Alesk,

Thanks for your reply.

I tried it previously and I had this result

XConnect                   Segment 1                       Segment 2
Group      Name       ST   Description            ST       Description            ST
------------------------   -----------------------------   -----------------------------
test       p2pGrupo   DN   Gi0/0/0/0              DN       Gi0/0/0/1.2            DN
---------------------------------------------------------------------------------------

My xconnect was down and I thought I could not do xconnect between a physical interface and subinterface.

Configuring it like this

interface GigabitEthernet0/0/0/0

interface GigabitEthernet0/0/0/0.1 l2transport

encapsulation untagged

Does not work either...

Can you attach the output of "sh l2vpn xconnect group <name> xc-name <name> private"?

Sorry to intrude, we have a similar question (again regarding arp resolution between L2 interfaces) but for a different topology for which we try to find the expected behaviour of ASR9k.

In our setup we have dual Asr9k / mlacp, connecting the DSLAMs / switches. For a particular service the subscribers traffic is DHCPv4 / IPoE (but without sessions or BNG functionality) and all DSLAM interfaces participate in a single bridge-domain. For redundancy each switch is connected to both ASR9K and using mlacp the path though one ASR9K is active (on per switch basis)

We try to find a setup that ensures the following:
That we offer redundancy (this is why we plan to have VRRP and Mlacp between the ASR9k_A, ASR9K_B)
Make sure that no direct L2 connectivity is offered between the DSLAM through the ASR9k_A and ASR9K_B.

============================================================================================================================================

In each ASR9k use a bridge domain and have split-horizon activated on the DSLAM facing interfaces. We plan to create an xconnect between the 2 ASR9K (for VRRP and ARP traffic)

We were wondering about the arp behaviour over this xconnect circuit (no split horizon for the xconnect).

Specifically if for VRRP the master is ASR9K_A and due connectivity problem in the interface ASR9k_A <=> SW_B the link ASR9k_B <=> SW_B is active for SW_B

- For upstream traffic in SW_B, the arp requests will need to be answered by the VRRP master (ASR9K_A) so ASR9K_B will have to forward this request through the xconnect to ASR9K_A

- For downstream towards SW_B, traffic arrives at ASR9K_A and using ARP, ASR9K_A must find the correspoing MAC address Again this ARP request will have to forwarded over the xconnect (since the interface ASR9k_A <=> SW_B is down)

With this setup we expect to have redundancy but we no longer have L2 isolation between DSLAMs /switches  (through the xconnect all broadcast will be forwarded between Switches SW_A and SW_B)

Is there a way to overcome this problem (have ARP Resolution working but also ensure L2 isolation between subscribers) We are thinking interworking ipv4 for the xconnect circuit but we are not sure about its behavior for ARP requests. (Also we cannot use a separate L3 interface per Switches / DSLAMs since we need a single DHCP pool for all DSLAMs)

hi Takao,

if you want to run VRRP between the two asr9k, you should let the VRRP hello packets be exchanged through the access network. I would eliminate  the xconnect and MCLAG from your topology. I would instead convert all the four DSLAM-facing links into l2transport and configure a bridge domain with BVI on both asr9k. You can then run VRRP on BVI.

If your ARP scale exceeds 128k, please make sure to follow the best practices from this document:

https://supportforums.cisco.com/document/12766486/troubleshooting-arp-asr9000-routers

I hope this helps.

regards,

/Aleksandar

Sorry, I have been extremele busy lately, dedicating all my time to another project..One of these days I will get back to l2vpn lab and post the output