Hey Jimmy,Sorry for the slow

jimmystorm9 · ‎07-14-2014

Question:

We have a need to extend additional Vlans (separate broadcast segments) to a remote site; which using L2TPv3 works very well. However, we are having problems understanding why we cannot get Cisco spanning-tree MST 802.1s operational across the L2TPv3 topology. The switch command sh span mst reveals both SW1 and SW2 claim ROOT status. Does anyone know for sure if MST over L2TPv3 does work and perhaps knows how to get it operational --OR-- MST over L2TPv3 does not work? Also, is L2TPv3 an obsolete legacy technology and has been replaced by something more functional?

Topology in use: (see attached MS Paint topology; I couldn't get the pic to appears here)

What we know:

When using the routers physical interfaces (G0/0) to extend a single Vlan; spanning-tree MST 802.1s operates as expected eg. SW1 becomes the root as configured and SW2 is backup root.

When using the routers sub-interfaces (G0/0.1, G0/0.2 etc.) to extend multiple Vlans; spanning-tree MST 802.1s does NOT operate as configured. Eg. Both SW1 and SW2 claim root status

Placing a hub between SW1 and L2tun-1; Wireshark shows spanning-tree MST, cdp, vtp etc. is being sent out SW1 F1/0/16 interface. Spanning-tree MST frames have the user configured name, revision # and Vlan instance parameters. I can post this output if someone thinks it will be useful in resolving this issue.

SW1# sh int trunk

Port Mode Encapsulation Status Native vlan

Fa1/0/16 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa1/0/16 1-4094

Port Vlans allowed and active in management domain

Fa1/0/16 1-3

Port Vlans in spanning tree forwarding state and not pruned

Fa1/0/16 1-3

SW2# sh int trunk

Port Mode Encapsulation Status Native vlan

Fa1/0/13 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa1/0/13 1-4094

Port Vlans allowed and active in management domain

Fa1/0/13 1-3

Port Vlans in spanning tree forwarding state and not pruned

Fa1/0/13 1-3

SW1# sh cdp nei

Device ID Local Intrfce Holdtme Capability Platform Port ID

L2Tun-1 Fas 1/0/16 127 R S I 2821 Gig 0/0.1

SW2 Fas 1/0/16 151 R S I WS-C3750- Fas 1/0/13

SW2# sh cdp nei

Device ID Local Intrfce Holdtme Capability Platform Port ID

L2Tun-2 Fas 1/0/13 155 R S I 2821 Gig 0/0.1

SW1 Fas 1/0/13 136 R S I WS-C3750- Fas 1/0/16

SW1# sh arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.0.0.1 - 0013.8072.1a40 ARPA Vlan1

Internet 10.0.0.2 2 000f.2325.a740 ARPA Vlan1

Internet 192.168.2.1 - 0013.8072.1a46 ARPA Vlan2

Internet 192.168.2.2 12 000f.2325.a748 ARPA Vlan2

Internet 192.168.3.1 - 0013.8072.1a47 ARPA Vlan3

Internet 192.168.3.2 12 000f.2325.a749 ARPA Vlan3

SW2# sh arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.0.0.1 2 0013.8072.1a40 ARPA Vlan1

Internet 10.0.0.2 - 000f.2325.a740 ARPA Vlan1

Internet 192.168.2.1 12 0013.8072.1a46 ARPA Vlan2

Internet 192.168.2.2 - 000f.2325.a748 ARPA Vlan2

Internet 192.168.3.1 12 0013.8072.1a47 ARPA Vlan3

Internet 192.168.3.2 - 000f.2325.a749 ARPA Vlan3

SW1# sh span mst

##### MST0 vlans mapped: 1-800

Bridge address 0013.8072.1a00 priority 4096 (4096 sysid 0)

Root this switch for the CIST

Operational hello time 2 , forward delay 15, max age 20, txholdcount 6

Configured hello time 2 , forward delay 15, max age 20, max hops 20

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa1/0/8 Desg FWD 200000 128.10 P2p

Fa1/0/10 Desg FWD 200000 128.12 P2p

Fa1/0/16 Desg FWD 200000 128.18 P2p

SW2# sh span mst

##### MST0 vlans mapped: 1-800

Bridge address 000f.2325.a700 priority 61440 (61440 sysid 0)

Root this switch for the CIST

Operational hello time 2 , forward delay 15, max age 20, txholdcount 6

Configured hello time 2 , forward delay 15, max age 20, max hops 20

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa1/0/2 Desg FWD 200000 128.4 P2p

Fa1/0/13 Desg FWD 200000 128.15 P2p

SW1# sh ip int br | e do

Interface IP-Address OK? Method Status Protocol

Vlan1 10.0.0.1 YES manual up up

Vlan2 192.168.2.1 YES manual up up

Vlan3 192.168.3.1 YES manual up up

FastEthernet1/0/8 unassigned YES unset up up

FastEthernet1/0/10 unassigned YES unset up up

FastEthernet1/0/16 unassigned YES unset up up

SW2# sh ip int br | e do

Interface IP-Address OK? Method Status Protocol

Vlan1 10.0.0.2 YES manual up up

Vlan2 192.168.2.2 YES manual up up

Vlan3 192.168.3.2 YES manual up up

FastEthernet1/0/2 unassigned YES unset up up

FastEthernet1/0/13 unassigned YES unset up up

SW1#ping 10.0.0.2

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

SW1#ping 192.168.2.2

Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/9 ms

SW1#ping 192.168.3.2

Sending 5, 100-byte ICMP Echos to 192.168.3.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

SW2#ping 10.0.0.1

Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/9 ms

SW2#ping 192.168.2.1

Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

SW2#ping 192.168.3.1

Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms

L2Tun-1# sh xcon all

Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State

UP=Up DN=Down AD=Admin Down IA=Inactive

SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2

------+---------------------------------+--+---------------------------------+--

UP ac Gi0/0.1:1(Eth VLAN) UP l2tp 10.2.0.2:1 UP

UP ac Gi0/0.2:2(Eth VLAN) UP l2tp 10.2.0.2:2 UP

UP ac Gi0/0.3:3(Eth VLAN) UP l2tp 10.2.0.2:3 UP

L2Tun-2# sh xcon all

Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State

UP=Up DN=Down AD=Admin Down IA=Inactive

SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2

------+---------------------------------+--+---------------------------------+--

UP ac Gi0/0.1:1(Eth VLAN) UP l2tp 10.1.0.1:1 UP

UP ac Gi0/0.2:2(Eth VLAN) UP l2tp 10.1.0.1:2 UP

UP ac Gi0/0.3:3(Eth VLAN) UP l2tp 10.1.0.1:3 UP

L2Tun-1# sh xconnect interface g0/0.1 det

Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State

UP=Up DN=Down AD=Admin Down IA=Inactive

SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2

------+---------------------------------+--+---------------------------------+--

UP ac Gi0/0.1:1(Eth VLAN) UP l2tp 10.2.0.2:1 UP

Interworking: none Session ID: 4114808408

Tunnel ID: 3813445228

Protocol State: UP

Remote Circuit State: UP

pw-class: NATIVE

L2Tun-2# sh xconnect interface g0/0.1 detail

Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State

UP=Up DN=Down AD=Admin Down IA=Inactive

SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2

------+---------------------------------+--+---------------------------------+--

UP ac Gi0/0.1:1(Eth VLAN) UP l2tp 10.1.0.1:1 UP

Interworking: none Session ID: 2454835785

Tunnel ID: 2658829555

Protocol State: UP

Remote Circuit State: UP

pw-class: NATIVE

hostname L2Tun-1

!

boot-start-marker

boot system flash:c2800nm-adventerprisek9-mz.151-4.M8.bin

boot-end-marker

!

no ip source-route

ip cef

no ip domain lookup

no ipv6 cef

!

l2tp-class MGT

authentication

hello 5

password 7 062B2815

cookie size 8

!

vtp domain R19

vtp mode transparent

!

pseudowire-class NATIVE

encapsulation l2tpv3

protocol l2tpv3 MGT

ip local interface Loopback1

ip pmtu

!

interface Loopback1

ip address 10.1.0.1 255.255.255.255

!

interface GigabitEthernet0/0

mtu 1600

no ip address

!

interface GigabitEthernet0/0.1

encapsulation dot1Q 1 native

xconnect 10.2.0.2 1 pw-class NATIVE

!

interface GigabitEthernet0/0.2

encapsulation dot1Q 2

xconnect 10.2.0.2 2 pw-class NATIVE

!

interface GigabitEthernet0/0.3

encapsulation dot1Q 3

xconnect 10.2.0.2 3 pw-class NATIVE

!

interface GigabitEthernet0/1

mtu 1600

ip address 10.0.0.130 255.255.255.128

!

router ospf 1

router-id 10.0.0.130

network 10.0.0.0 0.255.255.255 area 0

network 192.168.0.0 0.0.0.255 area 0

network 192.192.192.1 0.0.0.0 area 0

hostname L2Tun-2

!

boot-start-marker

boot system flash:c2800nm-adventerprisek9-mz.151-4.M8.bin

boot-end-marker

!

no ip source-route

ip cef

no ip domain lookup

no ipv6 cef

!

l2tp-class MGT

authentication

hello 5

password 7 07220678

cookie size 8

!

vtp domain R18

vtp mode transparent

!

pseudowire-class NATIVE

encapsulation l2tpv3

protocol l2tpv3 MGT

ip local interface Loopback1

ip pmtu

!

interface Loopback1

ip address 10.2.0.2 255.255.255.255

!

interface GigabitEthernet0/0

mtu 1600

no ip address

!

interface GigabitEthernet0/0.1

encapsulation dot1Q 1 native

xconnect 10.1.0.1 1 pw-class NATIVE

!

interface GigabitEthernet0/0.2

encapsulation dot1Q 2

xconnect 10.1.0.1 2 pw-class NATIVE

!

interface GigabitEthernet0/0.3

encapsulation dot1Q 3

xconnect 10.1.0.1 3 pw-class NATIVE

!

interface GigabitEthernet0/1

mtu 1600

ip address 10.0.0.129 255.255.255.128

!

router ospf 1

router-id 10.0.0.129

network 10.0.0.0 0.255.255.255 area 0

network 192.168.0.0 0.0.0.255 area 0

fsebera · ‎07-23-2014

Hey Jimmy,

Sorry for the slow response but it took me a while to lab it up.

