How to Bring up IPV6 OSPFV3 Between SRX and EX switches (VC or Standalone) with default routing instance inet0 and with virtual routers

This document will explain the proceedure to birng the OSPFV3 between SRX and the EX switches, VC or Stand alone with default routing instance inet0 and with virtual routrers

Network Toplogy:

EX 4500 VC switch 0 <====> ae3 <====> Reth interface 0 on SRX 1400 cluster primary node (node 0 is primary for both Redundant Groups)
EX 4500VC switch 1 <====> ae4 <====> Reth interface 0 on SRX 1400 cluster secondary node (node 1 is secondary for both Redundant Groups)
EX 4500 has two routing-instances, VRF_PAC and VRF_ECB in addition to default inet0.
EX 4500 two member VC is running 11.4R1.6
SRX 1400 is running 11.4R1 with flow mode set to IPV6 using command “set security forwarding-options family inet6 mode flow-based”
In absence of inet6 flow mode, SRX will not let you commit any ipv6 configurations and returns an error message.
/(RETH0.32)—-(Vlan.32) EX-VRF_ECB
/
(RETH0.500) Default SRX——Default EX (Vlan.500)
\
\(RETH0.64)—-(Vlan.64) EX-VRF_PAC

Goal of this document is to bring up IPV6 OSPF3 between EX and SRX over default vlan.500, vlan.64 ( in VRF_PAC ) and vlan.32 ( in VRF_ECB) how ever OSPF3 neigborship is only being established on one link, either inet0 or any of the routing-instance.Remaining two stays stuck in init state as shown below.

Note that OSPFV2 works fine with IPv4 and all 3 vlans have proper OSPF neighborship up as shown below.

Note that here realm ipv4-unicast is deactivated for the purpose of illustration, however activating it still shows the same behavior.
All the vlan interfaces of the EX use the same IPV6 link local address:

juniper@core1.bur> show interfaces vlan.500

Destination: fe80::/64, Local: fe80::7afe:3dff:fe48:b5c1 <<<<<<

juniper@core1.bur> show interfaces vlan.32

Addresses, Flags: Is-Preferred
Destination: fe80::/64, Local: fe80::7afe:3dff:fe48:b5c1 <<<<<<

juniper@core1.bur> show interfaces vlan.64

Destination: fe80::/64, Local: fe80::7afe:3dff:fe48:b5c1 <<<<<<

Since all the vlan interfaces of the ex use the same IPV6 link local address, it causes the SRX to not be able to talk IPV6 link-local flooding while multiple EX routing instances are connect to the SRX. So, at a time only one vlan interface can form the ospf3 neighborship with ipv6 address with fulll adjacency.

Details:
======
EX configurations:
==================

Manually Change the link-local addresses for each of the 3 vlan interfaces in EX, so that they appear unique links to SRX and the OSPF3 neighbors will come up just fine.
This is as per the current design.

Configuration on EX:
====================

About the author

Prasanna

Leave a Comment