11-22-2012 05:29 AM
I have to setup L2VPN between Cisco and Juniper routers. It is for the internal products testing in my company. But VC is always down there. I searched many documents, but didn't work. I really need help. Thank you..
Jerry FAN
J2320 is running on 11.4R5.5; Cisco3945 is running on 15.2(4)M2 with MPLS function activated.
root@Router_MPS_TEST_A# show
## Last changed: 2012-11-22 11:17:01 UTC
version 11.4R5.5;
system {
host-name Router_MPS_TEST_A;
root-authentication {
encrypted-password "$1$xS88ja0F$cjZBwBjP6hIxrdGDEsE7r1"; ## SECRET-DATA
}
services;
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 192.168.12.1/24;
}
family mpls;
}
}
ge-0/0/1 {
vlan-tagging;
encapsulation vlan-ccc;
unit 0 {
vlan-id 1;
}
unit 121 {
vlan-id 121;
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
}
routing-options {
static {
route 2.2.2.2/32 next-hop 192.168.12.2;
}
}
protocols {
mpls {
interface ge-0/0/0.0;
interface lo0.0;
}
ldp {
interface all;
}
l2circuit {
neighbor 2.2.2.2 {
interface ge-0/0/1.121 {
virtual-circuit-id 100;
encapsulation-type ethernet-vlan;
ignore-encapsulation-mismatch;
ignore-mtu-mismatch;
}
}
}
}
security {
policies {
from-zone trust to-zone trust {
policy default-permit {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
tcp-rst;
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
lo0.0 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
ge-0/0/1.0 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
ge-0/0/1.121 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
}
}
}
}
[edit]
root@Router_MPS_TEST_A#
=================================================================
Router_MPS_TEST_B#s run
Building configuration...
Current configuration : 1733 bytes
!
! Last configuration change at 06:22:03 UTC Thu Nov 22 2012
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_MPS_TEST_B
!
boot-start-marker
boot system flash0 c3900-universalk9-mz.SPA.152-4.M2.bin
boot-end-marker
!
!
enable password cisco
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
license udi pid C3900-SPE150/K9
!
!
!
redundancy
!
!
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0/1.121
encapsulation dot1Q 121
xconnect 1.1.1.1 100 encapsulation mpls
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 1.1.1.1 255.255.255.255 192.168.12.1
!
!
!
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password cisco
logging synchronous
login
transport input all
!
scheduler allocate 20000 1000
!
end
Router_MPS_TEST_B#
===============================================================
root@Router_MPS_TEST_A# run show l2circuit connections
Layer-2 Circuit Connections:
Legend for connection status (St)
EI -- encapsulation invalid NP -- interface h/w not present
MM -- mtu mismatch Dn -- down
EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down
CM -- control-word mismatch Up -- operational
VM -- vlan id mismatch CF -- Call admission control failure
OL -- no outgoing label IB -- TDM incompatible bitrate
NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration
BK -- Backup Connection ST -- Standby Connection
CB -- rcvd cell-bundle size bad SP -- Static Pseudowire
LD -- local site signaled down RS -- remote site standby
RD -- remote site signaled down XX -- unknown
Legend for interface status
Up -- operational
Dn -- down
Neighbor: 2.2.2.2
Interface Type St Time last up # Up trans
ge-0/0/1.121(vc 100) rmt NP
[edit]
root@Router_MPS_TEST_A#
root@Router_MPS_TEST_A# run show mpls interface detail
Interface: ge-0/0/0.0
State: Up
Administrative group: <none>
Maximum labels: 3
Static protection revert time: 5 seconds
Always mark connection protection tlv: Disabled
Switch away lsps : Disabled
[edit]
root@Router_MPS_TEST_A#
=======================================================================
Router_MPS_TEST_B#sh mpls l2transport vc detail
Local interface: Gi0/1.121 up, line protocol up, Eth VLAN 121 up
Destination address: 1.1.1.1, VC ID: 100, VC status: down
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 04:35:05, last status change time: 03:31:50
Signaling protocol: LDP, peer unknown
Targeted Hello: 2.2.2.2(LDP Id) -> 1.1.1.1
Status TLV support (local/remote) : enabled/unknown (no remote binding)
Label/status state machine : local standby, AC-ready, LnuRnd
Last local dataplane status rcvd: no fault
Last local SSS circuit status rcvd: no fault
Last local SSS circuit status sent: not sent
Last local LDP TLV status sent: not sent
Last remote LDP TLV status rcvd: unknown (no remote binding)
MPLS VC labels: local 16, remote unassigned
Group ID: local 0, remote unknown
MTU: local 1500, remote unknown
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 0, send 0
byte totals: receive 0, send 0
packet drops: receive 0, seq error 0, send 0
Router_MPS_TEST_B#
11-22-2012 05:35 AM
I could n't see mpls ip and mpls label protocol ldp command. Could you check it again. Also let us know what is the output of show mpls l2vpn citcuitid .....
I still remember by default Junipe doesn't peform PHP, that need to be enabled. Could you check that also.
regards
shivlu jain
11-23-2012 02:07 AM
Problem resolved. Changed forward-option to packet mode and add encapsulation vlan-ccc and vlan id on subinterface
in Junos as well.
11-28-2012 08:56 PM
hi
if possible could you highlight the changes you made or post the full configuration.
regards
shivlu jain
11-28-2012 09:03 PM
Here you go.
root@J2320> show configuration | no-more
## Last commit: 2012-11-27 10:44:17 UTC by root
version 11.4R5.5;
system {
host-name J2320;
root-authentication {
encrypted-password "$1$xS88ja0F$cjZBwBjP6hIxrdGDEsE7r1"; ## SECRET-DATA
}
services;
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 192.168.12.1/24;
}
family mpls;
}
}
ge-0/0/1 {
vlan-tagging;
encapsulation vlan-ccc;
unit 0 {
vlan-id 1;
}
unit 512 {
encapsulation vlan-ccc;
vlan-id 512;
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
}
routing-options {
static {
route 2.2.2.2/32 next-hop 192.168.12.2;
}
}
protocols {
mpls {
interface ge-0/0/0.0;
interface lo0.0;
}
ldp {
interface all;
}
l2circuit {
neighbor 2.2.2.2 {
interface ge-0/0/1.512 {
virtual-circuit-id 100;
encapsulation-type ethernet-vlan;
ignore-encapsulation-mismatch;
ignore-mtu-mismatch;
}
}
}
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
zones {
security-zone trust {
tcp-rst;
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
lo0.0 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
ge-0/0/1.512 {
host-inbound-traffic {
system-services {
any-service;
}
}
}
}
}
}
}
root@J2320>
root@J2320> show l2circuit connections extensive
Layer-2 Circuit Connections:
Legend for connection status (St)
EI -- encapsulation invalid NP -- interface h/w not present
MM -- mtu mismatch Dn -- down
EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down
CM -- control-word mismatch Up -- operational
VM -- vlan id mismatch CF -- Call admission control failure
OL -- no outgoing label IB -- TDM incompatible bitrate
NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration
BK -- Backup Connection ST -- Standby Connection
CB -- rcvd cell-bundle size bad SP -- Static Pseudowire
LD -- local site signaled down RS -- remote site standby
RD -- remote site signaled down XX -- unknown
Legend for interface status
Up -- operational
Dn -- down
Neighbor: 2.2.2.2
Interface Type St Time last up # Up trans
ge-0/0/1.512(vc 100) rmt Up Nov 27 10:50:26 2012 1
Remote PE: 2.2.2.2, Negotiated control-word: Yes (Null)
Incoming label: 299808, Outgoing label: 17
Negotiated PW status TLV: No
Local interface: ge-0/0/1.512, Status: Up, Encapsulation: VLAN
Connection History:
Nov 27 10:50:26 2012 status update timer
Nov 27 10:50:26 2012 PE route changed
Nov 27 10:50:26 2012 Out lbl Update 17
Nov 27 10:50:26 2012 In lbl Update 299808
Nov 27 10:50:26 2012 loc intf up ge-0/0/1.512
root@J2320>
===================================================================================
Router_MPS_TEST_B#sh run
Building configuration...
Current configuration : 1762 bytes
!
! Last configuration change at 10:04:06 UTC Tue Nov 27 2012
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router_MPS_TEST_B
!
boot-start-marker
boot system flash0 c3900-universalk9-mz.SPA.152-4.M2.bin
boot config flash0:/mpls.cfg
boot-end-marker
!
!
enable password cisco
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
license udi pid C3900-SPE150/K9
!
!
!
redundancy
!
!
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 192.168.12.2 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0/1.512
encapsulation dot1Q 512
xconnect 1.1.1.1 100 encapsulation mpls
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 1.1.1.1 255.255.255.255 192.168.12.1
!
!
!
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password cisco
logging synchronous
login
transport input all
!
scheduler allocate 20000 1000
!
end
Router_MPS_TEST_B#
Router_MPS_TEST_B#sh mpls l2transport vc detail
Local interface: Gi0/1.512 up, line protocol up, Eth VLAN 512 up
Destination address: 1.1.1.1, VC ID: 100, VC status: up
Output interface: Gi0/0, imposed label stack {299808}
Preferred path: not configured
Default path: active
Next hop: 192.168.12.1
Create time: 00:31:23, last status change time: 00:02:02
Signaling protocol: LDP, peer 1.1.1.1:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 1.1.1.1
Status TLV support (local/remote) : enabled/not supported
Label/status state machine : established, LruRru
Last local dataplane status rcvd: no fault
Last local SSS circuit status rcvd: no fault
Last local SSS circuit status sent: no fault
Last local LDP TLV status sent: no fault
Last remote LDP TLV status rcvd: not sent
MPLS VC labels: local 17, remote 299808
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Remote VLAN id: 512
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 1010, send 1013
byte totals: receive 118856, send 141334
packet drops: receive 0, seq error 0, send 0
Router_MPS_TEST_B#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide