[c-nsp] ASR 1K : EFP / XCONNECT / BDI
Nicolas KARP
liste at karp.fr
Thu Dec 4 17:51:34 EST 2014
Hi Adam, all,
I have now an issue when i configure a second xconnect under an efp. The
idea is to create several xconnect between an ASR and a ISR 2801 to
xconnect some vlans between the 2 platforms. As soon as I configure the 2nd
xconnect and as soon as it comes UP, the trafic associated with the EVC is
not going through.. In fact, all EVC under the interface g0/0/4 stop
working...
BDI4096
BDI4093
ASR 1001x <---- xconnect MPLS ---> 2801
| |
| |
switch switch
vlan 4094 vlan 4094
vlan 4093 vlan 4093
vlan 4092 vlan 4092
Here is the config of the 1001x :
interface GigabitEthernet0/0/4
mtu 1530
no ip address
load-interval 30
negotiation auto
service instance 4092 ethernet
encapsulation dot1q 4092 exact
rewrite ingress tag pop 1 symmetric
xconnect 2.2.2.2 12 encapsulation mpls
!
service instance 4093 ethernet
encapsulation dot1q 4093 exact
rewrite ingress tag pop 1 symmetric
bridge-domain 4093
!
service instance 4094 ethernet
encapsulation dot1q 4094
rewrite ingress tag pop 1 symmetric
bridge-domain 4096
!
end
l2 vfi TEST2 manual (it's working when the service instance 4092 is not
configured)
vpn id 258
bridge-domain 4093
mtu 1530
neighbor 81.23.32.79 11 encapsulation mpls
!
interface BDI4093
mtu 1530
ip vrf forwarding TEST2
ip address 172.31.0.253 255.255.255.0
standby 1 ip 172.31.0.254
standby 1 priority 110
standby 1 preempt delay minimum 60
end
interface BDI4096
ip vrf forwarding TEST
ip address 10.84.6.2 255.255.255.0
standby 1 ip 10.84.6.1
standby 1 priority 110
standby 1 preempt delay minimum 60
end
and the config on the 2801 :
interface FastEthernet0/1.4092
encapsulation dot1Q 4092
no cdp enable
xconnect 1.1.1.1 12 encapsulation mpls
end
interface FastEthernet0/1.4093
encapsulation dot1Q 4093
no cdp enable
xconnect 1.1.1.1 11 encapsulation mpls
end
bridge domain when it works :
RTI-MPLS-SAB-01#show bridge-domain 4093
Bridge-domain 4093 (3 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
BDI4093 (up)
GigabitEthernet0/0/4 service instance 4093
vfi OCTEY neighbor 81.23.32.79 11
AED MAC address Policy Tag Age Pseudoport
0 0024.E84F.9A87 forward dynamic 292 GigabitEthernet0/0/4.EFP4093
- 881D.FCD4.293F to_bdi static 0 BDI4093
0 0022.195F.166B forward dynamic 279 GigabitEthernet0/0/4.EFP4093
1 FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0x2edad820
- 0000.0C07.AC01 to_bdi static 0 BDI4093
0 001B.213F.EDA8 forward dynamic 286 GigabitEthernet0/0/4.EFP4093
and when there is an issue :
RTI-MPLS-SAB-01#show bridge-domain 4096
Bridge-domain 4096 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
BDI4096 (up)
GigabitEthernet0/0/4 service instance 4094
AED MAC address Policy Tag Age Pseudoport
- 881D.FCD4.293F to_bdi static 0 BDI4096
1 FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0x2edad810
- 0000.0C07.AC01 to_bdi static 0 BDI4096
The mac address of the switch behind the ASR disappeared... Not too sure
why... If i remove the xconnect under the service instance 4092, it still
doesn't work. I have to remove the xconnect and do a shut/no shut on the
physical port...
Do you know what is happening ?
Thank you.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
# - - Nicolas KARP
# - - Network and Security Engineer
# - - Email : liste at karp.fr <nicolas at karp.fr>
# - - Linkedin : http://www.linkedin.com/in/nicolaskarp
# - - Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
<http://www.viadeo.com/fr/profile/nicolas.karp%20>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
2014-12-03 15:54 GMT+01:00 Nicolas KARP <liste at karp.fr>:
> That's the point !! I modified the mtu under the bdi interface and i had
> to modify the mu under the l2 vfi interface in order to get it funtionnal.
>
> Thanks for the help.
>
> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - - - - - - - - - - - - - - - - -
> # - - Nicolas KARP
> # - - Network and Security Engineer
> # - - Email : liste at karp.fr <nicolas at karp.fr>
> # - - Linkedin : http://www.linkedin.com/in/nicolaskarp
> # - - Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
> <http://www.viadeo.com/fr/profile/nicolas.karp%20>
> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - - - - - - - - - - - - - - - - -
>
>
>
> 2014-12-03 13:13 GMT+01:00 Vitkovský Adam <adam.vitkovsky at swan.sk>:
>
>> Does the MTU match on both ends please?
>>
>> You can see the MTU on both ends in the output of the cmd “sh mpls l2 vc
>> det”
>>
>>
>>
>> adam
>>
>>
>>
>> *From:* nicolas at karp.fr [mailto:nicolas at karp.fr] *On Behalf Of *Nicolas
>> KARP
>> *Sent:* Wednesday, December 03, 2014 12:29 PM
>> *To:* Vitkovský Adam
>> *Cc:* cisco-nsp at puck.nether.net
>> *Subject:* Re: [c-nsp] ASR 1K : EFP / XCONNECT / BDI
>>
>>
>>
>> I've found another thread where you were talking about router pw on an
>> ASR1k.
>>
>>
>>
>> He is the config i've done so far :
>>
>>
>>
>> *ASR 1001X : *
>>
>>
>>
>> l2 vfi TEST2 manual
>>
>> vpn id 258
>>
>> bridge-domain 4093
>>
>> neighbor 2.2.2.2 11 encapsulation mpls
>>
>>
>>
>> interface BDI4093
>>
>> mtu 1530
>>
>> ip vrf forwarding TEST2
>>
>> ip address 172.31.0.253 255.255.255.0
>>
>> standby 1 ip 172.31.0.254
>>
>> standby 1 priority 110
>>
>> standby 1 preempt delay minimum 60
>>
>> end
>>
>>
>>
>> interface GigabitEthernet0/0/4
>>
>> no ip address
>>
>> load-interval 30
>>
>> negotiation auto
>>
>> service instance 4093 ethernet
>>
>> encapsulation dot1q 4093 exact
>>
>> rewrite ingress tag pop 1 symmetric
>>
>> bridge-domain 4093
>>
>> !
>>
>>
>>
>>
>>
>> *ISR 2801 : *
>>
>>
>>
>> interface FastEthernet0/1.4093
>>
>> encapsulation dot1Q 4093
>>
>> no cdp enable
>>
>> xconnect 1.1.1.1 11 encapsulation mpls
>>
>>
>>
>>
>>
>> //
>>
>>
>>
>> For some reason the xconnect is not coming up...
>>
>>
>>
>>
>>
>> RTI-MPLS-SAB-01#sh xconnect all
>>
>> DN pri vfi OCTEY UP mpls 2.2.2.2:11
>> DN
>>
>> UP pri bd 4093 UP vfi TEST2
>> UP
>>
>>
>>
>>
>>
>> Thanks for your help.
>>
>>
>>
>>
>> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - - - - - - - - - -
>> # - - Nicolas KARP
>> # - - Network and Security Engineer
>> # - - Email : liste at karp.fr <nicolas at karp.fr>
>> # - - Linkedin : http://www.linkedin.com/in/nicolaskarp
>> # - - Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
>> <http://www.viadeo.com/fr/profile/nicolas.karp%20>
>> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - - - - - - - -
>>
>>
>>
>> 2014-12-03 11:14 GMT+01:00 Nicolas KARP <liste at karp.fr>:
>>
>> Hi Adam,
>>
>>
>>
>> I don't have the xconnect command under the bdi interface :
>>
>>
>>
>> RTI-MPLS-SAB-01(config)#interface BDI4093
>>
>> RTI-MPLS-SAB-01(config-if)#xconnect ?
>>
>> % Unrecognized command
>>
>>
>>
>> I'm using ASR1001X , ves 03.13.01.S
>>
>>
>>
>>
>>
>> Any thought ?
>>
>>
>>
>>
>>
>>
>> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - - - - - - - - - -
>> # - - Nicolas KARP
>> # - - Network and Security Engineer
>> # - - Email : liste at karp.fr <nicolas at karp.fr>
>> # - - Linkedin : http://www.linkedin.com/in/nicolaskarp
>> # - - Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
>> <http://www.viadeo.com/fr/profile/nicolas.karp%20>
>> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - - - - - - - -
>>
>>
>>
>> 2014-12-03 10:21 GMT+01:00 Vitkovský Adam <adam.vitkovsky at swan.sk>:
>>
>> Hi Nicolas,
>>
>> This is the config for mixing EFPs and PWs in a common BD + IP interface
>> for the BD.
>> Manual hub and spoke type of configuration with IP address + VFR at the
>> hub location.
>>
>> interface TenGigabitEthernet0/3
>> mtu 9000
>> service instance 8000 ethernet
>> description CUSTOMER-B
>> encapsulation dot1q 20,30,40
>> rewrite ingress tag pop 1 symmetric
>> bridge-domain 8000
>>
>> interface BDI8000
>> mtu 9000
>> vrf CUST-B
>> ip add 192.0.2.1 255.255.255.0
>> xconnect vfi CUST-B-BD
>>
>> l2 vfi CUST-B-BD manual
>> vpn id 1
>> neighbor 10.0.1.3 100 encapsulation mpls
>> neighbor 10.0.1.4 200 encapsulation mpls
>> neighbor 10.0.1.5 300 encapsulation mpls
>>
>> Spokes would have just EFPs with xconnect.
>>
>>
>> adam
>> > -----Original Message-----
>> > From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
>> > Nicolas KARP
>> > Sent: Tuesday, December 02, 2014 6:03 PM
>> > To: cisco-nsp at puck.nether.net
>> > Subject: [c-nsp] ASR 1K : EFP / XCONNECT / BDI
>> >
>> > Hi,
>> >
>> > I need to interconnect 2 platforms on 2 different datacenters.
>> >
>> > The idea is to create several EFPs on each PE (one at each side) and
>> create a
>> > default xconnect pw in order to encapsulate the layer2 traffic over our
>> MPLS
>> > network. I also have some layer 3 interfaces for different vlans which
>> need to
>> > be used on both datacenters :
>> >
>> >
>> > *PE1 : (same config on PE2, except for the BDI interface)*
>> >
>> >
>> > *interface GigabitEthernet0/0/4*
>> > * no ip address*
>> > * load-interval 30*
>> > * negotiation auto*
>> >
>> > *## default XCONNECT to DC2*
>> > * service instance 1 ethernet*
>> > * encapsulation default*
>> > * xconnect 1.1.1.1 9999 encapsulation mpls pw-class EOMPLS-ETH-TO-VLAN*
>> > * !*
>> >
>> > *## Layer 3 interface via BDI*
>> > * service instance 4093 ethernet*
>> > * encapsulation dot1q 4093 exact*
>> > * rewrite ingress tag pop 1 symmetric*
>> > * bridge-domain 4093*
>> > * !*
>> >
>> > *interface BDI4093*
>> > * ip vrf forwarding TEST2*
>> > * ip address 172.31.0.253 255.255.255.0*
>> > * standby 1 ip 172.31.0.254*
>> > * standby 1 priority 110*
>> > * standby 1 preempt delay minimum 60*
>> > *end*
>> >
>> > *--> I'm missing a xconnect for the vlan 4093...*
>> >
>> >
>> > How can I create a layer3 interface and run a xconnect on the same EFP ?
>> > The idea would be to use the same vlans at both locations and terminate
>> the
>> > Layer3 on a BDI interface in Datacenter1.
>> >
>> > Do you think it's possible ?
>> > I'm not too sure if i'm really clear. Don't hesitate to ask me if you
>> have any
>> > questions :)
>> >
>> > Many Thanks for your help !
>> >
>> > # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - -
>> > - - - - - - - - - - - - - - - - - - -
>> > # - - Nicolas KARP
>> > # - - Network and Security Engineer
>> > # - - Email : liste at karp.fr <nicolas at karp.fr>
>> > # - - Linkedin : http://www.linkedin.com/in/nicolaskarp
>> > # - - Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
>> > <http://www.viadeo.com/fr/profile/nicolas.karp%20>
>> > # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - -
>> > - - - - - - - - - - - - - - - - - - -
>> > _______________________________________________
>> > cisco-nsp mailing list cisco-nsp at puck.nether.net
>> > https://puck.nether.net/mailman/listinfo/cisco-nsp
>> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
>>
>>
>>
>
>
More information about the cisco-nsp
mailing list