- Cisco Community
- Technology and Support
- Service Providers
- Metro
- from the following output,
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2015 08:31 AM
hi all, i need some advice in configuring vpls, i've the following scenario:
ME3600X = ASR9K = ME3600X
PE P/PE PE
with following config:
ASR9K:
!
interface Bundle-Ether100
mtu 9026
ipv4 address 10.10.30.1 255.255.255.252
!
interface Bundle-Ether200
mtu 9026
ipv4 address 10.10.30.5 255.255.255.252
!
interface Loopback0
ipv4 address 10.10.1.1 255.255.255.255
!
interface MgmtEth0/RSP0/CPU0/0
ipv4 address 10.37.0.221 255.255.255.0
!
interface MgmtEth0/RSP0/CPU0/1
shutdown
!
interface TenGigE0/0/0/0
bundle id 100 mode active
cdp
!
interface TenGigE0/0/0/1
bundle id 100 mode active
cdp
!
interface TenGigE0/0/0/2
bundle id 200 mode active
cdp
!
interface TenGigE0/0/0/3
bundle id 200 mode active
cdp
!
!
router ospf 1
area 0
interface Bundle-Ether100
priority 255
!
interface Bundle-Ether200
priority 255
!
interface Loopback0
!
!
!
router bgp 65001
bgp router-id 10.10.1.1
address-family ipv4 unicast
!
address-family l2vpn vpls-vpws
!
neighbor 10.10.1.2
remote-as 65001
description *** PE1 ***
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
address-family l2vpn vpls-vpws
route-reflector-client
!
!
neighbor 10.10.1.3
remote-as 65001
description *** PE2 ***
update-source Loopback0
address-family ipv4 unicast
route-reflector-client
!
address-family l2vpn vpls-vpws
route-reflector-client
!
!
!
!
!
l2vpn
pw-class vpls
encapsulation mpls
control-word
transport-mode ethernet
!
mac-withdraw
!
bridge group TESTBG
bridge-domain TESTBD
vfi VPLS_TEST
vpn-id 100
autodiscovery bgp
rd 65001:100
route-target 65001:100
signaling-protocol ldp
!
!
!
!
!
!
mpls ldp
router-id 10.10.1.1
interface TenGigE0/0/0/0
!
interface TenGigE0/0/0/1
!
interface TenGigE0/0/0/2
!
interface TenGigE0/0/0/3
!
interface Bundle-Ether100
!
interface Bundle-Ether200
!
!
end
ME3600X PE1:
version 15.5
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
platform bfd allow-svi
!
hostname PE1
!
!
!
no aaa new-model
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 2:00
ip routing
!
!
!
!
no ip domain lookup
!
!
!
!
!
!
!
mpls label range 16000 21999
mpls label protocol ldp
l2vpn
logging pseudowire status
router-id 10.10.1.2
!
l2vpn vfi context TEST
vpn id 100
autodiscovery bgp signaling ldp
vpls-id 65001:100
rd 65001:100
route-target export 65001:100
route-target import 65001:100
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
license udi pid ME-3600X-24TS-M sn XXXXXXXXX
diagnostic bootup level minimal
bridge-domain 100
member GigabitEthernet0/1 service-instance 10
member vfi TEST
!
!
!
!
!
!
transceiver type all
monitoring
vlan internal allocation policy ascending
!
vlan 100
!
pseudowire-class atom
encapsulation mpls
!
!
!
!
!
interface Loopback0
ip address 10.10.1.2 255.255.255.255
!
interface Port-channel1
no switchport
mtu 9012
ip address 10.10.30.2 255.255.255.252
ip ospf priority 0
mpls ip
mpls label protocol ldp
!
interface GigabitEthernet0
no ip address
shutdown
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/1
description *** Link to CE1 ***
switchport trunk allowed vlan none
switchport mode trunk
service instance 10 ethernet
encapsulation untagged
l2protocol forward
!
!
!
interface TenGigabitEthernet0/1
no switchport
mtu 9012
no ip address
mpls ip
mpls label protocol ldp
channel-group 1 mode active
!
interface TenGigabitEthernet0/2
no switchport
mtu 9012
no ip address
mpls ip
mpls label protocol ldp
channel-group 1 mode active
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
network 10.10.1.2 0.0.0.0 area 0
network 10.10.30.2 0.0.0.0 area 0
!
router bgp 65001
bgp router-id 10.10.1.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.10.1.1 remote-as 65001
neighbor 10.10.1.1 update-source Loopback0
!
address-family ipv4
neighbor 10.10.1.1 activate
exit-address-family
!
address-family l2vpn vpls
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community both
neighbor 10.10.1.1 prefix-length-size 2
exit-address-family
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
mpls ldp router-id Loopback0
!
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
exception crashinfo file flash:crashinfo
ntp server 10.10.1.1
!
end
ME3600X PE2:
version 15.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
platform bfd allow-svi
!
hostname PE2
!
!
!
no aaa new-model
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 2:00
ip routing
!
!
!
!
no ip domain lookup
!
!
!
!
!
!
!
mpls label protocol ldp
l2vpn
logging pseudowire status
router-id 10.10.1.3
!
l2vpn vfi context TEST
vpn id 100
autodiscovery bgp signaling ldp
vpls-id 65001:100
rd 65001:100
route-target export 65001:100
route-target import 65001:100
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
license udi pid ME-3600X-24TS-M sn XXXXXXXX
diagnostic bootup level minimal
bridge-domain 100
member GigabitEthernet0/1 service-instance 10
member vfi TEST
!
!
!
!
!
!
transceiver type all
monitoring
vlan internal allocation policy ascending
!
vlan 100
!
pseudowire-class mpls
encapsulation mpls
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.10.1.3 255.255.255.255
!
interface Port-channel1
description *** Link to ASR9K ***
no switchport
mtu 9012
ip address 10.10.30.6 255.255.255.252
ip ospf priority 0
mpls ip
mpls label protocol ldp
!
interface GigabitEthernet0
no ip address
shutdown
speed auto
duplex auto
negotiation auto
!
interface GigabitEthernet0/1
description *** Link to CE2 ***
switchport trunk allowed vlan none
switchport mode trunk
service instance 10 ethernet
encapsulation default
l2protocol forward
!
!
interface GigabitEthernet0/2
switchport trunk allowed vlan none
switchport mode trunk
service instance 20 ethernet
encapsulation untagged
!
!
!
interface TenGigabitEthernet0/1
no switchport
mtu 9012
no ip address
mpls ip
mpls label protocol ldp
channel-group 1 mode active
!
interface TenGigabitEthernet0/2
no switchport
mtu 9012
no ip address
mpls ip
mpls label protocol ldp
channel-group 1 mode active
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
router-id 10.10.1.3
network 10.10.1.3 0.0.0.0 area 0
network 10.10.30.6 0.0.0.0 area 0
!
router bgp 65001
bgp router-id 10.10.1.3
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.10.1.1 remote-as 65001
neighbor 10.10.1.1 update-source Loopback0
!
address-family ipv4
neighbor 10.10.1.1 activate
exit-address-family
!
address-family l2vpn vpls
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community both
neighbor 10.10.1.1 prefix-length-size 2
exit-address-family
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
mpls ldp router-id Loopback0
!
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
exception crashinfo file flash:crashinfo
ntp server 10.10.1.1
!
end
Solved! Go to Solution.
- Labels:
-
Metro
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2015 08:38 AM
from the following output, you can see that bgp autodiscovery ldp singaling is working( i can see other PE with VFI configured).
but from show vfi it doesnt come up nor even VC....... is there anything that im missing?
another strange behavior is that from ASR9K point of view i'd expected to see labelled frame outgoing from interfaces but it doesnt:
sh mpls forwarding:
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16000 Pop 10.10.1.2/32 BE100 10.10.30.2 46623
16001 Pop 10.10.1.3/32 BE200 10.10.30.6 46365
seems like it pop out the label....i would expect to see a label swap instead....and a pop on PE......
PE1#
PE1#
PE1#sh mpls l2 vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
VFI TEST vfi 10.10.1.1 100 DOWN
VFI TEST vfi 10.10.1.3 100 DOWN
PE1#sh mpls l2 vc det
Local interface: VFI TEST vfi down
Interworking type is Ethernet
Destination address: 10.10.1.1, VC ID: 100, VC status: down
Last error: Local access circuit is not ready for label advertise
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 01:06:21, last status change time: 02:18:41
Last label FSM state change time: 01:06:21
Signaling protocol: LDP, peer 10.10.1.1:0 up
Targeted Hello: 10.10.1.2(LDP Id) -> 10.10.1.1, LDP is UP
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : remote ready, LndRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: DOWN(hard-down, not-ready)
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No status
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local unassigned, remote 16002
Group ID: local unknown, remote n/a
MTU: local unknown, remote 1500
Remote interface description: VPLS_TEST
Sequencing: receive disabled, send disabled
Control Word: Off (configured: autosense)
Dataplane:
SSM segment/switch IDs: 0/0 (used), PWID: 3
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
Local interface: VFI TEST vfi down
Interworking type is Ethernet
Destination address: 10.10.1.3, VC ID: 100, VC status: down
Last error: Local access circuit is not ready for label advertise
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 01:06:16, last status change time: 02:18:41
Last label FSM state change time: 01:06:16
Signaling protocol: LDP, peer 10.10.1.3:0 up
Targeted Hello: 10.10.1.2(LDP Id) -> 10.10.1.3, LDP is DOWN, no binding
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/None (no remote binding
LDP route watch : enabled
Label/status state machine : ldp ready, LndRnd
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: DOWN(hard-down, not-ready)
Last local AC circuit status sent: Not sent
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No status
Last remote LDP TLV status rcvd: None (no remote binding)
Last remote LDP ADJ status rcvd: None (no remote binding)
MPLS VC labels: local unassigned, remote unassigned
Group ID: local unknown, remote unknown
MTU: local unknown, remote unknown
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: Off (configured: autosense)
Dataplane:
SSM segment/switch IDs: 0/0 (used), PWID: 4
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
PE1#sh vfi
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: TEST, state: down, type: multipoint, signaling: LDP
VPN ID: 100, VPLS-ID: 65001:100
RD: 65001:100, RT: 65001:100, 65001:100
Bridge-Domain 100 attachment circuits:
Neighbors connected via pseudowires:
Peer Address VC ID Discovered Router ID S
10.10.1.3 100 10.10.1.3 Y
10.10.1.1 100 10.10.1.1 Y
PE1#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 03:11 AM
Hello,
What is the MTU for the CE facing interface. Is it 1500 or 9012?
Also, are you able to perform a ping from PE to PE sourcing the peering IP, size 9012 and df-bit set To ensure that that packet is able to pass through with the MTU size.
Also, the AC shows hard down. Would like to know if the link is up or not towards the CE. Please share the below output from all PE's:
sh l2vpn bridge-domain bd-name <bd_name> detail
I also see the Targeted Hello is also down - Please perform mpls ping from src to destination.
Also, i see control-word off from the output but you have configured control-word on ASR9k. Any reason for the same?
Last but not the least, in the configuration i see that you have configured the VFI in XE style. The VFI is made member of BD. I think you need to make VFI member configuration directly under SVI rather than under BD. Below is some sample config that you can try:
l2vpn vfi context Test vpn id 100 autodiscovery bgp signaling ldp template TP-NO-CONTROL-WORD vpls-id 1:1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ! template type pseudowire TMP encapsulation mpls control-word exclude int gi 0/1 service instance 100 ethernet encapsulation dot1q 100 service-policy input PM-CUST-DEFAULT-50M-BD-IN service-policy output PM-CUST-DEFAULT-50M-OUT bridge-domain 100 ! Interface Vlan100 no shut vfi member Test
Hope this helps.
Vinit
--Vinit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 03:11 AM
got it, problem was that me3600x wants a different way to configure vfi membership....
this way works:
!
interface GigabitEthernet0/3
description Facing CE
switchport trunk allowed vlan none
switchport mode trunk
logging event link-status
no cdp enable
service instance 10 ethernet
encapsulation untagged
!
!
bridge-domain 100
member GigabitEthernet0/3 service-instance 10
!
interface vlan 100
no ip address
member vfi TEST
!
this way doesnt.........
!
interface GigabitEthernet0/3
description Facing CE
switchport trunk allowed vlan none
switchport mode trunk
logging event link-status
no cdp enable
service instance 10 ethernet
encapsulation untagged
!
bridge-domain 100
member GigabitEthernet0/3 service-instance 10
member vfi management
!
it seems like you need to configure a SVI(vlan interface) and then tell its to be member of VFI.....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-23-2015 08:38 AM
from the following output, you can see that bgp autodiscovery ldp singaling is working( i can see other PE with VFI configured).
but from show vfi it doesnt come up nor even VC....... is there anything that im missing?
another strange behavior is that from ASR9K point of view i'd expected to see labelled frame outgoing from interfaces but it doesnt:
sh mpls forwarding:
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16000 Pop 10.10.1.2/32 BE100 10.10.30.2 46623
16001 Pop 10.10.1.3/32 BE200 10.10.30.6 46365
seems like it pop out the label....i would expect to see a label swap instead....and a pop on PE......
