ON THIS PAGE
Example: Configuring Inter-AS VPLS with MAC Processing at the ASBR
This example describes how to configure inter-AS Virtual Private LAN Service (VPLS) with MAC processing between BGP-signaled VPLS and LDP-signaled VPLS. This feature is described in RFC 4761 as multi-AS VPLS option E or method E.
This example is organized in the following sections:
Requirements
To support inter-AS VPLS between BGP-signaled VPLS and LDP-signaled VPLS, your network must meet the following hardware and software requirements:
MX Series or M320 routers for the ASBRs.
Junos OS Release 9.3 or higher.
Gigabit Ethernet or 10-Gigabit Ethernet interfaces.
Overview and Topology
VPLS is a key enabler for delivering multipoint Ethernet service. Major service providers have implemented IP and MPLS backbones and offer VPLS services to large enterprises. Growing demand requires the VPLS network to scale to support many VPLS customers with multiple sites spread across geographically dispersed regions. BGP-signaled VPLS signaling offers scaling advantages over LDP-signaled VPLS. In some environments there is a need for BGP-signaled VPLS to interoperate with existing LDP-signaled VPLS.
This example shows one way to configure BGP-signaled VPLS interworking with an existing LDP-signaled VPLS network.
The advantages of the configuration are:
You can interconnect customer sites that are spread across different autonomous systems (ASs).
LDP-signaled VPLS and BGP-signaled VPLS interworking is supported.
Because the ASBR supports MAC operations, customer sites can be connected directly to the ASBR.
The inter-AS link is not restricted to Ethernet interfaces.
Additional configuration for multihoming is relatively straightforward.
Traffic from the interworking virtual private LAN services is switched at the ASBR. The ASBR does all the data plane operations: flooding, MAC learning, aging, and MAC forwarding for each AS to switch traffic among any customer facing interfaces and between the fully meshed pseudowires in the AS. A single pseudowire is created between the ASBRs across the inter-AS link and the ASBRs forward traffic from the pseudowires in each AS to the peer ASBR.
Each ASBR performs VPLS operations within its own AS and performs VPLS operations with the ASBR in the other AS. The ASBR treats the other AS as a BGP-signaled VPLS site. To establish VPLS pseudowires, VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBRs.
The sample metro network is configured for LDP-signaled VPLS. The core network is configured for BGP-signaled VPLS.
The first part of the example shows the basic configuration steps to configure the logical interfaces, OSPF, internal BGP, LDP, and MPLS. This part of the configuration is the same as other VPLS configurations for LDP-signaled VPLS and BGP-signaled VPLS.
The unique part of the example is configured in the VPLS routing instances, external BGP, and the policy that populates the BGP route table with routes learned from direct routes and OSPF routes. Additional details about the configuration statements are included in the step-by-step procedure.
Figure 1 shows the topology used in this example.
Topology
Configuration
To configure inter-AS VPLS between BGP-signaled VPLS and LDP-signaled VPLS, perform these tasks.
In any configuration session it is a good practice to
periodically use the commit check command to verify that
the configuration can be committed.
- Configuring Interfaces
- Configuring OSPF
- Configuring the Internal BGP Peer Group
- Configuring LDP
- Configuring MPLS
- Configuring the External BGP Peer Group Between the Loopback Interfaces
- Configuring the External BGP Peer Group Between the Inter-AS Link Interfaces
- Configuring the VPLS Routing Instances
- Results
Configuring Interfaces
Step-by-Step Procedure
To configure interfaces:
On each router, configure an IP address on the loopback logical interface 0 (lo0.0):
user@CE1# set interfaces lo0 unit 0 family inet address 192.168.1.1/32 primary user@PE1# set interfaces lo0 unit 0 family inet address 192.168.2.1/32 primary user@ASBR1# set interfaces lo0 unit 0 family inet address 192.168.3.1/32 primary user@ASBR2# set interfaces lo0 unit 0 family inet address 192.168.10.1/32 primary user@PE2# set interfaces lo0 unit 0 family inet address 192.168.11.1/32 primary user@CE2# set interfaces lo0 unit 0 family inet address 192.168.12.1/32 primary
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
On each router, display the interface information for
lo0and verify that the correct IP address is configured:user@host> show interfaces lo0 Physical interface: lo0, Enabled, Physical link is Up Interface index: 6, SNMP ifIndex: 6 Type: Loopback, MTU: Unlimited Device flags : Present Running Loopback Interface flags: SNMP-Traps Link flags : None Last flapped : Never Input packets : 0 Output packets: 0 Logical interface lo0.0 (Index 75) (SNMP ifIndex 16) Flags: SNMP-Traps Encapsulation: Unspecified Input packets : 0 Output packets: 0 Protocol inet, MTU: Unlimited Flags: None Addresses Local: 127.0.0.1 Addresses, Flags: Primary Is-Default Is-Primary Local: 192.168.3.1 Logical interface lo0.16384 (Index 64) (SNMP ifIndex 21) Flags: SNMP-Traps Encapsulation: Unspecified Input packets : 0 Output packets: 0 Protocol inet, MTU: Unlimited Flags: None Addresses Local: 127.0.0.1 Logical interface lo0.16385 (Index 65) (SNMP ifIndex 22) Flags: SNMP-Traps Encapsulation: Unspecified Input packets : 0 Output packets: 0 Protocol inet, MTU: Unlimited Flags: NoneIn the example above notice that the primary
lo0local address for theinetprotocol family on Router ASBR1 is192:168:3:1.On each router, configure an IP address and protocol family on the Gigabit Ethernet interfaces. Specify the
inetprotocol family.user@CE1# set interfaces ge-0/3/0 unit 0 family inet address 10.10.11.1/24 user@PE1# set interfaces ge-1/3/1 unit 0 family inet address 10.0.23.9/30 user@ASBR1# set interfaces ge-0/3/1 unit 0 family inet address 10.0.23.10/30 user@ASBR1# set interfaces ge-0/3/0 unit 0 family inet address 10.0.78.1/30 user@ASBR2# set interfaces ge-3/1/0 unit 0 family inet address 10.0.78.2/30 user@ASBR2# set interfaces ge-3/1/1 unit 0 family inet address 10.0.90.13/30 user@PE2# set interfaces ge-0/1/0 unit 0 family inet address 10.0.90.14/30 user@CE2# set interfaces ge-0/1/1 unit 0 family inet address 10.10.11.2/24
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
Display information for Gigabit Ethernet interfaces and verify that the IP address and protocol family are configured correctly.
user@ASBR2> show interfaces ge-* terse Interface Admin Link Proto Local Remote ge-3/1/0 up up ge-3/1/0.0 up up inet 10.0.78.2/30 multiservice ge-3/1/1 up up ge-3/1/1.0 up up inet 10.0.90.13/30 multiservice ge-3/1/2 up down ge-3/1/3 up down
Configuring OSPF
Step-by-Step Procedure
To configure OSPF:
On the PE and ASBR routers, configure the provider instance of OSPF. Configure OSPF traffic engineering support. Specify area 0.0.0.1 in the LDP-signaled VPLS network and area 0.0.0.0 in the BGP-signaled network. Specify the Gigabit Ethernet logical interfaces between the PE and ASBR routers. Specify
lo0.0as a passive interface.user@PE1# set protocols ospf traffic-engineering user@PE1# set protocols ospf area 0.0.0.1 interface ge-1/3/1.0 user@PE1# set protocols ospf area 0.0.0.1 interface lo0.0 passive user@ASBR1# set protocols ospf traffic-engineering user@ASBR1# set protocols ospf area 0.0.0.1 interface ge-0/3/1.0 user@ASBR1# set protocols ospf area 0.0.0.1 interface lo0.0 passive user@ASBR2# set protocols ospf traffic-engineering user@ASBR2# set protocols ospf area 0.0.0.0 interface ge-3/1/1.0 user@ASBR2# set protocols ospf area 0.0.0.0 interface lo0.0 passive user@PE2# set protocols ospf traffic-engineering user@PE2# set protocols ospf area 0.0.0.0 interface ge-0/1/0.0 user@PE2# set protocols ospf area 0.0.0.0 interface lo0.0 passive
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
Display OSPF neighbor information and verify that the PE routers form adjacencies with the ASBR router in the same area. Verify that the neighbor state is
Full.user@host> show ospf neighbor Address Interface State ID Pri Dead 10.0.23.10 ge-1/3/1.0 Full 192.168.3.1 128 31
Configuring the Internal BGP Peer Group
Step-by-Step Procedure
The purpose of configuring an internal BGP peer group is to create a full mesh of BGP LSPs among the PE routers in the BGP-signaled AS, including the ASBR routers.
To configure the internal BGP peer group:
The purpose of this step is to create a full mesh of IBGP peers between the PE routers, including the ASBR routers, within the BGP-signaled AS.
On Router ASBR2, configure internal BGP. Specify the BGP type as
internal. Specify the local address as the locallo0IP address.Specify the
inetprotocol family. Specify thelabeled-unicaststatement and theresolve-vpnoption. Thelabeled-unicaststatement causes the router to advertise labeled routes out of the IPv4 inet.0 route table and places labeled routes into the inet.0 route table. Theresolve-vpnoption puts labeled routes in the MPLS inet.3 route table The inet.3 route table is used to resolve routes for the PE router located in the other AS.Specify the
l2vpnfamily to indicate to the router that this is a VPLS. Specify thesignalingoption to configure BGP as the signaling protocol. This enables BGP to carry Layer 2 VPLS NLRI messages for this peer group.Specify the
lo0interface IP address of the PE as the neighbor. Configure an autonomous system identifier.user@ASBR2# set protocols bgp group core-ibgp type internal user@ASBR2# set protocols bgp group core-ibgp local-address 192.168.10.1 user@ASBR2# set protocols bgp group core-ibgp family inet labeled-unicast resolve-vpn user@ASBR2# set protocols bgp group core-ibgp family l2vpn signaling user@ASBR2# set protocols bgp group core-ibgp neighbor 192.168.11.1 user@ASBR2# set routing-options autonomous-system 0.65020
On Router PE2, configure internal BGP. Specify the BGP type as
internal. Specify the local address as the locallo0IP address.Specify the
l2vpnfamily to indicate this is a VPLS. Specify thesignalingoption to configure BGP as the signaling protocol. This enables BGP to carry Layer 2 VPLS NLRI messages.Specify the
lo0interface IP address of Router ASBR2 as the neighbor. Configure an autonomous system identifier.user@PE2# set protocols bgp group core-ibgp type internal user@PE2# set protocols bgp group core-ibgp local-address 192.168.11.1 user@PE2# set protocols bgp group core-ibgp family l2vpn signaling user@PE2# set protocols bgp group core-ibgp neighbor 192.168.10.1 user@PE2# set routing-options autonomous-system 0.65020
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
On Router PE2 and Router ASBR2, display BGP neighbor information and verify that the peer connection state is
Established.user@ASBR2> show bgp neighbor Peer: 192.168.11.1+49443 AS 65020 Local: 192.168.10.1+179 AS 65020 Type: Internal State: Established Flags: ImportEval Sync Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: Preference LocalAddress AddressFamily Rib-group Refresh Address families configured: l2vpn-signaling inet-labeled-unicast Local Address: 192.168.10.1 Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 192.168.11.1 Local ID: 192.168.10.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 ...
Configuring LDP
Step-by-Step Procedure
To configure LDP:
On the PE and ASBR routers, configure LDP with the Gigabit Ethernet interfaces between the PE and ASBR routers, and between the two ASBR routers. To support LDP-signaled VPLS, additionally configure LDP with the
lo0.0interface on Router PE1 and Router ASBR1:user@PE1# set protocols ldp interface ge-1/3/1.0 user@PE1# set protocols ldp interface lo0.0 user@ASBR1# set protocols ldp interface ge-0/3/1.0 user@ASBR1# set protocols ldp interface ge-0/3/0.0 user@ASBR1# set protocols ldp interface lo0.0 user@ASBR2# set protocols ldp interface ge-3/1/0.0 user@ASBR2# set protocols ldp interface ge-3/1/1.0 user@PE2# set protocols ldp interface ge-0/1/0.0
Note:The configuration of LDP signaling between the ASBR routers is not required for Inter-AS VPLS. It is included here for reference only and might be used in LDP environments.
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
Display LDP configuration information and verify that the correct interfaces are configured. LDP operation can be verified after MPLS is configured.
user@ASBR1> show configuration protocols ldp interface ge-0/3/0.0; interface ge-0/3/1.0; interface lo0.0;
The preceding example is from ASBR1.
Configuring MPLS
Step-by-Step Procedure
To configure MPLS:
On the PE and ASBR routers, configure MPLS. Enable MPLS on the logical interfaces. Add the Gigabit Ethernet interfaces to the MPLS protocol. This adds entries to the MPLS forwarding table.
user@PE1# set protocols mpls interface ge-1/3/1.0 user@PE1# set interfaces ge-1/3/1 unit 0 family mpls user@ASBR1# set protocols mpls interface ge-0/3/1.0 user@ASBR1# set protocols mpls interface ge-0/3/0.0 user@ASBR1# set interfaces ge-0/3/1 unit 0 family mpls user@ASBR1# set interfaces ge-0/3/0 unit 0 family mpls user@ASBR2# set protocols mpls interface ge-3/1/0.0 user@ASBR2# set protocols mpls interface ge-3/1/1.0 user@ASBR2# set interfaces ge-3/1/0 unit 0 family mpls user@ASBR2# set interfaces ge-3/1/1 unit 0 family mpls user@PE2# set protocols mpls interface ge-0/1/0.0 user@PE2# set interfaces ge-0/1/0 unit 0 family mpls
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
On the PE and ASBR routers, display LDP neighbor information and verify that the directly connected LDP neighbors are listed:
user@ASBR1> show ldp neighbor Address Interface Label space ID Hold time 192.168.2.1 lo0.0 192.168.2.1:0 44 10.0.78.2 ge-0/3/0.0 192.168.10.1:0 13 10.0.23.9 ge-0/3/1.0 192.168.2.1:0 11
The preceding example is from ASBR1.
Configuring the External BGP Peer Group Between the Loopback Interfaces
Step-by-Step Procedure
To configure the external BGP (EBGP) peer group between the loopback interfaces:
On Router ASBR1 and Router PE1, configure an autonomous system identifier:
user@PE1# set routing-options autonomous-system 0.65010 user@ASBR1# set routing-options autonomous-system 0.65010
On Router ASBR1, configure an external BGP peer group for the loopback interfaces. Specify the
externalBGP group type. Include themultihopstatement. Specify the local address as the locallo0IP address. Configure thel2vpnfamily for BGP signaling. Configure the peer AS as the core AS number. Specify thelo0IP address of Router ASBR2 as the neighbor.user@ASBR1# set protocols bgp group vpls-core type external user@ASBR1# set protocols bgp group vpls-core multihop user@ASBR1# set protocols bgp group vpls-core local-address 192.168.3.1 user@ASBR1# set protocols bgp group vpls-core family l2vpn signaling user@ASBR1# set protocols bgp group vpls-core peer-as 65020 user@ASBR1# set protocols bgp group vpls-core neighbor 192.168.10.1
On Router ASBR2, configure an external BGP peer group for the loopback interfaces. Specify the
externalBGP group type. Include themultihopstatement. Themultihopstatement is needed because the EBGP neighbors are in different ASs. Specify the local address as the locallo0IP address. Configure thel2vpnfamily for BGP signaling. Configure the peer AS as the metro AS number. Specify thelo0IP address of Router ASBR1 as the neighbor.user@ASBR2# set protocols bgp group vpls-metro type external user@ASBR2# set protocols bgp group vpls-metro multihop user@ASBR2# set protocols bgp group vpls-metro local-address 192.168.10.1 user@ASBR2# set protocols bgp group vpls-metro family l2vpn signaling user@ASBR2# set protocols bgp group vpls-metro peer-as 65010 user@ASBR2# set protocols bgp group vpls-metro neighbor 192.168.3.1
On each router, commit the configuration:
user@host> commit
Configuring the External BGP Peer Group Between the Inter-AS Link Interfaces
Step-by-Step Procedure
The purpose of configuring external BGP peer groups between the inter-AS link interfaces is to create a full mesh of BGP LSPs among the ASBR routers. To configure the external BGP peer group between the inter-AS link interfaces:
On Router ASBR1, configure a policy to export OSPF and direct routes, including the
lo0address of the PE routers, into BGP for the establishment of label-switched paths (LSPs):user@ASBR1# set policy-options policy-statement loopback term term1 from protocol ospf user@ASBR1# set policy-options policy-statement loopback term term1 from protocol direct user@ASBR1# set policy-options policy-statement loopback term term1 from route-filter 192.168.0.0/16 longer user@ASBR1# set policy-options policy-statement loopback term term1 then accept
On Router ASBR1, configure an external BGP peer group for the inter-AS link. Specify the
externalBGP group type. Specify the local inter-AS link IP address as the local address. Configure theinetfamily and include thelabeled-unicastandresolve-vpnstatements. Thelabeled-unicaststatement advertises labeled routes out of the IPv4 inet.0 route table and places labeled routes into the inet.0 route table. Theresolve-vpnoption stores labeled routes in the MPLSinet.3route table.Include the
exportstatement and specify the policy you created. Configure the peer AS as the core AS number. Specify the inter-AS link IP address of Router ASBR2 as the neighbor.user@ASBR1# set protocols bgp group metro-core type external user@ASBR1# set protocols bgp group metro-core local-address 10.0.78.1 user@ASBR1# set protocols bgp group metro-core family inet labeled-unicast resolve-vpn user@ASBR1# set protocols bgp group metro-core export loopback user@ASBR1# set protocols bgp group metro-core peer-as 65020 user@ASBR1# set protocols bgp group metro-core neighbor 10.0.78.2
On Router ASBR2, configure a policy to export OSPF and direct routes, including the
lo0address, into BGP for the establishment of LSPs:user@ASBR2# set policy-options policy-statement loopback term term1 from protocol ospf user@ASBR2# set policy-options policy-statement loopback term term1 from protocol direct user@ASBR2# set policy-options policy-statement loopback term term1 from route-filter 192.168.0.0/16 longer user@ASBR2# set policy-options policy-statement loopback term term1 then accept
On Router ASBR2, configure an external BGP peer group for the inter-AS link. Specify the
externalBGP group type. Specify the local inter-AS link IP address as the local address. Configure theinetfamily and include thelabeled-unicastandresolve-vpnstatements. Include theexportstatement and specify the policy you created. Configure the peer AS as the core AS number. Specify the inter-AS link IP address of Router ASBR1 as the neighbor.user@ASBR2# set protocols bgp group core-metro type external user@ASBR2# set protocols bgp group core-metro local-address 10.0.78.2 user@ASBR2# set protocols bgp group core-metro family inet labeled-unicast resolve-vpn user@ASBR2# set protocols bgp group core-metro export loopback user@ASBR2# set protocols bgp group core-metro peer-as 65010 user@ASBR2# set protocols bgp group core-metro neighbor 10.0.78.1
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
On Router ASBR1, display the BGP neighbors. Verify that the first peer is the IP address of the Gigabit Ethernet interface of Router ASBR2. Verify that the second peer is the IP address of the
lo0interface of Router ASBR2. Also verify that the state of each peer isEstablished. Notice that on Router ASBR1 the NLRI advertised by Router ASBR2 the inter-AS link peer isinet-labeled-unicastand the NLRI advertised by Router ASBR2 the loopback interface peer isl2vpn-signaling.user@ASBR1> show bgp neighbor Peer: 10.0.78.2+65473 AS 65020 Local: 10.0.78.1+179 AS 65010 Type: External State: Established Flags: Sync Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: Cease Export: [ loopback ] Options: Preference LocalAddress AddressFamily PeerAS Rib-group Refresh Address families configured: inet-labeled-unicast Local Address: 10.0.78.1 Holdtime: 90 Preference: 170 Number of flaps: 3 Last flap event: Stop Error: 'Cease' Sent: 1 Recv: 2 Peer ID: 192.168.10.1 Local ID: 192.168.3.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 BFD: disabled, down Local Interface: ge-0/3/0.0 NLRI for restart configured on peer: inet-labeled-unicast NLRI advertised by peer: inet-labeled-unicast NLRI for this session: inet-labeled-unicast Peer supports Refresh capability (2) Restart time configured on the peer: 120 Stale routes from peer are kept for: 300 Restart time requested by this peer: 120 NLRI that peer supports restart for: inet-labeled-unicast NLRI that restart is negotiated for: inet-labeled-unicast NLRI of received end-of-rib markers: inet-labeled-unicast NLRI of all end-of-rib markers sent: inet-labeled-unicast Peer supports 4 byte AS extension (peer-as 65020) Table inet.0 Bit: 10000 RIB State: BGP restart is complete Send state: in sync Active prefixes: 2 Received prefixes: 3 Accepted prefixes: 3 Suppressed due to damping: 0 Advertised prefixes: 3 Last traffic (seconds): Received 8 Sent 3 Checked 60 Input messages: Total 8713 Updates 3 Refreshes 0 Octets 165688 Output messages: Total 8745 Updates 2 Refreshes 0 Octets 166315 Output Queue[0]: 0 Peer: 192.168.10.1+51234 AS 65020 Local: 192.168.3.1+179 AS 65010 Type: External State: Established Flags: Sync Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: Cease Options: Multihop Preference LocalAddress AddressFamily PeerAS Rib-group Refresh Address families configured: l2vpn-signaling Local Address: 192.168.3.1 Holdtime: 90 Preference: 170 Number of flaps: 3 Last flap event: Stop Error: 'Cease' Sent: 1 Recv: 2 Peer ID: 192.168.10.1 Local ID: 192.168.3.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 BFD: disabled, down NLRI for restart configured on peer: l2vpn-signaling NLRI advertised by peer: l2vpn-signaling NLRI for this session: l2vpn-signaling Peer supports Refresh capability (2) Restart time configured on the peer: 120 Stale routes from peer are kept for: 300 Restart time requested by this peer: 120 NLRI that peer supports restart for: l2vpn-signaling NLRI that restart is negotiated for: l2vpn-signaling NLRI of received end-of-rib markers: l2vpn-signaling NLRI of all end-of-rib markers sent: l2vpn-signaling Peer supports 4 byte AS extension (peer-as 65020) Table bgp.l2vpn.0 Bit: 20000 RIB State: BGP restart is complete RIB State: VPN restart is complete Send state: in sync Active prefixes: 1 Received prefixes: 1 Accepted prefixes: 1 Suppressed due to damping: 0 Advertised prefixes: 1 Table inter-as.l2vpn.0 RIB State: BGP restart is complete RIB State: VPN restart is complete Send state: not advertising Active prefixes: 1 Received prefixes: 1 Accepted prefixes: 1 Suppressed due to damping: 0 Last traffic (seconds): Received 19 Sent 18 Checked 42 Input messages: Total 8712 Updates 3 Refreshes 0 Octets 165715 Output messages: Total 8744 Updates 2 Refreshes 0 Octets 166342 Output Queue[1]: 0 Output Queue[2]: 0On Router ASBR2, display the BGP summary. Notice that the first peer is the IP address of the Gigabit Ethernet interface of Router ASBR1, the second peer is the IP address of the
lo0interface of Router ASBR1, and the third peer is thelo0interface of Router PE2. Verify that the state of each peer isEstablished.user@ASBR2> show bgp summary Groups: 3 Peers: 3 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 3 2 0 0 0 0 bgp.l2vpn.0 2 2 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 10.0.78.1 65010 8781 8748 0 2 2d 17:54:56 Establ inet.0: 2/3/3/0 192.168.3.1 65010 8780 8747 0 2 2d 17:54:54 Establ bgp.l2vpn.0: 1/1/1/0 inter-as.l2vpn.0: 1/1/1/0 192.168.11.1 65020 8809 8763 0 1 2d 17:59:22 Establ bgp.l2vpn.0: 1/1/1/0 inter-as.l2vpn.0: 1/1/1/0
On Router PE2, display the BGP group. Verify that the peer is the IP address of the
lo0interface of Router ASBR2. Verify that the number of established peer sessions is 1.user@PE1> show bgp group Group Type: Internal AS: 65020 Local AS: 65020 Name: core-ibgp Index: 1 Flags: Export Eval Holdtime: 0 Total peers: 1 Established: 1 192.168.10.1+179 bgp.l2vpn.0: 1/1/1/0 inter-as.l2vpn.0: 1/1/1/0 Groups: 1 Peers: 1 External: 0 Internal: 1 Down peers: 0 Flaps: 7 Table Tot Paths Act Paths Suppressed History Damp State Pending bgp.l2vpn.0 1 1 0 0 0 0 inte.l2vpn.0 1 1 0 0 0 0
Configuring the VPLS Routing Instances
Step-by-Step Procedure
To configure the VPLS routing instances:
On Router PE1, configure the VPLS routing instance. To enable a VPLS instance, specify the
vplsinstance type. Configure VPLS on the CE-facing Gigabit Ethernet interface. Configure the CE-facing interface to useethernet-vplsencapsulation.user@PE1# set routing-instances metro instance-type vpls user@PE1# set routing-instances metro interface ge-1/3/0.0
On Router PE1, configure the VPLS protocol within the routing instance. To uniquely identify the virtual circuit, configure the VPLS identifier. The VPLS identifier uniquely identifies each VPLS in the router. Configure the same VPLS ID on all the routers for a given VPLS.
Specify the IP address of the
lo0interface on Router ASBR2 as the neighbor.Configure the CE-facing interface to use
ethernet-vplsencapsulation and thevplsprotocol family.user@PE1# set routing-instances metro protocols vpls vpls-id 101 user@PE1# set routing-instances metro protocols vpls neighbor 192.168.3.1 user@PE1# set interfaces ge-1/3/0 encapsulation ethernet-vpls user@PE1# set interfaces ge-1/3/0 unit 0 family vpls
On Router ASBR1, configure the VPLS routing instance. To enable a VPLS instance, specify the
vplsinstance type. Configure a route distinguisher and a VRF target. Thevrf-targetstatement causes default VRF import and export policies to be generated that accept and tag routes with the specified target community.Note:A route distinguisher allows the router to distinguish between two identical IP prefixes used as VPN routes. Configure a different route distinguisher on each ASBR router.
Note:You must configure the same VRF target on both ASBR routers.
user@ASBR1# set routing-instances inter-as instance-type vpls user@ASBR1# set routing-instances inter-as route-distinguisher 65010:1 user@ASBR1# set routing-instances inter-as vrf-target target:2:1
On Router ASBR1, configure the VPLS protocol within the routing instance.
Configure the VPLS identifier. Specify the IP address of the
lo0interface on Router PE1 as the neighbor.user@ASBR1# set routing-instances inter-as protocols vpls vpls-id 101 user@ASBR1# set routing-instances inter-as protocols vpls neighbor 192.168.2.1
Note:The VPLS identifier uniquely identifies each LDP-signaled VPLS in the router. Configure the same VPLS ID on Router PE1 and Router ASBR1.
On Router ASBR1, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol to establish the EBGP pseudowire. As a best practice for more complex topologies involving multihoming, configure a site preference.
user@ASBR1# set routing-instances inter-as protocols vpls site ASBR-metro site-identifier 1 user@ASBR1# set routing-instances inter-as protocols vpls site ASBR-metro site-preference 10000
On Router ASBR1, configure the VPLS mesh group
peer-asstatement within the routing instance to specify which ASs belong to this AS mesh group. Configure the peer AS for the mesh group asall.This statement enables the router to establish a single pseudowire between the ASBR routers. VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBR routers. All autonomous systems are in one mesh group.
user@ASBR1# set routing-instances inter-as protocols vpls mesh-group metro peer-as all
On ASBR2, configure the VPLS routing instance. To enable a VPLS instance, specify the
vplsinstance type. Configure a route distinguisher and a VRF target. Thevrf-targetstatement causes default VRF import and export policies to be generated that accept and tag routes with the specified target community.Note:A route distinguisher allows the router to distinguish between two identical IP prefixes used as VPN routes. Configure a different route distinguisher on each ASBR router.
Note:You must configure the same VRF target community on both ASBR routers.
user@ASBR2# set routing-instances inter-as instance-type vpls user@ASBR2# set routing-instances inter-as route-distinguisher 65020:1 user@ASBR2# set routing-instances inter-as vrf-target target:2:1
On Router ASBR2, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol.
user@ASBR2# set routing-instances inter-as protocols vpls site ASBR-core site-identifier 2
On Router ASBR2, configure the VPLS mesh group within the routing instance to specify which VPLS PEs belong to this AS mesh group. Configure the peer AS for the mesh group as
all.This statement enables the router to establish a single pseudowire between the ASBR routers. VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBR routers. All autonomous systems are in one mesh group.
user@ASBR1# set routing-instances inter-as protocols vpls mesh-group core peer-as all
On Router PE2, configure the VPLS routing instance. To enable a VPLS instance, specify the
vplsinstance type. Configure VPLS on the CE-facing Gigabit Ethernet interface. Configure a route distinguisher and a VRF target.user@PE2# set routing-instances inter-as instance-type vpls user@PE2# set routing-instances inter-as interface ge-0/1/1.0 user@PE2# set routing-instances inter-as route-distinguisher 65020:1 user@PE2# set routing-instances inter-as vrf-target target:2:1
On Router PE2, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol.
Configure the CE-facing interface to use
ethernet-vplsencapsulation and thevplsprotocol family.user@PE2# set routing-instances inter-as protocols vpls site PE2 site-identifier 3 user@PE2# set interfaces ge-0/1/1 encapsulation ethernet-vpls user@PE2# set interfaces ge-0/1/1 unit 0 family vpls
On each router, commit the configuration:
user@host> commit check
configuration check succeeds
user@host> commit
commit complete
On the PE routers, display the CE-facing Gigabit Ethernet interface information and verify that the encapsulation is configured correctly:
user@host> show interfaces ge-1/3/0 Address Interface Label space ID Hold time 10.0.23.10 ge-1/3/1.0 192.168.3.1:0 11 Physical interface: ge-1/3/0, Enabled, Physical link is Up Interface index: 147, SNMP ifIndex: 145 Link-level type: Ethernet, MTU: 1514, Speed: 1000mbps, MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online Device flags : Present Running Interface flags: SNMP-Traps Internal: 0x4000 Link flags : None CoS queues : 4 supported, 4 maximum usable queues Schedulers : 256 Current address: 00:12:1e:ee:34:db, Hardware address: 00:12:1e:ee:34:db Last flapped : 2008-08-27 19:02:52 PDT (5d 22:32 ago) Input rate : 0 bps (0 pps) Output rate : 0 bps (0 pps) Ingress rate at Packet Forwarding Engine : 0 bps (0 pps) Ingress drop rate at Packet Forwarding Engine : 0 bps (0 pps) Active alarms : None Active defects : None Logical interface ge-1/3/0.0 (Index 84) (SNMP ifIndex 146) Flags: SNMP-Traps Encapsulation: ENET2 Input packets : 0 Output packets: 1 Protocol inet, MTU: 1500 Flags: None Addresses, Flags: Is-Preferred Is-Primary Destination: 10.10.11/24, Local: 10.10.11.11, Broadcast: 10.10.11.255
Results
This section describes commands you can use to test the operation of the VPLS.
To verify the VPLS connections have been established, enter the
show vpls connectionscommand on Router PE 1.user@PE1> show vpls connections Layer-2 VPN connections: Legend for connection status (St) EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS EM -- encapsulation mismatch WE -- interface and instance encaps not same VC-Dn -- Virtual circuit down NP -- interface hardware not present CM -- control-word mismatch -> -- only outbound connection is up CN -- circuit not provisioned <- -- only inbound connection is up OR -- out of range Up -- operational OL -- no outgoing label Dn -- down LD -- local site signaled down CF -- call admission control failure RD -- remote site signaled down SC -- local and remote site ID collision LN -- local site not designated LM -- local site ID not minimum designated RN -- remote site not designated RM -- remote site ID not minimum designated XX -- unknown connection status IL -- no incoming label MM -- MTU mismatch MI -- Mesh-Group ID not availble BK -- Backup connection ST -- Standby connection Legend for interface status Up -- operational Dn -- down Instance: metro VPLS-id: 101 Neighbor Type St Time last up # Up trans 192.168.3.1(vpls-id 101) rmt Up Sep 9 14:05:18 2008 1 Remote PE: 192.168.3.1, Negotiated control-word: No Incoming label: 800001, Outgoing label: 800000 Local interface: vt-1/2/0.1048576, Status: Up, Encapsulation: ETHERNET Description: Intf - vpls metro neighbor 192.168.3.1 vpls-id 101In the display from Router PE1, verify that the neighbor is the
lo0address of Router ASBR1 and that the status isUp.To verify the VPLS connections have been established, enter the
show vpls connectionscommand on Router ASBR 1.user@ASBR1> show vpls connections ... Instance: inter-as BGP-VPLS State Mesh-group connections: metro Neighbor Local-site Remote-site St Time last up 192.168.10.1 1 2 Up Sep 8 20:16:28 2008 Incoming label: 800257, Outgoing label: 800000 Local interface: vt-1/2/0.1049088, Status: Up, Encapsulation: VPLS LDP-VPLS State VPLS-id: 101 Mesh-group connections: __ves__ Neighbor Type St Time last up # Up trans 192.168.2.1(vpls-id 101) rmt Up Sep 9 14:05:22 2008 1 Remote PE: 192.168.2.1, Negotiated control-word: No Incoming label: 800000, Outgoing label: 800001 Local interface: vt-0/1/0.1049089, Status: Up, Encapsulation: ETHERNET Description: Intf - vpls inter-as neighbor 192.168.2.1 vpls-id 101In the display from Router ASBR1, verify that the neighbor is the
lo0address of Router PE1 and that the status isUp.To verify the VPLS connections have been established, enter the
show vpls connectionscommand on Router ASBR2.user@ASBR2> show vpls connections ... Instance: inter-as BGP-VPLS State Mesh-group connections: __ves__ Neighbor Local-site Remote-site St Time last up 192.168.11.1 2 3 Up Sep 11 15:18:23 2008 Incoming label: 800002, Outgoing label: 800001 Local interface: vt-4/0/0.1048839, Status: Up, Encapsulation: VPLS Mesh-group connections: core Neighbor Local-site Remote-site St Time last up 192.168.3.1 2 1 Up Sep 8 20:16:28 2008 Incoming label: 800000, Outgoing label: 800257 Local interface: vt-4/0/0.1048834, Status: Up, Encapsulation: VPLSIn the display from Router ASBR2, verify that the neighbor is the
lo0address of Router PE2 and that the status isUp.To verify the VPLS connections have been established, enter the
show vpls connectionscommand on Router PE2.user@PE2> show vpls connections ... Instance: inter-as Local site: PE2 (3) connection-site Type St Time last up # Up trans 2 rmt Up Sep 8 20:16:28 2008 1 Remote PE: 192.168.10.1, Negotiated control-word: No Incoming label: 800001, Outgoing label: 800002 Local interface: vt-0/3/0.1048832, Status: Up, Encapsulation: VPLS Description: Intf - vpls inter-as local site 3 remote site 2In the display from Router PE2, verify that the remote PE is the
lo0address of Router ASBR2 and that the status isUp.To verify that the CE routers can send and receive traffic across the VPLS, use the
pingcommand.user@CE1> ping 10.10.11.2 PING 10.10.11.2 (10.10.11.2): 56 data bytes 64 bytes from 10.10.11.2: icmp_seq=0 ttl=64 time=1.369 ms 64 bytes from 10.10.11.2: icmp_seq=1 ttl=64 time=1.360 ms 64 bytes from 10.10.11.2: icmp_seq=2 ttl=64 time=1.333 ms ^C
user@CE2> ping 10.10.11.1 PING 10.10.11.1 (10.10.11.1): 56 data bytes 64 bytes from 10.10.11.1: icmp_seq=0 ttl=64 time=6.209 ms 64 bytes from 10.10.11.1: icmp_seq=1 ttl=64 time=1.347 ms 64 bytes from 10.10.11.1: icmp_seq=2 ttl=64 time=1.324 ms ^C
If Router CE1 can send traffic to and receive traffic from Router CE2 and Router CE2 can send traffic to and receive traffic from Router CE1, the VPLS is performing correctly.
To display the configuration for Router CE1, use the
show configurationcommand.For your reference, the relevant sample configuration for Router CE1 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.1.1/32 { primary; } address 127.0.0.1/32; } } } ge-0/3/0 { unit 0 { family inet { address 10.10.11.1/24; } } } }To display the configuration for Router PE1, use the
show configurationcommand.For your reference, the relevant sample configuration for Router PE1 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.2.1/32 { primary; } address 127.0.0.1/32; } } } ge-1/3/0 { encapsulation ethernet-vpls; unit 0 { family vpls; } } ge-1/3/1 { unit 0 { family inet { address 10.0.23.9/30; } family mpls; } } } routing-options { autonomous-system 0.65010; } protocols { mpls { interface ge-1/3/1.0; } ospf { traffic-engineering; area 0.0.0.1 { interface ge-1/3/1.0; interface lo0.0 { passive; } } } ldp { interface ge-1/3/1.0; interface lo0.0; } } routing-instances { metro { instance-type vpls; interface ge-1/3/0.0; protocols { vpls { vpls-id 101; neighbor 192.168.3.1; } } } }To display the configuration for Router ASBR1, use the
show configurationcommand.For your reference, the relevant sample configuration for Router ASBR1 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.3.1/32 { primary; } address 127.0.0.1/32; } } } ge-0/3/0 { unit 0 { family inet { address 10.0.78.1/30; } family mpls; } } ge-0/3/1 { unit 0 { family inet { address 10.0.23.10/30; } family mpls; } } } routing-options { autonomous-system 0.65010; } protocols { mpls { interface ge-0/3/1.0; interface ge-0/3/0.0; } bgp { group vpls-core { type external; multihop; local-address 192.168.3.1; family l2vpn { signaling; } peer-as 65020; neighbor 192.168.10.1; } group metro-core { type external; local-address 10.0.78.1; family inet { labeled-unicast { resolve-vpn; } } export loopback; peer-as 65020; neighbor 10.0.78.2; } } ospf { traffic-engineering; area 0.0.0.1 { interface ge-0/3/1.0; interface lo0.0 { passive; } } } ldp { interface ge-0/3/0.0; interface ge-0/3/1.0; interface lo0.0; } } policy-options { policy-statement loopback { term term1 { from { protocol [ ospf direct ]; route-filter 192.168.0.0/16 longer; } then accept; } } } routing-instances { inter-as { instance-type vpls; route-distinguisher 65010:1; vrf-target target:2:1; protocols { vpls { site ASBR-metro { site-identifier 1; site-preference 10000; } vpls-id 101; neighbor 192.168.2.1; mesh-group metro { peer-as { all; } } } } } }To display the configuration for Router ASBR2, use the
show configurationcommand.For your reference, the relevant sample configuration for Router ASBR2 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.10.1/32 { primary; } address 127.0.0.1/32; } } } ge-3/1/0 { unit 0 { family inet { address 10.0.78.2/30; } family mpls; } } ge-3/1/1 { unit 0 { family inet { address 10.0.90.13/30; } family mpls; } } } routing-options { autonomous-system 0.65020; } protocols { mpls { interface ge-3/1/0.0; interface ge-3/1/1.0; } bgp { group core-ibgp { type internal; local-address 192.168.10.1; family inet { labeled-unicast { resolve-vpn; } } family l2vpn { signaling; } neighbor 192.168.11.1; } group vpls-metro { type external; multihop; local-address 192.168.10.1; family l2vpn { signaling; } peer-as 65010; neighbor 192.168.3.1; } group core-metro { type external; local-address 10.0.78.2; family inet { labeled-unicast { resolve-vpn; } } export loopback; peer-as 65010; neighbor 10.0.78.1; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-3/1/1.0; interface lo0.0 { passive; } } } ldp { interface ge-3/1/0.0; interface ge-3/1/1.0; } } policy-options { policy-statement loopback { term term1 { from { protocol [ ospf direct ]; route-filter 192.168.0.0/16 longer; } then accept; } } } routing-instances { inter-as { instance-type vpls; route-distinguisher 65020:1; vrf-target target:2:1; protocols { vpls { site ASBR-core { site-identifier 2; } mesh-group core { peer-as { all; } } } } } }To display the configuration for Router PE2, use the
show configurationcommand.For your reference, the relevant sample configuration for Router PE2 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.11.1/32 { primary; } address 127.0.0.1/32; } } } ge-0/1/0 { unit 0 { family inet { address 10.0.90.14/30; } family mpls; } } ge-0/1/1 { encapsulation ethernet-vpls; unit 0 { family vpls; } } } routing-options { autonomous-system 0.65020; } protocols { mpls { interface ge-0/1/0.0; } bgp { group core-ibgp { type internal; local-address 192.168.11.1; family l2vpn { signaling; } neighbor 192.168.10.1; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-0/1/0.0; interface lo0.0 { passive; } } } ldp { interface ge-0/1/0.0; } } routing-instances { inter-as { instance-type vpls; interface ge-0/1/1.0; route-distinguisher 65020:1; vrf-target target:2:1; protocols { vpls { site PE2 { site-identifier 3; } } } } }To display the configuration for Router CE2, use the
show configurationcommand.For your reference, the relevant sample configuration for Router CE2 follows.
interfaces { lo0 { unit 0 { family inet { address 192.168.12.1/32 { primary; } address 127.0.0.1/32; } } } ge-0/1/1 { unit 0 { family inet { address 10.10.11.2/24; } } } }