close
keyboard_arrow_left
Table of Contents
- play_arrow Common Configuration for Layer 2 VPNs and VPLS
- play_arrow Overview
- play_arrow Layer 2 VPNs Configuration Overview
- play_arrow Configuring Layer 2 Interfaces
- play_arrow Configuring Path Selection for Layer 2 VPNs and VPLS
- play_arrow Creating Backup Connections with Redundant Pseudowires
- play_arrow Configuring Class of Service for Layer 2 VPNs
- play_arrow Monitoring Layer 2 VPNs
- Configuring BFD for Layer 2 VPN and VPLS
- BFD Support for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Configuring BFD for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview
- Configure a MEP to Generate and Respond to CFM Protocol Messages
-
- play_arrow Configuring Group VPNs
- play_arrow Configuring Public Key Infrastructure
- play_arrow Configuring Digital Certificate Validation
- play_arrow Configuring a Device for Certificate Chains
- play_arrow Managing Certificate Revocation
-
- play_arrow Configuring Layer 2 Circuits
- play_arrow Overview
- play_arrow Layer 2 Circuits Configuration Overview
- play_arrow Configuring Class of Service with Layer 2 Circuits
- play_arrow Configuring Pseudowire Redundancy for Layer 2 Circuits
- play_arrow Configuring Load Balancing for Layer 2 Circuits
- play_arrow Configuring Protection Features for Layer 2 Circuits
- Egress Protection LSPs for Layer 2 Circuits
- Configuring Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Example: Configuring an Egress Protection LSP for a Layer 2 Circuit
- Example: Configuring Layer 2 Circuit Protect Interfaces
- Example: Configuring Layer 2 Circuit Switching Protection
- play_arrow Monitoring Layer 2 Circuits with BFD
- play_arrow Troubleshooting Layer 2 Circuits
-
- play_arrow Configuring VPWS VPNs
- play_arrow Overview
- play_arrow Configuring VPWS VPNs
- Understanding FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring MPLS Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Understanding Multisegment Pseudowire for FEC 129
- Example: Configuring a Multisegment Pseudowire
- Configuring the FAT Flow Label for FEC 128 VPWS Pseudowires for Load-Balancing MPLS Traffic
- Configuring the FAT Flow Label for FEC 129 VPWS Pseudowires for Load-Balancing MPLS Traffic
-
- play_arrow Configuring VPLS
- play_arrow Overview
- play_arrow VPLS Configuration Overview
- play_arrow Configuring Signaling Protocols for VPLS
- VPLS Routing and Virtual Ports
- BGP Signaling for VPLS PE Routers Overview
- Control Word for BGP VPLS Overview
- Configuring a Control Word for BGP VPLS
- BGP Route Reflectors for VPLS
- Interoperability Between BGP Signaling and LDP Signaling in VPLS
- Configuring Interoperability Between BGP Signaling and LDP Signaling in VPLS
- Example: VPLS Configuration (BGP Signaling)
- Example: VPLS Configuration (BGP and LDP Interworking)
- play_arrow Assigning Routing Instances to VPLS
- Configuring VPLS Routing Instances
- Configuring a VPLS Routing Instance
- Support of Inner VLAN List and Inner VLAN Range for Qualified BUM Pruning on a Dual-Tagged Interface for a VPLS Routing Instance Overview
- Configuring Qualified BUM Pruning for a Dual-Tagged Interface with Inner VLAN list and InnerVLAN range for a VPLS Routing Instance
- Configuring a Layer 2 Control Protocol Routing Instance
- PE Router Mesh Groups for VPLS Routing Instances
- Configuring VPLS Fast Reroute Priority
- Specifying the VT Interfaces Used by VPLS Routing Instances
- Understanding PIM Snooping for VPLS
- Example: Configuring PIM Snooping for VPLS
- VPLS Label Blocks Operation
- Configuring the Label Block Size for VPLS
- Example: Building a VPLS From Router 1 to Router 3 to Validate Label Blocks
- play_arrow Associating Interfaces with VPLS
- play_arrow Configuring Pseudowires
- Configuring Static Pseudowires for VPLS
- VPLS Path Selection Process for PE Routers
- BGP and VPLS Path Selection for Multihomed PE Routers
- Dynamic Profiles for VPLS Pseudowires
- Use Cases for Dynamic Profiles for VPLS Pseudowires
- Example: Configuring VPLS Pseudowires with Dynamic Profiles—Basic Solutions
- Example: Configuring VPLS Pseudowires with Dynamic Profiles—Complex Solutions
- Configuring the FAT Flow Label for FEC 128 VPLS Pseudowires for Load-Balancing MPLS Traffic
- Configuring the FAT Flow Label for FEC 129 VPLS Pseudowires for Load-Balancing MPLS Traffic
- Example: Configuring H-VPLS BGP-Based and LDP-Based VPLS Interoperation
- Example: Configuring BGP-Based H-VPLS Using Different Mesh Groups for Each Spoke Router
- Example: Configuring LDP-Based H-VPLS Using a Single Mesh Group to Terminate the Layer 2 Circuits
- Example: Configuring H-VPLS With VLANs
- Example: Configuring H-VPLS Without VLANs
- Configure Hot-Standby Pseudowire Redundancy in H-VPLS
- Sample Scenario of H-VPLS on ACX Series Routers for IPTV Services
- play_arrow Configuring Multihoming
- VPLS Multihoming Overview
- Advantages of Using Autodiscovery for VPLS Multihoming
- Example: Configuring FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring BGP Autodiscovery for LDP VPLS
- Example: Configuring BGP Autodiscovery for LDP VPLS with User-Defined Mesh Groups
- VPLS Multihoming Reactions to Network Failures
- Configuring VPLS Multihoming
- Example: VPLS Multihoming, Improved Convergence Time
- Example: Configuring VPLS Multihoming (FEC 129)
- Next-Generation VPLS for Multicast with Multihoming Overview
- Example: Next-Generation VPLS for Multicast with Multihoming
- play_arrow Configuring Point-to-Multipoint LSPs
- play_arrow Configuring Inter-AS VPLS and IRB VPLS
- play_arrow Configuring Load Balancing and Performance
- Configuring VPLS Load Balancing
- Configuring VPLS Load Balancing Based on IP and MPLS Information
- Configuring VPLS Load Balancing on MX Series 5G Universal Routing Platforms
- Example: Configuring Loop Prevention in VPLS Network Due to MAC Moves
- Understanding MAC Pinning
- Configuring MAC Pinning on Access Interfaces for Bridge Domains
- Configuring MAC Pinning on Trunk Interfaces for Bridge Domains
- Configuring MAC Pinning on Access Interfaces for Bridge Domains in a Virtual Switch
- Configuring MAC Pinning on Trunk Interfaces for Bridge Domains in a Virtual Switch
- Configuring MAC Pinning for All Pseudowires of the VPLS Routing Instance (LDP and BGP)
- Configuring MAC Pinning on VPLS CE Interface
- Configuring MAC Pinning for All Pseudowires of the VPLS Site in a BGP-Based VPLS Routing Instance
- Configuring MAC Pinning on All Pseudowires of a Specific Neighbor of LDP-Based VPLS Routing Instance
- Configuring MAC Pinning on Access Interfaces for Logical Systems
- Configuring MAC Pinning on Trunk Interfaces for Logical Systems
- Configuring MAC Pinning on Access Interfaces in Virtual Switches for Logical Systems
- Configuring MAC Pinning on Trunk Interfaces in Virtual Switches for Logical Systems
- Configuring MAC Pinning for All Pseudowires of the VPLS Routing Instance (LDP and BGP) for Logical Systems
- Configuring MAC Pinning on VPLS CE Interface for Logical Systems
- Configuring MAC Pinning for All Pseudowires of the VPLS Site in a BGP-Based VPLS Routing Instance for Logical Systems
- Configuring MAC Pinning on All Pseudowires of a Specific Neighbor of LDP-Based VPLS Routing Instance for Logical Systems
- Example: Prevention of Loops in Bridge Domains by Enabling the MAC Pinnning Feature on Access Interfaces
- Example: Prevention of Loops in Bridge Domains by Enabling the MAC Pinnning Feature on Trunk Interfaces
- Configuring Improved VPLS MAC Address Learning on T4000 Routers with Type 5 FPCs
- Understanding Qualified MAC Learning
- Qualified Learning VPLS Routing Instance Behavior
- Configuring Qualified MAC Learning
- play_arrow Configuring Class of Service and Firewall Filters in VPLS
- play_arrow Monitoring and Tracing VPLS
-
- play_arrow Connecting Layer 2 VPNs and Circuits to Other VPNs
- play_arrow Connecting Layer 2 VPNs to Other VPNs
- play_arrow Connecting Layer 2 Circuits to Other VPNs
- Using the Layer 2 Interworking Interface to Interconnect a Layer 2 Circuit to a Layer 2 VPN
- Applications for Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Applications for Interconnecting a Layer 2 Circuit with a Layer 3 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 3 VPN
-
- play_arrow Configuration Statements and Operational Commands
list Table of Contents
Configuring the Route Origin for VPNs
date_range
23-Nov-23
You can use route origin to prevent routes learned from one customer edge (CE) router marked with origin community from being advertised back to it from another CE router in the same AS.
