Archive for August, 2018

16
Aug

contrail

   Posted by: admin    in Mẹo vặt của hiếu râu

https://github.com/Juniper/contrail-ansible-deployer/wiki/Deployment-Example:-Contrail-and-Kubernetes-and-Openstack

https://www.juniper.net/documentation/en_US/contrail5.0/information-products/pathway-pages/contrail-feature-guide-pwp.pdf

https://www.youtube.com/watch?v=cULuCvB-_b0

==================== EVPN VXLAN ===========================

set interfaces ge-0/0/7 unit 0 family bridge interface-mode access

set interfaces ge-0/0/7 unit 0 family bridge vlan-id 200

set interfaces ge-0/0/8 unit 0 family bridge interface-mode access

set interfaces ge-0/0/8 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces irb unit 200 family inet address 200.200.200.200/24

set interfaces irb unit 1000 family inet address 10.1.1.122/24

set interfaces lo0 unit 0 family inet address 5.5.5.5/32

set interfaces lo0 unit 11 family inet address 11.11.11.1/32

set routing-options router-id 5.5.5.5

set protocols bgp group contrail type internal

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set routing-instances VRF instance-type vrf

set routing-instances VRF interface irb.200

set routing-instances VRF interface irb.1000

set routing-instances VRF interface lo0.11

set routing-instances VRF route-distinguisher 5.5.5.5:11

set routing-instances VRF vrf-target target:64512:1

set routing-instances VRF vrf-table-label

set routing-instances VRF routing-options auto-export

set routing-instances VS vtep-source-interface lo0.0

set routing-instances VS instance-type virtual-switch

set routing-instances VS interface ge-0/0/8.0

set routing-instances VS route-distinguisher 5.5.5.5:1

set routing-instances VS vrf-target target:64512:1

set routing-instances VS protocols evpn encapsulation vxlan

set routing-instances VS protocols evpn extended-vni-list 1000

set routing-instances VS protocols evpn multicast-mode ingress-replication

set routing-instances VS bridge-domains VLAN1000 domain-type bridge

set routing-instances VS bridge-domains VLAN1000 vlan-id 1000

set routing-instances VS bridge-domains VLAN1000 routing-interface irb.1000

set routing-instances VS bridge-domains VLAN1000 vxlan vni 1000

set routing-instances VS bridge-domains VLAN1000 vxlan ingress-node-replication

set bridge-domains VLAN200 vlan-id 200

set bridge-domains VLAN200 routing-interface irb.200

================ MPLSoGRE =======================

set chassis fpc 0 pic 0 tunnel-services

set interfaces ge-0/0/8 unit 0 description “IP Fabric Int”

set interfaces ge-0/0/8 unit 0 family inet address 9.9.9.9/24

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.22/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B76594E6D

set interfaces lo0 unit 0 family inet address 127.0.0.1/32

set routing-options static route 0.0.0.0/0 next-hop 9.9.9.10

set routing-options route-distinguisher-id 192.168.122.22

set routing-options autonomous-system 64512

set routing-options dynamic-tunnels gw-gre source-address 192.168.122.22

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set protocols mpls interface all

set protocols bgp group contrail type internal

set protocols bgp group contrail local-address 192.168.122.22

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family route-target

set protocols bgp group contrail peer-as 64512

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set protocols ldp interface all

set routing-instances admin instance-type vrf

set routing-instances admin interface ge-0/0/8.0

set routing-instances admin vrf-target target:64512:11111

set routing-instances admin routing-options static route 0.0.0.0/0 next-hop 9.9.9.10

====================== L2VXLAN + L3 MPLSoGRE ==========================

set chassis fpc 0 pic 0 tunnel-services

set interfaces ge-0/0/7 unit 0 family inet address 111.111.111.111/24

set interfaces ge-0/0/8 unit 0 family bridge interface-mode access

set interfaces ge-0/0/8 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces lo0 unit 0 family inet address 9.9.9.9/32

set routing-options static route 1.1.1.1/32 next-hop 192.168.122.10

set routing-options router-id 9.9.9.9

set routing-options route-distinguisher-id 192.168.122.21

set routing-options dynamic-tunnels gw-gre source-address 192.168.122.21

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set protocols bgp group contrail type internal

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set routing-instances net1L2 vtep-source-interface lo0.0

set routing-instances net1L2 instance-type virtual-switch

set routing-instances net1L2 interface ge-0/0/8.0

set routing-instances net1L2 route-distinguisher 9.9.9.9:11111

set routing-instances net1L2 vrf-target target:64512:11111

set routing-instances net1L2 protocols evpn encapsulation vxlan

set routing-instances net1L2 protocols evpn extended-vni-list 1000

set routing-instances net1L2 protocols evpn multicast-mode ingress-replication

set routing-instances net1L2 bridge-domains VLAN1000 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan vni 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances net1L3 instance-type vrf

set routing-instances net1L3 vrf-table-label

set routing-instances net1L3 interface ge-0/0/7.0

set routing-instances net1L3 vrf-target target:64512:11111

set routing-instances net1L3 routing-options static route 0.0.0.0/0 next-hop 111.111.111.112

==================== 2DC ====================

[edit]

root@VMX9999# show | display set | no-more

set chassis fpc 0 pic 0 tunnel-services

set chassis network-services enhanced-ip

set interfaces ge-0/0/0 description “loop back to extL2″

set interfaces ge-0/0/0 unit 0 family bridge interface-mode trunk

set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1000

set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1002

set interfaces ge-0/0/1 description “loop back to net1L2″

set interfaces ge-0/0/1 unit 0 family bridge interface-mode trunk

set interfaces ge-0/0/1 unit 0 family bridge vlan-id-list 1000

set interfaces ge-0/0/1 unit 0 family bridge vlan-id-list 1002

set interfaces ge-0/0/2 description “server access vlan 1000″

set interfaces ge-0/0/2 unit 0 family bridge interface-mode access

set interfaces ge-0/0/2 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/3 description “server access vlan 1002″

set interfaces ge-0/0/3 unit 0 family bridge interface-mode access

set interfaces ge-0/0/3 unit 0 family bridge vlan-id 1002

set interfaces ge-0/0/4 description “server L3 172.16.9.9″

set interfaces ge-0/0/4 unit 0 family inet address 172.16.9.21/24

set interfaces ge-0/0/5 description “Internet Peering”

set interfaces ge-0/0/5 unit 0 family inet address 20.1.1.21/24

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces irb unit 1000 virtual-gateway-accept-data

set interfaces irb unit 1000 family inet address 10.1.1.254/24 virtual-gateway-address 10.1.1.1

set interfaces irb unit 1002 virtual-gateway-accept-data

set interfaces irb unit 1002 family inet address 10.1.2.254/24 virtual-gateway-address 10.1.2.1

set interfaces lo0 unit 0 family inet address 9.9.9.9/32

set interfaces lo0 unit 1 family inet address 9.9.9.10/32

set routing-options static route 0.0.0.0/0 next-hop 20.1.1.1

set routing-options router-id 9.9.9.9

set routing-options route-distinguisher-id 192.168.122.21

set routing-options autonomous-system 64512

set routing-options dynamic-tunnels gw-gre source-address 9.9.9.9

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set routing-options dynamic-tunnels gw-gre destination-networks 8.8.8.8/32

set protocols bgp group contrail type internal

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set protocols bgp group EXT_BGP type external

set protocols bgp group EXT_BGP multihop ttl 5

set protocols bgp group EXT_BGP local-address 9.9.9.9

set protocols bgp group EXT_BGP family inet-vpn unicast

set protocols bgp group EXT_BGP family evpn signaling

set protocols bgp group EXT_BGP neighbor 8.8.8.8 peer-as 64513

set protocols bgp group EXT_BGP neighbor 8.8.8.8 local-as 64512

set routing-instances extL2 vtep-source-interface lo0.0

set routing-instances extL2 instance-type virtual-switch

set routing-instances extL2 interface ge-0/0/0.0

set routing-instances extL2 interface ge-0/0/2.0

set routing-instances extL2 interface ge-0/0/3.0

set routing-instances extL2 route-distinguisher 9.9.9.9:20

set routing-instances extL2 vrf-target target:64512:20

set routing-instances extL2 protocols evpn encapsulation vxlan

set routing-instances extL2 protocols evpn extended-vni-list 100

set routing-instances extL2 protocols evpn extended-vni-list 102

set routing-instances extL2 protocols evpn multicast-mode ingress-replication

set routing-instances extL2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances extL2 bridge-domains VLAN1000 vxlan vni 100

set routing-instances extL2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances extL2 bridge-domains VLAN1002 vlan-id 1002

set routing-instances extL2 bridge-domains VLAN1002 vxlan vni 102

set routing-instances extL2 bridge-domains VLAN1002 vxlan ingress-node-replication

set routing-instances net1L2 vtep-source-interface lo0.0

set routing-instances net1L2 instance-type virtual-switch

set routing-instances net1L2 interface ge-0/0/1.0

set routing-instances net1L2 route-distinguisher 9.9.9.9:11111

set routing-instances net1L2 vrf-target target:64512:11111

set routing-instances net1L2 protocols evpn encapsulation vxlan

set routing-instances net1L2 protocols evpn extended-vni-list 1000

set routing-instances net1L2 protocols evpn extended-vni-list 1002

set routing-instances net1L2 protocols evpn multicast-mode ingress-replication

set routing-instances net1L2 bridge-domains VLAN1000 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances net1L2 bridge-domains VLAN1000 routing-interface irb.1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan vni 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances net1L2 bridge-domains VLAN1002 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1002 vlan-id 1002

