Solved: Re: Crazy question, MPLS over MPLS Pseudowire

DuncanM2008 · ‎06-18-2012

Hello,

Has anyone ever been crazy enough to attempt to enable MPLS on two CE devices that are on either end of a L2VPN (MPLS Pseudo-Wire / EVC), I'm aware of the MTU issues that would imposed not to mention the label complexity that would ensue.

Has it ever been done? Can it be done? Is it ever likely to work in the real world?

I've got a scenario where I'll have two Cisco routers either end of a L2VPN (Point-Point) and want to multiplex the services I deliver to the end router i.e a VPN VRF & Internet VRF.

Basically I want to run MPLS L3VPN inside a L2VPN / EVC from a larger national carrier. Is it even possible?

Otherwise I guess I'm stuck with VRF-Lite.

Dunc.

Giuseppe Larosa · ‎06-19-2012

Hello Dunc,

it can be done and it is a common solution nowdays once MTU is high enough.

You get a L2VPN point to point service and you can run whatever protocol you like over it including LDP and/or RSVP TE.

The provider of the pseudowire does not examine what is sent over it, so the MPLS stack is not so complex from their point of view.

If MTU is big enough you should be able to achieve MPLS L3VPN over a L2VPN service.

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎06-20-2012

Hello Dunc,

>> MPLS labels inside a 802.1Q frame, again possible?

It is indeed possible and this is very common. The key point is that the 802.1Q header is more external and then comes the MPLS header in the payload.

802.1Q has 4 bytes overhead to be taken in account for MTU tuning.

From the HQ CE you will have a Vlan to each remote destination that is mapped over a different Vlan based pseudowire.

The HQ CE can build IGP and LDP adjacencies over each Vlan based subinterface ( or SVI depending on the device) and can run MP BGP sessions to provide your own signalling plane for L3 VPN.

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎06-19-2012

Hello Dunc,

it can be done and it is a common solution nowdays once MTU is high enough.

You get a L2VPN point to point service and you can run whatever protocol you like over it including LDP and/or RSVP TE.

The provider of the pseudowire does not examine what is sent over it, so the MPLS stack is not so complex from their point of view.

If MTU is big enough you should be able to achieve MPLS L3VPN over a L2VPN service.

Hope to help

Giuseppe

DuncanM2008 · ‎06-19-2012

Hi Guiseppe,

That's extremely helpful, we're currently in talks with a carrier in the UK to become a wholesale partner which gives us Layer 2 access to there Ethernet footprint via the use of Pseudowires.

I realise I might of missed an important detail out of the solution I'm trying to achieve, ultimately each of the EVC's they deliver to us (customer connections) will be presented as a VLAN, one VLAN for each EVC / PW.

Having never tried carrying MPLS labels inside a 802.1Q frame, again possible?

Naturally the carrier dot1q frame will again reduce the MTU.

Thanks,

Giuseppe Larosa · ‎06-20-2012

Hello Dunc,

>> MPLS labels inside a 802.1Q frame, again possible?

It is indeed possible and this is very common. The key point is that the 802.1Q header is more external and then comes the MPLS header in the payload.

802.1Q has 4 bytes overhead to be taken in account for MTU tuning.

From the HQ CE you will have a Vlan to each remote destination that is mapped over a different Vlan based pseudowire.

The HQ CE can build IGP and LDP adjacencies over each Vlan based subinterface ( or SVI depending on the device) and can run MP BGP sessions to provide your own signalling plane for L3 VPN.

Hope to help

Giuseppe

DuncanM2008 · ‎06-21-2012

Again massive thanks for your assistance, cleared up a few headaches I was having.Ultimately I think i was overthinking it in places, seems simpler now you've explained it.

Will probably lab this up in GNS3 before it actually goes live, so I can iron out some of the finer points and work through any issues or config problems.

Many Thanks,