close
keyboard_arrow_left
Table of Contents
- play_arrow Common Configuration for Layer 2 VPNs and VPLS
- play_arrow Overview
- play_arrow Layer 2 VPNs Configuration Overview
- play_arrow Configuring Layer 2 Interfaces
- play_arrow Configuring Path Selection for Layer 2 VPNs and VPLS
- play_arrow Creating Backup Connections with Redundant Pseudowires
- play_arrow Configuring Class of Service for Layer 2 VPNs
- play_arrow Monitoring Layer 2 VPNs
- Configuring BFD for Layer 2 VPN and VPLS
- BFD Support for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Configuring BFD for VCCV for Layer 2 VPNs, Layer 2 Circuits, and VPLS
- Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview
- Configure a MEP to Generate and Respond to CFM Protocol Messages
-
- play_arrow Configuring Group VPNs
- play_arrow Configuring Public Key Infrastructure
- play_arrow Configuring Digital Certificate Validation
- play_arrow Configuring a Device for Certificate Chains
- play_arrow Managing Certificate Revocation
-
- play_arrow Configuring Layer 2 Circuits
- play_arrow Overview
- play_arrow Layer 2 Circuits Configuration Overview
- play_arrow Configuring Class of Service with Layer 2 Circuits
- play_arrow Configuring Pseudowire Redundancy for Layer 2 Circuits
- play_arrow Configuring Load Balancing for Layer 2 Circuits
- play_arrow Configuring Protection Features for Layer 2 Circuits
- Egress Protection LSPs for Layer 2 Circuits
- Configuring Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Example: Configuring an Egress Protection LSP for a Layer 2 Circuit
- Example: Configuring Layer 2 Circuit Protect Interfaces
- Example: Configuring Layer 2 Circuit Switching Protection
- play_arrow Monitoring Layer 2 Circuits with BFD
- play_arrow Troubleshooting Layer 2 Circuits
-
- play_arrow Configuring VPWS VPNs
- play_arrow Overview
- play_arrow Configuring VPWS VPNs
- Understanding FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring MPLS Egress Protection Service Mirroring for BGP Signaled Layer 2 Services
- Understanding Multisegment Pseudowire for FEC 129
- Example: Configuring a Multisegment Pseudowire
- Configuring the FAT Flow Label for FEC 128 VPWS Pseudowires for Load-Balancing MPLS Traffic
- Configuring the FAT Flow Label for FEC 129 VPWS Pseudowires for Load-Balancing MPLS Traffic
-
- play_arrow Configuring VPLS
- play_arrow Overview
- play_arrow VPLS Configuration Overview
- play_arrow Configuring Signaling Protocols for VPLS
- VPLS Routing and Virtual Ports
- BGP Signaling for VPLS PE Routers Overview
- Control Word for BGP VPLS Overview
- Configuring a Control Word for BGP VPLS
- BGP Route Reflectors for VPLS
- Interoperability Between BGP Signaling and LDP Signaling in VPLS
- Configuring Interoperability Between BGP Signaling and LDP Signaling in VPLS
- Example: VPLS Configuration (BGP Signaling)
- Example: VPLS Configuration (BGP and LDP Interworking)
- play_arrow Assigning Routing Instances to VPLS
- Configuring VPLS Routing Instances
- Configuring a VPLS Routing Instance
- Support of Inner VLAN List and Inner VLAN Range for Qualified BUM Pruning on a Dual-Tagged Interface for a VPLS Routing Instance Overview
- Configuring Qualified BUM Pruning for a Dual-Tagged Interface with Inner VLAN list and InnerVLAN range for a VPLS Routing Instance
- Configuring a Layer 2 Control Protocol Routing Instance
- PE Router Mesh Groups for VPLS Routing Instances
- Configuring VPLS Fast Reroute Priority
- Specifying the VT Interfaces Used by VPLS Routing Instances
- Understanding PIM Snooping for VPLS
- Example: Configuring PIM Snooping for VPLS
- VPLS Label Blocks Operation
- Configuring the Label Block Size for VPLS
- Example: Building a VPLS From Router 1 to Router 3 to Validate Label Blocks
- play_arrow Associating Interfaces with VPLS
- play_arrow Configuring Pseudowires
- Configuring Static Pseudowires for VPLS
- VPLS Path Selection Process for PE Routers
- BGP and VPLS Path Selection for Multihomed PE Routers
- Dynamic Profiles for VPLS Pseudowires
- Use Cases for Dynamic Profiles for VPLS Pseudowires
- Example: Configuring VPLS Pseudowires with Dynamic Profiles—Basic Solutions
- Example: Configuring VPLS Pseudowires with Dynamic Profiles—Complex Solutions
- Configuring the FAT Flow Label for FEC 128 VPLS Pseudowires for Load-Balancing MPLS Traffic
- Configuring the FAT Flow Label for FEC 129 VPLS Pseudowires for Load-Balancing MPLS Traffic
- Example: Configuring H-VPLS BGP-Based and LDP-Based VPLS Interoperation
