This configuration applies to one or more routing policies to the routes being imported into the routing table from BGP.
user@host# set routing-instances internet protocols bgp import cust-routes-import - Configure a BGP neighbor (peer) with the IP address 10.0.2.5, and configure the peer as 65200.user@host# set routing-instances internet protocols bgp neighbor 10.0.2.5 peer-as 65200
Configuring the New University Device for the Internet2 Virtual Router Routing Instance
Step-by-Step Procedure
To configure the New University virtual router routing instance for the Internet2 connection:
- Create a virtual router routing instance (i2 ). user@host# set routing-instances i2 instance-type virtual-router
- Assign the ge-0/0/0.210 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.210
- Assign the ge-0/0/0.280 interface to the virtual
router routing instance.user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.280
- Assign the lo0.2 interface to the virtual router
routing instance. user@host# set routing-instances bgp-cust-2 interface lo0.2
- Create the bgp-cust2-i2-interfaces RIB group
for the interfaces.user@host# set routing-instances i2 routing-options interface-routes rib-group inet bgp-cust2-i2-interfaces
- Configure the BGP group customer type as external.user@host# set routing-instances i2 protocols bgp group customers type external
- Configure the BGP group multihop with a time-to-live (TTL)
value of 2.
This enables external peering session, which allows unconnected third-party next-hops.
user@host# set routing-instances i2 protocols bgp multihop ttl 2 - Specify the address of the local end of a BGP session
as 1.1.1.2.user@host# set routing-instances i2 protocols bgp local-address 1.1.1.2
- Configure the BGP group by including the advertise-inactive statement.
The BGP advertises the best route even if the routing table does not select it to be the active route.
user@host# set routing-instances i2 protocols bgp advertise-inactive - Configure the cust-routes-import BGP group
policy.
This configuration applies to one or more routing policies to the routes being imported into the routing table from BGP.
user@host# set routing-instances i2 protocols bgp import cust-routes-import - Configure a BGP neighbor (peer) with an IP address of 10.0.2.5, and a peer autonomous system number of 65200. user@host# set routing-instances i2 protocols bgp neighbor 10.0.2.5 peer-as 65200
Configuring the New University Device for the NLR Virtual Router Routing Instance
Step-by-Step Procedure
To configure the New University virtual router routing instance for the NLR connection:
- Create a virtual router routing instance (nlr). user@host# set routing-instances nlr instance-type virtual-router
- Assign the ge-0/0/0.200 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface ge-0/0/0.200
- Assign the lo0.3 interface to the virtual router
routing instance. user@host# set routing-instances bgp-cust-2 interface lo0.3
- Create the bgp-cust2-nlr-interfaces RIB group
for the interfaces.user@host# set routing-instances nlr routing-options interface-routes rib-group inet bgp-cust2-nlr-interfaces
- Configure the BGP group customer type as external.user@host# set routing-instances nlr protocols bgp group customers type external
- Configure the BGP group multihop with a time-to-live (TTL)
value of 2.
This enables external peering session, which allows unconnected third-party next-hops.
user@host# set routing-instances nlr protocols bgp multihop ttl 2 - Specify the address of the local end of a BGP session
as 1.1.1.3.user@host# set routing-instances nlr protocols bgp local-address 1.1.1.3
- Configure the BGP group by including the advertise-inactive statement.
The BGP advertises the best route even if the routing table does not select it to be the active route.
user@host# set routing-instances nlr protocols bgp advertise-inactive - Configure the BGP group policy cust-routes-import.
This configuration applies to one or more routing policies to the routes being imported into the routing table from BGP.
user@host# set routing-instances nlr protocols bgp import cust-routes-import - Configure a BGP neighbor (peer) with IP address 10.0.2.5, and configure the peer as 65200. user@host# set routing-instances nlr protocols bgp neighbor 10.0.2.5 peer-as 65200
- Use the run show route table route-ip-address-table-name terse command to display the details of the routing table.user@J2350-2-R2# run show route table bgp-cust-2 terse
bgp-cust-2.inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both A Destination P Prf Metric 1 Metric 2 Next hop AS path * 1.1.1.1/32 D 0 >lo0.1 * 1.1.1.2/32 D 0 >lo0.2 * 1.1.1.3/32 D 0 >lo0.3 * 10.0.2.4/30 D 0 >ge-0/0/0.40 * 10.0.2.6/32 L 0 Local * 10.0.5.0/24 D 0 >ge-0/0/0.200 * 10.0.5.2/32 L 0 Local * 172.16.0.4/30 D 0 >ge-0/0/0.230 * 172.16.0.5/32 L 0 Local * 172.16.0.12/30 D 0 >ge-0/0/0.210 * 172.16.0.13/32 L 0 Local * 172.16.0.16/30 D 0 >ge-0/0/0.280 * 172.16.0.17/32 L 0 Local * 172.16.0.24/30 D 0 >ge-0/0/0.270 * 172.16.0.25/32 L 0 Local
Results
Use the show routing-instances routing-instance-name command to display the complete configuration. The sample output is truncated to provide configuration details relevant to the virtual router routing instances.
