[c-nsp] VPLS : Loop avoidance

Wed Apr 8 14:06:22 EDT 2015

Hi Aaron,

Both interfaces configuration on the two asr have been provided on my first
email.

It's just an interface with some service instances configured with some
vfi.

In fact in my case,  the leafs are connected together via a layer2 network
(switches) and the the two leafs are connected to the root via a vfi.

Thanks for your advice.

Nick
 Le 8 avr. 2015 18:38, "Aaron" <aaron1 at gvtc.com> a écrit :

> I think split horizon loop avoidance is a default behavior for pw's under a
> vfi context.  So with that in mind , you should have no forwarding of
> frames
> between the (2) neighbor pw statements under the 6880's l2 vfi.  I believe
> that is treated like an etree service whereas the root of the tree is the
> interfaces bound to vlan 582 and the leafs of the etree are the pw's under
> the vfi.
>
> Root talks to leafs
> Leafs talk to root
> Roots talk to roots (roots being other non-vfi interfaces/pw's on this
> box.... such is h-vpls pw) - you may need to consider loop avoidance
> mechanism's there
> Leafs don't talk to leaf's - default shg behavior is I understand it
>
> So interestingly each vpls member I think is it's own etree.
>
> About this second interface you speak of, I might need to see that config
> in
> order to feel better about commenting on it.
>
> Aaron
>
>
> -----Original Message-----
> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> Nicolas KARP
> Sent: Wednesday, April 08, 2015 9:21 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] VPLS : Loop avoidance
>
> Hello,
>
> We are going to interconnect two of our datacenters.  In one datacenter we
> have a 6880-X configured with VSS and on the other hand, we have a pair of
> ASR 1001-X.
>
>  We would like to configure the VPLS and I have some questions about the
> redundancy and loop avoidance. You can find a diagram attached to my
> email..
>
>
> *6880 VSS : *
>
> *l2 vfi VPLS-VLAN-582 manual*
> * vpn id 582*
> * neighbor ASR-2 24 encapsulation mpls*
> * neighbor ASR-1 23 encapsulation mpls*
>
> *interface Vlan582*
> * mtu 9180*
> * no ip address*
> * xconnect vfi VPLS-VLAN-582*
>
>
> *ASR 1: *
>
> interface GigabitEthernet0/0/5
> service instance 100 ethernet
>   description VLAN582
>   encapsulation dot1q 582 exact
>   rewrite ingress tag pop 1 symmetric
>   bridge-domain 582
>  !
>
> l2 vfi VPLS-VLAN-582 manual
>  vpn id 582
>  bridge-domain 582
>  mtu 9180
>  neighbor VSS-6880 23 encapsulation mpls !
>
>
> *ASR 2 : *
>
> interface GigabitEthernet0/0/5
> service instance 100 ethernet
>   description VLAN582
>   encapsulation dot1q 582 exact
>   rewrite ingress tag pop 1 symmetric
>   bridge-domain 582
>  !
> l2 vfi VPLS-VLAN-582 manual
>  vpn id 582
>  bridge-domain 582
>  mtu 9180
>  neighbor VSS-6880 24 encapsulation mpls !
>
>
> At the moment, I've enabled one interface on the ASR-1 (g0/0/5), the g0/0/5
> on ASR-2 is still shut.  VPLS is working like a charm between the 6880 and
> ASR-1 but now I would like to activate the second interface on ASR-2 :-)
>
> I have some doubts about a loop in this case...
> I guess there should be no loop because the 6880 is configured with
> split-horizon but I just wanted to be sure that I will not break my network
> if I activate the second port.
>
> Can you please help me ?
>
> Thank you.
>
>
> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - - - - - - - - - - - - - - - -
> # - -   Nicolas KARP
> # - -   Network and Security Engineer
> # - -    Email : liste at karp.fr <nicolas at karp.fr>
> # - -    Linkedin :  http://www.linkedin.com/in/nicolaskarp
> # - -    Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
> <http://www.viadeo.com/fr/profile/nicolas.karp%20>
> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - - - - - - - - - - - - - - - -
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>