Hi,
I have a customer that needs to tunnel serial data from remote sites to a central site. This serial data is HDLC encapsulated and the remote site has a Cisco 1921 router with HWIC4A/S.
The central router is a Cisco 2951, also with HWIC4A/S.
This customer has several VPNs carried by a service provider through MPLS. One VPN is for operational traffic, one is for test traffic and so on.
They want to send the tunneled traffic through the operational VPN on the router doing tunneling through VRF lite. This does however not seem to be supported but I can't find any restrictions in the Cisco documentation.
Here is a working configuration:
pseudowire-class PW
encapsulation l2tpv3
sequencing transmit
protocol none
ip local interface loopback0
ip tos value 128
ip ttl 10
interface Loopback0
ip address x.x.x.x 255.255.255.255
interface Serial0/0/0
description ### redacted ###
no ip address
no keepalive
ignore dtr
clock rate 19200
no cdp enable
xconnect y.y.y.y 1001 encapsulation l2tpv3 manual pw-class PW
l2tp id 61001 101
redacted#show l2tun session all
Session id 61001 is up, logical session id 65668, tunnel id n/a
Remote session id is 101, remote tunnel id n/a
Locally initiated session
Unique ID is 24
Session Layer 2 circuit, type is HDLC, name is Serial0/0/0
Session vcid is 1001
Circuit state is UP
Local circuit state is UP
Remote circuit state is UP
Call serial number is 0
Remote tunnel name is
Internet address is y.y.y.y
Local tunnel name is
Internet address is x.x.x.x
IP protocol 115
Session is manually signaled
Session state is established, time since change 19:04:36
1087277 Packets sent, 0 received
21281118 Bytes sent, 0 received
Last clearing of counters never
Counters, ignoring last clear:
1087277 Packets sent, 0 received
21281118 Bytes sent, 0 received
Receive packets dropped:
out-of-order: 0
other: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
other: 0
total: 0
DF bit off, ToS reflect disabled, ToS value 128, TTL value 10
Sending UDP checksums are disabled
Received UDP checksums are verified
No session cookie information available
FS cached header information:
encap size = 28 bytes
45800014 00000000 0a738706 0a741822
0a74fbe7 00000065 00000000
Sequencing is on
Ns 1087268, Nr 0, 0 out of order packets received
Packets switched/dropped by secondary path: Tx 0, Rx 0
Conditional debugging is disabled
SSM switch id is 4226, SSM segment id is 12422
The traffic is unidirectional so it's expected to only have packets sent and not received. This works fine. However, if put the loopback in a VRF, the tunnel still comes up but no traffic is forwarded.
int loopback 0
ip vrf forwarding OPER
This would stop the traffic from passing through the tunnel. I suspect that the Cisco implementation of L2TPv3 is not VRF aware but have been unable to get any confirmation so far.
Has anyone else tried to deploy this when sourcing from a VRF?
Daniel Dib
CCIE #37149
CCDE #20160011
Please rate helpful posts.