user@J2350-2-R2> show routing-instances bgp-cust-2Use the show routing-options rib-groups rib-groups-name command to verify the RIB group configurations.
user@J2350-2-R2> show routing-options rib-groups
bgp-cust2-interfacesimport-rib [ bgp-cust-2.inet.0 internet.inet.0 i2.inet.0 nlr.inet.0 ];
user@J2350-2-R2> show routing-options rib-groups
bgp-cust2-i2-interfacesimport-rib [ i2.inet.0 bgp-cust-2.inet.0 ];
user@J2350-2-R2> show routing-options rib-groups
bgp-cust2-nlr-interfacesimport-rib [ nlr.inet.0 bgp-cust-2.inet.0 ];
Configuring the Customer Device
Step-by-Step Procedure
To configure the customer device:
- Create a virtual router routing instance (cust-e). user@host# set routing-instances cust-e instance-type virtual-router
- Assign the fe-0/0/0.40 interface to the virtual
router routing instance. user@host# set routing-instances bgp-cust-2 interface fe-0/0/0.40
- Configure the static routes for the routing table by specifying
the destination of the generated route, and also the next-hop destination
(IP address).user@host# set routing-instances cust-e routing-options static route 1.1.1.0/29 next-hop 10.0.2.6
- Configure the static routes to be installed in the routing
table by specifying the destination of the generated route, and the
destination where packets should not be forwarded (discard).user@host# set routing-instances cust-e routing-options static route 192.168.90.0/24 discard
- Specify the device’s AS number as assigned by the
Network Information Center (NIC) in the United States.user@host# set routing-instances cust-e routing-options autonomous-system 65200
- Configure an external BGP group (provider-ebgp).user@host# set routing-instances cust-e protocols bgp group provider-ebgp type external
- Configure the BGP group multihop with a time-to-live (TTL)
value of 2.
This enables external peering session, which allows unconnected third-party next-hops.
user@host# set routing-instances cust-e protocols bgp group provider-ebgp type external multihop ttl 2 - Apply one or more policies to routes being exported from
the routing table into a routing protocol.user@host# set routing-instances cust-e protocols bgp group provider-ebgp export cust-e-export
- Configure a BGP neighbor (peer). user@host# set routing-instances cust-e protocols bgp group provider-ebgp peer-as 65000
- Configure a BGP neighbor (peer) with IP address 1.1.1.1. user@host# set routing-instances cust-e protocols bgp group provider-ebgp neighbor 1.1.1.1
- Configure a BGP neighbor (peer) with IP address 1.1.1.2. user@host# set routing-instances cust-e protocols bgp group provider-ebgp neighbor 1.1.1.2
- Configure a BGP neighbor (peer) with IP address 1.1.1.3. user@host# set routing-instances cust-e protocols bgp group provider-ebgp neighbor 1.1.1.3
- Use the run show route table route-table-name terse command to verify the routing table (customer device).
user@SRX210-A-R3# run show route table cust-e tersecust-e.inet.0: 30 destinations, 41 routes (30 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both A Destination P Prf Metric 1 Metric 2 Next hop AS path * 1.1.1.0/29 S 5 >10.0.2.6 * 10.0.2.4/30 D 0 >fe-0/0/0.40 * 10.0.2.5/32 L 0 Local * 10.0.3.4/32 B 170 100 >10.0.2.6 65000 65020 65010 I * 10.10.1.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65222 I * 10.10.2.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65222 I * 10.10.3.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65222 I * 10.10.4.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65222 I * 10.10.5.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65222 I * 10.10.6.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.7.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.8.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.9.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.10.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.11.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65050 I * 10.10.12.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65050 I * 10.10.13.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65050 I * 10.10.14.0/24 B 170 100 >10.0.2.6 65000 65010 I B 170 100 >10.0.2.6 65000 65050 I * 10.10.15.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.16.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.17.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.18.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.19.0/24 B 170 100 >10.0.2.6 65000 65010 I * 10.10.20.0/24 B 170 100 >10.0.2.6 65000 65010 I * 120.120.0.0/16 B 170 100 >10.0.2.6 65000 65050 I * 130.130.0.0/16 B 170 100 >10.0.2.6 65000 65222 I * 192.168.60.0/24 B 170 100 >10.0.2.6 65000 65100 I B 170 100 >10.0.2.6 65000 65100 I B 170 100 >10.0.2.6 65000 65100 I * 192.168.90.0/24 S 5 Discard * 200.200.0.0/16 B 170 100 >10.0.2.6 65000 65010 I * 201.201.0.0/16 B 170 100 >10.0.2.6 65000 65020 I
Results
Use the show routing-instances routing-instance-name command to verify customer device configuration.
user@SRX210-A-R3> show routing-instances cust-e