Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Routing Between PE and CE Routers in Layer 3 VPNs

    For the PE router to distribute VPN-related routes to and from connected CE routers, you must configure routing within the VPN routing instance. You can configure a routing protocol—BGP, OSPF, or RIP—or you can configure static routing. For the connection to each CE router, you can configure only one type of routing.

    The following sections explain how to configure VPN routing between the PE and CE routers:

    Configuring BGP Between the PE and CE Routers

    To configure BGP as the routing protocol between the PE and the CE routers, include the bgp statement:

    bgp {group group-name {peer-as as-number;neighbor ip-address;}}

    You can include this statement at the following hierarchy levels:

    • [edit routing-instances routing-instance-name protocols]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

      Please be aware of the following limitations regarding configuring BGP for routing instances:

      • In a VRF routing instance, do not configure the local autonomous system (AS) number using an AS number that is already in use by a remote BGP peer in a separate VRF routing instance. Doing so creates an autonomous system loop where all the routes received from this remote BGP peer are hidden.

        You configure the local AS number using either the autonomous-system statement at the [edit routing-instances routing-instance-name routing-options] hierarchy level or the local-as statement at any of the following hierarchy levels:

        • [edit routing-instances routing-instance-name protocols bgp]
        • [edit routing-instances routing-instance-name protocols bgp group group-name]
        • [edit routing-instances routing-instance-name protocols bgp group group-name neighbor address]

        You configure the AS number for a BGP peer using the peer-as statement at the [edit routing-instances routing-instance-name protocols bgp group group-name] hierarchy level.

    Configuring OSPF Between the PE and CE Routers

    You can configure OSPF (version 2 or version 3) to distribute VPN-related routes between PE and CE routers.

    The following sections describe how to configure OSPF as a routing protocol between the PE and the CE routers:

    Configuring OSPF Version 2 Between the PE and CE Routers

    To configure OSPF version 2 as the routing protocol between a PE and CE router, include the ospf statement:

    ospf {area area {interface interface-name;}}

    You can include this statement at the following hierarchy levels:

    • [edit routing-instances routing-instance-name protocols]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

    Configuring OSPF Version 3 Between the PE and CE Routers

    To configure OSPF version 3 as the routing protocol between a PE and CE router, include the ospf3 statement:

    ospf3 {area area {interface interface-name;}}

    You can include this statement at the following hierarchy levels:

    • [edit routing-instances routing-instance-name protocols]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

    Configuring RIP Between the PE and CE Routers

    For a Layer 3 VPN, you can configure RIP on the PE router to learn the routes of the CE router or to propagate the routes of the PE router to the CE router. RIP routes learned from neighbors configured at any [edit routing-instances] hierarchy level are added to the routing instance’s inet table (instance_name.inet.0).

    To configure RIP as the routing protocol between the PE and the CE router, include the rip statement:

    rip {group group-name {export policy-names;neighbor interface-name;}}

    You can include this statement at the following hierarchy levels:

    • [edit routing-instances routing-instance-name protocols]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

    By default, RIP does not advertise the routes it receives. To advertise routes from a PE router to a CE router, you need to configure an export policy on the PE router for RIP. For information about how to define an export policy, see the Routing Policy Configuration Guide.

    To specify an export policy for RIP, include the export statement:

    export [ policy-names ];

    You can include this statement for RIP at the following hierarchy levels:

    • [edit routing-instances routing-instance-name protocols rip group group-name]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols rip group group-name]

    To install routes learned from a RIP routing instance into multiple routing tables, include the rib-group and group statements:

    rib-group inet group-name;
    group group-name {neighbor interface-name;}

    You can include these statements at the following hierarchy levels:

    • [edit protocols]
    • [edit routing-instances routing-instance-name protocols]
    • [edit logical-systems logical-system-name protocols]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

    To configure a routing table group, include the rib-groups statement:

    rib-groups group-name;

    You can include this statement at the following hierarchy levels:

    • [edit routing-options]
    • [edit logical-systems logical-system-name routing-options]

    To add a routing table to a routing table group, include the import-rib statement. The first routing table name specified under the import-rib statement must be the name of the routing table you are configuring. For more information about how to configure routing tables and routing table groups, see the Junos OS Routing Protocols Configuration Guide.

    import-rib [ group-names ];

    You can include this statement at the following hierarchy levels:

    • [edit routing-options rib-groups group-name]
    • [edit logical-systems logical-system-name routing-options rib-groups group-name]

    RIP instances are supported only for VRF instance types. You can configure multiple instances of RIP for VPN support only. You can use RIP in the customer edge-provider edge (CE-PE) environment to learn routes from the CE router and to propagate the PE router’s instance routes in the CE router.

    RIP routes learned from neighbors configured under any instance hierarchy are added to the instance’s routing table, instance-name.inet.0.

    RIP does not support routing table groups; therefore, it cannot import routes into multiple tables as the OSPF or OSPFv3 protocol does.

    Configuring Static Routes Between the PE and CE Routers

    You can configure static (nonchanging) routes between the PE and CE routers of a VPN routing instance. To configure a static route for a VPN, you need to configure it within the VPN routing instance configuration at the [edit routing-instances routing-instance-name routing-options] hierarchy level.

    To configure a static route between the PE and the CE routers, include the static statement:

    static {route destination-prefix {next-hop [ next-hops ];static-options;}}

    You can include this statement at the following hierarchy levels:

    • [edit routing-instances routing-instance-name routing-options]
    • [edit logical-systems logical-system-name routing-instances routing-instance-name routing-options]

    For more information about configuring routing protocols and static routes, see the Junos OS Routing Protocols Configuration Guide.

    Published: 2013-02-28

    Supported Platforms

    Published: 2013-02-28

    Previous Page Next Page