07-19-2012 05:54 AM
Hi,
We have 2 ASR9K's and 6 ME3400's in an OSPF layer 3 ring with an MPLS core. We have been creating VPLS links for customers from ME3400 to ME3400 with no problems. Now we are trying to configure the same VPLS tunnel from a ME3400 to an ASR9K but can't get it to work. Here's the ME3800 config. What config would we need on the ASR9K to make the l2vpn connect? Thanks for any help you can provide.
ME3800X Config:
vlan 81
name test
l2 vfi test manual
vpn id 81
neighbor 10.10.10.10 encapsulation mpls
interface GigabitEthernet0/2
description ** test **
switchport trunk allowed vlan none
switchport mode trunk
mtu 1550
no cdp enable
service instance 81 ethernet
description ** test **
encapsulation dot1q 81
bridge-domain 81
interface Vlan81
description ** test **
mtu 1550
no ip address
xconnect vfi test
07-19-2012 07:42 AM
Interesting,
since you are using bridge-domain, you may have to add the
"rewrite ingress tag pop 1 symmetric"
line to your configuration.
Ill have to look at documentation.
Jude Bryant
07-19-2012 08:37 AM
Thanks for the reply.
The problem is, we don't know what to use for the matching configuration on the ASR9K. I've tried many to no avail. Problem is, I don't understand VPLS/l2vpn's to the extent to know how to configure the ASR9K to match the ME3800 config. We are researching and learning but it's a slow process. We are new to the ASR9k XR, and ME3800 platforms.
If someone could point us in the right direction we'd be most greatful. Thanks in advance.
Here's one thing I've tried and it doesn't work. This is the config for our ME3400 and ASR9K.
ME3800X Config:
vlan 81
name test
l2 vfi test manual
vpn id 81
neighbor 10.10.10.10 encapsulation mpls
interface GigabitEthernet0/2
description ** test **
switchport trunk allowed vlan none
switchport mode trunk
mtu 1550
no cdp enable
service instance 81 ethernet
description ** test **
encapsulation dot1q 81
bridge-domain 81
interface Vlan81
description ** test **
mtu 1550
no ip address
xconnect vfi test
ASR9K
interface GigabitEthernet0/3/0/2
transceiver permit pid all
interface GigabitEthernet0/3/0/2.81 l2transport
encapsulation dot1q 81
l2vpn
pw-class biomass
encapsulation mpls
protocol ldp
bridge group 81
bridge-domain biomass
interface GigabitEthernet0/3/0/2.81
vfi 81
neighbor 10.10.10.2 pw-id 81
pw-class biomass
Any ideas what we need to do to make this work?
07-19-2012 01:01 PM
Wbashlor
Here is an example of how this works. I hope this will be helpful too you.
user/client<==>(switch)<==>(me3800x)<==>(asr9k1)<=mpls=>(asr9k2)<==>(me3800x)<==>(switch)<==>user/client
asr9k1 has loopback0 ip address 1.1.1.1
asr9k2 has loopback0 ip address 2.2.2.2
client
(Cisco switch)
vlan 200
!
interface gig0/1
description "traffic to_from user_customer"
switchport mode access
switchport access vlan 200
!
interface gig0/24
description "trunk port to_from me3800x"
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 200
(cisco me3800x)
interface gig0/1
description "trunk port to_from switch"
switchport trunk allowed vlan none
switchport mode trunk
mtu 9800
no cdp enable
service instance 200 ethernet
encapsulation untagged , dot1q 200 (untagged is if you want to tunnel cdp, stp, vtp *please look below)
l2protocol tunnel cdp stp vtp
bridge-domain 200
!
interface gig0/2
description "connection to asr9k"
switchport trunk allowed vlan none
switchport mode trunk
no cdp enable
service instance 200 ethernet
encapsulation untagged , dot1q 200
rewrite ingress tag pop 1 symmetric
bridge-domain 200
(asr9k1)
RP/0/RSP0/CPU0:asr9k1(config)#interface te0/0/0/2.200 l2transport
RP/0/RSP0/CPU0:asr9k1(config-if)#description "connection to_from me3800x"
RP/0/RSP0/CPU0:asr9k1(config-if)#encapsulation dot1q 200
RP/0/RSP0/CPU0:asr9k1(config)#l2vpn
RP/0/RSP0/CPU0:asr9k1(config)# xconnect asr9k_mpls
RP/0/RSP0/CPU0:asr9k1(config)# p2p asr9k2
RP/0/RSP0/CPU0:asr9k1(config)# interface te0/0/0/2.200
RP/0/RSP0/CPU0:asr9k1(config)# neighber 2.2.2.2 pw-id 200 (2.2.2.2 is loopback of asr9k2)
RP/0/RSP0/CPU0:asr9k1(config)#end
* if the switches on the edge has a change to its native vlan, it needs to be reflected where the "untagged" word is*
-Regards
Jude
07-20-2012 12:48 PM
Thanks very much for the reply, but I don't understand mpls enough yet for your post to help me with my specific scenario. I should have posted more info. Here's the actual topology and configs that's currently not working. It will be obvious by the mistakes in the configs that I don't understand MPLS yet, but maybe this gives a better idea of what we are trying to accomplish and what needs correcting in my configs to make it work. Thanks.
Click to make larger:
Here are the current configs (not working):
ME3800 Config
pseudowire-class biomass
encapsulation mpls
l2 vfi biomass manual
vpn id 81
interface GigabitEthernet0/3
switchport trunk allowed vlan none
switchport mode trunk
mtu 1550
no cdp enable
service instance 81 ethernet
description ** biomass **
encapsulation dot1q 81
rewrite ingress tag pop 1 symmetric
bridge-domain 81
interface TenGigabitEthernet0/1
no switchport
dampening
mtu 9216
bandwidth 10000000
ip address 10.10.10.33 255.255.255.254
ip ospf network point-to-point
ip ospf mtu-ignore
ip ospf bfd
logging event link-status
load-interval 30
mpls ip
flowcontrol receive on
bfd interval 200 min_rx 200 multiplier 3
ip rsvp bandwidth
interface Vlan81
mtu 1550
ip address 192.168.100.21 255.255.255.0
xconnect 10.10.10.10 81 encapsulation mpls pw-class biomass
! Incomplete or Invalid Xconnect config
ASR9K Config
interface GigabitEthernet0/3/0/2
transceiver permit pid all
!
interface GigabitEthernet0/3/0/2.81 l2transport
encapsulation dot1q 81
rewrite ingress tag pop 1 symmetric
interface TenGigE0/3/0/0
bandwidth 10000000
cdp
mtu 9216
ipv4 address 10.10.10.32 255.255.255.254
flow-control bidirectional
dampening
transceiver permit pid all
l2vpn
pw-class biomass
encapsulation mpls
protocol ldp
!
!
xconnect group biomass
p2p biomass
interface GigabitEthernet0/3/0/2.81
neighbor 10.10.10.2 pw-id 81
bridge group biomass
07-20-2012 01:55 PM
Thanks for the additional info.
I will look at this carefully and reply when the opportunity arises. I assume you are running the ME3800X models with 15.1 or higher code and the advanced services with allows full mpls configurations.
I will also assume your IGP (OSPF) is configured correctly as well.
Chat with you soon
Jude
attached ASR9K Config Sheet
07-23-2012 05:48 AM
Yes, we are running 15.1(2)EY on the 3800's. In our lab, we used a spare ME3800X and a spare ASR9k. It was mirrored (IOS, configs, etc) from a connecting ME3800 and ASR9k in our our production MPLS core ring. Layer 3 (OSPF) routing and MPLS functionality was verified but I'll be glad to run any requested show commands for verification.
Thanks for all your help, we greatly appreciate it.
07-23-2012 06:01 AM
No need to make any changes. I will write a config and post it soon.
The config I wrote was for point to point pseudowire/EFP. You are attempting VPLS so the config changes somewhat.
Please read this documentation,
Look for section;
This section includes this information about configuring EoMPLS on a switch used as a provider-edge router:
•EoMPLS Configuration Guidelines
•Configuring the Pseudowire Using Pseudowire Class
•Configuring L2VPN Interworking
•Packet Flow in an EoMPLS Network
•Configuring L2VPN Pseudowire Redundancy
I particularly like the EVC XConnection configuration because you have the option of creating VLan based service instances without globally defining the VLan itself. I understand the 3800x has Asics for bridge-domain processing, not done with software like the 7600 router.
Also when encapsulating with MPLS the ASR9Ks are only label swapping. No additional VLan based configuration required.
This option also gives you the ability to create traffic engineering from 3800x to 3800x. Primary, secondary, and tertiary using FRR. Or you cant just let the IGP to take care of LSP dynamically.
I understand the 3800x has Asics for bridge-domain processing, not done with software, however you have to globally define the vlan you are bridging.
I hope this helps you.
-Regards
Jude
Jude
07-23-2012 01:28 PM
Jude,
We greatly appreciate the reply and the information but we already have the config for the ME3800, we just need the ASR9k config to match it. To give you a bit of more information we have a mix of 8 ME3800's and 2 ASR9Ks in our new MPLS network. We have moved many customers from our old ring to our new ring using VPLS services successfully. Up until now, all customers hang off of ME3800's, but now we need to move a customer(s) to utilize VPLS services from a ME3800 to one of our ASR9K's, a new experience for us as the configs are totally different with XR. With that said, here's an example of a customer with a p2p circuit we are providing today from a ME3800 to ME3800 using VPLS services over our MPLS core.
ME3800 A Config
no ip igmp snooping vlan 500
vlan 500
l2 vfi TEST_P2P manual
vpn id 500
neighbor 10.10.10.6 encapsulation mpls
interface GigabitEthernet0/6
switchport trunk allowed vlan none
switchport mode trunk
mtu 1550
no cdp enable
service instance 500 ethernet
encapsulation dot1q 500
bridge-domain 500
interface Vlan500
mtu 1550
no ip address
xconnect vfi TEST_P2P
ME3800 B Config
no ip igmp snooping vlan 500
vlan 500
l2 vfi TEST_P2P2 manual
vpn id 500
neighbor 10.10.10.3 encapsulation mpls
interface GigabitEthernet0/2
switchport trunk allowed vlan none
switchport mode trunk
mtu 1550
no cdp enable
service instance 500 ethernet
encapsulation dot1q 500
bridge-domain 500
interface Vlan500
mtu 1550
no ip address
xconnect vfi TEST_P2P2
For our current customer we need to move, one of their locations is off of a ME3800 and the other is off of an ASR9k. So we need an ASR9k config to match one of the ME3800 configs above. Does that make sense? I'm sorry if I wasn't clear before.
07-23-2012 01:57 PM
Wbashlor,
Sorry I misunderstood. The ASR9k configuration is very similar to the 3800X
Look at the picture I posted of the Multiple services on same port example. The E-LAN(VPLS) sample config is what you need to use.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide