04-04-2016 02:06 AM
Hello Team,
we have created a simple test-bed VPLS topology to test MPLS/VPLS switching on Huawei P-router + 3x Cisco PE-routers. The topology and configuration is as following. The VPLS seems to be signaled correctly, but NO TRAFFIC is FORWARDED ACROSS PE ROUTERS.
VPLS configurations and show commands :
C6509E-1 VPLS config:
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.28 encapsulation mpls
neighbor 192.168.60.27 encapsulation mpls!
interface Vlan560
no ip address
no snmp trap link-status
xconnect vfi vfi560
end!
interface GigabitEthernet5/2
description vpls-vlan560-test-access
switchport
switchport access vlan 560
switchport mode access
spanning-tree portfast edge
end!
interface Loopback5
description vpls-test-loopback
ip address 192.168.60.26 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
end
C6509E-1#show xconnect all detail
C6509E-1#show xconnect all detail
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP vfi vfi560 UP mpls 192.168.60.27:560 UP
Local VC label 1253
Remote VC label 31
pw-class:
UP vfi vfi560 UP mpls 192.168.60.28:560 UP
Local VC label 1812
Remote VC label 2097
pw-class:
UP ac Vl560:560(Eth VLAN) UP vfi vfi560 UP
Interworking: ethernet
C6509E-2 VPLS config:
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.27 encapsulation mpls
neighbor 192.168.60.26 encapsulation mpls!
interface Vlan560
no ip address
no snmp trap link-status
xconnect vfi vfi560
end!
interface GigabitEthernet5/1
description vpls-vlan560-test-access
switchport
switchport access vlan 560
switchport mode access
spanning-tree portfast edge
end!
interface Loopback5
description vpls-test-loopback
ip address 192.168.60.28 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
end
C6509E-2#show xconnect all detail
C6509E-2#show xconnect all detail
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP vfi vfi560 UP mpls 192.168.60.26:560 UP
Local VC label 2097
Remote VC label 1812
pw-class:
UP vfi vfi560 UP mpls 192.168.60.27:560 UP
Local VC label 2084
Remote VC label 26
pw-class:
UP ac Vl560:560(Eth VLAN) UP vfi vfi560 UP
Interworking: ethernet
C7604-1 VPLS config:
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.26 encapsulation mpls
neighbor 192.168.60.28 encapsulation mpls!
interface Vlan560
no ip address
no snmp trap link-status
xconnect vfi vfi560
end!
interface GigabitEthernet4/1
description vpls-vlan560-test-access
switchport
switchport access vlan 560
switchport mode access
spanning-tree portfast
end!
interface Loopback5
description vpls-test-loopback
ip address 192.168.60.27 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
end
C7604-1#show xconnect all detail
C7604-1#show xconnect all detail
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby HS=Hot Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP pri ac Vl560:560(Eth VLAN) UP vfi vfi560 UP
Interworking: ethernet
UP pri vfi vfi560 UP mpls 192.168.60.26:560 UP
Local VC label 31
Remote VC label 1253
UP pri vfi vfi560 UP mpls 192.168.60.28:560 UP
Local VC label 26
Remote VC label 2084
UP pri bd 560 UP vfi vfi560 UP
Also I'am adding show module and show version outputs of PE routers:
C6509E-1#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
2 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE XXXX
5 5 Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G XXXX
6 5 Supervisor Engine 2T 10GE w/ CTS (Hot) VS-SUP2T-10G XXXX
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
2 0019.30ce.a6b4 to 0019.30ce.a6b7 2.6 12.2(14r)S5 15.1(2)SY5 Ok
5 588d.09e6.a1d5 to 588d.09e6.a1dc 1.2 12.2(50r)SYS 15.1(2)SY5 Ok
6 44d3.ca7b.cfd8 to 44d3.ca7b.cfdf 1.1 12.2(50r)SYS 15.1(2)SY5 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
2 Centralized Forwarding Card WS-F6700-CFC XXXX 2.0 Ok
5 Policy Feature Card 4 VS-F6K-PFC4 XXXX 1.1 Ok
5 CPU Daughterboard VS-F6K-MSFC5 XXXX 1.3 Ok
6 Policy Feature Card 4 VS-F6K-PFC4 XXXX 1.0 Ok
6 CPU Daughterboard VS-F6K-MSFC5 XXXX 1.1 Ok
Mod Online Diag Status
---- -------------------
2 Pass
5 Minor Error
6 PassC6509E-1#show version | include IOS
Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.1(2)SY5, RELEASE SOFTWARE (fc7)
---
C6509E-2#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE XXXX
2 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE XXXX
5 5 Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G XXXX
6 5 Supervisor Engine 2T 10GE w/ CTS (Hot) VS-SUP2T-10G XXXX
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
1 0018.199d.38d8 to 0018.199d.38db 2.4 12.2(14r)S5 15.1(2)SY5 Ok
2 001f.9e0f.aa48 to 001f.9e0f.aa4b 2.7 12.2(14r)S5 15.1(2)SY5 Ok
5 4403.a70a.b25b to 4403.a70a.b262 1.7 12.2(50r)SYS 15.1(2)SY5 Ok
6 44d3.ca7b.f3e8 to 44d3.ca7b.f3ef 1.2 12.2(50r)SYS 15.1(2)SY5 Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
1 Centralized Forwarding Card WS-F6700-CFC XXXX 2.0 Ok
2 Centralized Forwarding Card WS-F6700-CFC XXXX 2.0 Ok
5 Policy Feature Card 4 VS-F6K-PFC4 XXXX 2.1 Ok
5 CPU Daughterboard VS-F6K-MSFC5 XXXX 2.1 Ok
6 Policy Feature Card 4 VS-F6K-PFC4 XXXX 1.1 Ok
6 CPU Daughterboard VS-F6K-MSFC5 XXXX 1.3 Ok
Mod Online Diag Status
---- -------------------
1 Pass
2 Pass
5 Pass
6 PassC6509E-2#show version | include IOS
Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.1(2)SY5, RELEASE SOFTWARE (fc7)
---
C7604-1#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
2 2 Route Switch Processor 720 (Active) RSP720-3CXL-GE XXXX
4 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX XXXX
Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ----- ------------- ------------ -------
2 001b.d401.6938 to 001b.d401.693b 5.2 12.2(33r)SRB 15.3(1)S Ok
4 0014.f2d0.4a18 to 0014.f2d0.4a47 10.1 7.2(1) (sierra_main Ok
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
2 Policy Feature Card 3 7600-PFC3CXL XXXX 1.0 Ok
2 C7600 MSFC4 Daughterboard 7600-MSFC4 XXXX 1.1 Ok
4 Cisco Voice Daughter Card WS-F6K-VPWR-GE XXXX 1.0 Ok
Mod Online Diag Status
---- -------------------
2 Pass
4 PassC7604-1#sh version | inc IOS
Cisco IOS Software, c7600rsp72043_rp Software (c7600rsp72043_rp-ADVENTERPRISEK9-M), Version 15.3(1)S1, RELEASE SOFTWARE (fc1)
BOOTLDR: Cisco IOS Software, c7600rsp72043_rp Software (c7600rsp72043_rp-ADVENTERPRISEK9-M), Version 15.3(1)S1, RELEASE SOFTWARE (fc1)
All OSPF and LDP sessions are UP and RUNNING, end-to-end connectivity between Loopbacks is fully functional.
The Mikrotik CCR routers are there just for testing purposes, acting as end hosts.
Of course, I'am aware that you need more details, so please ask for any details you need.
Any help or hint would be appreciated ;-)
Thanks in advance
Vincent Vlk
04-04-2016 08:36 AM
Hello,
please check if all your uplinks towards the core (Po-Tru12, Po-Tru16 and Po-Tru20) use physical interfaces on the SUP2T. Afaik WS-X6704-10GE does not support VPLS.
Regards,
P.
04-04-2016 09:30 AM
Hello,
All uplinks are Supervisor ports. Sorry, I wasn't clear with my explanation.
BR,
Vincent Vlk
04-06-2016 01:30 AM
Hello,
HW configuration of your C7604 does not support VPLS. RSP720 does not support VPLS, you need to have an ES+ line card for this. Try to configure a simple EoMPLS tunnel between your C6509s to avoid any interoperability issues between the P and PE routers and then try to configure VPLS once again only between C6509s. Please provide also show mpls l2transport vc command output.
Regards,
P.
04-06-2016 02:18 AM
Hello,
thank You for reply. Yes, we already tested direct EoMPLS between Sup2T 6509Es, and the result was the same, signaling state is OK, but data-plane traffic is not working at all.
BR,
Vincent Vlk
04-20-2016 10:26 AM
Hi,
the way I configure vpls is as follow;
l2vpn vfi context VPLS-LABO-BRUSSELS-LABO-ANTWERP
vpn id 1
member A.A.A.A encapsulation mpls
bridge-domain 1
member Te0/0/0 service instance 100
member Te0/2/0
member vfi VPLS-LABO-BRUSSELS-LABO-ANTWERP
Kind Regards
Jan Meylaers
04-07-2016 06:29 AM
Well,
this is strange. Today we tested direct interconnection with Sup2T interfaces between those 6509Es, but still no traffic passes the L3-routed interconnection with VPLS :-/
04-07-2016 07:03 AM
Hello Vincent
I think SUP2T should support VPLS. Please refer to the below CCO documentation:
http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11-663645.html
Could you please share the whole configuration from both the PE routers. I will look into it.
One quick note, one of the PE's have SUP2T (active) with Minor Error. I would recommend you to perform a switchover to the other SUP2T module. Lot of times, such minor errors can lead to traffic forwarding issues.
Regards
Vinit
04-07-2016 07:45 AM
Hello Vinit,
thank You very much for your interest.
Now the configuration is very similar to the config posted above, basically without the C7604 acting as PE router.
Topology:
[HOST1]--Gi5/2--[C6509E-1]--Gi6/1----Gi6/3--[C6509E-2]--Gi5/1--[HOST2]
C6509E-1 config:
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.28 encapsulation mpls!
interface Vlan560
no ip address
no snmp trap link-status
xconnect vfi vfi560
end!
interface GigabitEthernet5/2
description vpls-vlan560-test-access
switchport
switchport access vlan 560
switchport mode access
no cdp enable
l2protocol-tunnel cdp
l2protocol-tunnel lldp
l2protocol-tunnel stp
l2protocol-tunnel vtp
spanning-tree portfast edge
spanning-tree bpdufilter enable
end!
interface GigabitEthernet6/1
ip address 10.99.99.1 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
no snmp trap link-status
mpls ip
end!
interface Loopback5
description vpls-test-loopback
ip address 192.168.60.26 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
end!
router ospf 5
passive-interface Loopback5
network 10.99.99.1 0.0.0.0 area 0
network 192.168.60.26 0.0.0.0 area 5
default-information originate metric 10000
!
C6509E-2 config:
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.26 encapsulation mpls!
interface Vlan560
no ip address
no snmp trap link-status
xconnect vfi vfi560
end!
interface GigabitEthernet5/1
description vpls-vlan560-test-access
switchport
switchport access vlan 560
switchport mode access
no cdp enable
l2protocol-tunnel cdp
l2protocol-tunnel lldp
l2protocol-tunnel stp
l2protocol-tunnel vtp
spanning-tree portfast edge
spanning-tree bpdufilter enable
end
!interface GigabitEthernet6/1
ip address 10.99.99.2 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
no snmp trap link-status
mpls ip
end!
interface Loopback5
description vpls-test-loopback
ip address 192.168.60.28 255.255.255.255
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf network point-to-point
end!
router ospf 5
passive-interface Loopback5
network 10.99.99.2 0.0.0.0 area 0
network 192.168.60.28 0.0.0.0 area 5
default-information originate metric 10000
!
Thanks in advance.
04-07-2016 07:45 AM
Thanks Vincent
Could you please share the below outputs:
- show mpls ldp neighbor
- ping mpls ipv4 <remote-PE-loopback> 255.255.255.255
Would also like to know if you have already performed the switchover.
I was also researching internally and noticed a defect in which the VPLS traffic forwarding stops on SUP2T when the core facing link is on the standby SUP.
CSCsw70062
It may be worth looking into it. You may try to configure graceful restart to see if it fixes the problem.
"mpls ldp graceful-restart". Configure this command on all PE routers.
Please let me know the result.
Regards
Vinit
04-11-2016 12:39 AM
Hello Vinit,
sorry for the delay, i was redirected to other tasks. We interchanged the uplinks from Standby SUP to Active SUP but the behavior is the same, all signaling is OK, but still no data-plane forwarding.
So We are going to switchover the SUPs to address the minor error statement. I will inform you afterwards.
Thanks in advance!
P.S. Can we use interfaces on Standby SUP as edge-ports to connect CE devices?
04-13-2016 11:12 AM
Hello Vincent
Sorry for the delayed response. I was working on setting up the lab for this problem. I have tested the config in my lab and it seems to be working fine with SUP2T.
interface GigabitEthernet1/2
switchport
switchport access vlan 100
switchport mode access
spanning-tree portfast edge
!
interface TenGigabitEthernet1/4
ip address 12.12.12.2 255.255.255.252
ip ospf network point-to-point
ip ospf 100 area 0
mpls label protocol ldp
mpls ip
interface Vlan100
no ip address
xconnect vfi test
!
l2 vfi test manual
vpn id 100
neighbor 4.4.4.4 encapsulation mpls
Similar config on other router was used.
Thus, this config should be working and also confirms that VPLS is supported on this platform.
i am using VS-SUP2T-10G and s2t54-adventerprisek9-mz.SPA.151-2.SY5 as the IOS.
Regards
Vinit
04-08-2016 12:30 AM
It might be an typo error, but the configuration on C6509E-2 should be
!
l2 vfi vfi560 manual
vpn id 560
neighbor 192.168.60.26 encapsulation mpls
!
and not 192.168.60.28
Regards,
P.
04-08-2016 01:40 AM
Hello,
Yes, it is a typo, thank you very much for spotting it. It is now corrected.
Vincent
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide