Example: VPLS Configuration (BGP and LDP Interworking)
Figure 1, shows
two VPLS mesh groups: LDP-1 and the default BGP mesh group. The VPLS
instance is named v1
in the configuration. Table 1 shows the addresses for the
router interfaces in the example topology.
Router |
Interface |
Address |
---|---|---|
CE1 |
fe-0/0/3 (link to Router PE1) |
10.12.31.1 |
loopback |
10.12.53.1 |
|
CE2 |
fe-0/0/1 (link to Router PE2) |
10.12.31.2 |
loopback |
10.12.53.2 |
|
PE1 |
t1-1/1/1 (link to Router PE2) |
10.12.100.17 |
t1-0/1/0 (link to Router B) |
10.12.100.2 |
|
loopback |
10.255.170.106 |
|
PE2 |
t1-0/1/1 (link to Router PE1) |
10.12.100.18 |
t1–0/1/3 (link to Router B) |
10.12.100.6 |
|
loopback |
10.255.170.104 |
|
B |
t1-0/1/2 (link to Router PE1) |
10.12.100.1 |
t1-0/1/3 (link to Router PE2) |
10.12.100.5 |
|
so-0/2/2 (link to Router PE3) |
10.12.100.9 |
|
fe-0/0/3 (link to Router PE4) |
10.12.100.13 |
|
loopback |
10.255.170.98 |
|
PE3 |
s0-0/2/1 (link to Router B) |
10.12.100.10 |
so-0/2/2 (link to Router P0) |
10.12.100.21 |
|
loopback |
10.255.170.96 |
|
P0 |
so-0/2/1 (link to Router PE3) |
10.12.100.22 |
t1-0/1/3 (link to Router PE4) |
10.12.100.25 |
|
loopback |
10.255.170.100 |
|
PE4 |
fe-0/0/3 (link to Router B) |
10.12.100.14 |
t1-0/1/3 (link to Router P0) |
10.12.100.26 |
|
loopback |
10.255.170.102 |
|
CE3 |
ge-1/2/1 (link to PE3) |
10.12.31.3 |
loopback |
10.12.53.3 |
|
CE4 |
fe-0/0/2 (link to PE4) |
10.12.31.4 |
loopback |
10.12.53.4 |
On Router CE3, the only item you need to configure is the Gigabit Ethernet interface that connects to PE3.
Router CE3
[edit] interfaces { ge-1/2/1 { unit 0 { family inet { address 10.12.31.1/24; } } } }
On Router PE3, prepare the router for VPLS by configuring BGP,
MPLS, OSPF, and LDP. (These protocols are the basis for most Layer 2
VPN-related applications, including VPLS.) Include the signaling
statement at the [edit protocols bgp group group-name family l2vpn]
hierarchy level, because VPLS uses the same
infrastructure for internal BGP as Layer 2 VPNs.
In Junos OS Release 7.3 and later, the signaling
statement replaces the unicast
statement
at the [edit protocols bgp group group-name family l2vpn]
hierarchy level. You must use the signaling
statement if you wish to configure VPLS domains and Layer 2
VPNs simultaneously.
Next, configure VLAN tagging on the Gigabit Ethernet interface connected to Router CE3. Finally, add the Gigabit Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.
Router PE3
[edit] interfaces { so-0/2/1 { unit 0 { family inet { address 10.12.100.10/30; } family mpls; } so-0/2/2 { unit 0 { family inet { address 10.12.100.21/30; } family mpls; } } ge-1/3/1 { encapsulation ethernet-vpls; unit 0 { family vpls; } } } } protocols { mpls { interface all; } bgp { log-updown; group int { type internal; local-address 10.255.170.96; family l2vpn { signaling; } neighbor 10.255.170.98; neighbor 10.255.170.102; } } ospf { area 0.0.0.0 { interface so-0/2/1.0; interface so-0/2/2.0; interface lo0.0 { passive; } } } ldp { interface so-0/2/1.0; interface so-0/2/2.0; } } routing-instances { v1 { instance-type vpls; interface ge-1/3/1.0; route-distinguisher 10.255.170.96:1; vrf-target target:1:2; protocols { vpls { site-range 10; site 1 { site-identifier 3; } } } }
On Router P0, configure MPLS, OSPF, and LDP to interconnect PE3 and PE4.
Router P0
[edit] interfaces { t1-0/1/3 { unit 0 { family inet { address 10.12.100.25/30; } family mpls; } so-0/2/1 { unit 0 { family inet { address 10.12.100.22/30; } family mpls; } } } protocols { mpls { interface all; } ospf { area 0.0.0.0 { interface so-0/2/1.0; interface t1-0/1/3.0; interface lo0.0 { passive; } } } ldp { interface t1-0/1/3.0; interface so-0/2/1.0; } }
On Router PE4, configure BGP, MPLS, OSPF, and LDP to complement the configuration on PE3. Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE4. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.
Router PE4
[edit] interfaces { fe-0/0/2 { encapsulation ethernet-vpls; unit 0 { family vpls; } fe-0/0/3 { unit 0 { family inet { address 10.12.100.14/30; } family mpls; } } t1-0/1/3 { unit 0 { family inet { address 10.12.100.26/30; } family mpls; } } } protocols { mpls { interface all; } bgp { log-updown; group int { type internal; local-address 10.255.170.102; family l2vpn { signaling; } neighbor 10.255.170.96; neighbor 10.255.170.98; } } } ospf { area 0.0.0.0 { interface fe-0/0/3.0; interface t1-0/1/3.0; interface lo0.0 { passive; } } } ldp { interface fe-0/0/3.0; interface t1-0/1/3.0; interface lo0.0; } }
On Router CE4, configure the Fast Ethernet interface that connects to PE4.
Router CE4
[edit] interfaces { fe-0/0/2 { unit 0 { family inet { address 10.12.31.4/24; } } } }
On Router B, the area border router, configure the interfaces.
Next, configure BGP, MPLS, OSPF, and LDP. Be sure to include the loopback
interface in the LDP configuration by including the interface
lo0.0
statement at the [edit protocols ldp
] hierarchy
level. For BGP, include the signaling
statement at the
[edit bgp group group-name family l2vpn
] hierarchy level. Last, configure the VPLS instance with both BGP
and LDP signaling. Configure the LDP-1 mesh group by including the mesh-group ldp1
statement at the [edit routing-instances
v1 protocols vpls
] hierarchy level.
Router B
[edit] interfaces { fe-0/0/3 { unit 0 { family inet { address 10.12.100.13/30; } family mpls; } } t1-0/1/2 { unit 0 { family inet { address 10.12.100.1/30; } family mpls; } } t1-0/1/3 { unit 0 { family inet { address 10.12.100.5/30; } family mpls; } } so-0/2/2 { unit 0 { family inet { address 10.12.100.9/30; } family mpls; } } } protocols { mpls { interface all; } bgp { log-updown; group int { type internal; local-address 10.255.170.98; family l2vpn { signaling; } neighbor 10.255.170.96; neighbor 10.255.170.102; } } ospf { area 0.0.0.0 { interface t1-0/1/2.0; interface t1-0/1/3.0; interface so-0/2/2.0; interface fe-0/0/3.0; interface lo0.0 { passive; } } } ldp { interface fe-0/0/3.0; interface t1-0/1/2.0; interface t1-0/1/3.0; interface so-0/2/2.0; interface lo0.0; } } routing-instances { v1 { instance-type vpls; route-distinguisher 10.255.170.98:1; vrf-target target:1:2; protocols { vpls { site-range 10; site 1 { site-identifier 1; } vpls-id 101; mesh-group ldp-1 { neighbor 10.255.170.106; neighbor 10.255.170.104; } } } } }
Finally, configure the LDP PE routers. On Router PE1, prepare the router for VPLS by configuring LDP, MPLS, and OSPF. Next, configure VPLS encapsulation on the Fast Ethernet interface connected to CE1. Finally, add the Fast Ethernet interface to the routing instance, specifying the VPLS ID and the neighboring routers’ loopback addresses.
Router PE1
[edit] interfaces { fe-0/0/3 { encapsulation ethernet-vpls; unit 0 { family vpls; } } t1-0/1/0 { unit 0 { family inet { address 10.12.100.2/30; } family mpls; } } t1-1/1/1 { unit 0 { family inet { address 10.12.100.17/30; } family mpls; } } } protocols { mpls { interface all; } ospf { area 0.0.0.0 { interface t1-0/1/0.0; interface t1-1/1/1.0; interface lo0.0 { passive; } } } ldp { interface t1-0/1/0.0; interface t1-1/1/1.0; interface lo0.0; } } routing-instances { v1 { instance-type vpls; interface fe-0/0/3.0; protocols { vpls { vpls-id 101; neighbor 10.255.170.98; neighbor 10.255.170.104; } } } }
Next, configure the Fast Ethernet interface on Router CE1 that connects to Router PE1.
Router CE1
[edit] interfaces { fe-0/0/3 { unit 0 { family inet { address 10.12.31.1/24; } } } }
On Router PE2, prepare the router for VPLS by configuring LDP, MPLS, and OSPF. Next, configure VPLS encapsulation on the Fast Ethernet interface connected to Router CE1. Finally, add the Fast Ethernet interface to the routing instance, specifying the VPLS ID and the neighboring routers’ loopback addresses.
Router PE2
[edit] interfaces { t1-0/1/1 { unit 0 { family inet { address 10.12.100.18/30; } family mpls; } t1-0/1/3 { unit 0 { family inet { address 10.12.100.6/30; } family mpls; } } fe-1/0/2 { encapsulation ethernet-vpls; unit 0 { family vpls; } } } protocols { mpls { interface all; } ospf { area 0.0.0.0 { interface t1-0/1/3.0; interface t1-0/1/1.0; interface lo0.0 { passive; } } } ldp { interface t1-0/1/1.0; interface t1-0/1/3.0; interface lo0.0; } } routing-instances { v1 { instance-type vpls; interface fe-1/0/2.0; protocols { vpls { vpls-id 101; neighbor 10.255.170.98; neighbor 10.255.170.106; } } } }
Finally, on Router CE2 configure the Fast Ethernet interface connected to PE2:
Router CE2
[edit] interfaces { fe-0/0/1 { unit 0 { family inet { address 10.12.31.2/24; } } } }
Verifying Your Work
To verify proper operation of VPLS, use the following commands:
show bgp summary
show ldp neighbor
show vpls connections
show route forwarding-table family vpls (destination | extensive | matching | table)
show interfaces vt* terse
show vpls flood extensive
show vpls statistics
The following section shows the output of some of these commands on Router B as a result of the configuration example.
Use the show bgp summary
command to verify BGP signaling
for VPLS is up.
user@B> show bgp summary Groups: 1 Peers: 2 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending bgp.l2vpn.0 2 2 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... 10.255.170.96 65000 124 125 0 0 54:26 Establ bgp.l2vpn.0: 1/1/0 v1.l2vpn.0: 1/1/0 10.255.170.102 65000 122 124 0 0 54:18 Establ bgp.l2vpn.0: 1/1/0 v1.l2vpn.0: 1/1/0
Use the show ldp neighbors
command to verify that
LDP signaling for VPLS is up.
user@B> show ldp neighbors Address Interface Label space ID Hold time 10.255.170.104 lo0.0 10.255.170.104:0 41 10.255.170.106 lo0.0 10.255.170.106:0 38 10.12.100.14 fe-0/0/3.0 10.255.170.102:0 12 10.12.100.10 so-0/2/2.0 10.255.170.96:0 14 10.12.100.2 t1-0/1/2.0 10.255.170.106:0 14 10.12.100.6 t1-0/1/3.0 10.255.170.104:0 13
To verify that the VPLS connections are up, use the show
vpls connections
command.
