Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuration Walkthrough

This walkthrough summarizes the steps required to configure the Collapsed Data Center Fabric with Juniper Apstra JVD. For more detailed step-by-step configuration information, see Juniper Apstra User Guide . Notes provide additional guidance in this walkthrough.

This walkthrough details the configuration of the baseline design, as used during validation in the Juniper data center validation test lab. The baseline design consists of two QFX5120-48Y switches in the collapsed spine role. The goal of JVD is to provide options so that the baseline switch platform can be replaced with any validated switch platform for that role, as described in the Juniper Hardware Components section. To keep this walkthrough a manageable length, only the baseline design platform is used for the purposes of this document.

Apstra: Configure Apstra Server and Add Switches

This document does not cover the installation of Apstra. For more information about installation, see Juniper Apstra User Guide .

The first step is to configure the Apstra Server. Upon connecting to the Apstra Server VM for the first time, a configuration wizard launches. Here, passwords for the Apstra server, Apstra UI, and network configuration can be configured.

Apstra: Management of Junos OS Device

There are two methods of adding Juniper devices into Apstra: manually or in bulk using ZTP:

To add devices manually (recommended):

  • In the Apstra UI, navigate to Devices > Agents > Create Offbox Agents. This requires the devices to be configured with a minimum of the root password and management IP.

To add devices through ZTP:

For the purposes of this setup, a root password and management IPs were already configured on all switches prior to adding the devices to Apstra. To add switches to Apstra, first log on to Apstra Web UI, choose a method of device addition as per above and provide the appropriate username and password that is preconfigured for those devices.

Note:

Apstra pulls the configuration from Juniper devices called pristine config. The Junos OS configuration ‘groups’ stanza is ignored when importing the pristine configuration, and Apstra will not validate any group configuration listed in the inheritance model, see Use Configuration Groups to Quickly Configure Devices . However, it’s best practice to avoid setting loopbacks, interfaces (except management interface), routing-instances (except management-instance). Apstra will set the protocols LLDP and RSTP when device is successfully Acknowledged.

Create Agent Profile

For the purposes of this JVD lab, the root user and password are the same across all devices; hence, an agent profile is created, as shown below; note that this also obscures the password, which keeps it secure.

  1. Navigate to Devices > Agent Profiles.
  2. Click Create Agent Profile.
  3. Create an agent profile named root with the platform set to Junos.
  4. Add the username and password used to log into your switches.

Figure 2: Create Agent Profile in Apstra

A screenshot of a computer Description automatically generated

Create Offbox Agent

An IP address range can be provided to bulk-add devices into Apstra.

  1. Navigate to Devices > Managed Devices.
  2. Click on Create Offbox Agents.

    Figure 3: Devices Menu, with Managed Devices Highlighted

    page7image52191568

  3. Add the management addresses of the switches, separated by a comma, in the Create Offbox Agents pop-up. You might enter an IP range instead if you prefer.
  4. Select Junos as the platform and full control as the operation mode.

    Figure 4: Create Offbox Agents Pop-up with the Platform Option Selecting Junos

    A screenshot of a computer Description automatically generated

  5. Select the agent profile root created in the previous step.

    Figure 5: Create Offbox Agents Pop-up with the Agent Profile Option Selecting Root

    A screenshot of a phone Description automatically generated

  6. Press Create and wait for the systems to populate in the Managed Devices table.

Figure 6: Managed Devices Table Showing the Entries Created After Cicking Create in the Previous Step

A group of green icons Description automatically generated

Add Pristine Configuration

Click on each of the newly created systems in the Devices > Managed Devices table, and then add the pristine configuration by collecting from the device or pushing from Apstra. The configuration applied as part of the pristine configuration should be the base configuration or minimal configuration required to reach the devices with the addition of any users, static routes to the management switch, and so on. This creates a backup of the base configuration in Apstra and allows devices to be reverted to the pristine configuration in case of any issues.

Figure 7: Add Pristine Config

A screenshot of a computer Description automatically generated

Note:

If the pristine configuration is updated using Apstra as shown in the above figure, then run Revert to Pristine.

Upgrade Junos OS

If your switches are not running the operating system release recommended by this JVD, you should upgrade them to the recommended version. For the purposes of this JVD, the recommended Junos OS version is 23.4R2-S3.

Note:

Important: A maintenance window is required to perform any device upgrade, as upgrades can be disruptive.Best practice recommendations for upgrade: Upgrade devices using the Junos OS CLI as outlined in the Junos OS Software Installation and Upgrade Guide , along with the Junos OS version release notes, as Apstra currently only performs basic upgrade checks. However, this JVD summarizes the steps to upgrade if Apstra is intended to be used for upgrades.If a device is added to the blueprint, set it to undeploy, unassign its serial number from the blueprint, and commit the changes, which reverts it back to Pristine Config. Then, proceed to upgrade. Once the upgrade is complete, add the device back to the blueprint.

Apstra allows devices upgrade. However, the current best practice recommendation is to upgrade devices using the Junos OS CLI as outlined in the Junos OS Software Installation and Upgrade Guide , along with the Junos OS version release notes. This is because Apstra currently only performs basic upgrade checks. If you want to upgrade the device within Apstra, here is how you do it:

Figure 8: Upgrade Device from Apstra

A screenshot of a computer Description automatically generated

To register a Junos OS image on Apstra, either provide a link to the repository where all OS images are stored or upload the OS image as shown below. In the Apstra UI, navigate to Devices > OS Images and click Register OS Image.

Figure 9: Upload OS Image

A screenshot of a computer Description automatically generated

Figure 10: Register OS Image by Uploading or Provide Image URL

A screenshot of a computer Description automatically generated

Fabric Provisioning

  1. Navigate to Devices > Managed Devices.
  2. Check Discovered Devices and Acknowledge the Devices.
  3. Click the checkbox interface to select all the devices once the offbox agent is added and the device information is collected.
  4. Click Acknowledge.

    This places the switch under the management of the Apstra server.

    Figure 11: Managed Devices Table Control Panel with the Acknowledge Selected Systems Highlighted

    page7image52112352

  5. Once a switch is acknowledged, the status icon under the Acknowledged? table header changes from a red no entry symbol to a green checkmark. Verify this change for all switches. If there are no changes, repeat the procedure to acknowledge the switches again.

Figure 12: Managed Devices Table Showing the Switches Successfully Under Apstra Management

Note:

After a device is managed by Apstra, all device configuration changes should be performed using Apstra. Do not perform configuration changes on devices outside of Apstra, as Apstra might revert those changes.

Once the devices are successfully acknowledged, perform the collect pristine config step detailed above once again, as Apstra adds LLDP and RSTP protocols to the switch configurations.

Identify and Create Logical Devices, Interface Maps with Device Profiles

Note:

Note: The device profiles covered in this JVD document are not modular chassis-based. For modular chassis-based devices such as QFX5700 the linecard profiles, chassis profile are available in Apstra and linked to the device profile. These cannot be edited; however, they can be cloned, and custom profiles can be created for linecard, chassis and device profile as shown below in Figure 11 and Figure 12.

The following steps define the Collapsed Data Center Fabric with Juniper Apstra JVD baseline architecture and devices. Before provisioning a blueprint, a replica of the topology is created. We define the ERB data center reference architecture and devices in the following steps.

This involves selecting logical devices for the collapsed spine switches. Logical devices are abstractions of physical devices that specify common device form factors such as the amount, speed, and roles of ports. Vendor-specific information is not included, which permits building the network definition before selecting vendors and hardware device models. The Apstra software installation includes many predefined logical devices that can be used to create any variation of the logical device.

  • Logical devices are then mapped to device profiles using interface maps. The ports mapped to the interface maps match the device profile and physical connections. Again, the Apstra software installation includes many predefined interface maps and device profiles.
  • Finally, the racks and templates are defined using the configured logical devices and device profiles, which are then used to create a blueprint.

The Juniper Apstra User Guide explains the device lifecycle, which must be understood when working with Apstra blueprints and devices.

Create Device Profile

For all devices covered in this document, the device profiles (defined in Apstra and found under Devices > Device Profiles) were exactly matched by Apstra when adding devices into Apstra, as covered in Apstra: Management of Junos OS Device . During the validation of supported devices, there are instances where device profiles had to be custom-made to suit the linecard setup on the device, for instance, QFX5700. For more information on device profiles, see Apstra User Guide for Device Profiles .

  1. Navigate to Devices > Device Profiles, then review the devices listed based on the number and speed of ports.
  2. Select the device that most closely resembles the switch for which you want to create a device profile.

    Figure 12: Devices Menu with the Device Profiles Button Highlighted

    A screenshot of a computer Description automatically generated

  3. Press the Clone button once you are confident that the device profile you selected most closely resembles your switch.

    Figure 13: Device Profile Page with the Clone Button Pointed Out

    A screenshot of a computer Description automatically generated

    Note:

    System already added, or default logical devices cannot be changed.

  4. Name the cloned profile that you will use for this blueprint.

    Figure 14: Clone Device Profile Pop-Up

    A screenshot of a computer Description automatically generated

  5. Click Ports to verify that the port selection matches your device. If it does not, modify the port layout, then press Clone.

Figure 14: Clone Device Profile Pop-up

A screenshot of a computer Description automatically generated

Create Logical Device

  1. Navigate to Design > Logical Devices and then select the Create Logical Device button in the upper-right corner.

    Figure 15: Design Menu with the Logical Device Button Highlighted

    page13image52217056

  2. Create a logical device with the name JVD_QFX5120-48-y-8c.

    Figure 16: The Create Logical Device Page

    A screenshot of a computer Description automatically generated

    Figure 17: Create Logical Devices Page with the Access Ports Highlighted 48 10 Gbps Ports Assigned for Access and Generic Devices

    A screenshot of a computer Description automatically generated

  3. Assign eight 100 Gbps ports for spine, leaf, peer, and generic connections.

Figure 18: Create Logical Devices Page with the Uplink Ports Highlighted

A screenshot of a computer Description automatically generated

Create Interface Map

  1. Navigate to Design > Logical Devices and then select the Create Interface Map button in the upper-right corner.

    Figure 19: Design Menus with the Interface Maps Button Highlighted

    page19image52121040

  2. Name the interface map JVD_QFX5120-48y-8c_IM.
  3. Select the logical device and device profile created earlier.
  4. Click Select with all interfaces assigned interfaces text in the Device profile interfaces column, and then assign all 48x10 Gbps ports and 8x100 Gbps ports as appropriate.

Figure 20: Create Interface Map Pop-up Showing the Interface Map Preview

A screenshot of a computer Description automatically generated

Create Rack Type

  1. Navigate to Design > Rack Types.

    Figure 21: Design Menu with the Rack Types Button Highlighted

    page26image52284256

  2. Select Create In Builder in the upper-right corner.

    Figure 22: The Rack Types Page with the Create in Builder Button Highlighted

    page27image51891248

  3. Create a rack with the name JVD_CF_Rack1 and select L3 collapsed.

    Figure 23: Rack Type Creation in Builder with L3 Collapsed Highlighted

    A screenshot of a computer Description automatically generated

  4. Under Leafs, select ESI as the redundancy protocol.

    Figure 24: Rack Type Creation in Builder with ESI Under Leafs Highlighted

    A screenshot of a computer Description automatically generated

  5. Under Generic Systems, click Add new generic system group, and then select AOS-2x10-1 as the logical device. This action connects the leafs to the generic systems, such as servers in high availability mode.

    Figure 25: Rack Type Creation in Builder with Generic Systems Selected

    A screenshot of a computer Description automatically generated

  6. While still under Generic Systems, click Add logical link and create two logical links: link1 and link2. Both will be dual-homed from server1 and server2 with LACP and have 10 Gbps speeds.
  7. Click Create when done.

Figure 26: Rack Type Creation in Builder Showing Only the Logical Links Being Created

A screenshot of a computer Description automatically generated A screenshot of a computer Description automatically generated

Create Templates

  1. Navigate to Design > Templates and then select the Create Template button in the upper-right corner.

    Figure 27: The Design Menu with the Templates Button Highlighted

    page38image51876320

  2. Name the template JVD_CF_Template1_SM, with Type Collapsed, and select MP-BGP-EVPN as the overlay control protocol.

    Figure 28: Create Template Pop-up with MP-EBGP-EVPN for the Overlay Control Protocol Selected

    A screenshot of a computer Description automatically generated

  3. Select the rack created earlier (JVD_CF_Rack_SM), choose two mesh links, set the mesh link speed to 100 Gbps, and click Create.

Figure 29: Create Template Pop-up with Mesh Links Information Filled In

A screenshot of a computer Description automatically generated

Create ASN POOL

  1. Navigate to Resources > ASN Pools and then select the Create ASN Pool button in the upper-right corner.

    Figure 30: Resources Menu with the ASN Pools Button Highlighted

    A screenshot of a computer Description automatically generated

  2. Create an ASN pool with the name JVD_CF_ASN1 for internal ASNs. This guide uses 64512-65534 for this ASN Pool.

    Figure 31: Create ASN Pool Pop-up Showing the Creation of the ASN Pool JVD_CF_ASN1

  3. Create a second ASN pool named MX-External-ASN for external ASNs. This guide uses the single AS 4200000051 for this ASN Pool.

Figure 32: Create ASN Pool Pop-up Showing the Creation of the ASN Pool MX-External-ASN

A screenshot of a computer Description automatically generated

Create IP and Loopback Pool

  1. Navigate to Resources > ASN Pools and then select the Create IP Pool button in the upper-right corner

    Figure 33: Resources Menu with the ASN Pools Button Highlighted

    A screenshot of a computer Description automatically generated

  2. Create an IP pool named CF_JVD_IP_POOL1 with a subnet of 192.168.201.0/24 and click Create.

    Figure 34: Create IP Pool Pop-up Showing the Creation of the CF_JVD_IP_POOL1 IP Pool

    A screenshot of a computer Description automatically generated

  3. Create a second IP pool named CF_JVD_IP_Loopback1 with a subnet of 172.16.32.0/24 and click Create.

Figure 35: Create IP Pool Pop-up Showing the Creation of the CF_JVD_IP_Loopback1 IP Pool

A screenshot of a computer Description automatically generated

Create IP and Loopback Pool

  1. Navigate to Blueprints and then select the Create Blueprint button in the upper-right corner.

    Figure 36: Blueprints Button on the Main Menu Highlighted

    page44image51702336

  2. Name the blueprint JVD_CF_without-Access_BluePrint_SM.
  3. Select Datacenter for the Reference Design.
  4. For Filter Templates, select COLLAPSED.
  5. Select the template created earlier (JVD_CF_Template1_SM) and choose IPv4 for the links.

Figure 37: Create Blueprint Pop-up with Inputs Populated for this JVD

A screenshot of a computer Description automatically generated

Figure 38: Create Blueprint Pop-up Showing the Topology Preview

A blue and white line with black text Description automatically generated with medium confidence

Configure Blueprint

  1. Navigate to Blueprints and then select the blueprint that was just created.
  2. Go to Staged > Topology and click on the icon beside the words ASNs – Leafs in the panel on the right side of the screen.
  3. Select the ASN previously created for internal use (JVD_CF_ASN).

    Figure 39: Staged Tab in the JVD_CF_Without-Access_BluePrint_SM Blueprint Showing ASN Assignment Options

    A screenshot of a computer Description automatically generated

  4. Next, assign the loopback IP pool that was created earlier.

    Figure 40: Staged Tab in the JVD_CF_Without-Access_BluePrint_SM Blueprint Showing Loopback IP Assignment Options

    A screenshot of a computer Description automatically generated

  5. Select the link IP pool created earlier.

    Figure 41: Staged Tab in the JVD_CF_Without-Access_BluePrint_SM Blueprint Showing Link IP Assignment Options

    A screenshot of a computer Description automatically generated

  6. Deploy the systems by assigning system IDs to the switches.

Figure 42: Staged Tab in the JVD_CF_Without-Access_BluePrint_SM Blueprint Showing System ID Assignment Tab

A screenshot of a computer Description automatically generated

Figure 43: Assign Systems Pop-up in the JVD_CF_Without-Access_BluePrint_SM BluePrint

A screenshot of a computer Description automatically generated

Create VRFs

  1. From within the JVD_CF_without-Access_BluePrint_SM blueprint, navigate to Staged > Virtual > Routing-Zone and then select the Create Routing Zone button in the upper-right corner of the main content frame.
  2. Create two VRFs: Blue and Red.

Figure 44: Create Routing Zone Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

A screenshot of a computer Description automatically generated

Create Virtual Networks

  1. From within the JVD_CF_without-Access_BluePrint_SM blueprint, navigate to Staged > Virtual > Virtual Networks and then select the Create Virtual Networks button in the upper-right corner of the main content frame.
  2. Create VXLANs for the Blue and Red VLANs.
  3. Create the VXLANs with the following parameters:
    First VXLAN Options First VXLAN Values Second VXLAN Options Second VXLAN Values
    Name red-vlan Name blue-vlan
    Routing Zone Red Routing Zone Blue
    VNI 13100 VNI 13200
    VLAN ID 3100 VLAN ID 3200
    DHCP Service Disabled DHCP Service Disabled
    IPv4 Connectivity Enabled IPv4 Connectivity Enabled
    IPv4 Subnet 10.31.0.0/24 IPv4 Subnet 10.32.0.0/24
    Virtual Gateway IPv4 Enabled Yes Virtual Gateway IPv4 Enabled Yes
    Virtual Gateway IPv4 10.31.0.99 Virtual Gateway IPv4 10.32.0.99
    Create Connectivity Templates For Tagged Create Connectivity Templates For Tagged

    Figure 45: Upper Part of the Create Virtual Network Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

    A screenshot of a computer Description automatically generated

  4. Before you click Create, ensure you enable both switches.

Figure 46: Upper Part of the Create Virtual Network Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

A screenshot of a computer Description automatically generated

Assign Virtual Networking Resources

  1. From within the JVD_CF_without-Access_BluePrint_SM blueprint, navigate to Staged > Virtual > Routing Zones, and then update the leaf loopback IPs for the Blue and Red routing zones by selecting the icon next to the words Leaf Loopback IPs in the Resource Allocation panel on the right-hand side of the screen.
  2. Click the edit icon to open the Update Pool Assignments pop-up. Assign JVD_CF_Loopback1 to both routing zones.

    Figure 47: Staged Tab in the JVD_CF_Without-Access_BluePrint_SM Blueprint Showing Link IP Assignment Options

  3. Click Update when you are done.A screenshot of a computer Description automatically generated

    Figure 48: Update Pool Assignments Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

    A screenshot of a computer Description automatically generated

    Figure 49: Resource Allocation Panel Showing the EVPN L3 VNIs Section Expanded

  4. A screenshot of a computer Description automatically generatedIn the Resource Allocation panel on the right side of the screen, click the icon next to the words EVPN L3 VNIs.
  5. Click the edit button, select the default VNI from the list, and click save.
  6. While still within the JVD_CF_without-Access_BluePrint_SM blueprint, navigate to Staged > Connectivity Templates and assign the Tagged VxLAN ‘Blue-vlan’ to ae2 and the Tagged VxLAN ‘Red-vlan’ to ae1. To do this, click the check box next to each Tagged VxLAN, and then click the Assign icon (it looks like two links in a chain), which appears when you make that selection.

Figure 50: Tagged VXLAN Connectivity Templates and the Control Panel to Assign Them

A screenshot of a computer Description automatically generated

Figure 51: Assign Connectivity Template Pop-up Showing the Tagged VXLAN ‘Blue-vlan’

A screenshot of a computer Description automatically generated

Figure 52: Assign Connectivity Template Pop-up Showing the Tagged VXLAN ‘red-vlan’

A screenshot of a computer Description automatically generated

Add External Router

  1. From within the JVD_CF_without-Access_BluePrint_SM blueprint, navigate to Staged > Physical and click on Leaf-1 in the topology.
  2. Select the checkbox on Leaf-1 and select Add internal/external generic system. When complete, you should see a new link on the graphic.

    Figure 53: Leaf-1 Pop-up Showing the Ability to Add an External Generic System

    A screenshot of a computer Description automatically generated

  3. Create the external system, name it MX204 and select a logical device with 4x10 Gbps ports, and then click Next.

    Figure 54: First Part of the Assign Internal External Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

    A screenshot of a computer Description automatically generated

  4. Create links for the new system to both Leaf-1 and Leaf-2. This is done by selecting an interface, then selecting a port speed.
  5. Click Add Link. Do this for both switches.
  6. Click Create once you’re done.

    Figure 55: Second Part of the Assign Internal External Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

    Screens screenshot of a computer Description automatically generated

    Now that the router has been added, a connectivity template must be created for it.

  7. Navigate to Staged > Connectivity Templates.
  8. Click the Add Template button in the upper-right corner.
  9. Name the template CF-to-MX_Blue.

    Figure 56: Create Connectivity Template Pop-up in the JVD_CF_Without-Access_BluePrint_SM Blueprint

    A screenshot of a computer Description automatically generated

  10. Click on the Primitives tab and then select the primitives IP Link, BGP Peering (Generic System), and Routing Policy.

    Figure 57: Primitives Tab in the Create Connectivity Template Pop-up in the JVD_CF_without-Access_BluePrint_SM BlueprintA screenshot of a computer Description automatically generated

  11. Click Parameters and expand the IP Link section.
  12. Choose the routing zone Blue.
  13. Set the interface type to Tagged and enter VLAN ID of 501.
  14. Set IPv4 Addressing Type to Numbered, and IPv6 Addressing Type to None.

    Figure 58: Expanded IP Link Section of the Parameters Tab

    A screenshot of a computer Description automatically generated

  15. Expand BGP Peering (Generic System) and configured.
  16. Set the IPv4 AFI to ON, and the IPv6 AFI to OFF.
  17. Configure a TTL of 2, and do not enable BFD.
  18. Set the IPv4 Addressing Type to Addressed, leaving the IPv6 Addressing Type to None.
  19. Leave the Local ASN Type unconfigured.
  20. Set the Neighbor ASN Type to Static.

    Figure 59: Expanded IP Link Section of the Parameters Tab

    A screenshot of a computer Description automatically generated

  21. Expand and configure the Routing Policy section and set it to Default_immutable.
  22. Click Create.

    Figure 60: Expanded Routing Policy Section in the Parameters Tab

    A screenshot of a computer Description automatically generated

    Finally, the connectivity template CF-to-MX_Blue needs to be assigned to the Leaf-1 and Leaf-2 interfaces, which are connected to the external router (MX204).

  23. Click the Assign icon in line with the CF-to-MX_Blue connectivity template.
  24. Click the checkboxes to assign the connectivity template to the interfaces connected to the external router and click Assign.

    Figure 61: CF-to-MX_Blue Connectivity Template Listing, with the Assign Button Highlighted

    Figure 62: Assign-CF-to-MX_Blue Pop-up

    A white background with black text Description automatically generated

    Finally, IP addresses are assigned to interfaces on Leaf-1 and Leaf-2, which are connected to the external router for the Blue VRF. To create IP pools.

  25. Navigate to Resources > IP Pool from the Create IP and Loopback Pool section above. These IP pools will be named MX_Leaf2-blue-ip and MX_Leaf1-blue-ip.
  26. Assign the IP pools by navigating to Staged > Routing Zones inside the blueprint.
  27. Click on the icon next to Blue: To Generic Link IPs in the Routing Zones panel on the right-hand side of the screen to assign the IP pools you just created.

Figure 63: Blue: To Generic Link IPs Section of the Routing Zones Panel is Shown Expanded

A screenshot of a computer Description automatically generated

Note:

The MX204 referenced above is a stand-in for a generic router, and not considered a key component of this JVD. Similar steps can be taken to connect any router. The MX interface configuration is provided below in order to provide an example of how routing on a router is set up to interface with the network described in this JVD.

Below is the MX interface config towards the Leaf-1 and Leaf-2 switches.

Verification

Below is the output from the switches which verify configuration success.

Output from Leaf-1:

Output from Leaf-2:

PING from Host-2 (Red VRF) 10.31.0.106 to Host-1 (Blue VRF) 10.32.0.105: