Mailing List Archive

Advertisement of VRRP IP in an EVPN with IRB setup
Hello,

i'm trying to setup a multihomed EVPN with IRB and VRRP (see
configuration below). I know, that i could omit VRRP configuration and
use the same IP on irb interfaces of the participating PE routers for
next-hop redundancy. But from an operational perspective, i find it
useful to have a possibility to ping the local IPs with knowing who
reponds to my ICMP requests. The local IP/MAC addresses are advertised
with the default gateway extended community as expected and are
pingable, but unfortunatly the VRRP IP isn't. Is there a knob to
activate this ?

EVPN_DHCP {
instance-type virtual-switch;
route-distinguisher <loopback>:1001;
vrf-target target:1001:1001;
protocols {
evpn {
extended-vlan-list [ 122 132 ];
}
}
bridge-domains {
VLAN-122 {
vlan-id 122;
no-arp-suppression;
interface ae10.122;
routing-interface irb.122;
}
VLAN-132 {
vlan-id 132;
no-arp-suppression;
interface ae10.132;
routing-interface irb.132;
}
}
}

irb {
unit 122 {
description dhcp-2-fttx-lan2;
family inet {
address 192.168.202.53/29 {
vrrp-group 122 {
virtual-address 192.168.202.54;
priority 200;
fast-interval 200;
accept-data;
authentication-type md5;
authentication-key "$9$L2N7w2oJDH.5BI"; ## SECRET-DATA
}
}
}
}
unit 132 {
description dhcp-3-fttx-lan2;
family inet {
address 192.168.202.61/29 {
vrrp-group 132 {
virtual-address 192.168.202.62;
priority 200;
fast-interval 200;
accept-data;
authentication-type md5;
authentication-key "$9$L2N7w2oJDH.5BI"; ## SECRET-DATA
}
}
}
}
}

Regards,
Alex

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Advertisement of VRRP IP in an EVPN with IRB setup [ In reply to ]
Hi

Why are you using VRRP instead of Virtual Gateway Address?
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/virtual-gateway-address-edit-interfaces.html

/Roger

On Wed, May 20, 2020 at 2:51 PM Alex D. <listensammler@gmx.de> wrote:

> Hello,
>
> i'm trying to setup a multihomed EVPN with IRB and VRRP (see
> configuration below). I know, that i could omit VRRP configuration and
> use the same IP on irb interfaces of the participating PE routers for
> next-hop redundancy. But from an operational perspective, i find it
> useful to have a possibility to ping the local IPs with knowing who
> reponds to my ICMP requests. The local IP/MAC addresses are advertised
> with the default gateway extended community as expected and are
> pingable, but unfortunatly the VRRP IP isn't. Is there a knob to
> activate this ?
>
> EVPN_DHCP {
> instance-type virtual-switch;
> route-distinguisher <loopback>:1001;
> vrf-target target:1001:1001;
> protocols {
> evpn {
> extended-vlan-list [ 122 132 ];
> }
> }
> bridge-domains {
> VLAN-122 {
> vlan-id 122;
> no-arp-suppression;
> interface ae10.122;
> routing-interface irb.122;
> }
> VLAN-132 {
> vlan-id 132;
> no-arp-suppression;
> interface ae10.132;
> routing-interface irb.132;
> }
> }
> }
>
> irb {
> unit 122 {
> description dhcp-2-fttx-lan2;
> family inet {
> address 192.168.202.53/29 {
> vrrp-group 122 {
> virtual-address 192.168.202.54;
> priority 200;
> fast-interval 200;
> accept-data;
> authentication-type md5;
> authentication-key "$9$L2N7w2oJDH.5BI"; ## SECRET-DATA
> }
> }
> }
> }
> unit 132 {
> description dhcp-3-fttx-lan2;
> family inet {
> address 192.168.202.61/29 {
> vrrp-group 132 {
> virtual-address 192.168.202.62;
> priority 200;
> fast-interval 200;
> accept-data;
> authentication-type md5;
> authentication-key "$9$L2N7w2oJDH.5BI"; ## SECRET-DATA
> }
> }
> }
> }
> }
>
> Regards,
> Alex
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Advertisement of VRRP IP in an EVPN with IRB setup [ In reply to ]
Am 25.05.2020 16:22, schrieb Roger Wiklund:
> Hi
>
> Why are you using VRRP instead of Virtual Gateway Address?
> https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/virtual-gateway-address-edit-interfaces.html
>
>
Hi Roger,
i didn't know this feature before. That's what i was looking for. I
already got an reply offlist that mentioned virtual-gateway-address
Regards,
Alex
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp