Hi Matt,
You should only need iBGP between the PE routers, eg the SRX and the MX. Just configure family inet-vpn unicast to pass the VRF/VPN routes. Cheers, Caillin From: Matthew Crocker [mailto:[email protected]] Sent: Tuesday, 25 September 2012 9:16 AM To: Caillin Bathern Cc: [email protected]; [email protected] Subject: Re: [j-nsp] Config help for basic MPLS setup The EX4200s will be P routes so I should be ok. I'll get BGP running on the SRX & EXs tomorrow. The SRX & MX80 will be PE. I'll update tomorrow if I can't get it working. Thanks. -- Matthew S. Crocker President Crocker Communications, Inc. PO BOX 710 Greenfield, MA 01302-0710 E: [email protected] P: (413) 746-2760 F: (413) 746-3704 W: http://www.crocker.com On Sep 24, 2012, at 6:55 PM, "Caillin Bathern" <[email protected]> wrote: On point 2 there, the ex can only process one label at a time but there could be a larger label stack than that so it can be a P router. ________________________________ From: [email protected] Sent: 25/09/2012 8:25 AM To: [email protected] Cc: [email protected] Subject: Re: [j-nsp] Config help for basic MPLS setup > I have an MX80 and 3 EX4200s connected via 10GigE running MPLS, OSPF, etc. I have some ethernet-ccc links working between the gear. > > I'm trying to setup my first MPLS based routing VRF (L3VPN ???) between a new SRX210 and the MX80 (going through the EX4200s). > > Eventually the configuration will look like this > > <Internal LAN> -> SRX210 --[MPLS]--> EX4200 --[MPLS]--> EX4200 -- [MPLS] --> MX80 --[Internal LAN] --> Firewall > > The SRX210 is a PE router owned and controlled by me. I have a couple other basic IP routes on it for other customers. > > The idea here is that all traffic on ge-0/0/0.0 gets routed to the MX80 through an LSP in the routing-instance corp.crocker.com > > For testing the SRX is connected directly to the MX80 bypassing the EX4200s > > SRX has OSPF going with MX80 but does not have BGP configured. > MX80 has BGP with my upstreams and other border routers > > I'm sure I'm missing some MPLS filters or something but I'm not sure what. I see a couple of problems here: 1. MPLS L3VPNs use BGP to distribute the VPN label. Thus you *must* have a full BGP mesh between your PEs (or you can of course use route reflectors/confederations). 2. As far as I know the EX switches can only handle *one* MPLS label. You need at least two labels for MPLS L3VPNs. Steinar Haug, Nethelp consulting, [email protected] _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp -- Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering. http://www.mailguard.com.au/mg _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
