Juniper SRX Routing Instances Configuration and Importing Routes to and from virtual routers

Our goal is to configure routing instances on all devices and provide routing between all instances with ospf protocol.


Configure routing instances on SRX1:

We will be using a tagged interface ge-0/0/1 where vlan 10 is for vr10.10 routing instance and vlan 20 is for vr20.20:

set interfaces ge-0/0/1 vlan-tagging

set interfaces ge-0/0/1 unit 10 vlan-id 10

set interfaces ge-0/0/1 unit 10 family inet address 172.16.10.1/24

set interfaces ge-0/0/1 unit 20 vlan-id 20

set interfaces ge-0/0/1 unit 20 family inet address 172.16.20.1/24


Now create routing instances and assign interfaces to them:

set routing-instances vr10.10 instance-type virtual-router

set routing-instances vr10.10 interface ge-0/0/1.10

set routing-instances vr20.20 instance-type virtual-router

set routing-instances vr20.20 interface ge-0/0/1.20


Configure rib-groups to import routes from one routing instance to another (Another alternative is to configure policy-options for importing):

set routing-instances vr10.10 routing-options interface-routes rib-group inet vr10.10-RG

set routing-instances vr20.20 routing-options interface-routes rib-group inet vr20.20-RG


Now import rib-groups to each routing-instance table including master routing table.The order in which the tables are configured under the rib-groups does matter under this method. The first table in the list will be the primary table which will export its routes to the other tables in the list. So we gonna import master instance routing table to our configured routing-instances (vr10.10 and vr20.20) rib-groups (routing tables):

set routing-options rib-groups vr10.10-RG import-rib [ inet.0 vr10.10.inet.0 vr20.20.inet.0 ]

set routing-options rib-groups vr20.20-RG import-rib [ inet.0 vr20.20.inet.0 vr10.10.inet.0 ]


The last step is to export routing instancesrib-groups to master instanceinet.0 routing table:

set routing-options interface-routes rib-group inet vr10.10-RG

Lets check the routing table on SRX1:

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 00:03:06

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 00:03:06

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.20


vr10.10.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 00:03:06

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 00:03:06

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.20


vr20.20.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 00:03:06

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 00:03:06

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 00:03:06

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 00:03:06

Local via ge-0/0/1.20



Configure routing instances on SRX2:

Configuration on SRX2 will be identical to SRX1 configuration except for IP addresses for routing-instances interfaces:

set interfaces ge-0/0/1 vlan-tagging


set interfaces ge-0/0/1 unit 10 vlan-id 10

set interfaces ge-0/0/1 unit 10 family inet address 192.168.10.1/24

set interfaces ge-0/0/1 unit 20 vlan-id 20

set interfaces ge-0/0/1 unit 20 family inet address 192.168.20.1/24


set routing-instances vr10.10 instance-type virtual-router

set routing-instances vr10.10 interface ge-0/0/1.10

set routing-instances vr20.20 instance-type virtual-router

set routing-instances vr20.20 interface ge-0/0/1.20


set routing-instances vr10.10 routing-options interface-routes rib-group inet vr10.10-RG

set routing-instances vr20.20 routing-options interface-routes rib-group inet vr20.20-RG

set routing-options rib-groups vr10.10-RG import-rib[ inet.0 vr10.10.inet.0 vr20.20.inet.0 ]

set routing-options rib-groups vr20.20-RG import-rib [ inet.0 vr20.20.inet.0 vr10.10.inet.0 ]

set routing-options interface-routes rib-group inet vr10.10-RG


Lets check routing table on SRX2:

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 1d 02:29:31

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 1d 02:29:31

Local via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.20



vr10.10.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 23:51:39

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 23:51:39

Local via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.20



vr20.20.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 23:51:39

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 23:51:39

Local via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 23:51:39

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 23:51:39

Local via ge-0/0/1.20


Now we need to configure the OSPF protocol between SRX1 and SRX2 and import routes from and to our routing instances.

SRX1 and SRX2 OSPF protocol and export/import route policies configuration (Configuration on SRX1 is identical to SRX2)

Configure OSPF protocol and export routing tables from vr10.10 and vr.20.20 to OSFP into master routing table inet.0. By default, OSPF imports all learned routes into the routing table and exports routes only from interfaces that are members of the OSPF area. To export all other routes or filter inbound routes, you must use routing policies.

set protocols ospf area 0.0.0.0 interface ge-0/0/0.0

set policy-options policy-statement all-local term 1 from protocol direct

set policy-options policy-statement all-local term 1 then accept

set policy-options policy-statement all-local term 2 from protocol local

set policy-options policy-statement all-local term 2 then accept

Apply policy to OSPF protocol:

set protocols ospf export all-local

The next step is to import OSPF routes from master routing table to vr10.10 and vr20.20 routing tables. We can accomplish that using policy options with policy statements:

set policy-options policy-statement inet0_ospf_to_vrsterm 1 from instance master

set policy-options policy-statement inet0_ospf_to_vrsterm 1 from protocol ospf

set policy-options policy-statement inet0_ospf_to_vrsterm 1 then accept

set policy-options policy-statement inet0_ospf_to_vrsterm 2 then reject

Now apply configured policy to appropriate routing instance:



set routing-instances vr10.10 routing-options instance-import inet0_ospf_to_vrs

set routing-instances vr20.20 routing-options instance-import inet0_ospf_to_vrs


Now check the results on SRX1:

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 01:29:29

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 01:29:29

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.20

192.168.10.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0

192.168.20.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0

224.0.0.5/32 *[OSPF/10] 01:30:39, metric 1

MultiRecv


vr10.10.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 01:29:29

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 01:29:29

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.20

192.168.10.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0

192.168.20.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0


vr20.20.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 01:29:29

> via ge-0/0/0.0

10.30.30.1/32 *[Local/0] 01:29:29

Local via ge-0/0/0.0

172.16.10.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.10

172.16.10.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.10

172.16.20.0/24 *[Direct/0] 01:29:29

> via ge-0/0/1.20

172.16.20.1/32 *[Local/0] 01:29:29

Local via ge-0/0/1.20

192.168.10.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0

192.168.20.0/24 *[OSPF/150] 01:29:18, metric 0, tag 0

> to 10.30.30.2 via ge-0/0/0.0


Now check the results on SRX2: 



inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 1d 03:09:49

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 1d 03:09:49

Local via ge-0/0/0.0

172.16.10.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

172.16.20.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.20

224.0.0.5/32 *[OSPF/10] 1d 03:09:24, metric 1

MultiRecv


vr10.10.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 1d 00:31:57

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/0.0

172.16.10.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

172.16.20.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.20

vr20.20.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.30.30.0/30 *[Direct/0] 1d 00:31:57

> via ge-0/0/0.0

10.30.30.2/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/0.0

172.16.10.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

172.16.20.0/24 *[OSPF/150] 01:31:01, metric 0, tag 0

> to 10.30.30.1 via ge-0/0/0.0

192.168.10.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.10

192.168.10.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.10

192.168.20.0/24 *[Direct/0] 1d 00:31:57

> via ge-0/0/1.20

192.168.20.1/32 *[Local/0] 1d 00:31:57

Local via ge-0/0/1.20

Comments

Popular posts from this blog

Install Junos with USB

HPE MSR series router NAT, DHCP, SSH config

Juniper Route-failover in a typical DUAL ISP scenario