Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Configuring the AMT Protocol

To configure the AMT protocol, include the amt statement:

amt {relay {accounting;family {inet {anycast-prefix ip-prefix</prefix-length>;local-address ip-address;}}secret-key-timeout minutes;tunnel-limit number;}traceoptions {file filename <files number> <size size> <world-readable | no-world-readable>;flag flag <flag-modifier> <disable>;}}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]
  • [edit routing-instances routing-instance-name protocols]
  • [edit logical-systems logical-system-name routing-instances routing-instance-name protocols]

Note: In the following example, only the [edit protocols] hierarchy is identified.

The minimum configuration to enable AMT is to specify the AMT local address and the AMT anycast prefix.

  1. To enable the MX Series router to create the UDP encapsulation (ud) logical interfaces, include the bandwidth statement and specify the bandwidth in gigabits per second.
    [edit chassis fpc 0 pic 1]user@host# set tunnel-services bandwidth 1g
  2. Specify the local address by including the local-address statement at the [edit protocols amt relay family inet] hierarchy level.
    [edit protocols amt relay family inet]user@host# set local-address 192.168.7.1

    The local address is used as the IP source of AMT control messages and the source of AMT data tunnel encapsulation. The local address can be configured on any active interface. Typically, the IP address of the router’s lo0.0 loopback interface is used for configuring the AMT local address in the default routing instance, and the IP address of the router’s lo0.n loopback interface is used for configuring the AMT local address in VPN routing instances.

  3. Specify the AMT anycast address by including the anycast-prefix statement at the [edit protocols amt relay family inet] hierarchy level.
    [edit protocols amt relay family inet]user@host# set anycast-prefix 192.168.0.0/16

    The AMT anycast prefix is advertised by unicast routing protocols to route AMT discovery messages to the router from nearby AMT gateways. Typically, the router’s lo0.0 interface loopback address is used for configuring the AMT anycast prefix in the default routing instance, and the router’s lo0.n loopback address is used for configuring the AMT anycast prefix in VPN routing instances. However, the anycast address can be either the primary or secondary lo0.0 loopback address.

    Ensure that your unicast routing protocol advertises the AMT anycast prefix in the route advertisements. If the AMT anycast prefix is advertised by BGP, ensure that the local autonomous system (AS) number for the AMT relay router is in the AS path leading to the AMT anycast prefix.

  4. (Optional) Enable AMT accounting.
    [edit protocols amt relay]user@host# set accounting
  5. (Optional) Specify the AMT secret key timeout by including the secret-key-timeout statement at the [edit protocols amt relay] hierarchy level. In the following example, the secret key timeout is configured to be 120 minutes.
    [edit protocols amt relay]user@host# set secret-key-timeout 120

    The secret key is used to generate the AMT Message Authentication Code (MAC). Setting the secret key timeout shorter might improve security, but it consumes more CPU resources. The default is 60 minutes.

  6. (Optional) Specify an AMT tunnel device by including the tunnel-devices statement at the [edit protocols amt relay] hierarchy level.
    [edit protocols amt relay]user@host# set tunnel-device 1
  7. (Optional) Specify an AMT tunnel limit by including the tunnel-limit statement at the [edit protocols amt relay] hierarchy level. In the following example, the AMT tunnel limit is 12.
    [edit protocols amt relay]user@host# set tunnel-limit 12

    The tunnel limit configures the static upper limit to the number of AMT tunnels that can be established. When the limit is reached, new AMT relay discovery messages are ignored.

  8. Trace AMT protocol traffic by specifying options to the traceoptions statement at the [edit protocols amt] hierarchy level. Options applied at the AMT protocol level trace only AMT traffic. In the following example, all AMT packets are logged to the file amt-log.
    [edit protocols amt]user@host# set traceoptions file amt-loguser@host# set traceoptions flag packets

    Note: For AMT operation, configure the PIM rendezvous point address as the primary loopback address of the AMT relay.

 

Related Documentation

 

Published: 2013-07-31

Previous Page Next Page