O'Reilly logo

JUNOS Cookbook by Aviva Garrett

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

15.1. Setting Up a Simple Layer 3 VPN

Problem

You want to set up a Layer 3 VPN for a customer who wants a private network for internal network communication and transactions.

Solution

Creating a Layer 3 VPN for the customer involves setting up your PE and P routers. The customer (or you) can set up the customer's routers (the CE routers). The PE and P routers must run an IGP, IBGP, MPLS, and a signaling protocol (RSVP or LDP). You establish an MPLS LSP between the PE routers and configure the VPN itself on the PE routers.

As a first step, set up the routing protocols necessary for the Layer 3 VPN. The PE and P routers must be running an IGP (this recipe uses OSPF). Following is the configuration for one of the PE routers, RouterG:

	[edit protocols]
	aviva@RouterG# set ospf area 0.0.0.0 interface t1-4/0/0
	aviva@RouterG# set ospf area 0.0.0.0 interface lo0.0 passive
	aviva@RouterG# set ospf area 0.0.0.0 interface fe-0/0/0 disable
	aviva@RouterG# set ospf traffic-engineering

On the PE router, enable MPLS and RSVP on the interfaces that connect to the P router:

	aviva@RouterG# set mpls interface t1-4/0/0
	aviva@RouterG# set rsvp interface t1-4/0/0

Also, remember to configure family mpls on all interfaces between the PE and P router that carry MPLS and RSVP:

	[edit interfaces]
	aviva@RouterG# set t1-4/0/0 unit 0 family mpls

The IGP, MPLS, and RSVP configuration for the other PE router, RouterF, and for the P router, RouterJ, is the same, substituting the appropriate interface names.

On each PE ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required