[j-nsp] L2VPN on LT interfaces
Nikolay Abromov
nabromov at gmail.com
Sat Jul 28 07:23:18 EDT 2012
Thank you Nicola! I can see the VC up and traffic that is going between
both CE's at the moment.
PE1
Instance: vpn-1
Local site: ceX_1 (1)
Number of local interfaces: 1
Number of local interfaces up: 1
lt-2/2/0.50 2
Label-base Offset Size Range Preference
800008 1 2 2 100
status-vector: 0
connection-site Type St Time last up # Up trans
2 rmt Up Jul 28 10:36:02 2012 1
Remote PE: 192.168.1.2, Negotiated control-word: Yes (Null)
Incoming label: 800009, Outgoing label: 800006
Local interface: lt-2/2/0.50, Status: Up, Encapsulation: ETHERNET
Connection History:
Jul 28 10:36:02 2012 status update timer
Jul 28 10:36:02 2012 PE route changed
Jul 28 10:36:02 2012 Out lbl Update 800006
Jul 28 10:36:02 2012 In lbl Update 800009
Jul 28 10:36:02 2012 loc intf up lt-2/2/0.50
Instance: vpn-1
Local site: ceX_2 (2)
Number of local interfaces: 1
Number of local interfaces up: 1
lt-2/2/0.52 1
Label-base Offset Size Range Preference
800006 1 2 1 100
status-vector: 0
connection-site Type St Time last up # Up trans
1 rmt Up Jul 28 10:36:02 2012 1
Remote PE: 192.168.1.1, Negotiated control-word: Yes (Null)
Incoming label: 800006, Outgoing label: 800009
Local interface: lt-2/2/0.52, Status: Up, Encapsulation: ETHERNET
Connection History:
Jul 28 10:36:02 2012 status update timer
Jul 28 10:36:02 2012 PE route changed
Jul 28 10:36:02 2012 Out lbl Update 800009
Jul 28 10:36:02 2012 In lbl Update 800006
Jul 28 10:36:02 2012 loc intf up lt-2/2/0.52
[edit logical-systems pe1 routing-instances vpn-1]
On Fri, Jul 27, 2012 at 1:09 PM, nicola modena <nicola at modena.to> wrote:
> Hi Nikolay
>
> The problem is that both ends are obtained on the same interface, and
> then have the same mac address.
> As a workaround add a static arp mapping on both end.
>
> Get the lt-2/2/0 interfaces mac address and insert into you
> configuration in this way:
>
> lt-2/2/0 {
> unit 50 {
> encapsulation vlan;
> /* vlan-id 1000; if you need it */
> peer-unit 52;
> family inet {
> address 10.0.10.1/24 {
> /* only on the same tunnel-pic the mac address
> is the same */
> arp 10.0.10.1 mac 00:AA:BB:CC:DD:EE;
> }
> }
> }
> }
>
> CE2
>
> lt-2/2/0 {
> unit 52 {
> encapsulation vlan;
> /* vlan-id 1000; if you need it */
> peer-unit 50;
> family inet {
> address 10.0.10.5/24 {
> arp 10.0.10.1 mac 00:AA:BB:CC:DD:EE;
> }
> }
> }
>
>
> hth
> nicola
>
>
> --
> Nicola Modena - CCIE #19119, JNCIE #986, CCSE
> Network & Security Engineer
>
>
> 2012/7/25 Nikolay Abromov <nabromov at gmail.com>:
> > Dear All,
> >
> > I have L2VPN between two PEs and I am using LT interfaces on logical
> > systems. Looks like the control plain operations are working
> > correctly,however, the forwarding plain doesn't seem to work. It could
> be
> > a bug or limitation of the LT interfaces. I will be glad if you can
> verify
> > that for me.
> >
> > CE1 interface facing PE1 is configured with 10.0.10.1 and CE2 interface
> > facing PE2 is confgured with 10.0.10.5.
> >
> > Thank you in advance.
> >
> >
> >
> >
> >
> > (topology)
> > CE1 - PE1 -- PE2 - CE2
> >
> >
> > NO* ARP* on the CE's.
> >
> >
> >
> > PE-CE interface
> > [edit logical-systems pe1 interfaces lt-2/2/0 unit 50]
> >
> > description to-ceX_1;
> > encapsulation ethernet-ccc;
> > peer-unit 51;
> >
> >
> > [edit logical-systems pe1 routing-instances vpn-1]
> > root at jnlab# show
> > instance-type l2vpn;
> > interface lt-2/2/0.50;
> > route-distinguisher 192.168.1.1:1;
> > vrf-target target:65512:1;
> > protocols {
> > l2vpn {
> > encapsulation-type ethernet;
> > site ceX_1 {
> > site-identifier 1;
> > interface lt-2/2/0.50 {
> > remote-site-id 3;
> > }
> > }
> > }
> > }
> >
> > [edit logical-systems pe1 routing-instances vpn-1]
> >
> >
> >
> >
> > [edit logical-systems pe2 interfaces lt-2/2/0 unit 52]
> >
> > encapsulation ethernet-ccc;
> > peer-unit 53;
> >
> > [edit logical-systems pe2 routing-instances vpn-1]
> > instance-type l2vpn;
> > interface lt-2/2/0.52;
> > route-distinguisher 192.168.1.2:1;
> > vrf-target target:65512:1;
> > protocols {
> > l2vpn {
> > encapsulation-type ethernet;
> > site ceX_2 {
> > site-identifier 3;
> > interface lt-2/2/0.52 {
> > remote-site-id 1;
> > }
> > }
> > }
> > }
> >
> > [edit logical-systems pe2 routing-instances vpn-1]
> >
> >
> > show bgp summary on pe1
> > 192.168.1.2 65512 3319 3305 0 2 1d
> > 0:50:52 Establ
> > inet.0: 2/2/2/0
> > bgp.l3vpn.0: 6/6/6/0
> > vpn-1.l2vpn.0: 1/1/1/0
> > bgp.l2vpn.0: 1/1/1/0
> >
> >
> >
> > show bgp summary on pe2
> > 192.168.1.1 65512 3307 3318 0 0 1d
> > 0:51:11 Establ
> > inet.0: 2/2/2/0
> > bgp.l3vpn.0: 6/6/6/0
> > bgp.l2vpn.0: 1/1/1/0
> > vpn-1.l2vpn.0: 1/1/1/0
> >
> >
> >
> >
> > root at jnlab# run show l2vpn connections extensive logical-system pe1
> > Layer-2 VPN connections:
> >
> >
> > Instance: vpn-1
> > Local site: ceX_1 (1)
> > Number of local interfaces: 1
> > Number of local interfaces up: 1
> > lt-2/2/0.50 3
> > Label-base Offset Size Range Preference
> > 800002 3 2 1 100
> > status-vector: 0
> > connection-site Type St Time last up # Up
> trans
> > 3 rmt Up Jul 25 09:11:10 2012
> 1
> > Remote PE: 192.168.1.2, Negotiated control-word: Yes (Null)
> > Incoming label: 800002, Outgoing label: 800002
> > Local interface: lt-2/2/0.50, Status: Up, Encapsulation: ETHERNET
> > Connection History:
> > Jul 25 09:11:10 2012 status update timer
> > Jul 25 09:11:09 2012 PE route changed
> > Jul 25 09:11:09 2012 Out lbl Update 800002
> > Jul 25 09:11:09 2012 In lbl Update 800002
> > Jul 25 09:11:09 2012 loc intf up lt-2/2/0.50
> >
> > [edit logical-systems pe2 interfaces lt-2/2/0 unit 52]
> >
> > root at jnlab# run show l2vpn connections extensive logical-system pe2
> > Layer-2 VPN connections:
> >
> > Instance: vpn-1
> > Local site: ceX_2 (3)
> > Number of local interfaces: 1
> > Number of local interfaces up: 1
> > lt-2/2/0.52 1
> > Label-base Offset Size Range Preference
> > 800002 1 2 1 100
> > status-vector: 0
> > connection-site Type St Time last up # Up
> trans
> > 1 rmt Up Jul 25 09:11:10 2012
> 1
> > Remote PE: 192.168.1.1, Negotiated control-word: Yes (Null)
> > Incoming label: 800002, Outgoing label: 800002
> > Local interface: lt-2/2/0.52, Status: Up, Encapsulation: ETHERNET
> > Connection History:
> > Jul 25 09:11:10 2012 status update timer
> > Jul 25 09:11:10 2012 PE route changed
> > Jul 25 09:11:10 2012 Out lbl Update 800002
> > Jul 25 09:11:10 2012 In lbl Update 800002
> > Jul 25 09:11:10 2012 loc intf up lt-2/2/0.52
> >
> > [edit logical-systems pe2 interfaces lt-2/2/0 unit 52]
> >
> >
> >
> > root at jnlab# run show route table inet.3 logical-system pe1
> >
> > inet.3: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
> > + = Active Route, - = Last Active, * = Both
> >
> > 192.168.1.2/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.210.2 via lt-2/2/0.7, Push 301232
> > to 172.22.211.2 via lt-2/2/0.11, Push 301424
> > 192.168.5.1/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.210.2 via lt-2/2/0.7
> > 192.168.5.2/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.210.2 via lt-2/2/0.7, Push 301152
> > 192.168.5.3/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.210.2 via lt-2/2/0.7, Push 301200
> > 192.168.5.4/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.211.2 via lt-2/2/0.11
> > 192.168.5.5/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.211.2 via lt-2/2/0.11, Push 301376
> > 192.168.5.6/32 *[LDP/6] 01:11:58, metric 1
> > > to 172.22.211.2 via lt-2/2/0.11, Push 301392
> >
> > [edit logical-systems pe2 interfaces lt-2/2/0 unit 52]
> > root at jnlab# run show route table inet.3 logical-system pe2
> >
> > inet.3: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
> > + = Active Route, - = Last Active, * = Both
> >
> > 192.168.1.1/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.222.2 via lt-2/2/0.33, Push 301600
> > to 172.22.223.2 via lt-2/2/0.37, Push 301648
> > 192.168.5.1/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.222.2 via lt-2/2/0.33, Push 301584
> > 192.168.5.2/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.222.2 via lt-2/2/0.33, Push 301568
> > 192.168.5.3/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.222.2 via lt-2/2/0.33
> > 192.168.5.4/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.223.2 via lt-2/2/0.37, Push 301632
> > 192.168.5.5/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.223.2 via lt-2/2/0.37, Push 301584
> > 192.168.5.6/32 *[LDP/9] 01:11:59, metric 1
> > > to 172.22.223.2 via lt-2/2/0.37
> >
> > [edit logical-systems pe2 interfaces lt-2/2/0 unit 52]
> >
> >
> > Model: m120
> > JUNOS Base OS boot [11.4R3.7]
> > JUNOS Base OS Software Suite [11.4R3.7]
> > JUNOS Kernel Software Suite [11.4R3.7]
> > JUNOS Crypto Software Suite [11.4R3.7]
> > JUNOS Packet Forwarding Engine Support (M/T Common) [11.4R3.7]
> > JUNOS Packet Forwarding Engine Support (M120) [11.4R3.7]
> > JUNOS Online Documentation [11.4R3.7]
> > JUNOS Voice Services Container package [11.4R3.7]
> > JUNOS Border Gateway Function package [11.4R3.7]
> > JUNOS Services AACL Container package [11.4R3.7]
> > JUNOS Services LL-PDF Container package [11.4R3.7]
> > JUNOS Services PTSP Container package [11.4R3.7]
> > JUNOS Services Stateful Firewall [11.4R3.7]
> > JUNOS Services NAT [11.4R3.7]
> > JUNOS Services Application Level Gateways [11.4R3.7]
> > JUNOS Services Captive Portal and Content Delivery Container package
> > [11.4R3.7]
> > JUNOS Services RPM [11.4R3.7]
> > JUNOS Services HTTP Content Management package [11.4R3.7]
> > JUNOS AppId Services [11.4R3.7]
> > JUNOS IDP Services [11.4R3.7]
> > JUNOS Services Crypto [11.4R3.7]
> > JUNOS Services SSL [11.4R3.7]
> > JUNOS Services IPSec [11.4R3.7]
> > JUNOS Runtime Software Suite [11.4R3.7]
> > JUNOS Routing Software Suite [11.4R3.7]
> >
> >
> >
> > ----
> > Best Regards,
> > Nikolay Abromov
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Nikolay Abromov
Mobile +44(0)7414678017
More information about the juniper-nsp
mailing list