Creating and connecting logical systems on the Juniper MX router

The old M10 I have in my lab cannot support the tunnel services PIC due to the ancient FEB it has. With the MX router and the correct line cards you can reserve some bandwidth to make a built-in tunnel PIC to use for things like GRE/Multicast/Logical-tunnels.

This is especially handy for when you have a single box and want to create a big topology with routers connected to each other. As a quick guide I’ll show an MX5 divided and connected into two logical-systems.

There are no physical interfaces plugged into anything. The box is simply on.

First we need to configure tunnel services:

darreno> show configuration chassis
fpc 1 {
    pic 0 {
        tunnel-services {
            bandwidth 1g;
        }
    }
}

This creates the lt interface in a specific place. Check this as you’ll need to know which numbers to refer to later:

darreno> show interfaces terse | match lt
lt-1/0/10               up    up

Let’s configure two systems. I’ll attach an lt interface to each, bind those two interfaces together and give each an IP address. I’ll also create a loopback interface in each and run OSPF:

darreno> show configuration logical-systems
J1 {
    interfaces {
        lt-1/0/10 {
            unit 0 {
                encapsulation ethernet;
                peer-unit 1;
                family inet {
                    address 10.0.0.1/24;
                }
            }
        }
        lo0 {
            unit 1 {
                family inet {
                    address 1.1.1.1/32;
                }
            }
        }
    }
    protocols {
        ospf {
            area 0.0.0.0 {
                interface all;
            }
        }
    }
}
J2 {
    interfaces {
        lt-1/0/10 {
            unit 1 {
                encapsulation ethernet;
                peer-unit 0;
                family inet {
                    address 10.0.0.2/24;
                }
            }
        }
        lo0 {
            unit 2 {
                family inet {
                    address 2.2.2.2/32;
                }
            }
        }
    }
    protocols {
        ospf {
            area 0.0.0.0 {
                interface all;
            }
        }
    }
}

To confirm I can log into one of them and check connectivity:

darreno> set cli logical-system J1
Logical system: J1

darreno:J1> show ospf neighbor
Address          Interface              State     ID               Pri  Dead
10.0.0.2         lt-1/0/10.0            Full      2.2.2.2          128    37

darreno:J1> ping 2.2.2.2 rapid
PING 2.2.2.2 (2.2.2.2): 56 data bytes
!!!!!
--- 2.2.2.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.432/0.492/0.675/0.092 ms

There are a few things to note. Logical tunnels are point to point. Even though the encapsulation is ethernet, you cannot connect more than 2 units to the same segment. You can also configure a unit on the main routing instance which can connect to a logical system. This is not only good for certification testing, but can open up all kinds of possibilities in a real-world design.

As long as you have a tunnel-services PIC on your M/T, or a Trio MPC/MIC on your MX router you are good to go with the above.

© 2009-2020 Darren O'Connor All Rights Reserved -- Copyright notice by Blog Copyright