07-15-2010 02:54 AM - edited 03-06-2019 12:02 PM
Hi Cisco Gurus,
I have to accommodate a core device, lets call it "bob" with two 7609 routers equipped with ES+ cards.
bob has two links towards each of the 7609's. I need to associate the bob interfaces on a vrf called bob_vrf.
Here is the tricky part:
Bob has a default to an HSRP address which i need to facilitate on the routers since there is no connectivity between the two links coming from bob. The 7609's also have a static route pointing to bob's vip address (vrrp).
I need to facilitate a link between the 7609's which will allow both the HSRP messages between the routers and VRRP messages from bob to be transported.
How would i do this? Im working with a single vlan 10. i need to somehow add a layer 2 inter router link between the 7609's to bridge traffic on this same vlan so gi1/1 from 7609 router 1 can reach gi1/1 on 7609 router 2. This bridge also needs to be associated with the bob vrf.
Any ideas?
I have attached a diagram to highlight the issue and im hoping you might be able to help with a novel solution for this perhaps using service-instances and bridge domains.
Solved! Go to Solution.
07-16-2010 05:50 AM
HI,
ES card implements EVC (Ethernet Virtual Circuit) framework based on Metro Ethernet Forum specification. Now your VLAN id scope is limited to your port and there is no more default VLAN manipulation like you have with classical LAN LC. That's why you have to explicitly pop your VLAN ID before sending the packet to Layer 3 engine. The symmetrical keyword will add the VLAN ID back to the packet before sending it to the wire.
HTH
Laurent.
07-15-2010 06:20 AM
Hi,
you need to move your L3 config to a SVI interface:
interface vlan 10
ip address 10.1.1.x 255.255.255.248
ip vrf forwarding bob-vrf
standby 1 ip ..
...
!
interface Gig1/1
switchport access vlan 10
!
interface Gig1/2
switchport access vlan 10
!
This way you are able both route and bridge traffic for VLAN 10.
HTH
Laurent.
07-15-2010 08:50 PM
Hi Laurent,
Thanks for getting back to me. I was not aware that we could run HSRP over a VLAN interface. But i still have a few complications.
The link between the routers is a 2x10g bundled port channel interface which also has multiple IP subinterfaces. How would i solve this?
Im trying the following.
##7609-R1##
!
interface Vlan10
ip vrf forwarding BOB
ip address 10.1.1.2 255.255.255.248
standby 1 ip 10.1.1.1
standby 1 priority 110
standby 1 preempt
end
!
interface Port-channel1
no ip address
service instance 10 ethernet
encapsulation dot1q 10
bridge-domain 10
!
##7609-R2##
!
interface Vlan10
ip vrf forwarding BOB
ip address 10.1.1.3 255.255.255.248
standby 1 ip 10.1.1.1
end
!
interface Port-channel1
no ip address
service instance 10 ethernet
encapsulation dot1q 10
bridge-domain 10
!
Cant get this to work so far, any suggestions?
BR//
Chanuka
07-16-2010 01:46 AM
Ok, think i worked it out. i was missing the:
"rewrite ingress tag pop 1 symmetric" command within the service instance. Seems to be working fine now.
Im wondering if someone can explain to me what "rewrite ingress tag pop 1 symmetric" actually does? is it remarking the incoming vlan id to the bridge domain? and why would i need it if this encapsulation and the bridge domain are the same?
##7609-R1##
!
interface Vlan10
ip vrf forwarding BOB
ip address 10.1.1.2 255.255.255.248
standby 1 ip 10.1.1.1
standby 1 priority 110
standby 1 preempt
end
!
interface Port-channel1
no ip address
service instance 10 ethernet
encapsulation dot1q 10
rewrite ingress tag pop 1 symmetric
bridge-domain 10
!
##7609-R2##
!
interface Vlan10
ip vrf forwarding BOB
ip address 10.1.1.3 255.255.255.248
standby 1 ip 10.1.1.1
end
!
interface Port-channel1
no ip address
service instance 10 ethernet
encapsulation dot1q 10
rewrite ingress tag pop 1 symmetric
bridge-domain 10
!
07-16-2010 05:50 AM
HI,
ES card implements EVC (Ethernet Virtual Circuit) framework based on Metro Ethernet Forum specification. Now your VLAN id scope is limited to your port and there is no more default VLAN manipulation like you have with classical LAN LC. That's why you have to explicitly pop your VLAN ID before sending the packet to Layer 3 engine. The symmetrical keyword will add the VLAN ID back to the packet before sending it to the wire.
HTH
Laurent.
07-18-2010 06:56 PM
Perfect!
Thanks Laurent, Its all starting to make sence now.
Best Regards,
Chanuka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide