English Title: MPLS and VPLS with LSP in Juniper Routers
Com a necessidade de interligar dois sites com uma rede L2, surgiu a idéia de fazer um VPLS, o cenário criado é um cenário de testes roando em Linux com KVM e Libvirt, rodando verções virtuais do Juniper MX e Mikrotik Router)S
Equipamentos virtualizados
3 – vMX (Juniper MX virtualized)
2 – CHR (Mikrotik RouterOS Cloud Hosted Router)
Topologia
Algums acronomos usados:
MPLS – Multi Protocol Label Switching
OSPF – Open Shortest Path First
VPLS – Virtual Private LAN Service
LDP – Label Distribution Protocol
RSVP – Resource Reservation Protocol
LSP – Label Switching Path
A ideia inicial éra que os equipamento mikrotik-1 e mikortik-2 se comunicassem a nivel de L2 usando uma VLAN para isso, mas a ideia amadureceu para o funcionamento de 802qinq no tunel VPLS.
Sendo assim os exeplos abaixo mostram como foi configurado todos os protocooos como OSPF, MPLS, LDP, RSVP e tabém o LSP para que funcione o QinQ no tunel VPLS, ambas LSPs são balanceadas e ativas, sendo assim em caso de queda de um LSP o tunel VPLS continua funcionando sem nenhuma interrupção.
Configurações do R1
system {
host-name R1;
services {
ssh {
protocol-version v2;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
mtu 2000;
mac 52:54:00:69:dc:34;
unit 0 {
family inet {
address 10.0.0.1/30;
}
family mpls;
}
}
ge-0/0/1 {
mtu 2000;
mac 52:54:00:cc:d5:ac;
unit 0 {
family inet {
address 10.0.3.1/30;
}
family mpls;
}
}
ge-0/0/2 {
mtu 2000;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
mac 52:54:00:eb:23:b4;
unit 800 {
encapsulation vlan-vpls;
vlan-id 800;
family vpls;
}
}
fxp0 {
unit 0 {
family inet {
address 192.168.0.101/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.1.1.1/32;
}
}
}
}
protocols {
rsvp {
load-balance bandwidth;
interface ge-0/0/1.0;
interface ge-0/0/0.0;
}
mpls {
label-switched-path NORMAL {
to 10.2.1.1;
primary DIRETO;
}
label-switched-path SECUNDARIA {
to 10.2.1.1;
primary VIAR3;
}
path DIRETO {
10.2.1.1;
}
path VIAR3 {
10.3.1.1;
10.2.1.1;
}
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface ge-0/0/2.0;
interface lo0.0;
}
}
ldp {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface lo0.0;
}
}
routing-instances {
VPN {
instance-type vpls;
vlan-id 800;
interface ge-0/0/2.800;
protocols {
vpls {
encapsulation-type ethernet-vlan;
site-range 10;
interface ge-0/0/2.800;
no-tunnel-services;
site mk1 {
site-identifier 1;
}
vpls-id 101;
neighbor 10.2.1.1;
}
}
}
}
Configurações do R2
system {
host-name R2;
services {
ssh {
protocol-version v2;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
mtu 2000;
mac 52:54:00:dc:47:dc;
unit 0 {
family inet {
address 10.0.0.2/30;
}
family mpls;
}
}
ge-0/0/1 {
mtu 2000;
mac 52:54:00:18:3a:d0;
unit 0 {
family inet {
address 10.0.2.1/30;
}
family mpls;
}
}
ge-0/0/2 {
mtu 2000;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
mac 52:54:00:70:f2:ce;
unit 800 {
encapsulation vlan-vpls;
vlan-id 800;
family vpls;
}
}
fxp0 {
unit 0 {
family inet {
address 192.168.0.102/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.2.1.1/32;
}
}
}
}
protocols {
rsvp {
load-balance bandwidth;
interface ge-0/0/1.0;
interface ge-0/0/0.0;
}
mpls {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface ge-0/0/2.0;
interface lo0.0;
}
}
ldp {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface lo0.0;
}
}
routing-instances {
VPN {
instance-type vpls;
vlan-id 800;
interface ge-0/0/2.800;
protocols {
vpls {
encapsulation-type ethernet-vlan;
site-range 10;
interface ge-0/0/2.800;
no-tunnel-services;
site mk2 {
site-identifier 2;
}
vpls-id 101;
neighbor 10.1.1.1;
}
}
}
}
Configurações do R3
system {
host-name R3;
services {
ssh {
protocol-version v2;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
mtu 2000;
mac 52:54:00:bf:a1:0d;
unit 0 {
family inet {
address 10.0.2.2/30;
}
family mpls;
}
}
ge-0/0/1 {
mtu 2000;
mac 52:54:00:29:54:42;
unit 0 {
family inet {
address 10.0.3.2/30;
}
family mpls;
}
}
fxp0 {
unit 0 {
family inet {
address 192.168.0.103/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.3.1.1/32;
}
}
}
}
protocols {
rsvp {
load-balance bandwidth;
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
mpls {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface lo0.0;
}
}
ldp {
interface ge-0/0/0.0;
interface ge-0/0/1.0;
interface lo0.0;
}
}
[edit]
Configuraṍes do Mikrotik 1
/system identity set name=MIKROTIK-01 /interface vlan add interface=ether2 name=vlan1 vlan-id=800 add interface=vlan1 name=vlan2 vlan-id=900 /ip address add address=192.168.0.104/24 interface=ether1 network=192.168.0.0 add address=10.10.10.1/30 interface=vlan1 network=10.10.10.0 add address=10.20.10.1/30 interface=vlan2 network=10.20.10.0
Configuraṍes do Mikrotik 2
/system identity set name=MIKROTIK-02 /interface vlan add interface=ether1 name=vlan1 vlan-id=800 add interface=vlan1 name=vlan2 vlan-id=900 /ip address add address=192.168.0.105/24 interface=ether2 network=192.168.0.0 add address=10.10.10.2/30 interface=vlan1 network=10.10.10.0 add address=10.20.10.2/30 interface=vlan2 network=10.20.10.0
Testes
Visualizando no R1 o status da conexão VPLS
Testes de ping do Mikrotik-01 para o Mikrotik-02