- Example: Configuring BGP-Based H-VPLS Using Different Mesh Groups for Each Spoke Router
- Example: Configuring LDP-Based H-VPLS Using a Single Mesh Group to Terminate the Layer 2 Circuits
- Example: Configuring H-VPLS With VLANs
- Example: Configuring H-VPLS Without VLANs
- Configure Hot-Standby Pseudowire Redundancy in H-VPLS
- Sample Scenario of H-VPLS on ACX Series Routers for IPTV Services
- play_arrow Configuring Multihoming
- VPLS Multihoming Overview
- Advantages of Using Autodiscovery for VPLS Multihoming
- Example: Configuring FEC 129 BGP Autodiscovery for VPWS
- Example: Configuring BGP Autodiscovery for LDP VPLS
- Example: Configuring BGP Autodiscovery for LDP VPLS with User-Defined Mesh Groups
- VPLS Multihoming Reactions to Network Failures
- Configuring VPLS Multihoming
- Example: VPLS Multihoming, Improved Convergence Time
- Example: Configuring VPLS Multihoming (FEC 129)
- Next-Generation VPLS for Multicast with Multihoming Overview
- Example: Next-Generation VPLS for Multicast with Multihoming
- play_arrow Configuring Point-to-Multipoint LSPs
- play_arrow Configuring Inter-AS VPLS and IRB VPLS
- play_arrow Configuring Load Balancing and Performance
- Configuring VPLS Load Balancing
- Configuring VPLS Load Balancing Based on IP and MPLS Information
- Configuring VPLS Load Balancing on MX Series 5G Universal Routing Platforms
- Example: Configuring Loop Prevention in VPLS Network Due to MAC Moves
- Understanding MAC Pinning
- Configuring MAC Pinning on Access Interfaces for Bridge Domains
- Configuring MAC Pinning on Trunk Interfaces for Bridge Domains
- Configuring MAC Pinning on Access Interfaces for Bridge Domains in a Virtual Switch
- Configuring MAC Pinning on Trunk Interfaces for Bridge Domains in a Virtual Switch
- Configuring MAC Pinning for All Pseudowires of the VPLS Routing Instance (LDP and BGP)
- Configuring MAC Pinning on VPLS CE Interface
- Configuring MAC Pinning for All Pseudowires of the VPLS Site in a BGP-Based VPLS Routing Instance
- Configuring MAC Pinning on All Pseudowires of a Specific Neighbor of LDP-Based VPLS Routing Instance
- Configuring MAC Pinning on Access Interfaces for Logical Systems
- Configuring MAC Pinning on Trunk Interfaces for Logical Systems
- Configuring MAC Pinning on Access Interfaces in Virtual Switches for Logical Systems
- Configuring MAC Pinning on Trunk Interfaces in Virtual Switches for Logical Systems
- Configuring MAC Pinning for All Pseudowires of the VPLS Routing Instance (LDP and BGP) for Logical Systems
- Configuring MAC Pinning on VPLS CE Interface for Logical Systems
- Configuring MAC Pinning for All Pseudowires of the VPLS Site in a BGP-Based VPLS Routing Instance for Logical Systems
- Configuring MAC Pinning on All Pseudowires of a Specific Neighbor of LDP-Based VPLS Routing Instance for Logical Systems
- Example: Prevention of Loops in Bridge Domains by Enabling the MAC Pinnning Feature on Access Interfaces
- Example: Prevention of Loops in Bridge Domains by Enabling the MAC Pinnning Feature on Trunk Interfaces
- Configuring Improved VPLS MAC Address Learning on T4000 Routers with Type 5 FPCs
- Understanding Qualified MAC Learning
- Qualified Learning VPLS Routing Instance Behavior
- Configuring Qualified MAC Learning
- play_arrow Configuring Class of Service and Firewall Filters in VPLS
- play_arrow Monitoring and Tracing VPLS
-
- play_arrow Connecting Layer 2 VPNs and Circuits to Other VPNs
- play_arrow Connecting Layer 2 VPNs to Other VPNs
- play_arrow Connecting Layer 2 Circuits to Other VPNs
- Using the Layer 2 Interworking Interface to Interconnect a Layer 2 Circuit to a Layer 2 VPN
- Applications for Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 2 Circuit
- Applications for Interconnecting a Layer 2 Circuit with a Layer 3 VPN
- Example: Interconnecting a Layer 2 Circuit with a Layer 3 VPN
-
- play_arrow Configuration Statements and Operational Commands
list Table of Contents
ON THIS PAGE
Example: Configuring Chained Composite Next Hops for Direct PE-PE Connections in VPNs
date_range
23-Dec-20
Requirements
This example shows how to enable a Provider Edge (PE) router Layer 2 Virtual Private Network (VPN) connection with chained composite next hops for MIC and MPC interfaces on MX Series and T4000 routers. This example uses the following hardware and software components
Five routers that can be a combination of MX240, MX480, MX960, or T4000 routers.
Junos OS Release 17.3R1 or later running on all the devices.
Overview and Topology
Figure 1 shows the sample topology of a Layer 2 VPN connection with chained composite next hops for MIC and MPC interfaces on MX series routers.
Figure 1: Chained Composite
Next Hop on a PE Router
Configuration
CLI Quick Configuration
To quickly configure this example, copy the
following commands, paste them into a text file, remove any line breaks,
change any details necessary to match your network configuration,
and then copy and paste the commands into the CLI at the [edit] hierarchy level.
CE1
content_copy zoom_out_map
set interfaces ge-1/1/1 unit 0 family inet address 192.0.2.2/24 set interfaces ge-1/1/1 unit 0 family iso set interfaces ge-1/1/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 198.51.100.1/24
PE1
content_copy zoom_out_map
set interfaces ge-0/0/4 unit 0 family inet address 10.38.0.5/30 set interfaces ge-0/0/4 unit 0 family mpls set interfaces ge-0/1/1 encapsulation ethernet-ccc set interfaces ge-0/1/1 unit 0 family ccc set interfaces lo0 unit 0 family inet address 10.255.104.133/32 set routing-options forwarding-table chained-composite-next-hop ingress l2vpn set routing-options autonomous-system 200 set routing-options forwarding-table export lbpp set protocols mpls interface ge-0/0/4.0 set protocols ospf area 0.0.0.0 interface ge-0/0/4.0 set protocols bgp group PEs type internal set protocols bgp group PEs local-address 10.255.104.133 set protocols bgp group PEs family l2vpn signaling set protocols bgp group PEs family inet-vpn unicast set protocols bgp group PEs neighbor 10.255.104.134 set routing-instances vpn-a instance-type l2vpn set routing-instances vpn-a interface ge-0/1/1.0 set routing-instances vpn-a route-distinguisher 200:1 set routing-instances vpn-a vrf-target target:200:1 set routing-instances vpn-a protocols l2vpn encapsulation-type ethernet set routing-instances vpn-a protocols l2vpn site 100 site-identifier 100 set routing-instances vpn-a protocols l2vpn site 100 interface ge-0/1/1.0 remote-site-id 200
PE2
content_copy zoom_out_map
set interfaces ge-1/0/2 unit 0 family inet address 10.38.0.13/30 set interfaces ge-1/0/2 unit 0 family mpls set interfaces ge-1/0/5 encapsulation ethernet-ccc set interfaces ge-1/0/5 unit 0 family ccc set interfaces lo0 unit 0 family inet address 10.255.104.134/32 set routing-options forwarding-table chained-composite-next-hop ingress l2vpn set routing-options autonomous-system 200 set routing-options forwarding-table export lbpp set protocols mpls interface ge-1/0/2.0 set protocols ospf area 0.0.0.0 interface ge-1/0/2.0 set protocols bgp group PEs type internal set protocols bgp group PEs local-address 10.255.104.134 set protocols bgp group PEs family l2vpn signaling set protocols bgp group PEs family inet-vpn unicast set protocols bgp group PEs neighbor 10.255.104.133 set routing-instances vpn-a instance-type l2vpn set routing-instances vpn-a interface ge-1/0/5.0 set routing-instances vpn-a route-distinguisher 200:1 set routing-instances vpn-a vrf-target target:200:1 set routing-instances vpn-a protocols l2vpn encapsulation-type ethernet set routing-instances vpn-a protocols l2vpn site 200 site-identifier 200 set routing-instances vpn-a protocols l2vpn site 200 interface ge-1/0/5.0 remote-site-id 100
P
content_copy zoom_out_map
set interfaces ge-2/0/1 unit 0 family inet address 10.38.0.6/30 set interfaces ge-2/0/1 unit 0 family mpls set interfaces ge-2/0/2 unit 0 family inet address 10.38.0.14/30 set interfaces ge-2/0/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.255.104.136/32 set protocols mpls interface ge-2/0/1.0 set protocols ospf area 0.0.0.0 interface ge-2/0/1.0 set protocols mpls interface ge-2/0/2.0 set protocols ospf area 0.0.0.0 interface ge-2/0/2.0 set routing-options autonomous-system 200
CE2
content_copy zoom_out_map
set interfaces ge-2/2/2 unit 0 family inet address 192.0.2.4/24 set interfaces ge-2/2/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 198.51.100.2/24
Procedure
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode.
To configure basic Layer 2 VPN with chained composite next hop on the PE1 router:
Note:
Repeat this procedure for the PE2 router in the MPLS domain, after modifying the appropriate interface names, addresses, and any other parameters for the router.
Configure the interfaces on the PE1 router.
content_copy zoom_out_mapPE1 to CE1
[edit interfaces]user@PE1# set interfaces ge-0/1/1 encapsulation ethernet-ccc user@PE1# set interfaces ge-0/1/1 unit 0 family ccccontent_copy zoom_out_mapPE1 to P
[edit interfaces]user@PE1 # set ge-0/0/4 unit 0 family inet address 10.38.0.5/30 user@PE1 # set ge-0/0/4 unit 0 family mplscontent_copy zoom_out_mapLoopback interface
[edit interfaces]user@PE1 # set lo0 unit 0 family inet address 10.255.104.133/32Enable chained composite next hop on the global Layer 2 VPN.
content_copy zoom_out_map[edit routing-options]use@PE1# set forwarding-table chained-composite-next-hop ingress l2vpnConfigure the autonomous system for PE1.
content_copy zoom_out_map[edit routing-options]user@PE1# set autonomous-system 200Export the policy configured for load balancing.
content_copy zoom_out_map[edit routing-options]user@PE1# set forwarding-table export lbppConfigure MPLS on the PE1 interfaces that connects to the P router.
content_copy zoom_out_map[edit protocols]set mpls interface ge-0/0/4.0Configure OSPF on the PE1 nterface.
content_copy zoom_out_map[edit protocols]user@PE1# set ospf area 0.0.0.0 interface ge-0/0/4.0Configure the IBGP group for PE1 to PE2 router.
content_copy zoom_out_map[edit protocols]user@PE1# set bgp group PEs type internal user@PE1# set bgp group PEs local-address 10.255.104.133 user@PE1# set bgp group PEs family l2vpn signaling user@PE1# set bgp group PEs family inet-vpn unicast user@PE1# set bgp group PEs neighbor 10.255.104.134Configure the routing instance parameters.
content_copy zoom_out_map[edit routing-instances]user@PE1# set vpn-a instance-type l2vpn user@PE1# set vpn-a interface ge-0/1/1.0 user@PE1# set vpn-a route-distinguisher 200:1 user@PE1# set vpn-a vrf-target target:200:1 user@PE1# set vpn-a protocols l2vpn encapsulation-type ethernet user@PE1# set vpn-a protocols l2vpn site 100 site-identifier 100 user@PE1# set vpn-a protocols l2vpn site 100 interface ge-0/1/1.0 remote-site-id 200
Results
From configuration mode, confirm your configuration
by entering the show chassis, show interfaces, show protocols, show routing-options, show routing-instances, and show policy-options commands.
If the output does not display the intended configuration, repeat
the instructions in this example to correct the configuration.
PE1
content_copy zoom_out_map
user@PE1# show interfaces
ge-0/0/4 {
unit 0 {
family inet {
address 10.38.0.5/30;
}
family mpls;
}
}
ge-0/1/1 {
encapsulation ethernet-ccc;
unit 0 {
family iso;
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 10.255.104.133/32;
}
}
}
content_copy zoom_out_map
user@PE1# show protocols
mpls {
interface ge0/0/4.0;
}
bgp {
group PEs {
type internal;
local-address 10.255.104.133;
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
neighbor 10.255.104.134;
}
}
ospf {
area 0.0.0.0 {
interface ge-0/0/4.0;
}
}
content_copy zoom_out_map
user@PE1# show routing-options
autonomous-system 200;
forwarding-table {
export lbpp;
chained-composite-next-hop {
ingress {
l2vpn;
}
}
}
content_copy zoom_out_map
user@PE1# show routing-instances
vpn-a {
instance-type l2vpn;
interface ge-0/1/1.0;
route-distinguisher 200:1;
vrf-target target:200:1;
protocols {
l2vpn {
encapsulation-type ethernet;
site 100 {
site-identifier 100;
interface ge-0/1/1.0 {
remote-site-id 200;
}
}
}
}
}
