ON THIS PAGE
Integrated Routing and Bridging on JCNR
Integrated Routing and Bridging (IRB) is a networking concept that combines the functionalities of routing and bridging within a single network infrastructure. This integration allows for seamless communication between devices on different network segments or subnets.
In a router, packets are forwarded based on their destination IP addresses. Routers operate at Layer 3 (Network Layer) of the OSI model and make decisions about the best path for a packet to reach its destination. In a bridge, frames are forwarded based on MAC addresses. Bridges operate at Layer 2 (Data Link Layer) and use MAC addresses to determine the appropriate segment for a frame.
IRB combines the features of routing and bridging in a single device, typically a router. This allows the device to make forwarding decisions based on both IP addresses and MAC addresses. IRB is particularly useful when you want to enable communication between devices on different subnets in a network. It allows the router to route traffic between subnets based on IP addresses. Instead of having separate routers and bridges, IRB simplifies network design by consolidating these functions into a single device. In VLAN environments, each VLAN can be considered a separate subnet, and the router with IRB capability can route traffic between these VLANs.
Starting with Juniper Cloud-Native Router (JCNR) Release 23.4, JCNR supports IRB, using which you can configure both routing and bridging settings in a unified manner. You can configure IRB interfaces and connect Bridge Domains (BD’s) to perform routing between bridge domains.
To learn more about IRB, see Integrated Routing and Bridging.
-
Configurable MAC address on IRB is not supported in JCNR Release 23.4
-
MTU is not configurable on IRB
-
BGP unnumbered is not supported on IRB interfaces
Configuring IRB
A pair of IRB interfaces are created for each BD, one for host connectivity (i.e., tap IRB interface) and another for forwarding traffic on fabric (i.e., fabric IRB interface). A single tap interface is created per L2 instance and all tap IRB interfaces that are configured in that L2 instance are created as sub-interfaces on that tap interface.
Consider the following topology shown below and configure IRB on JCNR.
- Configuring an IRB interface
- Attaching an IRB interface as an L3-routing interface to a Bridge
- Attaching an IRB interface to VRF
Configuring an IRB interface
Use the configlet resource to configure the cRPD pods.
interfaces { irb { unit 419 { family inet { address 1.104.19.3/24; } family inet6 { address 2419::3/64; } } } ens4f1 { unit 0 { family bridge { interface-mode trunk; vlan-id-list [ 100 200 400 414-423 500 ]; } } } }
Attaching an IRB interface as an L3-routing interface to a Bridge
Attach an IRB interface as an L3-routing interface to a Bridge using the example below.
routing-instances { vswitch { instance-type virtual-switch; bridge-domains { bd419 { vlan-id 419; routing-interface irb.419; } } interface ens4f1; } }
Attaching an IRB interface to VRF
An IRB interface can be a part of VRF-0 or VRF-N. The example shown below demonstrates how you can attach IRB.419 to a VRF Blue19.
routing-instances { blue19 { instance-type vrf; protocols { bgp { group ce_pe_19_v4 { type external; local-address 1.104.19.3; peer-as 1002; local-as 64512; bfd-liveness-detection { minimum-interval 300; } neighbor 1.104.19.4; } group ce_pe_19_v6 { type external; local-address 2419::3; peer-as 1002; local-as 64512; bfd-liveness-detection { minimum-interval 300; } neighbor 2419::4; } } evpn { ip-prefix-routes { advertise direct-nexthop; encapsulation vxlan; vni 2019; export vrf_route_19; } } } interface irb.419; interface lo0.19; route-distinguisher 100.100.100.1:2019; vrf-target target:20:2019; } }
Troubleshooting IRB
Use the commands listed in the sections below to troubleshoot an IRB setup.
cRPD CLI Commands
The following CLI commands can be executed on the cRPD CLI. To access the cRPD CLI, see Access cRPD CLI.