set routing-instances net1L2 bridge-domains VLAN1002 routing-interface irb.1002

set routing-instances net1L2 bridge-domains VLAN1002 vxlan vni 1002

set routing-instances net1L2 bridge-domains VLAN1002 vxlan ingress-node-replication

set routing-instances net1L3 instance-type vrf

set routing-instances net1L3 interface ge-0/0/4.0

set routing-instances net1L3 interface irb.1000

set routing-instances net1L3 interface irb.1002

set routing-instances net1L3 interface lo0.1

set routing-instances net1L3 vrf-target target:64512:20

set routing-instances net1L3 vrf-table-label

set routing-instances net1L3 routing-options static route 10.1.2.0/24 discard

set routing-instances net1L3 routing-options static route 10.1.1.0/24 discard

[edit]
root@VMX8888# show | display set | no-more
set chassis fpc 0 pic 0 tunnel-services
set interfaces ge-0/0/2 description “server access vlan 1000″
set interfaces ge-0/0/2 unit 0 family bridge interface-mode access
set interfaces ge-0/0/2 unit 0 family bridge vlan-id 1000
set interfaces ge-0/0/3 description “server access vlan 1002″
set interfaces ge-0/0/3 unit 0 family bridge interface-mode access
set interfaces ge-0/0/3 unit 0 family bridge vlan-id 1002
set interfaces ge-0/0/4 description “server L3 172.16.8.8″
set interfaces ge-0/0/4 unit 0 family inet address 172.16.8.22/24
set interfaces ge-0/0/5 description “Internet Peering”
set interfaces ge-0/0/5 unit 0 family inet address 20.2.2.22/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B76594E6D
set interfaces irb unit 1000 virtual-gateway-accept-data
set interfaces irb unit 1000 family inet address 10.1.1.253/24 virtual-gateway-address 10.1.1.1
set interfaces irb unit 1002 virtual-gateway-accept-data
set interfaces irb unit 1002 family inet address 10.1.2.253/24 virtual-gateway-address 10.1.2.1
set interfaces lo0 unit 0 family inet address 8.8.8.8/32
set interfaces lo0 unit 1 family inet address 8.8.8.9/32
set routing-options static route 0.0.0.0/0 next-hop 20.2.2.1
set routing-options router-id 8.8.8.8
set routing-options route-distinguisher-id 20.2.2.22
set routing-options autonomous-system 64513
set routing-options dynamic-tunnels gw-gre source-address 8.8.8.8
set routing-options dynamic-tunnels gw-gre gre
set routing-options dynamic-tunnels gw-gre destination-networks 9.9.9.9/32
set protocols bgp group EXT_BGP type external
set protocols bgp group EXT_BGP multihop ttl 5
set protocols bgp group EXT_BGP local-address 8.8.8.8
set protocols bgp group EXT_BGP family inet-vpn unicast
set protocols bgp group EXT_BGP family evpn signaling
set protocols bgp group EXT_BGP neighbor 9.9.9.9 peer-as 64512
set protocols bgp group EXT_BGP neighbor 9.9.9.9 local-as 64513
set routing-instances extL2 vtep-source-interface lo0.0
set routing-instances extL2 instance-type virtual-switch
set routing-instances extL2 interface ge-0/0/2.0
set routing-instances extL2 interface ge-0/0/3.0
set routing-instances extL2 route-distinguisher 8.8.8.8:20
set routing-instances extL2 vrf-target target:64512:20
set routing-instances extL2 protocols evpn encapsulation vxlan
set routing-instances extL2 protocols evpn extended-vni-list 100
set routing-instances extL2 protocols evpn extended-vni-list 102
set routing-instances extL2 protocols evpn multicast-mode ingress-replication
set routing-instances extL2 bridge-domains VLAN1000 vlan-id 1000
set routing-instances extL2 bridge-domains VLAN1000 routing-interface irb.1000
set routing-instances extL2 bridge-domains VLAN1000 vxlan vni 100
set routing-instances extL2 bridge-domains VLAN1000 vxlan ingress-node-replication
set routing-instances extL2 bridge-domains VLAN1002 vlan-id 1002
set routing-instances extL2 bridge-domains VLAN1002 routing-interface irb.1002
set routing-instances extL2 bridge-domains VLAN1002 vxlan vni 102
set routing-instances extL2 bridge-domains VLAN1002 vxlan ingress-node-replication
set routing-instances net1L3 instance-type vrf
set routing-instances net1L3 interface ge-0/0/4.0
set routing-instances net1L3 interface irb.1000
set routing-instances net1L3 interface irb.1002
set routing-instances net1L3 interface lo0.1
set routing-instances net1L3 vrf-target target:64512:20
set routing-instances net1L3 vrf-table-label
set routing-instances net1L3 routing-options static route 10.1.2.0/24 discard
set routing-instances net1L3 routing-options static route 10.1.1.0/24 discard
[edit]
root@VMX8888#