[c-nsp] VPLS : Loop avoidance

Aaron aaron1 at gvtc.com
Wed Apr 8 12:38:49 EDT 2015 

I think split horizon loop avoidance is a default behavior for pw's under a
vfi context.  So with that in mind , you should have no forwarding of frames
between the (2) neighbor pw statements under the 6880's l2 vfi.  I believe
that is treated like an etree service whereas the root of the tree is the
interfaces bound to vlan 582 and the leafs of the etree are the pw's under
the vfi.  

Root talks to leafs
Leafs talk to root
Roots talk to roots (roots being other non-vfi interfaces/pw's on this
box.... such is h-vpls pw) - you may need to consider loop avoidance
mechanism's there
Leafs don't talk to leaf's - default shg behavior is I understand it

So interestingly each vpls member I think is it's own etree.

About this second interface you speak of, I might need to see that config in
order to feel better about commenting on it.

Aaron


-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
Nicolas KARP
Sent: Wednesday, April 08, 2015 9:21 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] VPLS : Loop avoidance

Hello,

We are going to interconnect two of our datacenters.  In one datacenter we
have a 6880-X configured with VSS and on the other hand, we have a pair of
ASR 1001-X.

 We would like to configure the VPLS and I have some questions about the
redundancy and loop avoidance. You can find a diagram attached to my email..


*6880 VSS : *

*l2 vfi VPLS-VLAN-582 manual*
* vpn id 582*
* neighbor ASR-2 24 encapsulation mpls*
* neighbor ASR-1 23 encapsulation mpls*

*interface Vlan582*
* mtu 9180*
* no ip address*
* xconnect vfi VPLS-VLAN-582*


*ASR 1: *

interface GigabitEthernet0/0/5
service instance 100 ethernet
  description VLAN582
  encapsulation dot1q 582 exact
  rewrite ingress tag pop 1 symmetric
  bridge-domain 582
 !

l2 vfi VPLS-VLAN-582 manual
 vpn id 582
 bridge-domain 582
 mtu 9180
 neighbor VSS-6880 23 encapsulation mpls !


*ASR 2 : *

interface GigabitEthernet0/0/5
service instance 100 ethernet
  description VLAN582
  encapsulation dot1q 582 exact
  rewrite ingress tag pop 1 symmetric
  bridge-domain 582
 !
l2 vfi VPLS-VLAN-582 manual
 vpn id 582
 bridge-domain 582
 mtu 9180
 neighbor VSS-6880 24 encapsulation mpls !


At the moment, I've enabled one interface on the ASR-1 (g0/0/5), the g0/0/5
on ASR-2 is still shut.  VPLS is working like a charm between the 6880 and
ASR-1 but now I would like to activate the second interface on ASR-2 :-)

I have some doubts about a loop in this case...
I guess there should be no loop because the 6880 is configured with
split-horizon but I just wanted to be sure that I will not break my network
if I activate the second port.

Can you please help me ?

Thank you.


# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
# - -   Nicolas KARP
# - -   Network and Security Engineer
# - -    Email : liste at karp.fr <nicolas at karp.fr>
# - -    Linkedin :  http://www.linkedin.com/in/nicolaskarp
# - -    Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
<http://www.viadeo.com/fr/profile/nicolas.karp%20>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list