[c-nsp] Help needed regarding the Eompls tunnel in Juniper & Cisco

James Bensley jwbensley at gmail.com
Wed Dec 7 05:34:17 EST 2016 

On 2 December 2016 at 00:12, Ahsan Rasheed <ahsanrasheed9 at gmail.com> wrote:
> Hi All,
>
> We are having some serious issue with one customer circuit.We are using
> eompls vlan based & we are unable to pass traffic over eompls (l2)tunnel
> between Cisco 3550 switches if we use specifically Cisco 6503 ,Cisco 6504 &
> 6506 etc. If we use Cisco switch 6524 instead of Cisco 6503 it is working.
>
> {(Cisco 3550 switch)--->(Cisco 6524)---->(Juniper ACX 4000)---->(Cisco
> 3550) }-->This setup is working.I am able to pass traffic end to end
> between Cisco 3550's.
>
> {(Cisco 3550 switch1)--->(Cisco 6503 or Cisco 6506))---->(Juniper ACX
> 4000)---->(Cisco 3550 switch2) }-->This setup is not working.
>
> Cisco 3550 switch1 vlan 1089(1.1.1.1/30)---trunk----->sub interface eompls
> vlan 1089(Cisco 6503)----->(ACX 4000)terminating tunnel on sub interface
> vlan 1089----->Cisco 3550 switch2-trunk-vlan 1089(1.1.1.2/30)
>
> We are using bgp & ospf between Cisco 6503 & Juniper ACX 4000. Vlan 1089
> as svi we are using on Cisco 3550 switch1 and allowing vlan 1089 as trunk
> connecting back to Cisco 6503,eompls vlan 1089 tunnel is configured on sub
> int on 6503 facing Cisco 3550 switch 1.Cisco 6503 is connected with juniper
> ACX 4000 & running bgp & ospf between each other.On ACX 4000 juniper eompls
> vlan based tunnel is terminating on sub interface facing Cisco 3550 switch
> 2. With Sup720 I was unable to pass traffic over tunnels although l2 eompls
> tunnel 1089 is up on both (Cisco 6503 & Juniper). See below.
>
>
> Below are the outputs & commands which i was running.
>
>
> ACX 4000 Juniper:
>
> chi> show l2circuit connections
> Layer-2 Circuit Connections:
> Neighbor: 63.250.238.225
>     Interface                 Type  St     Time last up          # Up trans
>     ge-1/1/0.1089(vc 1089)    rmt   Up     Jan  2 12:45:23 2010           1
>       Remote PE: 63.250.238.225, Negotiated control-word: No
>       Incoming label: 299776, Outgoing label: 19
>       Negotiated PW status TLV: No
>       Local interface: ge-1/1/0.1089, Status: Up, Encapsulation: VLAN
> chi> show ospf neighbor
> Address          Interface              State     ID               Pri  Dead
> 10.252.0.85      xe-0/2/0.0             Full      63.250.238.225     1    39
>
> chi> show bgp summary
> Groups: 1 Peers: 1 Down peers: 0
> Table          Tot Paths  Act Paths Suppressed    History Damp State
> Pending
> inet.0
>                       15         13          0          0
> 0          0
> Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last
> Up/Dwn State|#Active/Received/Accepted/Damped...
> 63.250.238.225        30373        179        200       0       0
> 1:21:40 13/15/15/0           0/0/0/0
>
> show ldp neighbor
> Address            Interface          Label space ID         Hold time
> 63.250.238.225     lo0.0              63.250.238.225:0         40
> 63.250.250.219     lo0.0              0.0.0.0:0                0
> 10.252.0.85        xe-0/2/0.0         63.250.238.225:0         11
>
> set interfaces xe-0/2/0 mtu 9192
> set interfaces xe-0/2/0 unit 0 bandwidth 10g
> set interfaces xe-0/2/0 unit 0 family inet mtu 1546
> set interfaces xe-0/2/0 unit 0 family inet address 10.252.0.86/30
> set interfaces xe-0/2/0 unit 0 family mpls
>
> set interfaces ge-1/1/0 vlan-tagging
> set interfaces ge-1/1/0 mtu 1564
> set interfaces ge-1/1/0 media-type copper
> set interfaces ge-1/1/0 encapsulation flexible-ethernet-services
> set interfaces ge-1/1/0 unit 0 vlan-id 2062
> set interfaces ge-1/1/0 unit 0 family inet address 10.254.62.9/29 primary
> set interfaces ge-1/1/0 unit 0 family inet address 63.250.226.153/30
> set interfaces ge-1/1/0 unit 1089 encapsulation vlan-ccc
> set interfaces ge-1/1/0 unit 1089 vlan-id 1089
>
> set protocols mpls interface xe-0/2/0.0
> set protocols ospf area 0.0.0.0 interface lo0.0
> set protocols ospf area 0.0.0.0 interface xe-0/2/0.0 interface-type p2p
> set protocols ospf area 0.0.0.0 interface xe-0/2/0.0 authentication md5 1
> key "$9$a9JUHf5F6CuZU9puOSyX7-wgJDikqP5ZGtu1IcS"
> set protocols ldp interface xe-0/2/0.0 allow-subnet-mismatch
>
> set protocols ldp interface lo0.0
> set protocols l2circuit neighbor 63.250.238.225 interface ge-1/1/0.1089
> virtual-circuit-id 1089
>
>
> ACX 4000 i am using Junos:jinstall-ppc-12.3X54-D27.1-domestic-signed.tgz
>
> Cisco 6503:
> Test#show mpls l2transport vc detail
> Local interface: Gi2/2.1089 up, line protocol up, Eth VLAN 1089 up
>   Destination address: 63.250.250.225, VC ID: 1089, VC status: up
>     Output interface: Gi2/1, imposed label stack {299776}
>     Preferred path: not configured
>     Default path: active
>     Next hop: 10.252.0.86
>   Load Balance: none
>   Flow Label: Disabled
>   Create time: 00:05:52, last status change time: 00:03:30
>   Signaling protocol: LDP, peer 63.250.250.225:0 up
>     Targeted Hello: 63.250.238.225(LDP Id) -> 63.250.250.225, LDP is UP
>     Status TLV support (local/remote)   : enabled/not supported
>       LDP route watch                   : enabled
>       Label/status state machine        : established, LruRru
>       Last local dataplane   status rcvd: No fault
>       Last local SSS circuit status rcvd: No fault
>       Last local SSS circuit status sent: No fault
>       Last local  LDP TLV    status sent: No fault
>       Last remote LDP TLV    status rcvd: Not sent
>       Last remote LDP ADJ    status rcvd: No fault
>     MPLS VC labels: local 20, remote 299776
>     Group ID: local 0, remote 0
>     MTU: local 1546, remote 1546
>     Remote interface description:
>     Remote VLAN id: 1089
>   Sequencing: receive disabled, send disabled
>   Control Word: Off (configured: autosense)
>   VC statistics:
>     transit packet totals: receive 102, send 109
>     transit byte totals:   receive 7344, send 7376
>     transit packet drops:  receive 0, send 0
> !
> interface GigabitEthernet2/2.1089
>  encapsulation dot1Q 1089
>  xconnect 63.250.250.225 1089 encapsulation mpls
> !
> interface GigabitEthernet2/2
>  mtu 1546
>  ip address 10.0.59.1 255.255.255.252
> !
> interface GigabitEthernet2/1
>  mtu 1546
>  ip address 10.252.0.85 255.255.255.252
>  no ip redirects
>  no ip unreachables
>  no ip proxy-arp
>  ip ospf authentication message-digest
>  ip ospf message-digest-key 1 md5 7 020E01490E151B28431D594A5244
>  ip ospf network point-to-point
>  logging event link-status
>  logging event spanning-tree status
>  mpls ip
>  no cdp enable
>
> On Cisco 6503 i am using this
> IOS:s72033-advipservicesk9_wan-mz.122-33.SXJ6.bin
>
> Cisco 3550 swicth1(Output):
> interface GigabitEthernet0/11
> description facing-Cisco6503
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1,100,1089
>  switchport mode trunk
>  logging event spanning-tree
>  no cdp enable
> !
> interface Vlan1089
>  ip address 1.1.1.1 255.255.255.252
>
> Cisco 3550 swicth2(Output):
> interface GigabitEthernet0/11
> description facing-Juniper-ACX400
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1,100,1089
>  switchport mode trunk
>  logging event spanning-tree
>  no cdp enable
> !
> interface Vlan1089
>  ip address 1.1.1.2 255.255.255.252
> !
>
>
> Any one seen before this type of issue. It would be much appreciated if i
> get any help asap.
> Is there any workaround if someone knows?
>
>
>
> Thanks & Regards,
> Ahsan Rasheed

As someone mentioned on the J-NSP list, you probably want to configured MUX-UNI:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-0SY/configuration/guide/15_0_sy_swcg/mpls.html#pgfId-1430355

In addition to that you can also force VC type to 5 from 4 which
supports tagged and untagged VLANs, the Juniper device will default to
4 and the Cisco device defaults to 5 unless the otherwise wants to
change, and the Juniper has suggested 4 so the Cisco changes to 4:

pseudowire-class EoMPLS-dot1q
 encapsulation mpls
 interworking ethernet


Also you could upgrade your Junos.

This part is not "the" problem you are seeing as the LSP is up and you
can see in the command output below packets are sent and received, but
it could be a problem:


> set interfaces xe-0/2/0 unit 0 family inet mtu 1546
...
> set interfaces ge-1/1/0 vlan-tagging
> set interfaces ge-1/1/0 mtu 1564
> set interfaces ge-1/1/0 unit 1089 encapsulation vlan-ccc
> set interfaces ge-1/1/0 unit 1089 vlan-id 1089
...
> Cisco 6503:
> Test#show mpls l2transport vc detail
...
>     MTU: local 1546, remote 1546
...
>     transit packet totals: receive 102, send 109
>     transit byte totals:   receive 7344, send 7376
>     transit packet drops:  receive 0, send 0

You have a larger MTU on the access circuit interface on your Juniper
than you have configured on the backhaul. Since this is a targeted LDP
(draft Martini) pseudowire, LDP won't come up unless the MTU matches
at both ends so at a guess, has that Juniper forced the LDP MTU down
to the size of the egress interface or is that a copy and paste
mistake on your part? If the former I would correct it.

You haven't said how you were configuring this on the Cisco 6524 but I
assume that is an ME6524 yeah? One point of note is that they use a
PFC3C inside, you said you have a Sup720 for the 6503/4 so I assume
SUP720-3B although you didn't mention what line cards you have and if
they are DFCs or CFCs etc. You probably need MUX-UNI here and/or a
software upgrade. It "probably" (speculation alert!) works on the
ME6524 because the PFC3C is recirculating the packet so it work out
the correct egress re-write info.

Cheers,
James.

More information about the cisco-nsp mailing list