- play_arrow Common Configuration for All VPNs
- play_arrow VPNs Overview
- play_arrow Assigning Routing Instances to VPNs
- play_arrow Distributing Routes in VPNs
- play_arrow Distributing VPN Routes with Target Filtering
- Configuring BGP Route Target Filtering for VPNs
- Example: BGP Route Target Filtering for VPNs
- Example: Configuring BGP Route Target Filtering for VPNs
- Configuring Static Route Target Filtering for VPNs
- Understanding Proxy BGP Route Target Filtering for VPNs
- Example: Configuring Proxy BGP Route Target Filtering for VPNs
- Example: Configuring an Export Policy for BGP Route Target Filtering for VPNs
- Reducing Network Resource Use with Static Route Target Filtering for VPNs
- play_arrow Configuring Forwarding Options for VPNs
- play_arrow Configuring Graceful Restart for VPNs
- play_arrow Configuring Class of Service for VPNs
- play_arrow Pinging VPNs
-
- play_arrow Common Configuration for Layer 2 VPNs and VPLS
- play_arrow Overview
- play_arrow Layer 2 VPNs Configuration Overview
- play_arrow Configuring Layer 2 Interfaces
- play_arrow Configuring Path Selection for Layer 2 VPNs and VPLS
- play_arrow Creating Backup Connections with Redundant Pseudowires
- play_arrow Configuring Class of Service for Layer 2 VPNs
- play_arrow Monitoring Layer 2 VPNs
- Configuring BFD for Layer 2 VPN and VPLS
- BFD Support for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Configuring BFD for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview
- Configure a MEP to Generate and Respond to CFM Protocol Messages
-
- play_arrow Configuring Group VPNs
- play_arrow Configuring Public Key Infrastructure
- play_arrow Configuring Digital Certificate Validation
- play_arrow Configuring a Device for Certificate Chains
- play_arrow Managing Certificate Revocation
-
- play_arrow Configuring Layer 2 Circuits
- play_arrow Overview
- play_arrow Layer 2 Circuits Configuration Overview
- play_arrow Configuring Class of Service with Layer 2 Circuits
- play_arrow Configuring Pseudowire Redundancy for Layer 2 Circuits
- play_arrow Configuring Load Balancing for Layer 2 Circuits
- play_arrow Configuring Protection Features for Layer 2 Circuits
- Egress Protection LSPs for Layer 2 Circuits
- Configuring Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Example: Configuring an Egress Protection LSP for a Layer 2 Circuit
- Example: Configuring Layer 2 Circuit Protect Interfaces
- Example: Configuring Layer 2 Circuit Switching Protection
- play_arrow Monitoring Layer 2 Circuits with BFD
- play_arrow Troubleshooting Layer 2 Circuits
-
- play_arrow Configuring VPWS VPNs
- play_arrow Overview
- play_arrow Configuring VPWS VPNs
- Understanding FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring MPLS Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Understanding Multisegment Pseudowire for FEC 129
- Example: Configuring a Multisegment Pseudowire
- Configuring the FAT Flow Label for FEC 128 VPWS Pseudowires for Load-Balancing MPLS Traffic
- Configuring the FAT Flow Label for FEC 129 VPWS Pseudowires for Load-Balancing MPLS Traffic
-
- play_arrow Connecting Layer 2 VPNs and Circuits to Other VPNs
- play_arrow Connecting Layer 2 VPNs to Other VPNs
- play_arrow Connecting Layer 2 Circuits to Other VPNs
- Using the Layer 2 Interworking Interface to Interconnect a Layer 2 Circuit to a Layer 2 VPN
- Applications for Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Applications for Interconnecting a Layer 2 Circuit with a Layer 3 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 3 VPN
-
- play_arrow Configuration Statements and Operational Commands
Introduction to Configuring VPLS
Virtual private LAN service (VPLS) allows you to provide a point-to-multipoint LAN between a set of sites in a virtual private network (VPN).
To configure VPLS functionality, you must enable VPLS support on the provider edge (PE) router. You must also configure PE routers to distribute routing information to the other PE routers in the VPLS. In addition, you must also configure the circuits between the PE routers and the customer edge (CE) routers.
In the VPLS documentation, the word router in terms such as PE router is used to refer to any device that provides routing functions.
You can support VPLS traffic by configuring a routing instance
with the
instance-type of vpls
on Junos OS or a routing instance on
with the
instance-type of virtual-switchJunos Evolve OS. .
The routing instance carries Ethernet traffic transparently across the service
provider’s network. As with other routing instances, all logical interfaces
belonging to a VPLS routing instance are listed under that instance.
vlan-id none statement, then you must also include the
service-type single statement at the [edit
routing-instances routing-instance protocol vpls]
hierarchy.In addition to VPLS routing instance configuration, you must configure MPLS label-switched paths (LSPs) between the PE routers, IBGP sessions between the PE routers, and an interior gateway protocol (IGP) on the PE and provider (P) routers.
Many configuration procedures for VPLS are identical to the procedures for Layer 2 VPNs and Layer 3 VPNs.
- Understanding VPLS Interfaces
- VPLS CLI Configuration Hierarchy Differences between Junos OS and Junos OS Evolved
- Sample VPLS Configuration on Junos OS
- Sample VPLS Configuration on Junos OS Evolved
Understanding VPLS Interfaces
Interface names:
For each VPLS routing instance on a PE router, you specify which interfaces are to be used to carry VPLS traffic between the PE and CE devices.
Specify both the physical and logical portions of the interface name, in the
following format: physical.logical. For example, in ge-1/0/1.2,
ge-1/0/1 is the physical portion of the interface name and 2 is the logical
portion. If you do not specify the logical portion of the interface name, 0 is
set by default.
A logical interface can be associated with only one routing instance.
Encapsulation Type:
The link-layer encapsulation type for a VPLS interface can be one of the following:
ethernet-vpls: Use Ethernet VPLS encapsulation on Ethernet interfaces that have VPLS enabled and that must accept packets carrying standard Tag Protocol Identifier (TPID) values.extended-vlan-vpls: Use extended virtual LAN (VLAN) VPLS encapsulation on Ethernet interfaces that have VLAN 802.1Q tagging and VPLS enabled and that must accept packets carrying TPIDs 0x8100, 0x9100, and 0x9901. All VLAN IDs from 1 through 1023 are valid for VPLS VLANs on Fast Ethernet interfaces, and all VLAN IDs from 1 through 4094 are valid for VPLS VLANs on Gigabit Ethernet interfaces.vlan-vpls:Use VLAN VPLS encapsulation on Ethernet interfaces with VLAN tagging and VPLS enabled. Interfaces with VLAN VPLS encapsulation accept packets carrying standard TPID values only. You must configure this encapsulation type on both the physical interface and the logical interface. VLAN IDs 1 through 511 are reserved for normal Ethernet VLANs, IDs 512 through 1023 are reserved for VPLS VLANs on Fast Ethernet interfaces, and IDs 512 through 4094 are reserved for VPLS VLANs on Gigabit Ethernet interfaces.flexible-ethernet-services: Use flexible Ethernet services encapsulation when you want to configure multiple per-unit Ethernet encapsulations. This encapsulation type allows you to configure any combination of route, TCC, CCC, and VPLS encapsulations on a single physical port. Aggregated Ethernet bundles cannot use this encapsulation type.For flexible Ethernet services encapsulation, VLAN IDs from 1 through 511 are no longer reserved for normal VLANs.
VPLS CLI Configuration Hierarchy Differences between Junos OS and Junos OS Evolved
When you configure VPLS on devices running on Junos OS or Junos OS Evolved, be aware of the CLI hierarchy differences. Table explains the VPLS CLI hierarchy configuration differences on devices running on Junos OS and Junos OS Evolved.
To know about the devices running on Junos OS, see https://www.juniper.net/documentation/product/us/en/junos-os/#cat=by_product.
To know about the devices running on Junos OS Evolved, see https://www.juniper.net/documentation/product/us/en/junos-os-evolved/#cat=hardware_documentation.
Devices running on Junos OS Evolved do not support configuring family VPLS on the interfaces.
Sample VPLS Configuration on Junos OS
The following is a sample VPLS configuration on Junos OS:
Configuration
[edit]user@host# set interfaces xe-0/0/2 flexible-vlan-tagging user@host# set interfaces xe-0/0/2 speed 40g user@host# set interfaces xe-0/0/2 encapsulation flexible-ethernet-services user@host# set interfaces xe-0/0/2 unit 108 encapsulation vlan-vpls user@host# set interfaces xe-0/0/2 unit 108 vlan-id 108 user@host# set interfaces xe-0/0/2 unit 108 family vpls user@host# set routing-instances VPLS instance-type vpls user@host# set routing-instances VPLS interface xe-0/0/2.108 user@host# set routing-instances VPLS protocols vpls interface xe-0/0/2.108 user@host# set routing-instances VPLS protocols vpls neighbor 192.168.1.3 user@host# set routing-instances VPLS protocols vpls no-tunnel-services user@host# set routing-instances VPLS protocols vpls vpls-id 1001
Result
user@host> show configuration interfaces xe-0/0/2
flexible-vlan-tagging;
speed 40g;
encapsulation flexible-ethernet-services;
}
unit 108 {
encapsulation vlan-vpls;
vlan-id 108;
family vpls;
}
user@host> show configuration routing-instances
VPLS {
protocols {
vpls {
interface xe-0/0/2.108;
neighbor 192.168.1.3;
no-tunnel-services;
vpls-id 1001;
}
}
instance-type vpls;
interface xe-0/0/2.108;
}
Verification
Confirm that the configuration is working properly.
Verify the VPLS connection status by running the show vpls
connections command.
user@host> show vpls connections Layer-2 VPN connections:
Legend for interface status
Up -- operational
Dn -- down
Instance: VPLS
VPLS-id: 1001
Neighbor Type St Time last up # Up trans
192.168.1.3(vpls-id 1001) rmt Up Jun 12 12:50:07 2023 1
Remote PE: 192.168.1.3, Negotiated control-word: No
Incoming label: 259, Outgoing label: 22
Negotiated PW status TLV: No
Local interface: lsi.1049600, Status: Up, Encapsulation: ETHERNET
Description: Intf - vpls VPLS neighbor 192.168.1.3 vpls-id 1001
Flow Label Transmit: No, Flow Label Receive: No
In this output, the VPLS connection status is up between the two PE routers.
Verify the MAC address learnt on the local PE and the remote PE by running
the show vpls mac-table command.
user@host> show vpls mac-table
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC, P -Pinned MAC)
Routing instance : VPLS
Bridging domain : __VPLS__, VLAN : NA
MAC MAC Logical NH MAC active
address flags interface Index property source
00:00:00:42:98:47 D lsi.1049346
00:00:00:42:98:4a D xe-0/0/2.108
In this output, you can see the MAC address (00:00:00:42:98:47) is learned from the local PE interface (et-0/0/4) with VLAN ID 108 and the MAC address (00:00:00:42:98:4a) is learned from the remote PE interface (lsi.1048832) with VLAN ID 108.
Sample VPLS Configuration on Junos OS Evolved
The following is a sample VPLS configuration on Junos OS Evolved:
Configuration
[edit] user@host# set interfaces et-0/0/4 flexible-vlan-tagging user@host# set interfaces et-0/0/4 speed 40g user@host# set interfaces et-0/0/4 encapsulation flexible-ethernet-services user@host# set interfaces et-0/0/4 unit 108 encapsulation vlan-bridge user@host# set interfaces et-0/0/4 unit 108 vlan-id 108 user@host# set routing-instances VPLS instance-type virtual-switch user@host# set routing-instances VPLS protocols vpls neighbor 192.168.1.3 user@host# set routing-instances VPLS protocols vpls no-tunnel-services user@host# set routing-instances VPLS protocols vpls vpls-id 1001 user@host# set routing-instances VPLS vlans v108 vlan-id 108 user@host# set routing-instances VPLS vlans v108 interface et-0/0/4.108
Result
user@host> show configuration interfaces et-0/0/4
flexible-vlan-tagging;
speed 40g;
encapsulation flexible-ethernet-services;
unit 108 {
encapsulation vlan-bridge;
vlan-id 108;
}
user@host> show configuration routing-instances
VPLS {
instance-type virtual-switch;
protocols {
vpls {
neighbor 192.168.1.3;
no-tunnel-services;
vpls-id 1001;
}
}
vlans {
V108 {
vlan-id 108;
interface et-0/0/4.108;
}
}
}
Verification
Confirm that the configuration is working properly.
Verify the VPLS connection status by running the show vpls
connections command.
user@host> show vpls connections
Layer-2 VPN connections:
Legend for interface status
Up -- operational
Dn -- down
Instance: VPLS
VPLS-id: 1001
Neighbor Type St Time last up # Up trans
192.168.1.3(vpls-id 1001) rmt Up Jun 12 12:50:07 2023 1
Remote PE: 192.168.1.3, Negotiated control-word: No
Incoming label: 22, Outgoing label: 259
Negotiated PW status TLV: No
Local interface: lsi.1048576, Status: Up, Encapsulation: ETHERNET
Description: Intf - vpls VPLS neighbor 192.168.1.3 vpls-id 1001
Flow Label Transmit: No, Flow Label Receive: No
In this output, the VPLS connection status is up between the two PE routers.
Verify the MAC address learnt on the local PE and the remote PE by running
the show ethernet-switching table instance VPLS
command.
user@host> show ethernet-switching table instance VPLS
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC
GBP - group based policy)
Ethernet switching table : 2 entries, 2 learned
Routing instance : VPLS
Vlan MAC MAC Age GBP Logical NH RTR
name address flags Tag interface Index ID
V108 00:00:00:42:98:47 D - et-0/0/4.108 0 0
V108 00:00:00:42:98:4a D - lsi.1048832 0 0
In this output, you can see the MAC address (00:00:00:42:98:47) is learned from the local PE interface (et-0/0/4) with VLAN ID 108 and the MAC address (00:00:00:42:98:4a) is learned from the remote PE interface (lsi.1048832) with VLAN ID 108.
