Hi All
I`m playing in the lab and I`m struggling with achieving a full L2 tunnel over VPLS between an ME3800-X and ASR1004.
Ascii Diagram: 3560[1] - ME3800X -> MPLS <- ASR1004 - 3560[2]
Essentially, I`m trying to l2 tunnel vtp/cdp/stp over a VPLS connection between the ME and ASR. LDP is Up, L2 VFI is Up, I can ping from vlan 1 on 3560[1] to vlan 1 on 3560[2] so the VPLS is essentially up.
That's where the issues start:
STP traffic is not being passed, both switches are root bridges.
If I configure 3560[1] as VTP server, 3560[2] does not get any new vlans.
If I configure 2560[2] as a VTP Server, 3560[1] DOES get new vlans.
(so VTP tunnelling works from the ASR to the ME3800, but not vice versa)
CDP wise, I see nothing from 3560[1] (expected as the ME is configured to tunnel all), but I see the ASR from 3560[2]
Stumped ? has anyone done anything similar ? its only untagged traffic (CDP/VTP/STP) I`m seeing issues with - but that's essentially what I need
The issue looks to the ASR, if I connect both 3560's to ports within the service-instance on the ME3800-X CDP, etc works, but I can't find any command that IOS-XE will accept to do the l2 tunnelling on the ASR.
Config references a single neighbour but in truth this would be multiple, this is just a lab.
Config from the ME:
Cisco IOS Software, ME380x Software (ME380x-UNIVERSALK9-M), Version 15.2(2)S, RELEASE SOFTWARE (fc1) - Metro Agg and Scaled Metro Agg Licenses, Metro Eth
interface GigabitEthernet0/24
Descr to 3560[1]
switchport trunk allowed vlan none
switchport mode trunk
mtu 9216
service instance 1 ethernet
encapsulation untagged , dot1q 1-4094
l2protocol tunnel
bridge-domain 100
!
end
l2 vfi test1 manual
vpn id 1
bridge-domain 100
neighbor 1.1.1.1 encapsulation mpls
interface Vlan100
no ip address
xconnect vfi test1
-- Config from the ASR:
Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.3(1)S, RELEASE SOFTWARE (fc4)
interface GigabitEthernet0/0/7
Descr connected to 3560[2]
no ip address
negotiation auto
cdp enable
service instance 100 ethernet
encapsulation untagged , dot1q 1-4094
bridge-domain 100
!
bridge-domain 100
(ASR accepts the member config but doesn't show it)
l2 vfi test1 manual
vpn id 1
bridge-domain 100
neighbor 2.2.2.2 encapsulation mpls
There is a command on the ASR l2 vfi to forward l2protocol, but this errors not with BPDU tunnel not supported. Config guides especially from IOS-XE reference using l2vpn - but half of the commands on the guide, despite this being for the correct software don't exist.
Any assistance appreciated, head broken :-/
Chris