user@B>show vpls connections Layer-2 VPN connections: Legend for connection status (St) EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS EM -- encapsulation mismatch WE -- interface and instance encaps not same VC-Dn -- Virtual circuit down NP -- interface hardware not present CM -- control-word mismatch -> -- only outbound connection is up CN -- circuit not provisioned <- -- only inbound connection is up OR -- out of range Up -- operational OL -- no outgoing label Dn -- down LD -- local site signaled down CF -- call admission control failure RD -- remote site signaled down SC -- local and remote site ID collision LN -- local site not designated LM -- local site ID not minimum designated RN -- remote site not designated RM -- remote site ID not minimum designated XX -- unknown connection status IL -- no incoming label MM -- MTU mismatch MI -- Mesh-Group ID not availble Legend for interface status Up -- operational Dn -- down Instance: v1 BGP-VPLS State Local site: 1 (1) connection-site Type St Time last up # Up trans 3 rmt Up Jan 22 16:38:47 2008 1 Local interface: vt-0/3/0.1048834, Status: Up, Encapsulation: VPLS Description: Intf - vpls v1 local site 1 remote site 3 Remote PE: 10.255.170.96, Negotiated control-word: No Incoming label: 800258, Outgoing label: 800000 4 rmt Up Jan 22 16:38:54 2008 1 Local interface: vt-0/3/0.1048835, Status: Up, Encapsulation: VPLS Description: Intf - vpls v1 local site 1 remote site 4 Remote PE: 10.255.170.102, Negotiated control-word: No Incoming label: 800259, Outgoing label: 800000 LDP-VPLS State VPLS-id: 101 Mesh-group connections: m1 Neighbor Type St Time last up # Up trans 10.255.170.104(vpls-id 101) rmt Up Jan 22 16:38:40 2008 1 Local interface: vt-0/3/0.1048833, Status: Up, Encapsulation: ETHERNET Description: Intf - vpls v1 neighbor 10.255.170.104 vpls-id 101 Remote PE: 10.255.170.104, Negotiated control-word: No Incoming label: 800001, Outgoing label: 800000 10.255.170.106(vpls-id 101) rmt Up Jan 22 16:38:39 2008 1 Local interface: vt-0/3/0.1048832, Status: Up, Encapsulation: ETHERNET Description: Intf - vpls v1 neighbor 10.255.170.106 vpls-id 101 Remote PE: 10.255.170.106, Negotiated control-word: No Incoming label: 800000, Outgoing label: 800000
To display VPLS routes (MAC addresses) in the vpls forwarding
table, use the show route forwarding-table family vpls
command.
user@B> show route forwarding-table family vpls Routing table: v1.vpls VPLS: Destination Type RtRef Next hop Type Index NhRef Netif default perm 0 rjct 540 1 vt-0/3/0.1048832 user 0 comp 587 3 vt-0/3/0.1048833 user 0 comp 587 3 vt-0/3/0.1048834 user 0 comp 589 3 vt-0/3/0.1048835 user 0 comp 589 3 00:17:cb:c2:10:01/48 dynm 0 indr 262143 4 Push 800000 580 2 t1-0/1/3.0 00:17:cb:c2:10:02/48 dynm 0 indr 262145 4 10.12.100.14 Push 800000 594 2 fe-0/0/3.0 00:17:cb:c2:10:03/48 dynm 0 indr 262142 4 Push 800000 576 2 t1-0/1/2.0 00:17:cb:c2:10:bd/48 dynm 0 indr 262144 4 Push 800000 585 2 so-0/2/2.0
To display VPLS source and destination MAC address
accounting information, use the destination
, extensive
, matching
, or table
option with the show
route forwarding-table family vpls
command. When you analyze
the display output, keep in mind the following:
VPLS MAC address accounting is handled on a per-MAC address basis for each VPLS instance. All information is retrieved from MAC address entries in the MAC address table. VPLS MAC address accounting is performed only on local CE routers.
The VPLS counters for source and destination MAC addresses increment continuously until the oldest MAC address entries are removed from the memory buffer, either when the entries time out or if the VPLS instance is restarted.
To display status information about Virtual Loopback Tunnel
interfaces in the VPLS instance, use the show interfaces vt*
terse
command.
user@B> show interfaces vt* terse Interface Admin Link Proto Local Remote vt-0/3/0 up up vt-0/3/0.1048832 up up vpls vt-0/3/0.1048833 up up vpls vt-0/3/0.1048834 up up vpls vt-0/3/0.1048835 up up vpls
To display VPLS route information related to the flood process,
use the show vpls flood extensive
command.
user@B> show vpls flood extensive Name: v1 CEs: 0 VEs: 4 Flood route prefix: 0x4a/32 Flood route type: IFF_FLOOD Flood route owner: vt-0/3/0.1048834 Flood group name: __ves__ Flood group index: 0 Nexthop type: comp Nexthop index: 589 Flooding to: Name Type NhType Index m1 Group comp 588 Composition: flood-to-all Flooding to: Name Type NhType Index vt-0/3/0.1048832 VE indr 262142 vt-0/3/0.1048833 VE indr 262143 Flood route prefix: 0x4b/32 Flood route type: IFF_FLOOD Flood route owner: vt-0/3/0.1048835 Flood group name: __ves__ Flood group index: 0 Nexthop type: comp Nexthop index: 589 Flooding to: Name Type NhType Index m1 Group comp 588 Composition: flood-to-all Flooding to: Name Type NhType Index vt-0/3/0.1048832 VE indr 262142 vt-0/3/0.1048833 VE indr 262143 Flood route prefix: 0x48/32 Flood route type: IFF_FLOOD Flood route owner: vt-0/3/0.1048832 Flood group name: m1 Flood group index: 2 Nexthop type: comp Nexthop index: 587 Flooding to: Name Type NhType Index __ves__ Group comp 586 Composition: flood-to-all Flooding to: Name Type NhType Index vt-0/3/0.1048834 VE indr 262144 vt-0/3/0.1048835 VE indr 262145 Flood route prefix: 0x49/32 Flood route type: IFF_FLOOD Flood route owner: vt-0/3/0.1048833 Flood group name: m1 Flood group index: 2 Nexthop type: comp Nexthop index: 587 Flooding to: Name Type NhType Index __ves__ Group comp 586 Composition: flood-to-all Flooding to: Name Type NhType Index vt-0/3/0.1048834 VE indr 262144 vt-0/3/0.1048835 VE indr 262145
To view packet flow statistics for the VPLS instance, use the show vpls statistics
command:
user@B> show vpls statistics Instance: v1 Local interface: vt-0/3/0.1048832, Index: 72 Remote PE: 10.255.170.106 Multicast packets: 6 Multicast bytes : 360 Flooded packets : 16 Flooded bytes : 1188 Current MAC count: 1 Local interface: vt-0/3/0.1048833, Index: 73 Remote PE: 10.255.170.104 Multicast packets: 4 Multicast bytes : 240 Flooded packets : 6 Flooded bytes : 398 Current MAC count: 1 Local interface: vt-0/3/0.1048834, Index: 74 Remote PE: 10.255.170.96 Multicast packets: 2 Multicast bytes : 120 Flooded packets : 4 Flooded bytes : 278 Current MAC count: 1 Local interface: vt-0/3/0.1048835, Index: 75 Remote PE: 10.255.170.102 Multicast packets: 1 Multicast bytes : 60 Flooded packets : 2 Flooded bytes : 158 Current MAC count: 1