[j-nsp] L3VPN and VPLS units on same physical IQ2 PIC port

David Ball davidtball at gmail.com
Fri Nov 9 09:51:05 EST 2007 

  Hi Peter.   The customer doesn't plug directly into an IP interface.
 They must first traverse a layer 2 network, and eventually cross a
shared q-in-q trunk where it's imperative that VLANs are unique per
customer (which we have to manage, to ensure VLANs are unique).
Return traffic must be tagged with the correct VLAN prior to sending
back across the Q-in-Q trunk to ensure it ends up going to the correct
endpoint via the right VLAN.  I suppose the 'pop' on input to the
Juniper might not be absolutely necessary, but the 'push' is required
when leaving the Juniper to traverse the Q-in-Q trunk.

David


On 08/11/2007, Peter Van Oene <pvanoene at juniper.net> wrote:
> Hi David,
>
> VLAN operations are not designed for IP interfaces.  I'm not sure
> exactly why you need to manipulate the layer two header for a layer
> three interface?
>
> Pete
>
> > -----Original Message-----
> > From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> > bounces at puck.nether.net] On Behalf Of David Ball
> > Sent: Thursday, November 08, 2007 11:51 AM
> > To: juniper-nsp at puck.nether.net
> > Subject: [j-nsp] L3VPN and VPLS units on same physical IQ2 PIC port
> >
> >   I have a T640 wit an 8-port IQ2 Gig PIC running 8.2R1.7.  One port
> > on this PIC is a Q-in-Q trunk to a Nortel switch transporting traffic
> > for various customers (hence the Q-in-Q).  Thus far, all customers on
> > said trunk have been VPLS customers.
> >   I'm now trying to add an L3VPN/VRF customer interface to the trunk
> > but am running into problems. Config is shown below.  The Nortel
> > switch has to q-in-q the traffic for transmission across the trunk,
> > but we them immediately want to pop the outer tag upon receipt at the
> > Juniper interface, at which point they're dumped into their VRF (it's
> > layer2 across the Nortel network).  Similarly, when sending from
> > Juniper to Nortel, we'll need to push a tag.  I can't seem to use the
> > (input|output)-vlan-map statements though, as they require vlan-ccc,
> > extended-vlan-ccc, vlan-vpls or extended-vlan-vpls encapsulations
> > (none of which will work for L3VPN afaik).
> >   I really feel like I'm missing something, or doing something dumb.
> > I'm going to blame it on being sleep deprived due to having a newborn,
> > but any help you can provide would be stellar.
> >
> >
> > david at router# show interfaces ge-7/0/5
> > description "Q-in-Q trunk to Nortel switch"
> > flexible-vlan-tagging;
> > encapsulation flexible-ethernet-services;
> > unit 100 {
> >     encapsulation vlan-vpls;
> >     vlan-id 100;
> >     input-vlan-map pop;
> >     output-vlan-map push;
> >     family vpls;
> > }
> > unit 789 {
> >     vlan-id 789;
> >     input-vlan-map pop;
> >     output-vlan-map push;
> >     family inet {
> >         address 172.16.1.1/24;
> >     }
> > }
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list