Supported Platforms
Related Documentation
- M, MX, T Series
- Configuring the Junos OS to Allocate More Memory for Routing Tables, Firewall Filters, and Layer 3 VPN Labels
- M, PTX, T Series
- Defining Routing Policies
- MX, T Series
- Network Services Mode Overview
- MX Series
- Configuring Junos OS to Run a Specific Network Services Mode in MX Series Routers
- PTX Series
- Chained Composite Next Hops for Transit Devices
Accepting Route Updates with Unique Inner VPN Labels in Layer 3 VPNs
For Layer 3 VPNs configured on Juniper Networks routers, Junos OS normally allocates one inner VPN label for each customer edge (CE)-facing virtual routing and forwarding (VRF) interface of a provider edge (PE) router. However, other vendors allocate one VPN label for each route learned over the CE-facing interfaces of a PE router. This practice increases the number of VPN labels exponentially, which leads to slow system processing and slow convergence time.
Next-hop chaining (also known as “chained composite next hop”) is a composition function that concatenates the partial rewrite strings associated with individual next hops to form a larger rewrite string that is added to a packet. By using this function, the number of routes with unique inner VPN labels that can be processed by a Juniper Networks router is increased substantially. Common route update elements associated with Layer 3 VPNs are combined, reducing the number of route updates and individual states the Juniper Networks router must maintain, and leading to enhanced scaling and convergence performance.
You can configure the router based on the number of VPN labels you want to manage:
Accepting Up to One Million Layer 3 VPN Route Updates
For Juniper Networks routers participating in a mixed vendor network with up to one million Layer 3 VPN labels, include the l3vpn statement at the [edit routing-options forwarding-table chained-composite-next-hop ingress] hierarchy level. The l3vpn statement is disabled by default.
 | Best Practice: We recommend that you configure the l3vpn statement whenever you have deployed Juniper Networks routers in mixed vendor networks of up to one million routes to support Layer 3 VPNs. Because using this statement can also enhance the Layer 3 VPN performance of Juniper Networks routers in networks where only Juniper Networks routers are deployed, we recommend configuring the statements in these networks as well. |
You can configure the l3vpn statement on the following routers:
- MX Series routers
- M120 routers
- M320 routers with one or more Enhanced III FPCs
- T Series routers (for Junos OS Release 10.4 and later)
To accept up to one million Layer 3 VPN route updates with unique inner VPN labels, configure the l3vpn statement. This statement is supported on indirectly connected PE routers only. Configuring this statement on a router that is directly connected to a PE router provides no benefit. You can configure the l3vpn statement on a router with a mix of links to both directly connected and indirectly connected PE routers.
To configure the router to accept up to one million Layer 3 VPN route updates with unique inner VPN labels:
Include the l3vpn statement.
[edit routing-options forwarding-table chained-composite-next-hop ingress]user@host>set l3vpn- To enhance memory allocation to support a larger number
of Layer 3 VPN labels, include the vpn-label statement.[edit chassis memory-enhanced]user@host>set vpn-label
Note: The vpn-label statement does not provide any functional changes when used on the MX Series routers. You can omit the configuration of this statement on MX Series routers.
For more information about configuring more memory for Layer 3 VPN labels, see the Junos OS System Basics Configuration Guide.
After you have configured the l3vpn statement, you can determine whether or not a Layer 3 VPN route is a part of a composite next hop by examining the display output of the following commands:
- show route route-value extensive
- show route forwarding-table destination destination-value extensive
Accepting More Than One Million Layer 3 VPN Route Updates
For Juniper Networks routers participating in a mixed vendor network with more than one million Layer 3 VPN labels, include the extended-space statement at the [edit routing-options forwarding-table chained-composite-next-hop ingress l3vpn] hierarchy level. The extended-space statement is disabled by default.
| Best Practice: We recommend that you configure the extended-space statement in mixed vendor networks containing more than one million routes to support Layer 3 VPNs. Because using this statements can also enhance the Layer 3 VPN performance of Juniper Networks routers in networks where only Juniper Networks routers are deployed, we recommend configuring the statement in these networks as well. |
Using the extended-space statement can double the number of routes with unique inner VPN labels that can be processed by a Juniper Networks router. However, when configuring such very large-scale Layer 3 VPN scenarios, keep the following guidelines in mind:
- The extended-space statement is supported only on MX Series routers containing only MPCs.
- The chassis must be configured to use the enhanced-ip option in network services mode.
For more information about configuring chassis network services, see the Junos OS System Basics Configuration Guide.
- Ensure that you configure per-packet load balancing for
associated policies.
For more information about configuring policies, see the Routing Policy Configuration Guide.
| Best Practice: We strongly recommend using 64-bit routing engines running 64-bit Junos OS to support Layer 3 VPN prefixes with unique inner VPN labels at higher scale. |
To configure the router to accept more than one million Layer 3 VPN route updates with unique inner VPN labels:
- Include the l3vpn statement.[edit routing-options forwarding-table chained-composite-next-hop ingress]user@host>set l3vpn
- Include the extended-space statement.[edit routing-options forwarding-table chained-composite-next-hop ingress l3vpn]user@host> set extended-space
- Configure chassis network services for enhanced mode.[edit chassis]user@host>set network-services enhanced-ip
Note: A router reboot might be required. See Network Services Mode Overview in the Junos OS System Basics Configuration Guide for details.
After you have completed the configuration, you can determine whether or not a Layer 3 VPN route is a part of a composite next hop by examining the display output of the following commands:
- show route route-value extensive
- show route forwarding-table destination destination-value extensive
Related Documentation
- M, MX, T Series
- Configuring the Junos OS to Allocate More Memory for Routing Tables, Firewall Filters, and Layer 3 VPN Labels
- M, PTX, T Series
- Defining Routing Policies
- MX, T Series
- Network Services Mode Overview
- MX Series
- Configuring Junos OS to Run a Specific Network Services Mode in MX Series Routers
- PTX Series
- Chained Composite Next Hops for Transit Devices
Published: 2013-02-28
Supported Platforms
Related Documentation
- M, MX, T Series
- Configuring the Junos OS to Allocate More Memory for Routing Tables, Firewall Filters, and Layer 3 VPN Labels
- M, PTX, T Series
- Defining Routing Policies
- MX, T Series
- Network Services Mode Overview
- MX Series
- Configuring Junos OS to Run a Specific Network Services Mode in MX Series Routers
- PTX Series
- Chained Composite Next Hops for Transit Devices
