Re: xconnect with a local gateway from LAN

sebastien3 · ‎01-02-2023

Hello,

I have two 891F routers connected with l2tpv3.

VLAN 1 is connected to a switch via the GE7 port of the router. I can ping any IP on subnet 10.0.0.1/24 in both directions ! Xconnect is UP and ready.

pseudowire-class XCONNECT
 encapsulation l2tpv3
 interworking ethernet
 protocol none
 ip local interface Loopback0
!
interface Vlan1
 no ip address
 xconnect A.B.C.D 1 encapsulation l2tpv3 manual pw-class XCONNECT
  l2tp id 2 1
!

Now I can't create a local gateway for each router... For example on R1 I would like to have the IP 10.0.0.100/24 and on R2 10.0.0.200/24. This allows traffic to go out to the Internet on the local router and not on the remote router !

Bridge IRB or VRF can't work with interface Vlan1.

Have you an solution ?

Thanks !

balaji.bandi · ‎01-02-2023

how is your network diagram looks like, can you post both the side configuration and what Physical interface connected?

have you tried any other VLAN - other than and VLAN1

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎01-02-2023

interface Vlan1
 no ip address
 xconnect A.B.C.D 1 encapsulation l2tpv3 manual pw-class XCONNECT
  l2tp id 2 1

do you try add ip to vlan1 interface in each router ??

sebastien3 · ‎01-02-2023

@balaji.bandi:

Here is the diagram. I am in a very simple use ! I also changed the Vlan1 by Vlan100 it does not change the behavior is identical...

@MHM Cisco World:

It's not possible !

R2(config-if)#ip address 10.0.1.200 255.255.255.0
Incompatible with xconnect command on Vl100 - command rejected.

vlan100 contains the xconnect command !

MHM Cisco World · ‎01-02-2023

I have one idea but I must check it first.

balaji.bandi · ‎01-02-2023

Can you post show run from R1 and R2 - so we can audit the config and suggest why its not working

also give us information, what router version running on R1 and R2

Looking at the config you provided, you extending the VLAN using connect - that means they are L2 extended each side.

R2(config-if)#ip address 10.0.1.200 255.255.255.0
Incompatible with xconnect command on Vl100 - command rejected.

vlan100 contains the xconnect command ! (if this is part of Xconnect you can not create IP here)

if the config is good.

PC 10.0.1.10 should able to ping10.0.1.20

I did some basic testing way back..check below :

https://www.balajibandi.com/?p=1801

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎01-02-2023

Routed Pseudowire - Cisco

Cisco 89x and 888EAISR G2 <<--

according to link I share it must accept ip under svi with xconnect config,
can you check the example in link.

sebastien3 · ‎01-02-2023

@balaji.bandi:

Here is the configuration of R2. For R1 it's the same thing, only the IP on GE8/BVI1/Lo0 changes... IOS it's the same on R1/R2.

R2#sh ver
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.9(3)M5, RELEASE SOFTWARE (fc1)
ROM: System Bootstrap, Version 15.4(1r)T1, RELEASE SOFTWARE (fc1)
System image file is "flash:c800-universalk9-mz.SPA.159-3.M5.bin"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
version 15.9
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
memory-size iomem 10
!
!
!
!
!
!
!
no ip source-route
no ip gratuitous-arps
!
!
!
!
!
!
!
!
!
!


!
ip vrf xconnect
!
!
no ip bootp server
no ip domain lookup
!
ip cef
!
ip tcp synwait-time 10
pseudowire-class CL-XCONNECT
 encapsulation l2tpv3
 interworking ethernet
 protocol none
 ip local interface Loopback0
!
!
!
!
!
!
!
bridge irb
!
!
!
!
interface Loopback0
 ip address X.X.X.X 255.255.255.255
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
 isdn termination multidrop
!
interface FastEthernet0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface GigabitEthernet0
 no ip address
!
interface GigabitEthernet1
 no ip address
!
interface GigabitEthernet2
 no ip address
!
interface GigabitEthernet3
 no ip address
!
interface GigabitEthernet4
 no ip address
!
interface GigabitEthernet5
 no ip address
!
interface GigabitEthernet6
 no ip address
!
interface GigabitEthernet7
 switchport access vlan 100
 switchport mode access
 no ip address
!
interface GigabitEthernet8
 description * WAN *
 ip address Y.Y.Y.2 255.255.255.252
 no ip redirects
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly in
 ip verify unicast reverse-path
!
interface Vlan1
shutdown
!
interface Vlan100
 no ip address
 xconnect A.B.C.D 1 encapsulation l2tpv3 manual pw-class CL-XCONNECT
  l2tp id 2 1
 bridge-group 1
!
interface Async3
 no ip address
 encapsulation slip
 shutdown
!
!
interface BVI1
 ip address 10.0.1.200 255.255.255.0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 101 interface Loopback0 overload
ip route 0.0.0.0 0.0.0.0 Loopback0
!
!
access-list 101 permit ip 10.0.1.0 0.0.0.255 any
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
line con 0
!
end

@MHM Cisco World:

What is your idea ? I have already looked at the document it does not help me more ...

MHM Cisco World · ‎01-03-2023

you config encap. L2tpv3 instead as link I share use encap. MPLS.

sebastien3 · ‎01-03-2023

I don't understand your answer... I don't have a PE to be able to use MPLS?

MHM Cisco World · ‎01-03-2023

friend please can you check if the assign IP to interface VLAN with encap mpls is accept?

sebastien3 · ‎01-03-2023

Encap mpls do not work :

R2#sh run int vlan 100
Building configuration...

Current configuration : 63 bytes
!
interface Vlan100
ip address 10.0.1.200 255.255.255.0
end

R2(config)#int vlan100
R2(config-if)#xconnect A.B.C.D 1 encapsulation mpls
Incompatible with ip address command on Vl100 - command rejected.
R2(config-if)#

Georg Pauwen · ‎01-03-2023

Hello,

from your original post:

interface Vlan1
no ip address
xconnect A.B.C.D 1 encapsulation l2tpv3 manual pw-class XCONNECT
l2tp id 2 1

Now you post the below...which one is the one you want us to look at ?

interface Vlan100
no ip address
xconnect A.B.C.D 1 encapsulation l2tpv3 manual pw-class CL-XCONNECT
l2tp id 2 1
bridge-group 1

sebastien3 · ‎01-03-2023

Yes it's normal @Georg Pauwen ! In the answers above it is asked if I also tried with VLAN1. I copied the conf with my VLAN100 test. Whether with VLAN1 or VLAN100 the behavior remains the same...

balaji.bandi · ‎01-03-2023

before i go in to next level - i would like to ask you simple question - config looks some complicated - you trying to do manythings on the router config.

1. is this real network or you have 2 Router at home you creating Lab ?

2. are you able to reach each other WAN IP address - can you share the ping output.

3. i see you are using NAT here outside - using Loopback0 interface, is that working ?

4. i do not see any inside NAT interface ? or you are not gone that level ?

5. i do see NAT statement ACL 101 , but that not effect since there is no inside interface there.

So what is the goal here in your views and trying to accomplish here.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help