Published 6月 02, 2018 by with 5 comments

JNCIA-SP 快快樂樂玩Juniper vMX


vMX是新的Juniper virtual MX series router.
我把他在VMWare上跑.
但因為我是用筆電, 系統資源並不多.
出現了一些練習Lab上的問題.(但因為問題解決了, 所以有這文章更新)



網路上有多種設定vMX lab的方式.
比如說在interface ge-0/0/x上設定對應的emx的mac address
我在這邊介紹我習慣的架設方式 (使用VMware workstation).


首先要先清楚 VMware 跟 vMX 之間網卡的對應
VMware: 最多能開十張NIC, 所以你會看到 NIC 1 - 10,



vMX: 內建則有 em0 - 9 (em0 & em1 是隱藏的) & ge-0/0/0 - 9





所以其對應如下
RE0 (Hidden)    -    em0    (Hidden)    -        NIC 1
RE1 (Hidden)    -    em1 (Hidden)    -        NIC 2
ge-0/0/0        -    em2                -        NIC 3
ge-0/0/1        -    em3                -        NIC 4
ge-0/0/2        -    em4                -        NIC 5
ge-0/0/3        -    em5                -        NIC 6
ge-0/0/4        -    em6                -        NIC 7
ge-0/0/5        -    em7                -        NIC 8
ge-0/0/6        -    em8                -        NIC 9
ge-0/0/7        -    em9                -        NIC 10
ge-0/0/8        -    No em card        -        No NIC
ge-0/0/9        -    No em card        -        No NIC

RE0 (em0 - NIC 1) & RE1 (em1 - NIC 2) 在這版本vMX不能用, 別理它.
ge-0/0/8 and ge-0/0/9, 因為沒有physical VMware NIC 去對應, 所以也不能用.
我是用"ge-0/0/0 - em 2 - NIC 3" 做 OOB (Out-Of-Band) port for remote access (SSH or telnet).
所以這樣算下來,一個VMware workstation跑一個vMX. 一個vMX有7個port做logical system 互連之用, 一個port 做OOB 之用.

兩個logical sysyem之間, 不能使用同一個ge interface (e.g R1 ge-0/0/1 & R2 ge-0/0/2, 不可兩端都是同一個ge interface)
如果interface 有跑sub interface 帶vlan tag, 最後要加上"set interfaces ge-0/0/x vlan-tagging"

只使用一個VMware做法:
NIC 1 (RE 0 - em0) & NIC 2 (RE 1 - em1) 在這版本vMX不能用, 別理它.
NIC 3 在這我是把它做為OOB之用. 透過 NAT的方式, 把這張NIC 3跟我PC實體的網卡連接.
然後, 在VMware 設定中, 將NIC4 - 10 都設定在同一個 LAN Segment 中. !!!!!This is very important!!!!!
最後, 再新增一個serial port. 做為console port 之用 (此做法可參考下方連接文章"快快樂樂裝 Juniper JunOS Olive12.1R1.9 on VMware")

如果Lab架構很大, 需要開到兩個VMare, 可以參考本文做法.
注意事項如上面所說, 除此之外, 還要注意 兩個VMware互連的Logical ststem的interface 要在同一LAN Segment.
以本topology來說: R2 ge-0/0/1.23 & R3 ge-0/0/2.23 要在同一LAN Segment 1

For VMware setting:
VMware-1:



VMware-2



Topology:



1. Setting interface IP address:
vMX-1:

set logical-systems R1 interfaces ge-0/0/1 unit 12 description TO_R2
set logical-systems R1 interfaces ge-0/0/1 unit 12 vlan-id 12
set logical-systems R1 interfaces ge-0/0/1 unit 12 family inet address 10.200.12.1/24
set logical-systems R1 interfaces ge-0/0/2 unit 14 description TO_R4
set logical-systems R1 interfaces ge-0/0/2 unit 14 vlan-id 14
set logical-systems R1 interfaces ge-0/0/2 unit 14 family inet address 10.200.14.1/24
set logical-systems R1 interfaces lo0 unit 1 family inet address 10.200.1.1/32

set logical-systems R2 interfaces ge-0/0/1 unit 23 description TO_R3
set logical-systems R2 interfaces ge-0/0/1 unit 23 vlan-id 23
set logical-systems R2 interfaces ge-0/0/1 unit 23 family inet address 10.200.23.2/24
set logical-systems R2 interfaces ge-0/0/2 unit 12 description TO_R1
set logical-systems R2 interfaces ge-0/0/2 unit 12 vlan-id 12
set logical-systems R2 interfaces ge-0/0/2 unit 12 family inet address 10.200.12.2/24
set logical-systems R2 interfaces lo0 unit 2 family inet address 10.200.1.2/32

set logical-systems R4 interfaces ge-0/0/1 unit 14 description TO_R1
set logical-systems R4 interfaces ge-0/0/1 unit 14 vlan-id 14
set logical-systems R4 interfaces ge-0/0/1 unit 14 family inet address 10.200.14.4/24
set logical-systems R4 interfaces lo0 unit 4 family inet address 10.200.1.4/32

set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/2 vlan-tagging


vMX-2:

set logical-systems R3 interfaces ge-0/0/1 unit 35 description TO_R5
set logical-systems R3 interfaces ge-0/0/1 unit 35 vlan-id 35
set logical-systems R3 interfaces ge-0/0/1 unit 35 family inet address 10.200.35.3/24
set logical-systems R3 interfaces ge-0/0/2 unit 23 description TO_R2
set logical-systems R3 interfaces ge-0/0/2 unit 23 vlan-id 23
set logical-systems R3 interfaces ge-0/0/2 unit 23 family inet address 10.200.23.3/24
set logical-systems R3 interfaces lo0 unit 3 family inet address 10.200.1.3/32

set logical-systems R5 interfaces ge-0/0/2 unit 35 description TO_R3
set logical-systems R5 interfaces ge-0/0/2 unit 35 vlan-id 35
set logical-systems R5 interfaces ge-0/0/2 unit 35 family inet address 10.200.35.5/24
set logical-systems R5 interfaces lo0 unit 5 family inet address 10.200.1.5/32

set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/2 vlan-tagging


Check:
直連link互ping能通
vMX-1:

[edit]
root@vMX-1# run ping 10.200.14.4 logical-system R1   
PING 10.200.14.4 (10.200.14.4): 56 data bytes
64 bytes from 10.200.14.4: icmp_seq=0 ttl=64 time=2.762 ms
^C
--- 10.200.14.4 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.762/2.762/2.762/0.000 ms

[edit]
root@vMX-1#

[edit]
root@vMX-1# run ping 10.200.12.2 logical-system R1   
PING 10.200.12.2 (10.200.12.2): 56 data bytes
64 bytes from 10.200.12.2: icmp_seq=0 ttl=64 time=2.458 ms
^C
--- 10.200.12.2 ping statistics ---
2 packets transmitted, 1 packets received, 50% packet loss
round-trip min/avg/max/stddev = 2.458/2.458/2.458/0.000 ms

[edit]
root@vMX-1#

[edit]
root@vMX-1# run ping 10.200.23.3 logical-system R2   
PING 10.200.23.3 (10.200.23.3): 56 data bytes
64 bytes from 10.200.23.3: icmp_seq=0 ttl=64 time=19.326 ms
^C
--- 10.200.23.3 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 19.326/19.326/19.326/0.000 ms

[edit]
root@vMX-1#


vMX-2:

[edit]
root@vMX-2# run ping 10.200.23.2 logical-system R3
PING 10.200.23.2 (10.200.23.2): 56 data bytes
64 bytes from 10.200.23.2: icmp_seq=0 ttl=64 time=4.729 ms
^C
--- 10.200.23.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.729/4.729/4.729/0.000 ms

[edit]
root@vMX-2#

[edit]
root@vMX-2# run ping 10.200.35.5 logical-system R3   
PING 10.200.35.5 (10.200.35.5): 56 data bytes
64 bytes from 10.200.35.5: icmp_seq=0 ttl=64 time=9.656 ms
^C
--- 10.200.35.5 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 9.656/9.656/9.656/0.000 ms

[edit]
root@vMX-2#


2. OSPF setting:
vMX-1:

set logical-systems R1 protocols ospf area 0.0.0.0 interface all

set logical-systems R2 protocols ospf area 0.0.0.0 interface all

set logical-systems R4 protocols ospf area 0.0.0.0 interface all


vMX-2:

set logical-systems R3 protocols ospf area 0.0.0.0 interface all

set logical-systems R5 protocols ospf area 0.0.0.0 interface all


Check:
R1, R2, R3, R4 and R5 loopback interface 互ping能通

[edit]
root@vMX-1# run show ospf neighbor logical-system R2   
Address          Interface              State     ID               Pri  Dead
10.200.23.3      ge-0/0/1.23            Full      10.200.1.3       128    36
10.200.12.1      ge-0/0/2.12            Full      10.200.1.1       128    38

[edit]
root@vMX-1#

[edit]
root@vMX-1# run ping 10.200.1.5 logical-system R4
PING 10.200.1.5 (10.200.1.5): 56 data bytes
64 bytes from 10.200.1.5: icmp_seq=0 ttl=61 time=16.053 ms
^C
--- 10.200.1.5 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 16.053/16.053/16.053/0.000 ms

[edit]
root@vMX-1# 


vMX-2:

[edit]
root@vMX-2# run show route logical-system R5

inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.200.1.1/32      *[OSPF/10] 00:01:22, metric 3
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.1.2/32      *[OSPF/10] 00:01:22, metric 2
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.1.3/32      *[OSPF/10] 00:01:27, metric 1
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.1.4/32      *[OSPF/10] 00:01:22, metric 4
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.1.5/32      *[Direct/0] 00:08:01
                    > via lo0.5
10.200.12.0/24     *[OSPF/10] 00:01:22, metric 3
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.14.0/24     *[OSPF/10] 00:01:22, metric 4
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.23.0/24     *[OSPF/10] 00:01:27, metric 2
                    > to 10.200.35.3 via ge-0/0/2.35
10.200.35.0/24     *[Direct/0] 00:08:01
                    > via ge-0/0/2.35
10.200.35.5/32     *[Local/0] 00:08:01
                      Local via ge-0/0/2.35
224.0.0.5/32       *[OSPF/10] 00:02:18, metric 1
                      MultiRecv

[edit]
root@vMX-2#



如果要關機的話, 指令是
run request system halt


Final configuration:
vMX-1:

set system host-name vMX-1
set system syslog file interactive-commands interactive-commands any
set logical-systems R1 interfaces ge-0/0/1 unit 12 description TO_R2
set logical-systems R1 interfaces ge-0/0/1 unit 12 vlan-id 12
set logical-systems R1 interfaces ge-0/0/1 unit 12 family inet address 10.200.12.1/24
set logical-systems R1 interfaces ge-0/0/2 unit 14 description TO_R4
set logical-systems R1 interfaces ge-0/0/2 unit 14 vlan-id 14
set logical-systems R1 interfaces ge-0/0/2 unit 14 family inet address 10.200.14.1/24
set logical-systems R1 interfaces lo0 unit 1 family inet address 10.200.1.1/32
set logical-systems R1 protocols ospf area 0.0.0.0 interface all
set logical-systems R2 interfaces ge-0/0/1 unit 23 description TO_R3
set logical-systems R2 interfaces ge-0/0/1 unit 23 vlan-id 23
set logical-systems R2 interfaces ge-0/0/1 unit 23 family inet address 10.200.23.2/24
set logical-systems R2 interfaces ge-0/0/2 unit 12 description TO_R1
set logical-systems R2 interfaces ge-0/0/2 unit 12 vlan-id 12
set logical-systems R2 interfaces ge-0/0/2 unit 12 family inet address 10.200.12.2/24
set logical-systems R2 interfaces lo0 unit 2 family inet address 10.200.1.2/32
set logical-systems R2 protocols ospf area 0.0.0.0 interface all
set logical-systems R4 interfaces ge-0/0/1 unit 14 description TO_R1
set logical-systems R4 interfaces ge-0/0/1 unit 14 vlan-id 14
set logical-systems R4 interfaces ge-0/0/1 unit 14 family inet address 10.200.14.4/24
set logical-systems R4 interfaces lo0 unit 4 family inet address 10.200.1.4/32
set logical-systems R4 protocols ospf area 0.0.0.0 interface all
set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/2 vlan-tagging


vMX-2:

set system host-name vMX-2
set logical-systems R3 interfaces ge-0/0/1 unit 35 description TO_R5
set logical-systems R3 interfaces ge-0/0/1 unit 35 vlan-id 35
set logical-systems R3 interfaces ge-0/0/1 unit 35 family inet address 10.200.35.3/24
set logical-systems R3 interfaces ge-0/0/2 unit 23 description TO_R2
set logical-systems R3 interfaces ge-0/0/2 unit 23 vlan-id 23
set logical-systems R3 interfaces ge-0/0/2 unit 23 family inet address 10.200.23.3/24
set logical-systems R3 interfaces lo0 unit 3 family inet address 10.200.1.3/32
set logical-systems R3 protocols ospf area 0.0.0.0 interface all
set logical-systems R5 interfaces ge-0/0/2 unit 35 description TO_R3
set logical-systems R5 interfaces ge-0/0/2 unit 35 vlan-id 35
set logical-systems R5 interfaces ge-0/0/2 unit 35 family inet address 10.200.35.5/24
set logical-systems R5 interfaces lo0 unit 5 family inet address 10.200.1.5/32
set logical-systems R5 protocols ospf area 0.0.0.0 interface all
set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/2 vlan-tagging


Reference:
1. Juniper vMX:
http://www.juniper.net/us/en/products-services/routing/mx-series/vmx/

2. vMX Image:
https://drive.google.com/open?id=0B4GLSMfJQXinM0ZFclN3b2RXOFk

3. JNCIA-SP 快快樂樂裝 Juniper JunOS Olive12.1R1.9 on VMware
http://juilin77.blogspot.com/2018/06/jncia-sp-juniper-junos-olive121r19-on_2.html

4. JNCIA-SP 快快樂樂裝 Juniper JunOS Olive12.1R1.9 on GNS3
http://juilin77.blogspot.com/2018/06/jncia-sp-juniper-junos-olive121r19-on.html

5. JNCIA-SP 快快樂樂裝 Juniper VSRX on VMware
http://juilin77.blogspot.com/2018/06/jncia-sp-juniper-vsrx-on-vmware.html

6. JNCIA-SP 快快樂樂裝 Juniper VSRX on GNS3
http://juilin77.blogspot.com/2018/06/jncia-sp-juniper-vsrx-on-gns3.html


最初發表 / 最後更新: 2015.03.26 / 2018.06.02

5 則留言:

  1. sam2020年1月22日 星期三 下午3:11:00 [GMT+8]

    作者已經移除這則留言。

    回覆刪除
  2. Jonathan2021年3月17日 星期三 上午11:08:00 [GMT+8]

    作者已經移除這則留言。

    回覆刪除
  3. 小新手2021年5月26日 星期三 下午3:55:00 [GMT+8]

    作者已經移除這則留言。

    回覆刪除
  4. 天哥分享2021年6月2日 星期三 下午5:55:00 [GMT+8]

    想請問一下 要如何才能建置虛擬 ex2300 switch 練lab
    因為上網查都是 vmx系列 似乎都是router
    想模擬switch acess vlan給 user pc

    回覆刪除

訂閱: 張貼留言 (Atom)