Juniper EX BGP with Default Routes

bgpjuniper

I'm new to BGP – so this is certainly a learning exercise. I'm moving away from PA space provided on 2 routed uplinks to having my own IP space and multi-homing my transit.

To begin with, there will only be a single transit provider – and they have provided 2 RJ45 cable drops with a different /30 VLAN on each – to go to each of my Juniper EX3200 switches.

I only intend to take default routes for now – and in the mean time, I need to continue to use the routed uplinks and PA space – whilst maintaining another routing table for the new BGP gateway/network.

There is 2x uplinks (ge-0/0/0 and ge-0/0/1) on which my WAN glue block VLAN resides (vlan4000). VRRP runs on this VLAN and all my IP's are routed from my provider to this virtual IP. Then internal routes are direct over VLAN L3 interfaces. The gateway IP (ie. my provider's router virtual IP) in vlan4000 acts as my default route.

So I'm aware that I'll likely need to run two routing tables (VRFs) to separate the BGP IPs from the "other" IPs – and maybe do some filter based forwarding for selecting the right gateway.

I've been doing some fairly extensive reading of both,

  1. http://www.juniper.net/us/en/training/certification/JNCIA_studyguide.pdf
  2. http://www.juniper.net/us/en/training/certification/JNCIS_studyguide.pdf

To get a good understanding of the config required.

From my (limited) understanding thus far, I think I need to …

  1. Bring up a BGP session with my transit provider
  2. Announce my IP block over my ASN
  3. Route the BGP IP block over that specific interface
  4. Form some kind of failure/HA between the two EX3200's so that a single failure doesn't drop the BGP session.

What I'm essentially unsure of is how the two EX3200's bring up their BGP sessions. As each have their own IPs (router-ids) in two separate VLANs – this looks to be two separate BGP sessions – and I'll need to conditionally route between each BGP default gateway if either goes down?

Has anyone got any example configurations of where to begin?

Best Answer

EX switches can do VRF-Lite to support multiple routing tables. To start you can look at this KB article from Juniper:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB14926

What you need is BGP support for the VRF/virtual-router. For this you need the AFL license on the EX switches. Here is a software feature table for the EX series, which is always useful:

http://www.juniper.net/techpubs/en_US/junos10.2/topics/concept/ex-series-software-features-overview.html#layer-3-protocols-features-by-platform-table

If you've installed the license you can configure a routing-instance and the BGP protocol under it:

routing-instances {
test {
    instance-type virtual-router;
    protocols {
        bgp {
            local-as 65565;
        }
    }
}

eBGP (external BGP, to your provider) sessions are normally made between interface IPs. So you configure your IP in the /30 on an interface(repeat for second uplink on the other switch) and establish the BGP session to the IP of the provider router. Ask your provider to announce you a default route.

You should connect your two switches and speak iBGP (internal BGP) between them so that they both get the routing information from each other.

If one uplink fails or the BGP session drops your switch will automatically switch to the other uplink.

General information regarding BGP on EX switches is here:

http://www.juniper.net/techpubs/en_US/junos10.4/information-products/pathway-pages/ex-series/bgp.html

This is just a short answer. Please be aware that BGP routing is a very broad topic and it's easy to wreak havoc not only in your network but in your providers network or in an extreme case even worldwide. I would advise getting professional help for the initial setup.

Related Topic