Skip to main content

Juniper QFX, IP-Fabric and VXLAN – Part 2

See the first part here: Juniper QFX, IP-Fabric and VXLAN – Part 1

 

At last here is the Part 2 of the “Juniper QFX, IP-Fabric and VXLAN” -post. In this post I will show how to configure VXLAN and verify that VXLAN works by showing Multicast, VTEP and general switching outputs. VXLAN configuration is actually quite a breeze after you get the Multicast and IP-Fabric configurations set up. Remember that (currently, as of May 2015) QFX-series does not support VXLAN routing and you would require either MX or EX9200 for that.

Spine-switches do not require any special configuration as the VXLAN is routed L3 traffic from Spine point of view. Spine-switches just forward the traffic per routing rules, and they do not care whether it’s VXLAN traffic or something else. Also using this configuration you do not need any special configuration on the Host, just match the VLAN ID specified on the trunk. See the topology below:

Read More

Juniper QFX, IP-Fabric and VXLAN – Part 1

See the second part here: Juniper QFX, IP-Fabric and VXLAN – Part 2

Recently I have been lab testing and evaluating some Juniper QFX switches and new DC LAN architectures. In this and upcoming posts I will show some configuration guides and hints regarding Juniper QFX (5100-48Q and 5100-48S), IP-Fabric (complete L3 eBGP-fabric) and VXLAN configuration. Of course the fabric could use iBGP, OSPF or IS-IS if you wanted so, I just decided to go with eBGP due to some traffic engineering features. L3 Fabric poses some interesting questions and issues what we needn’t think in previous “old school” L2 networks.

  • Bare-metal server connectivity and L2 dual homing
  • Virtual-to-Virtual, Virtual-to-Physical, Physical-to-Physical
  • L2 overlay which is still needed (not only for vMotion)
  • Firewall, load balancer connectivity (talking about non-overlay, non-VXLAN, devices)
  • DCI

As you probably know the VXLAN is used as an overlay to bring L2 visibility over a routed L3 network using MAC-in-UDP encapsulation. This can be used for applications that require L2 connectivity. I’m not going to deep dive into how VXLAN works, but rather post some configuration snippets and guidelines with sample topologies. In case you need more detailed specifications regarding VXLAN, please check VMWare, Cisco, Cisco Live! and Juniper documentations, as these are really good resources, especially the Cisco Live! materials are worth checking out.

The test IP-fabric design is based on Spine-Leaf architecture with eBGP running in the core. There are two spine switches (QFX5100-24Q) and two leaf switches (QFX5100-48S). All leaf switches are connected to all spine switches. Routing protocol is eBGP over point-to-point links. All switches and leafs are running on their own AS number. L2 overlay is designed with VXLAN. In this design I’m introducing directly connected servers / appliances to the VXLAN network. In the Part 1, I will show the configuration of the IP-Fabric, we’ll dive into VXLAN in the next part. See physical and logical topologies below.

Read More

Junos and Python – Junos PyEZ – Part 1

Feel like automating some configurations, monitoring and troubleshooting on Junos? Step in Python and Junos PyEZ framework (https://techwiki.juniper.net/Projects/Junos_PyEZ). Junos PyEZ is a framework for Python which allows “quite easy” approach for performing automation and configuration tasks on Junos-platform devices. It is also easy to understand for non-programmers so you really don’t have to have deep Python understanding for basic tasks. On protocol level it uses Netconf over SSH for connecting to the device.

The requirements are Python 2.7 and Junos PyEZ framework. I have my test platform running on CentOS 6.6. CentOS 6.6 comes by default with Python 2.6 so it needs updating or new Python 2.7 version installed on the side. You can check the quick guide I wrote for installing Python 2.7 on CentOS 6.6 here: http://www.networkers.fi/blog/installing-python-2-7-on-centos-6-x/

Read More