QFX EVPN basic config

QFX EVPN basic config

The overall structure of QFX5100 EVPN-VXLAN configuration is almost identical to MX configuration, but QFX configuration statements are scattered across three different stanzas: switch-options, protocols evpn and vlans. First is the switch-options config: set switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 10.0.0.3:1 set switch-options vrf-import EVPN_VRF_IMPORT set switch-options vrf-target target:65000:2 set switch-options vrf-target auto           ### depends on AS number in routing-options Vtep-source-interface and route-target policices are configured here. Configuration of vrf-import policy: set policy-options…

Read More Read More

MX EVPN-VXLAN basic config

MX EVPN-VXLAN basic config

Basic config for EVPN-VXLAN service on Juniper MX. Important BGP configuration statements: set protocols bgp group EVPN_VXLAN family evpn signaling set protocols bgp group EVPN_VXLAN multipath Routing instance configuration: VS_VLAN100 {     vtep-source-interface lo0.0;     instance-type virtual-switch;     route-distinguisher 1.255.255.0:100;     vrf-import VS_VLAN100_IMP;     vrf-target target:1:100;     protocols {         evpn {             encapsulation vxlan;             extended-vni-list 1100;  …

Read More Read More

MX EVPN-MPLS basic config

MX EVPN-MPLS basic config

Short notes about MX EVPN-MPLS configuration. Vlan-based configuration: routing-instances {     EVPN-1 {         instance-type evpn;         vlan-id 100;         interface ae0.100;         routing-interface irb.100;         route-distinguisher 11.11.11.11:1;         vrf-target target:65000:1;         protocols {             evpn {                 default-gateway do-not-advertise;            }…

Read More Read More

Juniper EVPN useful links

Juniper EVPN useful links

For study of Juniper EVPN technology I recommend to read this materials (in this particular order): Juniper QFX10000 Series book; EVPN whitepaper; Advanced Data Center Switching (ADCX) course materials; EVPN Day One book; L3GW VMTO whitepaper; MX L2VPN Feature Guide; QFX EVPN/VXLAN Feature Guide. EVPN is definitely the core topic of JNCIE-DC lab, so I need to study all of this thoroughly. Firstly I need to read (and understand) all this stuff, and later on I plan to heavily practice all…

Read More Read More

VXLAN Multicast

VXLAN Multicast

VXLAN with Multicast control plane is not explicitly stated in JNCIE-DC lab exam topics, so I not expect it on the exam. But anyway I decided to start Overlay topics from the simple case and later on continue to more advanced ones. Firstly, for Multicast VXLAN of course you need to configure Multicast protocol in the Underlay. Nothing complex, just basic PIM stuff: configure PIM interfaces and some kind of RP (static/local/anycast-RP). Configure VTEP source interface: set switch-options vtep-source-interface lo0.0 …

Read More Read More

Class of Service

Class of Service

If you want to study Juniper Class of Service on MX routers, use this materials: Junos Class of Service (JCOS) course; Juniper MX Series book (caution! really hard stuff in there); Class of Service Feature Guide for Routing Devices. Unfortunately there is no decent book about QFX5100 Class of Service implementation (at least I didn’t find one), so there is nothing left but to use QFX Traffic Management Feature Guide. It’s a hell lot of material to study of you…

Read More Read More

SRX Security Zones and Policies

SRX Security Zones and Policies

I recently read Junos Security book and Junos Security course materials, so I pretty confident in my knowledge of basic SRX security functions. For configuration examples use Security Zones and Interfaces Feature Guide and Security Policies Feature Guide. Complete SRX Security zones configuration hierarchy: security {     zones {         functional-zone {             management {                 description text;            …

Read More Read More

JUNOS Control plane protection

JUNOS Control plane protection

This Day One Book provides a good coverage of Control plane protection firewall filters. Or you can use Juniper MX Series book – same material there. Also take a look at QFX Security Feature Guide, Firewall Filters Configuration Guide and User and Access Management Feature Guide. All of this are not the core topics of JNCIE-DC lab, so I don’t expect any really complex tasks in this chapter – just basic stuff. Just ensure you have basic understanding how to configure and apply CoPP…

Read More Read More

IP Fabric

IP Fabric

Next topic – Layer 3 Underlay – Clos IP fabric. Please refer to Juniper QFX5100 Series book and this whitepaper. Pretty basic stuff if you already have some experience with BGP and policies. Make sure you know the differences between various IBGP and EBGP design options, although there is only EBGP option stated explicitly in JNCIE-DC lab exam topics. Learn different schemas of AS numbers assignment. BGP configuration example: bgp {     log-updown;     import bgp-clos-in;     export bgp-clos-out;    …

Read More Read More

MC-LAG

MC-LAG

If you look for a comprehensive explanation of MC-LAG technology – Juniper MX Series book is the best choice. For all configuration details refer to MC-LAG Feature Guide. MC-LAG configuration can be broken up into four important pieces: Inter Chassis Control Protocol (ICCP), Inter Chassis Link (ICL), MC-LAG interface and IRB interface. So let’s start with ICCP: user@switch2 > show configuration protocols iccp local-ip-addr 10.2.2.2; peer 10.1.1.1 {     session-establishment-hold-time 50;     redundancy-group-id-list 1;     backup-liveness-detection {  …

Read More Read More