MX204 tunnel services BW

• Previous message (by thread): MX204 tunnel services BW
• Next message (by thread): MX204 tunnel services BW
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

According to: [https://www.juniper.net/documentation/us/en/software/junos/interfaces-encryption/topics/topic-map/configuring-tunnel-interfaces.html\#id-configuring-tunnel-interfaces-on-mx-204-routers][https_www.juniper.net_documentation_us_en_software_junos_interfaces-encryption_topics_topic-map_configuring-tunnel-interfaces.html_id-configuring-tunnel-interfaces-on-mx-204-routers]

"The MX204 router supports two inline tunnels - one per PIC. To configure the tunnel interfaces, include the tunnel-services statement and an optional bandwidth of 1 Gbps through 200 Gbps at the \[edit chassis fpc fpc-slot pic number\] hierarchy level. If you do not specify the tunnel bandwidth then, the tunnel interface can have a maximum bandwidth of up to 200 Gbps."

If JTAC is saying it's no longer optional they need to update their docs.

AFAIK, tunnel services doesn't directly take bandwidth from physical ports, but it does take from the total available PFE bandwidth. Disabling a port may be required as the MX204 has a maximum PFE bandwidth of 400G and you can oversubscribe that with the fixed physical ports.

I just checked a production config as an example, note how et-0/0/3 is not configured so the total bandwidth adds up to 400g:

set chassis fpc 0 pic 0 tunnel-services bandwidth 20g
set chassis fpc 0 pic 0 port 0 speed 100g
set chassis fpc 0 pic 0 port 1 speed 100g
set chassis fpc 0 pic 0 port 2 speed 100g
set chassis fpc 0 pic 1 port 0 speed 10g
set chassis fpc 0 pic 1 port 1 speed 10g
set chassis fpc 0 pic 1 port 2 speed 10g
set chassis fpc 0 pic 1 port 3 speed 10g
set chassis fpc 0 pic 1 port 4 speed 10g
set chassis fpc 0 pic 1 port 5 speed 10g
set chassis fpc 0 pic 1 port 6 speed 10g
set chassis fpc 0 pic 1 port 7 speed 10g



Regards,


Ryan








\-------- Original Message --------
On Oct. 16, 2023, 12:49, Jeff Behrns via NANOG < nanog at nanog.org> wrote:

>
> JTAC says we must disable a physical port to allocate BW for tunnel-services. Also leaving tunnel-services bandwidth unspecified is not possible on the 204. I haven't independently tested / validated in lab yet, but this is what they have told me. I advised JTAC to update the MX204 "port-checker" tool with a tunnel-services knob to make this caveat more apparent.


[https_www.juniper.net_documentation_us_en_software_junos_interfaces-encryption_topics_topic-map_configuring-tunnel-interfaces.html_id-configuring-tunnel-interfaces-on-mx-204-routers]: https://www.juniper.net/documentation/us/en/software/junos/interfaces-encryption/topics/topic-map/configuring-tunnel-interfaces.html#id-configuring-tunnel-interfaces-on-mx-204-routers
-----BEGIN PGP SIGNATURE-----
Version: ProtonMail

wnUEARYIACcFAmUt4VMJEP7aH/V1zBsBFiEExqGOs9CyQpg6/JJ5/tof9XXM
GwEAAJF0AQCDM0b/X+LFPSXjVfC6NQGEyszqkIkbq84tmzl+boOJgwD+NM8u
n7o4e2SoCYs8yOIyaii2ElG+SFT735zXQhFx6A4=
=JuZc
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - EmailAddress(s=ryan at kozak.io) - 0xC6A18EB3.asc
Type: application/pgp-keys
Size: 689 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20231017/86155af6/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - EmailAddress(s=ryan at kozak.io) - 0xC6A18EB3.asc.sig
Type: application/pgp-signature
Size: 119 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20231017/86155af6/attachment.sig>

• Previous message (by thread): MX204 tunnel services BW
• Next message (by thread): MX204 tunnel services BW
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]