PE1#
PE1#
PE1#sh mpls l2 vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
VFI TEST vfi 10.10.1.1 100 DOWN
VFI TEST vfi 10.10.1.3 100 DOWN
PE1#sh mpls l2 vc det
Local interface: VFI TEST vfi down
Interworking type is Ethernet
Destination address: 10.10.1.1, VC ID: 100, VC status: down
Last error: Local access circuit is not ready for label advertise
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 01:06:21, last status change time: 02:18:41
Last label FSM state change time: 01:06:21
Signaling protocol: LDP, peer 10.10.1.1:0 up
Targeted Hello: 10.10.1.2(LDP Id) -> 10.10.1.1, LDP is UP
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : remote ready, LndRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: DOWN(hard-down, not-ready)
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No status
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local unassigned, remote 16002
Group ID: local unknown, remote n/a
MTU: local unknown, remote 1500
Remote interface description: VPLS_TEST
Sequencing: receive disabled, send disabled
Control Word: Off (configured: autosense)
Dataplane:
SSM segment/switch IDs: 0/0 (used), PWID: 3
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
Local interface: VFI TEST vfi down
Interworking type is Ethernet
Destination address: 10.10.1.3, VC ID: 100, VC status: down
Last error: Local access circuit is not ready for label advertise
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 01:06:16, last status change time: 02:18:41
Last label FSM state change time: 01:06:16
Signaling protocol: LDP, peer 10.10.1.3:0 up
Targeted Hello: 10.10.1.2(LDP Id) -> 10.10.1.3, LDP is DOWN, no binding
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/None (no remote binding
LDP route watch : enabled
Label/status state machine : ldp ready, LndRnd
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: DOWN(hard-down, not-ready)
Last local AC circuit status sent: Not sent
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No status
Last remote LDP TLV status rcvd: None (no remote binding)
Last remote LDP ADJ status rcvd: None (no remote binding)
MPLS VC labels: local unassigned, remote unassigned
Group ID: local unknown, remote unknown
MTU: local unknown, remote unknown
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: Off (configured: autosense)
Dataplane:
SSM segment/switch IDs: 0/0 (used), PWID: 4
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
PE1#sh vfi
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: TEST, state: down, type: multipoint, signaling: LDP
VPN ID: 100, VPLS-ID: 65001:100
RD: 65001:100, RT: 65001:100, 65001:100
Bridge-Domain 100 attachment circuits:
Neighbors connected via pseudowires:
Peer Address VC ID Discovered Router ID S
10.10.1.3 100 10.10.1.3 Y
10.10.1.1 100 10.10.1.1 Y
PE1#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 03:11 AM
Hello,
What is the MTU for the CE facing interface. Is it 1500 or 9012?
Also, are you able to perform a ping from PE to PE sourcing the peering IP, size 9012 and df-bit set To ensure that that packet is able to pass through with the MTU size.
Also, the AC shows hard down. Would like to know if the link is up or not towards the CE. Please share the below output from all PE's:
sh l2vpn bridge-domain bd-name <bd_name> detail
I also see the Targeted Hello is also down - Please perform mpls ping from src to destination.
Also, i see control-word off from the output but you have configured control-word on ASR9k. Any reason for the same?
Last but not the least, in the configuration i see that you have configured the VFI in XE style. The VFI is made member of BD. I think you need to make VFI member configuration directly under SVI rather than under BD. Below is some sample config that you can try:
l2vpn vfi context Test vpn id 100 autodiscovery bgp signaling ldp template TP-NO-CONTROL-WORD vpls-id 1:1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ! template type pseudowire TMP encapsulation mpls control-word exclude int gi 0/1 service instance 100 ethernet encapsulation dot1q 100 service-policy input PM-CUST-DEFAULT-50M-BD-IN service-policy output PM-CUST-DEFAULT-50M-OUT bridge-domain 100 ! Interface Vlan100 no shut vfi member Test
Hope this helps.
Vinit
--Vinit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 03:11 AM
got it, problem was that me3600x wants a different way to configure vfi membership....
this way works:
!
interface GigabitEthernet0/3
description Facing CE
switchport trunk allowed vlan none
switchport mode trunk
logging event link-status
no cdp enable
service instance 10 ethernet
encapsulation untagged
!
!
bridge-domain 100
member GigabitEthernet0/3 service-instance 10
!
interface vlan 100
no ip address
member vfi TEST
!
this way doesnt.........
!
interface GigabitEthernet0/3
description Facing CE
switchport trunk allowed vlan none
switchport mode trunk
logging event link-status
no cdp enable
service instance 10 ethernet
encapsulation untagged
!
bridge-domain 100
member GigabitEthernet0/3 service-instance 10
member vfi management
!
it seems like you need to configure a SVI(vlan interface) and then tell its to be member of VFI.....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2015 05:40 AM
Thanks for the confirmation. Glad the config worked.
PS; Please mark the question as answered if your issue has been resolved
Thanks,
Vinit
--Vinit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide