Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2214
Views
0
Helpful
2
Replies

Virtually L3-terminate a EoMPLS Tunnel on a ASR1000

gjeker
Level 1
Level 1

‎07-24-2012 01:38 AM

Hi all,

I am trying to terminate a EoMPLS Tunnel with a virtual L3 interface on a ASR1000 without any physical port interaction.

We need to send the Traffic from Subinterfaces of some PE's (7600 and ASR9k) to an ASR1000 which sould use ISG functionallity to authorize and bw-limit the subscribers.

On the current setup we terminate the xconnects on a 7600 PE as well, and we send the traffic dot1q tagged to the ISG which is the L3 endpoint for the customers.

To make the switchover from a failed device easier, we now want to terminate everything on the ASR1000. Im my understanding, this shoud be possible with an l2 vfi, with an configured bridge-domain with BDI Interface and an EoMPLS neighbor.

The config I tired on the ASR1000 looks like:

l2 vfi vfi50 manual

vpn id 50

bridge-domain 50

neighbor <PE IP> 103685 encapsulation mpls

interface BDI50

vrf forwarding ISG_TABLE

ip address <Service IP> <netmask>

ip helper-address <DHCP>

load-interval 30

The communication from the Customer Network to the DHCP works, and I can even ping the BDI Interface IP, but I can not get further to the internet. Pinging a public address from the BDI50 Interface however works fine.

When I do a debug ip packet on that range, I can only see broadcasted packets (which get forwarded to the helper address).

However, MAC Adresses and ARP tables and gateway on the client looks good:

ar90.bie005.bb#sh bridge-domain 50

Bridge-domain 50 (2 ports in all)

State: UP                    Mac learning: Enabled

Aging-Timer: 180 second(s)

    BDI50  (up)

    vfi vfi50 neighbor <PE IP> 103685

   MAC address    Policy    Tag     Age Pseudoport

   C84C.75E1.CEBF to_bdi  static      0 BDI50

   88AE.1DAA.502A forward dynamic   179 vfi50.1020017              #88AE.1DAA.502A = Lab Laptop

ar90.bie005.bb#sh xconnect all

XC ST  Segment 1                         S1 Segment 2                         S2

------+---------------------------------+--+---------------------------------+--

UP pri  vfi vfi50                        UP mpls <PE IP>:103685        UP

UP pri   bd 50                           UP  vfi vfi50                        UP

ar90.bie005.bb#sh ip arp vrf ISG_TABLE

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  <SERVICE Address>            -   c84c.75e1.cebf  ARPA   BDI50

Internet  <Lab Laptop IP>            0   88ae.1daa.502a  ARPA   BDI50

Am I missing something? Is there a limitation I am hitting? In the most documents I found there was always a Service Instance on an Interface involved, which is certainly missing here.

Thaks for any help!

1 person had this problem
Labels:
0 Helpful
2 Replies 2

mkorourke
Level 1
Level 1

‎11-12-2012 06:25 PM

Hi Gregor,

Did you end up resolving this? Am quite intrested to see what was needed.

Regards

Mick

0 Helpful

gjeker
Level 1
Level 1
In response to mkorourke

‎11-12-2012 11:18 PM

Hi,

yes actually it should be fixed ;-)

It was a bug on the ASR (

CSCub44215), it had somehow problems with that routed vpls scenareo with routes learned from mp-bgp.

I could verify the fix of the problem with an engineering release, however, I did not have time to check the functionallity on Software Version 3.7.1.S / 15.2(4)S1 where the fix of the bug was implemented officially. But I'm very confident that it will work with that version as well.

Regards

0 Helpful
Customers Also Viewed These Support Documents