Thursday, December 23, 2010

Difference between logical router and virtual router?

Difference between logical router and virtual router?


- Logical router  (called now logical system ... from 9.3) and virtual router exists in M and T series.
- In J series you only have virtual routers.

The main difference between them is that logical router configuration activate a new routing deamon in the router, birual router doesn't. Saying that if you activate a logical router that have a problem , if it crashes , there will be no impact on the other ones (the main one ... regular config, or others logical routers.

The other difference is in the way to configure them.

The logical router is configured exactly like the main router but under the [edit logical-systems Name] logical interfaces included.

The virtual router is configured under [edit routing-instances Name] you add a ref to the interfaces ther but the logical configuration of the interfaces itself is done under the main router.
You can find two different examples there:
Routing-instance:
You can do a configuration this way with routing-instances on a Jseries router:

#                      Config Base 2 router's in point to point#
#                          WAN Addresses  in 10.0.0.X/30
#
#                              .1      id1        .2
#                            R1--------------------R2

#
#
# OSPF enabled on all interfaces
# Loopback address respectively on router's R1, R2

# in 1.1.1.1, 2.2.2.2
#
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 unit 0 vlan-id 1
set interfaces ge-0/0/0 unit 0 family inet address 10.0.0.1/30
set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/1 unit 0 vlan-id 1
set interfaces ge-0/0/1 unit 0 family inet address 10.0.0.2/30
set interfaces lo0 unit 1 family inet address 1.1.1.1/32
set interfaces lo0 unit 2 family inet address 2.2.2.2/32


set routing-instances R1 instance-type virtual-router
set routing-instances R1 interface ge-0/0/0.0
set routing-instances R1 interface lo0.1
set routing-instances R1 protocols ospf area 0.0.0.0 interface all
set routing-instances R2 instance-type virtual-router
set routing-instances R2 interface ge-0/0/1.0
set routing-instances R2 interface lo0.2
set routing-instances R2 protocols ospf area 0.0.0.0 interface all
Logical-router:
But in this case the guy who did this used an ASPIC card to interconnect the logical routers !
You can do it without ASPIC but with just two interfaces plugged "back to back"

Here is an other sample example with the drawing:

fe-1/3/0 and fe-1/3/1 plugged together
#                      Config Base 4 router's in square
#
#                          Adresses WAN in 10.0.0.X/30
#
#                              .1              id1        .2
#                            R1--------------------R2
#                             |                               |
#                        .14|                               |.5
#                             |                               |
#                     id4   |                              |   id2
#                             |                              |
#                             |                              |
#                        .13|                              |.6
#                             |                              |
#                           R4--------------------R3
#                              .10          id3        .9
#
#
# OSPF enabled on all interfaces
# Loopback address respectively on router's R1, R2, R3, R4
# in 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4
#


set logical-routers R1 interfaces fe-1/3/0 unit 1 vlan-id 1
set logical-routers R1 interfaces fe-1/3/0 unit 1 family inet address 10.0.0.1/30
set logical-routers R1 interfaces fe-1/3/1 unit 4 vlan-id 4
set logical-routers R1 interfaces fe-1/3/1 unit 4 family inet address 10.0.0.14/30
set logical-routers R1 interfaces lo0 unit 1 family inet address 1.1.1.1/32
set logical-routers R1 protocols ospf area 0.0.0.0 interface all
set logical-routers R2 interfaces fe-1/3/0 unit 2 vlan-id 2
set logical-routers R2 interfaces fe-1/3/0 unit 2 family inet address 10.0.0.5/30
set logical-routers R2 interfaces fe-1/3/1 unit 1 vlan-id 1
set logical-routers R2 interfaces fe-1/3/1 unit 1 family inet address 10.0.0.2/30
set logical-routers R2 interfaces lo0 unit 2 family inet address 2.2.2.2/32
set logical-routers R2 protocols ospf area 0.0.0.0 interface all
set logical-routers R3 interfaces fe-1/3/0 unit 3 vlan-id 3
set logical-routers R3 interfaces fe-1/3/0 unit 3 family inet address 10.0.0.9/30
set logical-routers R3 interfaces fe-1/3/1 unit 2 vlan-id 2
set logical-routers R3 interfaces fe-1/3/1 unit 2 family inet address 10.0.0.6/30
set logical-routers R3 interfaces lo0 unit 3 family inet address 3.3.3.3/32
set logical-routers R3 protocols ospf area 0.0.0.0 interface all
set logical-routers R4 interfaces fe-1/3/0 unit 4 vlan-id 4
set logical-routers R4 interfaces fe-1/3/0 unit 4 family inet address 10.0.0.13/30
set logical-routers R4 interfaces fe-1/3/1 unit 3 vlan-id 3
set logical-routers R4 interfaces fe-1/3/1 unit 3 family inet address 10.0.0.10/30
set logical-routers R4 interfaces lo0 unit 4 family inet address 4.4.4.4/32
set logical-routers R4 protocols ospf area 0.0.0.0 interface all
set interfaces fxp0 unit 0 family inet address 192.168.63.7/24

set interfaces fe-1/3/0 vlan-tagging
set interfaces fe-1/3/1 vlan-tagging


Additional Notes

Think of logical routers as a super-set of a virtual router.  ie: You can run routing-instances in each logical router.In general, most tasks are efficiently handled by routing-instances (virtual routers) in JUNOS. 
However, LRs add a couple features:

Note:Both LR and routing-instances have exactly the same hardware separation at the data-plane, the difference is 100% control plane.  Both LR and VR share the same FIB resources, so a LR will not help control scalability of the number of prefixes or next-hops in hardware.

LR offers:

- a separate copy of RPD, so if there is an issue in one LR, the RPD in another is not affected (process separation)
- CLI partition with user access control:  a LR has a different hierarchy in the CLI, and you can restrict users to one or another
- MPLS core protocol separation requires an LR, not just a routing-instance.  If you want one Juniper router to behave as two MPLS nodes (ie: separate P and PE functions between two routers), you will need logical routers

LR need-to-know:

- Logical routers are only supported on the M/T/MX series. You cannot use an LR in the J series.  I'm also not sure if it's fully supported in the SRX series currently.
- JUNOS feature support in LRs versus the root routing instance is not 100%.  There are some things that aren't supported in an LR context.  Although this has been a strong focus of development recently, so the gap is narrowing with many releases
- JUNOS requires you to /purchase/ a logical-router right-to-use license per chassis.
  * routing-instances are free in JUNOS, logical routers are /NOT/
Also, it's worth pointing out that earlier this year, Juniper renamed the "Logical Router" to the "Logical System" in JUNOS.  It's the same feature, but the name has been expanded to support JUNOS devices that aren't necessarily "routers" (such as the EX series, SRX, etc).
Finally, there is a third form of system virtualization called the Hardware Logical Router, or "Protected System Domain".  This is something that is only supported on the T series currently, and requires an external control plane chassis called the JCS, or "Juniper Control System".  This allows for both data-plane and control-plane separation between logical routers, and  also dedicates a separate routing-engine (CPU complex, route-processor) for each protected system domain (PSD).  One of the biggest advantages of a PSD is that each PSD has its own scaling numbers, and is also a descrete maintenance domain.  For instance, you can upgrade the version of JUNOS in one PSD, while the other PSDs remain unaffected (this includes updating the firmware on the associated linecards and PICs).
In terms of applications:

Simple routing-instances (virtual routers) are normally used for most tasks when you need to separate routing, such as MPLS L3VPN (private IP services), or simply mutiple route table support (what cisco calls VRF-lite, or Multi-VRF).

Logical routers are normally used when you are taking the functions of two descrete routers, and collapsing them into a single chassis.  Think of a provider PoP where you may have one pair of routers for external peering, and another pair of routers for backbone connectivity to the provider's core network.  In this case, you could leverage the Logical Router (aka: Logical System) support to make one instance of an internal core router and one instance of an edge peering router in the same chassis.  The advantage is that they are still run as two separate processes and can have different user permissions.

No comments:

Post a Comment