1st problem I see is you have duplicate IP addresses assigned, Vlan1 is using 10 space as-well-as your PE to cloud links. I guess since your frames are encapsulated on the PE links in L2TPv3 encapsulation this should not be an issue but it was a problem using your posted configurations in my lab setup.

Also, since all frames that egress SW1 (to PE) are tagged (each with its own Vlan ID) this is why all the protocols are functional except STP. Putting Wireshark on the wire, this is what the spanning-tree frames looks like, Notice no VLAN ID.

Frame 1: 135 bytes on wire (1080 bits), 135 bytes captured (1080 bits) Encapsulation type: Ethernet (1) Arrival Time: Jul 22, 2014 14:16:25.211808000 Eastern Daylight Time [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1406052985.211808000 seconds [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 135 bytes (1080 bits) Capture Length: 135 bytes (1080 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:llc:stp] [Coloring Rule Name: Broadcast] [Coloring Rule String: eth[0] & 1] IEEE 802.3 Ethernet Destination: Spanning-tree-(for-bridges)_00 (01:80:c2:00:00:00) Address: Spanning-tree-(for-bridges)_00 (01:80:c2:00:00:00) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast) Source: Cisco_72:1a:12 (00:13:80:72:1a:12) Address: Cisco_72:1a:12 (00:13:80:72:1a:12) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Length: 121 Logical-Link Control DSAP: Spanning Tree BPDU (0x42) IG Bit: Individual SSAP: Spanning Tree BPDU (0x42) CR Bit: Command Control field: U, func=UI (0x03) 000. 00.. = Command: Unnumbered Information (0x00) .... ..11 = Frame type: Unnumbered frame (0x03) Spanning Tree Protocol Protocol Identifier: Spanning Tree Protocol (0x0000) Protocol Version Identifier: Multiple Spanning Tree (3) BPDU Type: Rapid/Multiple Spanning Tree (0x02) BPDU flags: 0x7c (Agreement, Forwarding, Learning, Port Role: Designated) 0... .... = Topology Change Acknowledgment: No .1.. .... = Agreement: Yes ..1. .... = Forwarding: Yes ...1 .... = Learning: Yes .... 11.. = Port Role: Designated (3) .... ..0. = Proposal: No .... ...0 = Topology Change: No Root Identifier: 32768 / 0 / 00:13:80:72:1a:00 Root Bridge Priority: 32768 Root Bridge System ID Extension: 0 Root Bridge System ID: Cisco_72:1a:00 (00:13:80:72:1a:00) Root Path Cost: 0 Bridge Identifier: 32768 / 0 / 00:13:80:72:1a:00 Bridge Priority: 32768 Bridge System ID Extension: 0 Bridge System ID: Cisco_72:1a:00 (00:13:80:72:1a:00) Port identifier: 0x8012 Message Age: 0 Max Age: 20 Hello Time: 2 Forward Delay: 15 Version 1 Length: 0 Version 3 Length: 80 MST Extension MST Config ID format selector: 0 MST Config name: REGION1 MST Config revision: 3 MST Config digest: e13a80f11ed0856acd4ee3476941c73b CIST Internal Root Path Cost: 0 CIST Bridge Identifier: 32768 / 0 / 00:13:80:72:1a:00 CIST Bridge Priority: 32768 CIST Bridge Identifier System ID Extension: 0 CIST Bridge Identifier System ID: Cisco_72:1a:00 (00:13:80:72:1a:00) CIST Remaining hops: 20 MSTID 1, Regional Root Identifier 24576 / 00:13:80:72:1a:00 MSTI flags: 0x7c (Agreement, Forwarding, Learning, Port Role: Designated) 0... .... = Topology Change Acknowledgment: No .1.. .... = Agreement: Yes ..1. .... = Forwarding: Yes ...1 .... = Learning: Yes .... 11.. = Port Role: Designated (3) .... ..0. = Proposal: No .... ...0 = Topology Change: No MSTID 1, priority 24576 Root Identifier 00:13:80:72:1a:00 Internal root path cost: 0 Bridge Identifier Priority: 6 Port identifier priority: 8 Remaining hops: 20

Now, as far as getting STP frames to the other side, check out this doc!!!

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_13_ea1/configuration/guide/3550scg/swtunnel.html

Hope this works for you

Frank

L2TPv3 and Spanning-tree issue