Out-of-band routing table separation in GNS3 on the Juniper vMX

While GNS3 offers console access to individual devices, I prefer direct SSH access from my home network. This way GNS3 does not need to be open and I don’t need to remember the console telnet ports.

However, mixing the out-of-band network and production (lab) networks may cause unexpected consequences such as routing conflicts or worse, peering a lab environment with a real production network. To avoid these problems, it is best practice to isolate the global routing table from the out-of-band routing table through the use of VRFs or routing-instances.

In this example, a cloud router is provisioned to bridge the home network directly into a Juniper vMX:

juniper oob gns3

The Juniper configuration below will create a separate routing-instance for the management network, enable DHCP on the interface connected to the cloud router, and enable SSH for remote management:

set interfaces ge-0/0/9 unit 0 family inet dhcp
set routing-instances homenet instance-type virtual-router
set routing-instances homenet description "System Management"
set routing-instances homenet interface ge-0/0/9.0
set system services ssh
set system login user jemurray class super-user authentication plain-text-password

Unless the homenet routing-instance is selected, the global routing table does not have access outside the private lab environment:

[email protected]> ping
PING ( 56 data bytes
--- ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss

[email protected]> ping routing-instance homenet
PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=116 time=61.045 ms
64 bytes from icmp_seq=1 ttl=116 time=68.797 ms
--- ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 61.045/64.921/68.797/3.876 ms

Confirm proper operation by looking at the routing tables:

[email protected]> show route

inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both          *[Static/5] 00:24:35
                       Discard        *[Static/5] 00:24:35
                       Discard      *[Static/5] 00:24:35
                       Discard   *[Direct/0] 00:23:43
                    >  via ge-0/0/6.0   *[Local/0] 00:23:43
                       Local via ge-0/0/6.0     *[Static/5] 00:24:35
                       Discard   *[Direct/0] 00:24:36
                    >  via lo0.0     *[Static/5] 00:24:35
                       Discard *[Direct/0] 00:23:43
                    >  via ge-0/0/4.0 *[Local/0] 00:23:43
                       Local via ge-0/0/4.0   *[Static/5] 00:24:35
                       Discard      *[Static/5] 00:24:35
                       Discard     *[Static/5] 00:24:35

homenet.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both          *[Access-internal/12] 00:23:35, metric 0
                    >  to via ge-0/0/9.0    *[Direct/0] 00:23:36
                    >  via ge-0/0/9.0   *[Local/0] 00:23:36
                       Local via ge-0/0/9.0

comments powered by Disqus