[c-nsp] Emulating the L2 aspect of VPLS with VRF-lite

David Freedman david.freedman at uk.clara.net
Mon Apr 6 09:12:14 EDT 2009 

>  Thinking about it a bit more I decided that I could provide a L2
> service by making each of the MLPPP interfaces and the GigE sub-int
> unnumbered up to a common loopback.  Each customer WAN-facing interface
> would be addressed from a common subnet.  They should then also be able
> to directly communicate with one another across the loopback and
> establish routing adjacencies and/or build GRE tunnels with the hosts in
> that common connected route.

Not quite sure how next-hop address resolution would work here, if you
expend the subnet masks such that all devices exist on the same subnet,
you will need some kind of address resolution to work, for instance, the
CPE on the DS1s will need to have a connected route to the subnet, the
7200 will have to have static routes (or IPCP learnt) to each endpoint
on the DS1s and also some kind of ARP for the HQ site.

I would personally go for the L3 (VRF) solution as it is simplest to
manage and troubleshoot, I would imagine it has about the same overhead
on the router as any L2 solution you could come up with using this 7200,

If you really want to do L2, consider bridging (IRB, but v.cpu
intensive) or l2connect with interworking between the MLPPP bundles and
sub-sub interfaces of the GigE, (I would imagine you can do QinQ on this
right?) if not consider dropping the Ethernet component and going for a
straight DS3 with frame PVCs.

This design of course requires that all traffic passes through the HQ site.

Dave.


> 
> That's where I'm at right now.  I have 2 test routers with a DS1 bundle
> on each back to the 7200.  Each bundle is in the customer VRF.  I have
> another router doing Ethernet into a 4948 access switchport.  That
> unique VLAN gets trunked up to the 7200 on an on-board GigE interface.
> The corresponding sub-int on the 7200 is in the customer VRF and is
> unnumbered back to the dedicated customer loopback.  The only error I
> got in the process was when I did the unnumbered on the sub-int.
> 
> 003018: Apr  3 13:15:29 CDT: %OSPF-4-NO_IPADDRESS_ON_INT: No IP address
> for interface GigabitEthernet0/2.1001
> 
> That's just OSPF whining and shouldn't be a problem.  I set up OSPF on
> all WAN-facing interfaces on the CE lab routers.  For grins I also set
> up OSPF inside the VRF on the PE.  I can ping between the DS1 routers
> and the 7200.  However I can not ping the Ethernet CE router from
> anywhere.  I also can not establish OSPF adjacencies between any of the
> CEs or the PE.  Debugging the OSPF packets I see packets going out from
> the CEs but nothing coming in.  From the PE I see nothing at all.
> 
> Should this ip unnumbered design work?  Any idea what's dropping the
> OSPF packets along the way?
> 
> I'm working on the problem while typing this and I have an update on
> what I wrote above.  I now have OSPF adjacencies between the DS1 CPEs
> and the 7200.  It turns out I needed to put the MLPPP interface into the
> VRF as well even though the ip unnumbered interface as in the VRF
> already.  However this points out a problem.  I am unable to establish
> an adjacency between the DS1 CPEs.  The CPEs only claim to see OSPF
> packets from the 7200.  Is that normal?  I also just noticed that I can
> no longer ping between DS1 CPEs.  I'm not sure if this isn't being
> consistent or I should call it a day.
> 
> I should be able to do the VRF with the L3 hop in the middle if nothing
> else.  I'd rather that be my fall-back position though.  Any other
> suggestions on how to accomplish this would be much appreciated.  I'm
> sure there are other ways to do something similar.
> 
> Thanks
>  Justin
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list