MPLS L2 VPN Interworking IP, Ethernet, VLAN

sukamal.das@bt.com · ‎05-17-2019

Hi,

kindly help me to understand MPLS L2 VPN Interworking IP, Ethernet, VLAN.

Thanks in advance.

Regards

Sukamal

Giuseppe Larosa · ‎05-17-2019

Hello Sukamal,

generally speaking MPLS L2VPN interworking can allow to build a communication between two access circuits that are using different encapsulations L2 technologies for example AC1 uses Ethernet and AC2 uses PPP encapsulation.

The PE nodes are in charge of translation an ethernet frame to a PPP frame in this case and viceversa.

How to do this ? Well the PE node has to extract the IP packet inside the ethernet frame and has to encapsulate it inside a PPP frame.

The opposite has to be performed in the reverse direction.

To be noted being a L2 service the IP addresses used by the CE on AC1 and the CE on AC2 have to be in the same subnet to work.

Another example is having AC1 using ethernet frames and AC2 using 802.1Q Vlan frames with a specific Vlan-id.

The two encapsulations are similar but not the same in this case the 802.1Q tag has to inserted or removed to achieve interworking.

see the following configuration guide for IOS XE for more details and examples

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-16/mp-l2-vpns-xe-16-book/l2vpn-interworking.html

Hope to help

Giuseppe

sukamal.das@bt.com · ‎05-17-2019

Hi Giuseppe,

Thanks for your explanation.
what you have said it already known by me, what I want know that, what is the packet level transition is happening when we use interwoking IP, interworking Ethernet and interwoking vlan, because in a practice lab I am observing different behavior for same encapsulation.
Over the L2 service I am running BGP so when I am configuring interworking IP BGP is going down when I am configuring Ethernet BGP is ok and I am not able to understand who it is happening.

Regards,
Sukamal

Giuseppe Larosa · ‎05-17-2019

Hello Sukamal,

when you perform Ethernet interworking with another L2 encapsulation you are using bridging interworking.

When you try to use IP interworking the provided service is a mix of OSI L2 and OSI L3 and is called a routed interworking.

My guess is that in this case the PE nodes attempt to route the packet to the IP side.

However, I have not tested in a lab the feature.

Probably with IP interworking the CE devices are expected to be in different IP subnets like in a L3 service. You may need to configure a logical L3 interface to act as gateway for each side.

In other words IP interworking is not a L2 only service anymore, and this breaks your BGP session between CE nodes.

From the document I have linked before I can see the following restrictions for routed interworking:

In the IP interworking mode, the IPv4 (0800) translation is supported. The PE router captures Address Resolution Protocol (ARP) (0806) packets and responds with its own MAC address (proxy ARP). Everything else is dropped.
The Ethernet must contain only two IP devices: PE router and CE router. The PE router performs proxy ARP and responds to all ARP requests it receives. Therefore, only one CE router and one PE router should be on the Ethernet segment.

The following can be the reason of your issue:

When you change the interworking configuration on an Ethernet PE router, clear the ARP entry on the adjacent CE router so that it can learn the new MAC address. Otherwise, you might experience traffic drops.

Actually based on previous description in IP interworking the PE intercepts the ARP requests from the CE node and answers back with its own MAC addres to the CE.

In ethernet interworking CE1 ARP request goes to the remote end and the remote CE2 answers.

So in your case after changing from ethernet interworking to IP interworking you should clear the ARP table in both CE nodes the BGP session will flap, but then it should be able to recover.

Hope to help

Giuseppe