How it Works
Juniper
Loading...
6rd
Configuration Manual
35 pgs466.63 Kb0

Juniper 6rd, MX Series, M Series Configuration Manual

IMPLEMENTATION GUIDE
6RD CONFIGURATION GUIDE
MX Series/M Series Routers with MS-DPC/MS-PIC
Although Juniper Networks has attempted to provide accurate information in this guide, Juniper Networks does not warrant or guarantee the accuracy of the information provided herein. Third par ty produc t descriptions and related technical details provided in this document are for information purposes only and such products are not supported by Juniper Networks. All information provided in this guide is provided “as is”, with all faults, and without warranty of any kind, either expressed or implied or statutory. Juniper Networks and its suppliers hereby disclaim all warranties related to this guide and the information contained herein, whether expressed or implied of statutor y including, without limitation, those of merchantability, fitness for a particular purpose and noninfringement, or arising from a course of dealing, usage, or trade practice.
Copyright © 2011, Juniper Networks, Inc. 1
IMPLEMENTATION GUIDE -6rd Configuration Guide
Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3 Design Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
5 Implementation: Juniper 6rd Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
6 6rd Feature Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7 Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
7.1 Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
7.2 Basic 6rd Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
7.3 6rd Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.4 Advertising 6rd Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.4.1 Interface Style Service Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.4.2 Next-hop Style Service Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
7.5 Pinging 6rd Softwire Concentrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
7.6 6rd Domain to Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
7.6.1 Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
7.6.2 Service Set Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
7.6.3 Softwire Concentrator Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
7.6.4 Stateful Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
7.6.5 Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.6.6 Service Set Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.6.7 Softwire Concentrator Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.6.8 Stateful Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
7.7 6to4 Using 6rd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
7.7.1 Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
7.7.2 Service Set Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
7.7.3 Softwire Concentrator Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
7.7.4 Stateful Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
7.8 6rd Anycast (Redundancy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
7.8.1 Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
7.8.2 Service Set Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
7.8.3 Softwire Concentrator Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
7.8.4 Stateful Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
7.9 6rd + DS-Lite in Same Service Set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
7.9.1 Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
7.9.2 Service Set Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
7.9.3 Softwire Concentrator Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7.9.4 Stateful Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
7.9.5 NAT Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2 Copyright © 2011, Juniper Networks, Inc.
IMPLEMENTATION GUIDE - 6rd Configuration Guide
8 Configuration Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
9 Operations and Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
9.1 6rd CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
9.1.1 Flows and Conversations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
9.2 Softwire . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
9.3 Debug CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
10 ALG Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
11 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
12 Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
13 Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
About Juniper Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Table of Figures
Figure 1: Packet flow on the BR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Figure 2: Topology illustrating multiple 6rd domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Figure 3: Topology used to illustrate CLI commands for 6rd deployment and operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Copyright © 2011, Juniper Networks, Inc. 3
IMPLEMENTATION GUIDE -6rd Configuration Guide
1 Introduction
ISPs today have to address the problem of IPv4 address exhaustion and in parallel enable IPv6 services over
IPv4 infrastructure. IPv6 and IPv4 are expected to coexist for a long time to come. Providers are looking at mixed
approaches, from enabling IPv6 services in the least disruptive ways on legacy infrastructure to deploying IPv6 from
the get-go in greenfield applications. 6rd is one mechanism to start offering IPv6 services over IPv4 infrastructure.
2 Scope
This implementation guide provides an overview of 6rd with configuration steps and basic design guidelines when
implementing 6rd with the Service-PIC or MS-DPC blade on the Juniper Networks
Routers. This guide also covers some operational aspects and coexistence of other IPv6 transition mechanisms such as
DS-Lite. For an in-depth look at IPv6 transition mechanisms and methods to address IPv4 address exhaustion, please
refer to http://www.juniper.net/ipv6.
3 Design Considerations
IPv6 rapid deployment (6rd) enables ISPs to deploy IPv6 unicast service to IPv4 sites rapidly. It allows ISPs to reuse
the existing IPv4 access network infrastructure and provide connectivity to islands of v6 networks. The IPv6 packets
from a host (laptop/PC) are carried in IPv6-in-IPv4 tunnels from the 6rd customer edge (CE) routers to the 6rd Border
Relay(s) (BR). These IPv6-in-IPv4 tunnels are called softwires [RFC4925] and terminate on the BR, also called softwire
concentrator (SC), at some point in the network where IPv6 packets are decapsulated and forwarded. 6rd builds on
6to4 tunneling concepts and overcomes some of its limitations. The key difference with 6to4 is that 6rd addresses
are derived from an IPv6 prefix tied to the service provider address space, guaranteeing return reachability of the IPv6
packets. IPv6 packets are tunneled in IPv4 with stateless v6 to v4 mapping and automatic prefix delegation derived
from the v6 destination of each packet. The key component changes are to the routed CPE to make it 6rd capable, via
software or hardware upgrade and introduction of a 6rd Border Relay function in the ISP network to route the packets
to IPv6 networks.
Juniper Networks M Series Multiservice Edge Routers/T Series Core Routers/MX Series 3D Universal Edge Routers can
play the role of BR.
®
MX Series 3D Universal Edge
4 Terminology
• 6rd prefix: This is an IPv6 prefix selected by the service provider for use by a 6rd domain. There is exactly one 6rd
prefix for a given 6rd domain. An SP can deploy 6rd with a single 6rd domain or multiple 6rd domains.
• 6rd Customer Edge (6rd CE): This device functions as a CE router in a 6rd deployment, which is also called
residential gateway (RG) or customer premises equipment(CPE).
• 6rd domain: A set of 6rd CEs and BRs is connected to the same virtual 6rd link. A service provider can deploy 6rd
with a single domain or multiple 6rd domains based on geographic or operational boundaries. Each domain requires
a separate 6rd prefix.
• CE LAN side: The functionality of a 6rd CE device serves the “customer-facing” side of the CE device. The CE LAN-
side interface is fully IPv6 enabled.
• CE WAN side: The functionality of a 6rd CE device serves the “service provider-facing” side of the CE device. The CE
WAN side is IPv4-only.
• 6rd Border Relay: A 6rd-enabled router is at the edge of a 6rd domain.
• BR IPv4 address: This is the IPv4 address of the 6rd Border Relay for a given 6rd domain. The CE device uses this
IPv4 address to send packets to the BR in order to reach IPv6 destinations outside of the 6rd domain.
• CE IPv4 address: This is the IPv4 address given to the CE device as part of normal IPv4 Internet access (that is,
configured via DHCP, PPP, or otherwise). This address can be global or private [RFC1918] within the 6rd domain.
• S-PIC/Service DPC: This refers to services PIC or Services DPC on the BR router where IP6in-IPv4 where the softwire
is created.
4 Copyright © 2011, Juniper Networks, Inc.
IMPLEMENTATION GUIDE - 6rd Configuration Guide
5 Implementation: Juniper 6rd Solution
Juniper has implemented a 6rd Border Relay in its services DPC/PIC. IPv4 packets coming from the CE WAN side are
steered to a Services DPC where a softwire is created. The IPv4 encapsulation is then removed to extract the inner
IPV6 packets, which are then forwarded to IPv6 Internet. All these functions are performed in a single pass of the
S-PIC/services DPC. Figure 1 illustrates the packet flow on the BR.
PIC FPC FPCPFE
6
PIC
PIC
Service
PIC
Customer packet arrives on inbound PIC
1
2
First lookup reveals services enabled, identifies appropriate Service PIC
3
Perform any filtering, then forward to Service PIC for processing
4
Processed original packet sent to PFE for final destination lookup
5
Original packet forwarded to outbound PIC
6
Original packet transmitted
5
3
4
2
R.T.
PIC
PIC
PIC
PIC
1
Figure 1: Packet flow on the BR
In the reverse path, IPv6 packets are sent to the Services DPC where they are encapsulated in an IPv4 packet
corresponding to the proper softwire and sent to the 6rd CE.
The BR automatically creates softwires as the IPv4 packets are received from the CE router side, or gratuitous IPv6
packets are received from the Internet. A 6rd softwire on the Services DPC is identified by the 3-tuple containing service
set ID, CE IPv4 address, and softwire concentrator IPv4 address. In addition, IPv6 flows are also created for the inner
IPv6 payload, and they are associated with the specific softwire that carried them in the first place. When the last IPv6
flow associated with a softwire is destroyed, the softwire itself goes away. Therefore, the configuration is simplified,
and there is no need to create or manage tunnel interfaces.
The softwire construct does not use any interface resources by design. Therefore, the number of established softwires
does not affect throughput, and scalability is independent of the number of interfaces. The scalability is only limited to
the number of flows the platform (MS-PICMS-DPC) can support.
6 6rd Feature Summary
The following 6rd features are supported:
• 6rd domain routes and softwire concentrator routes can be exported via routing protocols.
• 6rd softwire concentrator IPv4 address can be pinged from the v4 access network or the CE device.
Hairpinning traffic occurs between two 6rd domains.
• 6rd anycast is where a 6rd domain can be hosted on multiple S-PICs with one S-PIC actively handling all 6rd traffic at
any given time.6to4: 6to4 is an IPv4 tunnel-based transition mechanism defined in RFC-3056. It was designed to allow
different IPv6 domains communicate with other IPv6 domains through IPv4 clouds without explicit IPv4 tunnels.
• All features are supported with both interface style and next-hop style service sets. For more information on
interface-style and next-hop style service sets, please refer to Junos OS documentation.
In the following sections, these features are described with configuration examples and show CLI outputs.
Copyright © 2011, Juniper Networks, Inc. 5
IMPLEMENTATION GUIDE -6rd Configuration Guide
7 Configuration Examples
In this section, an MX Series router is configured with an MS-DPC as a 6rd Border Relay. The 6rd feature is supported in
a layer 3 package only. Assume that the PIC is in FPC 3 slots 0 and 1:
user@router# show chassis fpc 3 { pic 0 { adaptive-services { service-package layer-3; } } } fpc 3 { pic 1 { adaptive-services { service-package layer-3; } } }
This is common to all examples described in this document.
7.1 Topology
The following topology is used throughout this document when describing various scenarios.
6rd domain (D1) 3040::0/14
10.10.10.2/24
6rd domain (D2) 3050::0/14
6to4 (6rd) domain (D3) 2002::0/16
CE
40.40.40.2/24 60.60.60.1
CE
Server
CE
160.160.160.2/24
6rd tunnel
6rd tunnel
6rd tunnel
ge-1/2/1
ge-1/2/0
30.30.30.1
180.180.180.1
Juniper MX Series
with MSDPC
ge-1/2/2
ISP/IPv6 Internet
3ABC::2/16
FTP Server
RTSP Server
HTTP Server
Figure 2: Topology illustrating multiple 6rd domains
In Figure 2, BR is the MX Series router with Services DPCs. The interface ge-1/2/0 is the ingress interface for 6rd
domain 3040::0/16 (D1), and the interface ge-1/2/ 1 is the ingress interface for 6rd domain 3050::0/ 16 (D2) and 6rd
domain 2002::0/16 (D3). The interface ge-1/2/2 is connected to the IPv6 Internet. For D1, 10.10.10.2 is the softwire
initiator address and 30.30.30.1 is the softwire concentrator address; for D2, 40.40.40.2 is the softwire initiator address
and 60.60.60.1 is the softwire concentrator address; and for D3, 160.160.160.2 is the softwire initiator address and
180.180.180.1 is the softwire concentrator address. The S-PICs used in all the examples are sp-3/0/0 and sp-3/ 1/0.
6 Copyright © 2011, Juniper Networks, Inc.
IMPLEMENTATION GUIDE - 6rd Configuration Guide
7.2 Basic 6rd Configuration
To configure 6rd, the user must configure the softwire rule. A sample softwire rule looks like the following:
[edit services] user@router# show softwire softwire-concentrator { v6rd v6rd-dom1 { softwire-address 30.30.30.1; ipv4-prex 10.10.10.0/24; v6rd-prex 3040::0/16; mtu-v4 1492; } } rule v6rd-dom1-r1 { match-direction input; term t1 { then { v6rd v6rd-dom1; } } }
First, a softwire concentrator of type 6rd must be created with its associated IPv4 address. The softwire concentrator
IPv4 address need not be the same as the ingress media interface. In fact, the softwire concentrator and the ingress
media interface don’t need to be on the same network. The softwire concentrator is anchored on an IPv4 address
independent of any interface and on a different prefix. The softwire concentrator object also has 6rd domain’s
IPv6 prefix and IPv4 prefix of the CE WAN network. The mtu-v4 attribute sets the maximum transmission unit
when encapsulating IPv6 packets into IPv4. In general, v6-in-v4 tunneling reduces the maximum transmission unit
(MTU) of an IPv6 interface by 20 octets, that is if the basic IPv4 encap header does not contain optional fields. The
administrator must configure the IPv6 interface MTU by taking the IPv4 MTU into account and subtracting at least
20 from that to allow room for the IPv4 header. As the services NPU doesn’t detect which egress interface the packet
goes out on, the administrator must configure the IPv4 MTU under the softwire concentrator hierarchy by looking at the
routing information. If, after adding the IPv4 header, the packet size grows beyond the IPv4 MTU configured, then the
packet is dropped by the services NPU. This knob is mandatory since it depends on other network parameters under
the administrator control.
Once a softwire concentrator is created, a softwire rule must be created to use it. The aforementioned rule basically
states that any traffic destined to the softwire concentrator address of v6rd-dom1 results in the creation of a new
softwire, if none exists already.
Once a softwire rule is created, it must be used in the service set as in the following:
service-set v6rd-dom1-service-set { … … softwire-rules v6rd-dom1-r1 interface-service { service-interface sp-3/0/0; } }
Copyright © 2011, Juniper Networks, Inc. 7
IMPLEMENTATION GUIDE -6rd Configuration Guide
7.3 6rd Routes
Once 6rd is configured, the services PIC daemon (spd) on the routing engine installs routes for the softwire
concentrator IPv4 address and 6rd domain’s IPv6 prefix so that they point to the S-PIC. For the previous example, the
following routes are installed:
user@router# run show route 30.30.30.1
inet.0: 49 destinations, 51 routes (48 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both
30.30.30.1/32 *[Static/786432] 01:47:59 Service to v6rd-dom1-service-set
[edit]
user@router# run show route 3040::0/16
inet6.0: 33 destinations, 42 routes (33 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both
3040::/16 *[Static/786432] 01:48:14 Service to v6rd-dom1-service-set
7.4 Advertising 6rd Routes
The 6rd routes installed by the services daemon (as shown in the previous section) can be advertised by configuring
the proper routing policy. In this section, the relevant configuration is shown for both interface style and next-hop style
service sets with VRFs.
7.4.1 Interface Style Service Set
First, the 6rd service set must be configured as shown in section 7.2.
[edit services] user@router# show service-set v6rd-dom1-service-set { softwire-rules v6rd-dom1-r1; stateful-rewall-rules r1; interface-service { service-interface sp-3/0/0; } } stateful-rewall { rule r1 { match-direction input-output; term t1 { then { accept; } } } } softwire { softwire-concentrator { v6rd v6rd-dom1 { softwire-address 30.30.30.1; ipv4-prex 10.10.10.0/24;
8 Copyright © 2011, Juniper Networks, Inc.
IMPLEMENTATION GUIDE - 6rd Configuration Guide
v6rd-prex 3040::0/16; mtu-v4 9192; } } rule v6rd-dom1-r1 { match-direction input; term t1 { then { v6rd rd1; } } } }
At this point, the service PIC daemon (spd) installs routes for 30.30.30.1 and 3040::0/16, pointing to the service PIC
(sp-3/0/0 in this example). However, these routes are not advertised by default. You need to configure the routing
policy to export these routes and apply the policy to the appropriate routing protocol. An example routing policy with
OSPF is shown in the following.
[edit policy-options] user@router# show policy-statement ospf-exp { term a { from protocol static; then accept; } }
Note that a more conservative routing policy can be configu red with exact prefixes (in th e from clause) that the user
wants to export. In this case, all statically configured routes are exported, and since all services PIC daemon installed
routes are static routes, this exports 6rd routes as well. Once the routing policy is in place, apply that to OSPF as in
the following:
[edit protocols] user@router#show ospf { export ospf-exp; area 0.0.0.0 { interface all; interface fxp0.0 { disable; } } } ospf3 { export ospf-exp; area 0.0.0.0 { interface all; interface fxp0.0 { disable; } }
}
The OSPF hierarchy is needed to export v4 routes (in this case, 30.30.30.1), and the ospf3 hierarchy is needed to export
v6 routes (in this case, 3040::/16).
Copyright © 2011, Juniper Networks, Inc. 9
IMPLEMENTATION GUIDE -6rd Configuration Guide
7.4.2 Next-hop Style Service Set
[edit interfaces] user@router#show interfaces { sp-3/0/0 { unit 0 { family inet; family inet6; } unit 1 { family inet; family inet6; service-domain inside; } unit 2 { family inet; family inet6; service-domain outside; } }
[edit protocols] user@router#show ospf { export ospf-exp; area 0.0.0.0 { interface all; interface fxp0.0 { disable; } } } }
[edit policy-options] user@router# show policy-statement ospf-exp { term a { from protocol static; then accept; } term b { then reject; } } [edit routing-instances] user@router# show vrf1 { instance-type vrf; interface ge-1/2/0.0; interface sp-3/0/0.1; route-distinguisher 1.1.1.1:1; vrf-target target:100:100; routing-options { interface-routes { family inet6 { export {
10 Copyright © 2011, Juniper Networks, Inc.
point-to-point; } } family inet { export { point-to-point; } } } router-id 5.5.5.5; } protocols { ospf { export ospf-exp; area 0.0.0.0 { interface all; } } } }
[edit services] user@router# show service-set ss1 { syslog { host local { services any; } } stateful-rewall-rules r1; softwire-rules v6rd-dom1-r1; next-hop-service { inside-service-interface sp-3/0/0.1; outside-service-interface sp-3/0/0.2; } } softwire { softwire-concentrator { v6rd v6rd-dom1 { softwire-address 30.30.30.1; ipv4-prex 10.10.10.0/24; v6rd-prex 3040::0/16; mtu-v4 9192; } } rule v6rd-dom1-r1 { match-direction input; term t1 { then { v6rd v6rd-dom1; } } } }
IMPLEMENTATION GUIDE - 6rd Configuration Guide
Copyright © 2011, Juniper Networks, Inc. 11
Loading...
+ 24 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use