-
show bridge mac-table vlan-id <id>
: Provides the Bridge MAC table details.root@jcnr> show bridge mac-table vlan-id 419 MAC flags (S - Static MAC, D - Dynamic MAC) Routing Instance : default-domain:contrail:ip-fabric:default Bridging domain VLAN id : 419 MAC MAC Logical address flags interface 02:22:ec:ac:6b:24 D irb.419 e4:5d:37:2b:2a:aa D ens4f1
-
show bgp summary
: Provides a summary of the BGP session running on the IRB.root@jcnr> show bgp summary Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 1.104.19.4 1002 284 280 0 0 2:11:02 Establ blue19.inet.0: 9/9/9/0 2419::4 1002 283 280 0 0 2:10:58 Establ blue19.inet6.0: 9/9/9/0
-
show bfd session
: Provides a summary of the BFD session running on the IRB.root@jcnr> show bfd session Detect Transmit Address State Interface Time Interval Multiplier 1.104.19.4 Up irb.419 0.900 0.300 3 2419::4 Up irb.419 0.900 0.300 3
-
ping routing-instance blue19 1.104.19.3 source 1.104.19.4 count 1 rapid
: Provides a confirmation of the network connectivity to the IRB interface from CE2.root@CE2> ping routing-instance blue19 1.104.19.3 source 1.104.19.4 count 1 rapid PING 1.104.19.3 (1.104.19.3): 56 data bytes ! --- 1.104.19.3 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 9.041/9.041/9.041/0.000 ms
-
ping routing-instance blue19 6.1.19.1 source 1.104.19.4 count 1 rapid
: Provides a confirmation of the network connectivity to remote prefixes from CE2 through the IRB interface.root@CE2> ping routing-instance blue19 6.1.19.1 source 1.104.19.4 count 1 rapid PING 6.1.19.1 (6.1.19.1): 56 data bytes ! --- 6.1.19.1 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 17.773/17.773/17.773/0.000 ms
-
traceroute routing-instance blue19 6.1.19.1 source 1.104.19.4 no-resolve
: Provides the trace routes to remote prefixes from CE2 through the IRB interface.root@CE2> traceroute routing-instance blue19 6.1.19.1 source 1.104.19.4 no-resolve traceroute to 6.1.19.1 (6.1.19.1) from 1.104.19.4, 30 hops max, 52 byte packets 1 1.104.19.3 14.341 ms 14.932 ms 14.997 ms 2 6.1.19.1 14.962 ms 9.985 ms 14.906 ms
vRouter CLI Commands
The following CLI commands can be executed on the vRouter CLI. To access the vRouter CLI, see Access vRouter CLI.
-
vif --list | grep <interface ID>
: Provides the VIF ID of the specified interface.bash-5.1# vif --list | grep irb.419 vif0/26 Virtual: irb.419 NH: 73 vif0/27 Virtual: irb.419 Vlan(o/i)(,S): 419/419
-
vif --get 26
: Provides the VRF ID where IRB.419 is attached to.bash-5.1# vif --get 26 vif0/26 Virtual: irb.419 NH: 73 Type:Irb HWaddr:02:22:ec:ac:6b:24 IPaddr:1.104.19.3 IP6addr:2419::3 DDP: OFF SwLB: ON Vrf:2 Mcast Vrf:2 Flags:L3L2DProxyEr QOS:-1 Ref:16 RX queue errors to lcore 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Vlan Mode: Access Vlan Id: 419 OVlan Id: 419 RX packets:66910 bytes:5409152 errors:0 TX packets:71340 bytes:5718843 errors:0 Drops:9 bash-5.1# vif --get 27 vif0/27 Virtual: irb.419 Vlan(o/i)(,S): 419/419 Parent:vif0/9 Sub-type: host-irb-tap Type:Virtual(Vlan) HWaddr:02:22:ec:ac:6b:24 IPaddr:1.104.19.3 IP6addr:2419::3 DDP: OFF SwLB: ON Vrf:2 Mcast Vrf:65535 Flags:L3L2DProxyEr QOS:-1 Ref:1 TxXVif:26 RX queue errors to lcore 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 RX packets:71248 bytes:5711219 errors:0 TX packets:66828 bytes:5134644 errors:0 Drops:0
-
rt --get 1.104.19.4/32 --vrf 2
: Provides the data plane encapsulation for CE2’s IP.bash-5.1# rt --get 1.104.19.4/32 --vrf 2 Match 1.104.19.4/32 in vRouter inet4 table 0/2/unicast Flags: L=Label Valid, P=Proxy ARP, T=Trap ARP, F=Flood ARP, Ml=MAC-IP learnt route vRouter inet4 routing table 0/2/unicast Destination PPL Flags Label Nexthop Stitched MAC(Index) 1.104.19.4/32 0 PT - 113 - bash-5.1# nh --get 113 Id:113 Type:Encap Fmly:AF_INET/6 Rid:0 Ref_cnt:11 Vrf:2 Flags:Valid, Policy, Etree Root, EncapFmly:0806 Oif:26 Len:14 Encap Data: e4 5d 37 2b 2a aa 02 22 ec ac 6b 24
-
purel2cli --mac show
: Provides the MAC table in the vRouter.bash-5.1# purel2cli --mac show | grep 419 02:22:ec:ac:6b:24 419 26 1 e4:5d:37:2b:2a:aa 419 3 68174