QFabric Layer 3 Implementation Traditional Network

• VRRP provides gateway redundancy for host device • Increases gateway availability by eliminating a single

point of failure QFabric

• Is a single device

• Every Node Group is capable of performing Layer 3 • RVI resides on NNG, but is present on every Node Group

that is a member of a VLAN with VLAN routing enabled • VRRP is no longer needed in QFabric deployment

QFabric Layer 3 Implementation

With QFabric being the first hop router, one of the most commonly asked questions regards Virtual Router

Redundancy Protocol (VRRP). Where is VRRP configured within QFabric? In the traditional network, VRRP is usually required when there are two separate systems that are providing gateway functionality to the host. QFabric differs simply because it is a single system. The routed VLAN interface (RVI), which is going to be the gateway to the host, resides on the NNG (or SNG or RSNG) but is shared and present on all the QFabric Nodes. As long as the node- group is part of a VLAN that has VLAN routing enabled (in this case — RVI configured), then VRRP is not required.

Layer 3

IP interface

• Layer 3 interfaces can only be configured on NNG interfaces • Both at the physical or logical (LAG interface) level

• Unicast and multicast routing protocol can only be configured on RVI and NNG interfaces

Host device requires Layer 3 adjacency?

• If host needs to peer to QFabric, then host must be connected to NNG • If host needs to peer to another device (such as an external router) then

no restriction on connection

• QFabric will pass routing protocol packets; it will just not allow a routing protocol to NNG from any xSNG

NNG

• Members are not restricted to location

• All NNG members do not have to be next to each other; members can be in different parts of the data center

Layer 3

A Layer 3 interface can be configured on the NNG, both at the physical and logical (LAG interface) levels. Unicast and multicast routing protocols can only be enabled on RVI and NNG interfaces. If a host has a routing protocol enabled and needs to establish an adjacency to the RVI, then this device needs to be connected to the NNG. If the host needs to establish an adjacency to an external device, such as an MX Series or SRX Series device, then the host can be connected to any node-group device, such as an SNG or RSNG. The routing protocol packets will be forwarded through QFabric, but not up to the QFabric interface. NNGs are not bound to a physical location, they can be in different areas. Therefore, they can be dispersed throughout the data center where multiple servers that require SNG connections can be aggregated.

SRX Series MX Series Storage Internet MPLS/ VPN L2 L3 RVI RVI Servers NO SRX Service

Routed VLAN Interface

RVIs are logical Layer 3 interfaces that perform gateway services for hosts within VLANs

Engineering Marketing

Routed VLAN Interface

As mentioned earlier, routed interfaces can either be RVI or Layer 3 ports on the NNG.

An RVI is a logical Layer 3 VLAN interface used to route traffic between VLANs. RVIs often serve as the gateway IP address for host devices on the subnet associated with the corresponding VLAN. RVIs, along with all other Layer 3 interfaces on a QFabric system, are associated with the NNG.

As illustrated in the example on the slide, the engineering and marketing VLANs do not need firewall service from the SRX Series devices, and therefore the gateway or the RVI for those two VLANs is on the QFabric.

EX Series configuration Physical interface xe-0/0/47 { unit 0 { family inet { address 10.1.1.254/24; } } } RVI vlan { unit 1 { family inet { address 10.1.1.1/24; } } } default { vlan-id 1; l3-interface vlan.1; } QFabric configuration Physical interface node32:xe-0/0/47 { unit 0 { family inet { address 10.1.1.254/24; } } } RVI vlan { unit 1 { family inet { address 10.1.1.1/24; } } } default { vlan-id 1; l3-interface vlan.1;

QFabric Layer 3 Configuration

QFabric Layer 3 Configuration

The slide provides configuration examples for both Layer 3 physical interfaces and RVIs. Note that, except for the additional level of the interface naming convention used on QFabric, the syntax is identical to that used for EX Series switches.

Layer 3 LAG Configuration

interfaces { interface-range nng-ae0 { member "LC0:xe-0/0/[0-1]"; member "LC1:xe-0/0/[0-1]"; member "LC2:xe-0/0/[0-1]"; ether-options { 802.3ad NW-NG-0:ae0; } } NW-NG-0:ae0 { aggregated-ether-options { lacp { active; } } unit 0 { family inet { address 192.168.0.2/30; } } } vlan { unit 1100 { family inet { address 10.84.100.1/24; } } unit 1101 { family inet { address 10.85.100.1/24; } } } } { v1100 { vlan-id 1100; l3-interface vlan.1100; } v1101 { vlan-id 1101; l3-interface vlan.1101; } } 1 3 2 4 5

Layer 3 LAG Configuration

In the previous section, we introduced and illustrated the configuration of LAGs. This slide provides a configuration example for a Layer 3 LAG. While much of this configuration example matches that shown in the previous section, you should note that this LAG configuration example uses the protocol family inet.

As with RVIs and any other Layer 3 interface, Layer 3 LAGs must be associated with the NNG. As noted on the slide, Layer 3 LAGs can use only a single unit and that unit number must be zero.

Similar to Layer 2 LAGs, there are two typical LAG deployments for Layer 3 — same member and cross member. With same member LAGs, all of the LAG child members are terminated on the same QFabric Node. With cross member LAGs, child member LAGs are split between node group members. The example on the slide illustrates across member LAG configuration.

Use the following steps to configure a Layer 3 LAG: •Define the Layer 2 configuration including VLAN •Assign interfaces to the LAG interface

•Configure the LAG interface and assign it an IP address •Configure RVI for the VLAN, and

•Bind the RVI interface to the VLAN

In document Juniper QFabric SSQFAB03A-ML5 (Page 68-73)