[c-nsp] Help needed regarding the Eompls tunnel in Juniper & Cisco
Emille Blanc
emille at abccommunications.com
Thu Dec 1 19:56:46 EST 2016
You are describing something I ran into last week when I did some testing with Juniper ACX1100 and SRX300's, and a Cisco 7301 in our lab. I realize that the 7301 is a far cry from a 6500, but perhaps the anecdote will help.
A Cisco 7301 was our P router in the lab, and had LDP propagation problems when the Cisco was using dot1q interfaces to talk to the Junipers. Ie;
EX2200 <-> Juniper SRX300 <-dot1q-> Cisco 7301 <-dot1q-> Juniper ACX1100 <-> EX2200
The only measurable symptom - other than the l2circuit didn't function - was that the LDP tables on the Junipers were not showing -any- labels from the Cisco.
Moving the Cisco config to the parent interface, or the native/untagged interface solved that issue, but was not acceptable for our production environment.
However - the exact same config using dot1q interfaces worked fine when I replaced the Cisco 7301 with a Cisco ASR920. I never got to the bottom of "why", nor did I investigate further as the 7301's are long EOS/EOL.
Your l2circuit appears to be up however, whereas ours would not owing to the missing labels.
The config snippets you provided look sane - to my tired eyes at least.
Our ACX1100 was tested fine with both 16.1R3.10, and 12.3X54-D27.1, and were using OSPF martini - no BGP/Kompella.
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ahsan Rasheed
Sent: December-01-16 4:13 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Help needed regarding the Eompls tunnel in Juniper & Cisco
Hi All,
We are having some serious issue with one customer circuit.We are using
eompls vlan based & we are unable to pass traffic over eompls (l2)tunnel
between Cisco 3550 switches if we use specifically Cisco 6503 ,Cisco 6504 &
6506 etc. If we use Cisco switch 6524 instead of Cisco 6503 it is working.
{(Cisco 3550 switch)--->(Cisco 6524)---->(Juniper ACX 4000)---->(Cisco
3550) }-->This setup is working.I am able to pass traffic end to end
between Cisco 3550's.
{(Cisco 3550 switch1)--->(Cisco 6503 or Cisco 6506))---->(Juniper ACX
4000)---->(Cisco 3550 switch2) }-->This setup is not working.
Cisco 3550 switch1 vlan 1089(1.1.1.1/30)---trunk----->sub interface eompls
vlan 1089(Cisco 6503)----->(ACX 4000)terminating tunnel on sub interface
vlan 1089----->Cisco 3550 switch2-trunk-vlan 1089(1.1.1.2/30)
We are using bgp & ospf between Cisco 6503 & Juniper ACX 4000. Vlan 1089
as svi we are using on Cisco 3550 switch1 and allowing vlan 1089 as trunk
connecting back to Cisco 6503,eompls vlan 1089 tunnel is configured on sub
int on 6503 facing Cisco 3550 switch 1.Cisco 6503 is connected with juniper
ACX 4000 & running bgp & ospf between each other.On ACX 4000 juniper eompls
vlan based tunnel is terminating on sub interface facing Cisco 3550 switch
2. With Sup720 I was unable to pass traffic over tunnels although l2 eompls
tunnel 1089 is up on both (Cisco 6503 & Juniper). See below.
Below are the outputs & commands which i was running.
ACX 4000 Juniper:
chi> show l2circuit connections
Layer-2 Circuit Connections:
Neighbor: 63.250.238.225
Interface Type St Time last up # Up trans
ge-1/1/0.1089(vc 1089) rmt Up Jan 2 12:45:23 2010 1
Remote PE: 63.250.238.225, Negotiated control-word: No
Incoming label: 299776, Outgoing label: 19
Negotiated PW status TLV: No
Local interface: ge-1/1/0.1089, Status: Up, Encapsulation: VLAN
chi> show ospf neighbor
Address Interface State ID Pri Dead
10.252.0.85 xe-0/2/0.0 Full 63.250.238.225 1 39
chi> show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State
Pending
inet.0
15 13 0 0
0 0
Peer AS InPkt OutPkt OutQ Flaps Last
Up/Dwn State|#Active/Received/Accepted/Damped...
63.250.238.225 30373 179 200 0 0
1:21:40 13/15/15/0 0/0/0/0
show ldp neighbor
Address Interface Label space ID Hold time
63.250.238.225 lo0.0 63.250.238.225:0 40
63.250.250.219 lo0.0 0.0.0.0:0 0
10.252.0.85 xe-0/2/0.0 63.250.238.225:0 11
set interfaces xe-0/2/0 mtu 9192
set interfaces xe-0/2/0 unit 0 bandwidth 10g
set interfaces xe-0/2/0 unit 0 family inet mtu 1546
set interfaces xe-0/2/0 unit 0 family inet address 10.252.0.86/30
set interfaces xe-0/2/0 unit 0 family mpls
set interfaces ge-1/1/0 vlan-tagging
set interfaces ge-1/1/0 mtu 1564
set interfaces ge-1/1/0 media-type copper
set interfaces ge-1/1/0 encapsulation flexible-ethernet-services
set interfaces ge-1/1/0 unit 0 vlan-id 2062
set interfaces ge-1/1/0 unit 0 family inet address 10.254.62.9/29 primary
set interfaces ge-1/1/0 unit 0 family inet address 63.250.226.153/30
set interfaces ge-1/1/0 unit 1089 encapsulation vlan-ccc
set interfaces ge-1/1/0 unit 1089 vlan-id 1089
set protocols mpls interface xe-0/2/0.0
set protocols ospf area 0.0.0.0 interface lo0.0
set protocols ospf area 0.0.0.0 interface xe-0/2/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface xe-0/2/0.0 authentication md5 1
key "$9$a9JUHf5F6CuZU9puOSyX7-wgJDikqP5ZGtu1IcS"
set protocols ldp interface xe-0/2/0.0 allow-subnet-mismatch
set protocols ldp interface lo0.0
set protocols l2circuit neighbor 63.250.238.225 interface ge-1/1/0.1089
virtual-circuit-id 1089
ACX 4000 i am using Junos:jinstall-ppc-12.3X54-D27.1-domestic-signed.tgz
Cisco 6503:
Test#show mpls l2transport vc detail
Local interface: Gi2/2.1089 up, line protocol up, Eth VLAN 1089 up
Destination address: 63.250.250.225, VC ID: 1089, VC status: up
Output interface: Gi2/1, imposed label stack {299776}
Preferred path: not configured
Default path: active
Next hop: 10.252.0.86
Load Balance: none
Flow Label: Disabled
Create time: 00:05:52, last status change time: 00:03:30
Signaling protocol: LDP, peer 63.250.250.225:0 up
Targeted Hello: 63.250.238.225(LDP Id) -> 63.250.250.225, LDP is UP
Status TLV support (local/remote) : enabled/not supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last local SSS circuit status rcvd: No fault
Last local SSS circuit status sent: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: Not sent
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 20, remote 299776
Group ID: local 0, remote 0
MTU: local 1546, remote 1546
Remote interface description:
Remote VLAN id: 1089
Sequencing: receive disabled, send disabled
Control Word: Off (configured: autosense)
VC statistics:
transit packet totals: receive 102, send 109
transit byte totals: receive 7344, send 7376
transit packet drops: receive 0, send 0
!
interface GigabitEthernet2/2.1089
encapsulation dot1Q 1089
xconnect 63.250.250.225 1089 encapsulation mpls
!
interface GigabitEthernet2/2
mtu 1546
ip address 10.0.59.1 255.255.255.252
!
interface GigabitEthernet2/1
mtu 1546
ip address 10.252.0.85 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 020E01490E151B28431D594A5244
ip ospf network point-to-point
logging event link-status
logging event spanning-tree status
mpls ip
no cdp enable
On Cisco 6503 i am using this
IOS:s72033-advipservicesk9_wan-mz.122-33.SXJ6.bin
Cisco 3550 swicth1(Output):
interface GigabitEthernet0/11
description facing-Cisco6503
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,1089
switchport mode trunk
logging event spanning-tree
no cdp enable
!
interface Vlan1089
ip address 1.1.1.1 255.255.255.252
Cisco 3550 swicth2(Output):
interface GigabitEthernet0/11
description facing-Juniper-ACX400
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,1089
switchport mode trunk
logging event spanning-tree
no cdp enable
!
interface Vlan1089
ip address 1.1.1.2 255.255.255.252
!
Any one seen before this type of issue. It would be much appreciated if i
get any help asap.
Is there any workaround if someone knows?
Thanks & Regards,
Ahsan Rasheed
<https://puck.nether.net/mailman/listinfo/juniper-nsp>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list