Friday, June 17, 2011

JunOS Router testbed part 2

My topology has since become quite complicated, so I thought it would be best to draw a picture:
The fourth olive (meant to branch off like olive2 and olive3 with a separate AS number, tap interface and Ubuntu virtual machine) has been left out for simplicity at this stage. The main problem with my original design was that layer 3 separation wasn't enough - multicast skips routers at layer 2 - so I needed to give each box its own tap interface. To go with the diagram, here's the config from olive1 and olive2 (olive3 is basically the same as olive2 - this is an exercise for the reader)

Olive 1:


interfaces {
    em0 {
        unit 0 {
            family inet {
                address 192.168.2.1/24;
                address 192.168.11.1/24;
                address 10.1.1.198/8;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 1.1.1.1/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65000;
}
protocols {
    bgp {
        local-as 65000;
        group branch1 {
            type external;
            export to-branch1;
            peer-as 65001;
            neighbor 192.168.2.2;
        }
        group branch2 {
            type external;
            export to-branch;
            peer-as 65002;
            neighbor 192.168.2.3;
        }
        group branch3 {
            type external;
            export to-branch;
            peer-as 65003;
            neighbor 192.168.2.4;
        }
    }
    rip {
        group gateway {
            export gateway-rip;
            neighbor em0.0;
        }
    }
}
policy-options {
    policy-statement gateway-rip {
        from protocol [ direct bgp ];
        then accept;
    }
    policy-statement to-branch {
        from protocol [ direct local ospf bgp static rip ];
        then accept;
    }
}
Olive 2:

interfaces {
    em0 {
        unit 0 {
            family inet {
                address 192.168.2.2/24;
            }
        }
    }
    em1 {
        unit 0 {
            family inet {
                address 192.168.12.1/24;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 1.1.1.2/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65001;
}
protocols {
    bgp {
        local-as 65001;
        group olive {
            type external;
            export to-branch1;
            peer-as 65000;
            neighbor 192.168.2.1;
        }
    }
}
policy-options {
    policy-statement to-branch1 {
        from protocol [ direct local ospf bgp ];
        then accept;
    }
}

And here's a show route from olive 2

inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[BGP/170] 00:31:58, MED 3, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0
1.1.1.1/32         *[BGP/170] 00:31:58, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0
1.1.1.2/32         *[Direct/0] 00:32:02
                    > via lo0.0
1.1.1.3/32         *[BGP/170] 00:25:00, localpref 100, from 192.168.2.1
                      AS path: 65000 65002 I
                    > to 192.168.2.3 via em0.0
10.0.0.0/8         *[BGP/170] 00:31:58, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0
192.168.2.0/24     *[Direct/0] 00:32:02
                    > via em0.0
                    [BGP/170] 00:31:58, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0
192.168.2.2/32     *[Local/0] 00:32:02
                      Local via em0.0
192.168.11.0/24    *[BGP/170] 00:31:58, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0
192.168.12.0/24    *[Direct/0] 00:31:09
                    > via em1.0
192.168.12.1/32    *[Local/0] 00:31:09
                      Local via em1.0
192.168.13.0/24    *[BGP/170] 00:25:00, localpref 100, from 192.168.2.1
                      AS path: 65000 65002 I
                    > to 192.168.2.3 via em0.0
218.101.61.124/32  *[BGP/170] 00:31:58, MED 2, localpref 100
                      AS path: 65000 I
                    > to 192.168.2.1 via em0.0

It's all going well so far - putting each subnet on a different tap interface stops them cheating and using layer 2 for multicast, so now I can start getting PIM-SM set up (IPv4 only for starters)

No comments:

Post a Comment