[j-nsp] L2 VPNs configuration

[GAY Samuel]

Hi Eugeniu,

I see 2 mistake in your configuration :
- you use the same route-distinguisher on the pe-1 and pe-2
- the interface connected to ce-1 / ce-2 is configured with the unit 0. 
In Junos you have to use unit from 512 to 4095 to the ccc encapsulation.

Once you have change this said us if it's better.

Regards,
Samuel


Eugeniu Patrascu a écrit :
> Hi,
>
> I'm the process of learning MPLS and so far I figured out how L3 VPNs 
> work, but I got stuck on L2 VPNs.
> I have a lab that consists of 2 CE devices (in form of netscreen SSGs) 
> and 4 routers (2 of them as PE and two of them as P).
> the diagram is pretty stright forward:
>
> ce-1 --- pe-1 --- m7i-1 --- m7i-2 --- pe-2 --- ce-2
>
> PE routers are J4350 running JunOS 8.4R1.13 and the P routers are M7i 
> running JunOS 8.4R2.3.
> The CE are SSG20 and SSG5 both running ScreenOS 6 and their policy is to 
> allow anything.
>
> The IGP for the MPLS core is IS-IS and it's working OK for L3.
>
> On each of the PE routers I defined the following:
>
> On PE-1:
>
> root at pe-1> show configuration routing-instances VPN-B
> instance-type l2vpn;
> interface ge-0/0/1.0;
> route-distinguisher 65102:100;
> vrf-target target:65102:100;
> protocols {
>     l2vpn {
>         encapsulation-type ethernet;
>         site to-pe2 {
>             site-identifier 1;
>             interface ge-0/0/1.0;
>         }
>     }
> }
>
> root at pe-1> show configuration interfaces ge-0/0/1            
> encapsulation ethernet-ccc;
> unit 0 {
>     family ccc;
> }
>
> root at pe-1> show configuration protocols bgp
> group internal {
>     type internal;
>     local-address 172.16.201.1;
>     family inet-vpn {
>         unicast;
>     }
>     family l2vpn {
>         signaling;
>     }
>     local-as 65102;
>     neighbor 172.21.202.2;
> }
>
> and for PE-2:
>
> root at pe-2> show configuration routing-instances VPN-B
> instance-type l2vpn;
> interface ge-0/0/1.0;
> route-distinguisher 65102:100;
> vrf-target target:65102:100;
> protocols {
>     l2vpn {
>         encapsulation-type ethernet;
>         site to-pe1 {
>             site-identifier 2;
>             interface ge-0/0/1.0;
>         }
>     }
> }
>
> root at pe-2> show configuration interfaces ge-0/0/1 
> encapsulation ethernet-ccc;
> unit 0 {
>     family ccc;
> }
>
> root at pe-2> show configuration protocols bgp
> group internal {
>     type internal;
>     local-address 172.21.202.2;
>     family inet-vpn {
>         unicast;
>     }
>     family l2vpn {
>         signaling;
>     }
>     local-as 65102;
>     neighbor 172.16.201.1;
> }
>
> If I do a show l2vpn connections, it says that they are Up, as in the 
> following output:
>
> Instance: VPN-B
> Local site: to-pe2 (1)
>     connection-site           Type  St     Time last up          # Up trans
>     2                         rmt   Up     Nov  9 00:28:51 2007           1
>       Local interface: ge-0/0/1.0, Status: Up, Encapsulation: ETHERNET
>       Remote PE: 172.21.202.2, Negotiated control-word: Yes (Null)
>       Incoming label: 800007, Outgoing label: 800006
>
>
> On ce-1 I set the IP address of 192.168.20.1/24 and on ce-2 I set the IP 
> address of 192.168.20.2/24.
>
> As you might have guessed it, I cannot ping 192.168.20.2 from 192.168.20.1.
>
> The question is: what am I doing wrong here ?
>
> Thank you,
>
> Eugeniu Patrascu
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>