In the example, the route origin is used to prevent routes learned from CE Router A that are marked with origin community from being advertised back to CE Router E by AS 200. The example topology is shown in Figure 1.
Figure 1: Network Topology of Site of Origin
Example
In this topology, CE Router A and CE Router E are in the same AS (AS200). They use EBGP to exchange routes with their respective provider edge (PE) routers, PE Router B and PE Router D. The two CE routers have a back connection.
The following sections describe how to configure the route origin for a group of VPNs:
Configuring the Site of Origin Community on CE Router A
The following section describes how to configure CE Router A to advertise routes with a site of origin community to PE Router B for this example.
Note:
In this example, direct routes are configured to be advertised, but any route can be configured.
Configure a policy to advertise routes with my-soo community on CE Router A as follows:
content_copy zoom_out_map
[edit]
policy-options {
policy-statement export-to-my-isp {
term a {
from {
protocol direct;
}
then {
community add my-soo;
accept;
}
}
}
}
Configuring the Community on CE Router A
Configure the my-soo community on CE Router A as
follows:
content_copy zoom_out_map
[edit]
policy-options {
community my-soo {
members origin:100:1;
}
}
Applying the Policy Statement on CE Router A
Apply the export-to-my-isp policy statement as an export policy to the EBGP peering on the CE Router A as follows:
content_copy zoom_out_map
[edit]
protocols {
bgp {
group my_isp {
export export-to-my-isp;
}
}
}
When you issue the show route receive-protocol bgp detail command, you should see the following routes originated from PE
Router B with my-soo community:
content_copy zoom_out_map
user@host> show route receive-protocol bgp 10.12.99.2 detail
inet.0: 16 destinations, 16 routes (15 active, 0 holddown, 1 hidden)
inet.3: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
vpn_blue.inet.0: 8 destinations, 10 routes (8 active, 0 holddown, 0 hidden)
* 10.12.33.0/30 (2 entries, 1 announced)
Nexthop: 10.12.99.2
AS path: 100 I
Communities: origin:100:1
10.12.99.0/30 (2 entries, 1 announced)
Nexthop: 10.12.99.2
AS path: 100 I
Communities: origin:100:1
* 10.255.71.177/32 (1 entry, 1 announced)
Nexthop: 10.12.99.2
AS path: 100 I
Communities: origin:100:1
* 192.168.64.0/21 (1 entry, 1 announced)
Nexthop: 10.12.99.2
AS path: 100 I
Communities: origin:100:1
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
mpls.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
bgp.l3vpn.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
__juniper_private1__.inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0
hidden)Configuring the Policy on PE Router D
Configure a policy on PE Router D that prevents routes with my-soo community tagged by CE Router A from being advertised
to CE Router E as follows:
content_copy zoom_out_map
[edit]
policy-options {
policy-statement soo-ce1-policy {
term a {
from {
community my-soo;
then {
reject;
}
}
}
}
}
Configuring the Community on PE Router D
Configure the community on PE Router D as follows:
content_copy zoom_out_map
[edit]
policy-options {
community my-soo {
members origin:100:1;
}
}
Applying the Policy on PE Router D
To prevent routes learned from CE Router A from being advertised
to CE Router E (the two routers can communicate these routes directly),
apply the soo-ce1-policy policy statement as an export
policy to the PE Router D and CE Router E EBGP session vpn_blue.
View the EBGP session on PE Router D using the show routing-instances command.
content_copy zoom_out_map
user@host# show routing-instances
vpn_blue {
instance-type vrf;
interface fe-2/0/0.0;
vrf-target target:100:200;
protocols {
bgp {
group ce2 {
advertise-peer-as;
peer-as 100;
neighbor 10.12.99.6;
}
}
}
}Apply the soo-ce1-policy policy statement as an export
policy to the PE Router D and CE Router E EBGP session vpn_blue as follows:
content_copy zoom_out_map
[edit routing-instances]
vpn_blue {
protocols {
bgp {
group ce2{
export soo-ce1-policy;
}
}
}
}
