[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring a VPN Routing Instance

You must configure a routing instance for each VPN on each PE Services Router participating in the VPN. The routing instance has the same name on each PE router. VPN routing instances need a route distinguisher to help BGP distinguish between potentially identical network layer reachability information (NLRI) messages received from different VPNs. This section does not apply to Layer 2 circuit configurations.

Each routing instance that you configure on a PE router must have a unique route distinguisher. There are two possible formats:

as-number:number, where as-number is an autonomous system (AS) number (a 2–byte value) in the range 1 through 65,535, and number is any 4–byte value. We recommend that you use an Internet Assigned Numbers Authority (IANA)-assigned, nonprivate AS number, preferably the ISP or the customer AS number.
ip-address:number, where ip-address is an IP address (a 4–byte value) and number is any 2–byte value. The IP address can be any globally unique unicast address. We recommend that you use the address that you configure in the router-id statement, which is a public IP address in your assigned prefix range.

The route target defines which route is part of a VPN. A unique route target helps distinguish between different VPN services on the same router. Each VPN also has a policy that defines how routes are imported into the VPN routing and forwarding (VRF) table on the router. A Layer 2 VPN is configured with import and export policies. A Layer 3 VPN uses a unique route target to distinguish between VPN routes.

To configure a VPN routing instance:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 17 on each PE router.
If you are finished configuring the router, commit the configuration.
To verify the configuration, see Verifying a VPN Configuration.
Go on to Configuring a VPN Routing Policy.

Table 17: Configuring a VPN Routing Instance

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the top of the configuration hierarchy and create the routing instance. (PE Services Router)	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Routing instances, click Configure or Edit. Next to Mpls, click Configure or Edit. In the Instance group, click Add New Entry. Type a name in the Instance name box.	From the [edit] hierarchy level, enter edit routing-instances routing-instance-name
Specify a text description for the routing instance. This text appears in the output of the show route instance detail command. (PE Services Router)	In the Description box, type a description.	Enter set description “text”
Specify the instance type, either l2vpn for Layer 2 VPNs or vrf for Layer 3 VPNs. (PE Services Router)	From the Instance type list, select an instance type.	Enter set instance-typeinstance-type
Specify the interface of the remote PE Services Router. (PE Services Router) (See the interface naming conventions in the J-series Services Router Basic LAN and WAN Access Configuration Guide.)	Next to Interface group, click Add New Entry. In the Interface name box, enter interface-name. Click OK.	Enter set interface interface-name
Specify the route distinguisher. (PE Services Router)	In the Rd type box, enter a route distinguisher in the format as-number:numberor ip-address:number.	Enter one of the following commands: set route-distinguisheras-number:number set route-distinguisher ip-address:number
Specify the policy for the Layer 2 VRF table. For the Layer 2 VPN example, the routing policies are defined in Configuring a Routing Policy for Layer 2 VPNs. (PE Services Router)	For the sample Layer 2 VPN configuration, which uses import and export policies: Next to Vrf export group, select Add new entry. In the Value box, type the export routing policy name. Click OK. Next to Vrf import group, click Add new entry. In the Value box, type the import routing policy name. Click OK.	For the sample Layer 2 VPN configuration, which uses import and export policies, enter set vrf-import import-policy-name vrf-export export-policy-name
Specify the policy for the Layer 3 VRF table. For the Layer 3 VPN example, the routing policy is defined in Configuring a Routing Policy for Layer 3 VPNs. (PE Services Router)	For the sample Layer 3 VPN configuration, which uses a route target: In the Vrf target box, click Configure. In the Community box, type the community (target:community-id, where community-id is as-number:number or ip-address:number). Click OK.	For the sample Layer 3 VPN configuration, which uses a route target, enter set vrf-target target:community-id Replace community-id with either of the following: as-number:number ip-address:number

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the top of the configuration hierarchy and create the routing instance.

(PE Services Router)

In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
Next to Routing instances, click Configure or Edit.
Next to Mpls, click Configure or Edit.
In the Instance group, click Add New Entry.
Type a name in the Instance name box.

From the [edit] hierarchy level, enter

edit routing-instances routing-instance-name

Specify a text description for the routing instance. This text appears in the output of the show route instance detail command.

(PE Services Router)

In the Description box, type a description.

Enter

set description “text”

Specify the instance type, either l2vpn for Layer 2 VPNs or vrf for Layer 3 VPNs.

(PE Services Router)

From the Instance type list, select an instance type.

Enter

set instance-typeinstance-type

Specify the interface of the remote PE Services Router.

(PE Services Router)

(See the interface naming conventions in the J-series Services Router Basic LAN and WAN Access Configuration Guide.)

Next to Interface group, click Add New Entry.
In the Interface name box, enter interface-name.
Click OK.

Enter

set interface interface-name

Specify the route distinguisher.

(PE Services Router)

In the Rd type box, enter a route distinguisher in the format as-number:numberor ip-address:number.

Enter one of the following commands:

set route-distinguisheras-number:number
set route-distinguisher ip-address:number

Specify the policy for the Layer 2 VRF table.

For the Layer 2 VPN example, the routing policies are defined in Configuring a Routing Policy for Layer 2 VPNs.

(PE Services Router)

For the sample Layer 2 VPN configuration, which uses import and export policies:

Next to Vrf export group, select Add new entry.
In the Value box, type the export routing policy name.
Click OK.
Next to Vrf import group, click Add new entry.
In the Value box, type the import routing policy name.
Click OK.

For the sample Layer 2 VPN configuration, which uses import and export policies, enter

set vrf-import import-policy-name vrf-export export-policy-name

Specify the policy for the Layer 3 VRF table.

For the Layer 3 VPN example, the routing policy is defined in Configuring a Routing Policy for Layer 3 VPNs.

(PE Services Router)

For the sample Layer 3 VPN configuration, which uses a route target:

In the Vrf target box, click Configure.
In the Community box, type the community (target:community-id, where community-id is as-number:number or ip-address:number).
Click OK.

For the sample Layer 3 VPN configuration, which uses a route target, enter

set vrf-target target:community-id

Replace community-id with either of the following:

as-number:number
ip-address:number

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]