Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1458
Views
0
Helpful
4
Replies

Implementing L2VPN over MPLS L3VPN

roqueshawn
Level 1
Level 1

‎10-25-2016 05:42 AM

Hi...

    Client-------  3750----7600-------7600----3750------------Client

We have  MPLS L3 VPN topology on which we have to implement L2VPN for a client. 

3750 is connected to PE(7600) is configured with trunk interface carrying data of multiple VLANs. From 3750 switch, we have to connect a client for point to point L2VPN.

Below is the configuration on 7600 interface pointing to 3750

interface gi1/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan X,Y   (Vlan X is under vrf Red,Vlan X is under vrf Blue)

COnfiguration on 3750

int gi1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan X,Y     (Vlan X is under vrf Red,Vlan X is under vrf Blue)

What  added configuration needs to be done on the interfaces in order to establish point to point L2 VPN  only for VLAN Z on existing setup.

Client is connected from 3750 switch with vlan Z.

Thanks

Labels:
0 Helpful
4 Replies 4

Douglas Ramirez
Cisco Employee
Cisco Employee

‎10-25-2016 10:09 AM

Hi Roqueshawn

I think that in your case the best option is to use SVI based EoMPLS, here follows a configuration example 

http://www.cisco.com/c/en/us/td/docs/routers/7600/ios/15S/configuration/guide/7600_15_0s_book/pfc3mpls.html#14762

You may have have some problems if you have IOS version prior to 15.x, give it a try and let me know

0 Helpful

roqueshawn
Level 1
Level 1
In response to Douglas Ramirez

‎10-26-2016 03:56 AM

Hello Douglas,

As suggested by you, we configured svi based EoMPLS scenario by refering to the sample configuration you provided through the Link. In that case, the pseudo-wire between PE-A & PE-B wont come UP.
We tried with the below scenario using VFI, sample configuration is as below. The VC circuit between PE-A & PE-B comes UP (as shown below in output) but customer at SITE1 is not able to ping to customer at SITE2. Kindly suggest what more config can be carried out to achieve the same.

we are using IOS ver is c7600s72033_rp Software (c7600s72033_rp-ADVIPSERVICESK9-M), Version 12.2(33)SRD8, RELEASE SOFTWARE (fc2) in both our PE Routers.

kindly find the attached Network Architecture for your reference.


Configuration:

PE-A (cisco7609):
!
int gi5/2
switchport
switchport trunk encap dot1q
switchport trunk allowed vlan 800,700,400
switchport mode trunk
!
l2 vfi TEST manual
vpn id 300
neighbor 2.2.2.2 encap mpls
!
int vlan 800
no ip add
xconnect vfi TEST
!
vlan 800,700,400
state active
!
int lo0
ip add 1.1.1.1 255.255.255.255
!

=============================================================

PE-B (cisco7609):
!
int gi5/2
switchport
switchport trunk encap dot1q
switchport trunk allowed vlan 800,600,300
switchport mode trunk
!
l2 vfi TEST manual
vpn id 300
neighbor 1.1.1.1 encap mpls
!
int vlan 800
no ip add
xconnect vfi TEST
!
vlan 800,600,300
state active
!
int lo0
ip add 2.2.2.2 255.255.255.255
!

===================================================

Switch-A (cisco3750):
!
int gi0/1
desc Link to PE-A
switchport
switchport trunk encap dot1q
switchport trunk allowed vlan 800,700,400
switchport mode trunk
!
int gi0/5
desc Link to Customer A-Site1
switchport
switchport access vlan 800
switchport mode access
!
=======================================================
Switch-B (cisco3750):
!
int gi0/1
desc Link to PE-B
switchport
switchport trunk encap dot1q
switchport trunk allowed vlan 800,600,300
switchport mode trunk
!
int gi0/5
desc Link to Customer A-Site2
switchport
switchport access vlan 800
switchport mode access
!
==========================================================
OUTPUT::::

PE-A#sh mpls l2transport vc 300

Local intf      Local circuit         Dest address   VC ID     Status
------------- ----------------------        ---------------   ----------   ----------
VFI TEST         VFI                         2.2.2.2       300          UP
PE-A#

==========================================================

PE-B#sh mpls l2transport vc 300

Local intf     Local circuit     Dest address   VC ID     Status
-------------   ------------------     ---------------   ----------    ----------
VFI TEST          VFI                   1.1.1.1        300          UP
PE-B#

==========================================================

Preview file
99 KB
0 Helpful

Douglas Ramirez
Cisco Employee
Cisco Employee
In response to roqueshawn

‎10-26-2016 05:52 AM

Roqueshawn

Can you share show module output from PE-A and PE-B.

Thx

Douglas 

0 Helpful

Douglas Ramirez
Cisco Employee
Cisco Employee
In response to Douglas Ramirez

‎10-27-2016 11:37 AM

Roqueshawn 

VPLS and SVI based MPLS is supported on a limited set of linecards, like: SIP-200,SIP-400 ES+, SIP-600 

You need to provision your 7600s with one of these linecards at your core facing side. Otherwise, VCs will not work properly.  

Also, depending in your setup you will have to enable forwarding of BPDUs between your customer edge switches, here follows the procedure.

https://www.cisco.com/c/en/us/td/docs/routers/7600/ios/12-2SR/configuration/guide/swcg/pfc3mpls.html#wp1417076

Thx,

Douglas  

0 Helpful
Customers Also Viewed These Support Documents