Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How to configure the EX Series Swtich as a Customer Edge device using VRF-lite

0

0

Article ID: KB14926 KB Last Updated: 26 Aug 2009Version: 1.0
Summary:
VRF Lite enables us to use L3 VPN without using MPLS, to add Customer Edge (CE) devices with multiple routing instances and increase security. The following information describes the configuration steps for setting up multiple routing instances on a Customer Edge (CE) switch.
Symptoms:

Solution:
Virtual Routing and Forwarding (VRF) is often used in conjunction with Layer 3 subinterfaces, allowing traffic on a single physical interface to be differentiated and associated with multiple virtual routers.  Each logical Layer 3 subinterface can belong to only one routing instance.

The following information describes the configuration steps for creating two Virtual Routers on each switch CE-A and CE-B as in the diagram below.

VRF Lite - Customer Edge

In this application both switches are connected over vlan-tagged interface to the Provider Edge (PE) router, with two Virtual Router instances, VR1 and VR2

Switch CE-A Configuration:

  • Configure physical and VLAN interfaces under VR1 and VR2
root# show routing-instances
vr1 {
instance-type virtual-router;
interface vlan.100;
interface ge-0/0/1.0;
interface ge-0/0/3.0;
}

Configure
vr2 {
instance-type virtual-router;
interface ge-0/0/2.0;
interface ge-0/0/3.1;
}
  • RVI interface vlan.100 should be configured under VLAN v100
root# show vlans
v100 {
vlan-id 100;
interface {
ge-0/0/0.0;
}
l3-interface vlan.100;
}
  • Vlan-tagging is applied to ge-0/0/3 with unit 0 and unit 1
root# show interfaces ge-0/0/3
vlan-tagging;
unit 0 {
vlan-id 1030;
family inet {
address 103.1.1.1/24
}
}
unit 1 {
vlan-id 1031;
family inet {
address 103.1.1.1/24;
}
}


Switch CE-B Configuration:
  • Two virtual routes are configured
root# show routing-instances
vr1 {
instance-type virtual-router;
interface ge-0/0/4.0;
interface ge-0/0/5.0;
}
vr2 {
instance-type virtual-router;
interface ge-0/0/4.1;
interface ge-0/0/6.0;
}
  • Vlan tag and two units are configured in ge-0/0/3 towards the PE router.

root# show interfaces ge-0/0/4
vlan-tagging;
unit 0 {
vlan-id 1000;
family inet {
address 105.1.1.1/24
}
}
unit 1 {
vlan-id 1001;
family inet {
address 105.1.1.1/24;
}
}


Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search