[j-nsp] VPLS Frustrations (Juniper - Cisco)

Ben Boyd ben at sinatranetwork.com
Tue Mar 27 10:33:18 EDT 2012 

The CE's can tag or not tag, they want freedom to do whatever they wish.

There is no BGP.  It's all LDP signaled.  That's why an L2VPN isn't possible and VPLS is our only way.


I'm trying to accomplish Q-in-Q or more exactly "possiblyQ-in-Q". 

JTAC thinks this is a bug as the Juniper is sending STP traffic and tagging correctly, but it isn't decapsulating the STP traffic coming back.



-----------------------------------
Ben Boyd
ben at sinatranetwork.com
http://about.me/benboyd




On Mar 22, 2012, at 4:48 PM, Keegan Holley wrote:

> Try changing your encapsulation to flexible ethernet services.  It's been a while since I set this up from scratch, but I've never seen a vpls neighbor defined only site-id's and site ranges.  That may not be your problem though.  Are your CE's tagging?  encap vpls only supports untagged packets from the CE.  vlan-vpls or flexible is required to pass dot1q tags.  You should think about doing q-in-q to isolate your topology from the customers.  What does your BGP look like?  Both L2VPN and VPLS are actually BGP signalled so your (MP)BGP config is important too. 
> 
> 
> 
> 
> 2012/3/22 Ben Boyd <ben at sinatranetwork.com>
> A straight l2 circuit wouldn't work because of a switched-network between a PE and the CE.
> 
> L2VPN wouldn't work because BGP isn't used as MPLS transport mechanism.
> 
> 
> Updated Setup:
> 
> CE switch #1 (untagged/tagged) -------- MX240 (11.4R1.14) -------- P router -------- Cisco PE (tagged) -------- Switched Network -------- CE switch #2 (untagged/tagged)
> 
> 
> 
> -----------------------------------
> Ben Boyd
> ben at sinatranetwork.com
> http://about.me/benboyd
> 
> 
> 
> 
> On Mar 22, 2012, at 11:34 AM, Ben Boyd wrote:
> 
> >
> > All,
> >
> > I'm running into VPLS frustrations in an MX.  I'd like to create a VPLS instance in which a customer can plug in a device on any port in our network and we'll pass the traffic no matter what type of traffic it is (we're just a wire).  For example, they can plug in a switch/router where the interface is tagging traffic or not tagging traffic.
> >
> > This particular example is one CE-switch to another CE-Switch, but we'll eventually add several additional switches and routers in the same VPLS instance.
> >
> > Right now, I am seeing BPDU's received from one CE switch to another CE switch, but I'm not seeing any coming back.
> >
> > I'm also not able to ping from CE to CE on any VLAN.
> >
> > Here is the Setup:
> >
> > CE switch #1 (untagged/tagged) -------- MX240 (11.4R1.14) -------- P router -------- Cisco PE -------- CE switch #2 (untagged/tagged)
> >
> > CE switch #2 is receiving BPDUs from CE switch #1, however CE switch #1 isn't receiving BPDU's from CE switch #2
> >
> >
> > Relevant MX240 config:
> > admin at interop-MX240# show interfaces ge-2/1/0
> > mtu 9192;
> > encapsulation ethernet-vpls;
> > unit 0 {
> >     family vpls;
> > }
> >
> >
> > admin at interop-MX240# show routing-instances VPLS2001
> > instance-type vpls;
> > vlan-id all;
> > interface ge-2/1/0.0;
> > protocols {
> >     vpls {
> >         no-tunnel-services;
> >         vpls-id 100;
> >         mtu 9216;
> >         neighbor 172.16.0.11;
> >     }
> > }
> >
> > admin at interop-MX240# show protocols layer2-control
> > mac-rewrite {
> >     interface ge-2/1/0 {
> >         protocol {
> >             stp;
> >             vtp;
> >             cdp;
> >         }
> >     }
> > }
> >
> > The VPLS VC is up from MX240 to Cisco PE.
> >
> > admin at interop-MX240# run show vpls connections
> > Instance: VPLS2001
> >   VPLS-id: 100
> >     Neighbor                  Type  St     Time last up          # Up trans
> >     172.16.0.11(vpls-id 100)  rmt   Up     Mar 22 11:13:33 2012           1
> >       Remote PE: 172.16.0.11, Negotiated control-word: No
> >       Incoming label: 262151, Outgoing label: 119
> >       Negotiated PW status TLV: No
> >       Local interface: lsi.1052423, Status: Up, Encapsulation: ETHERNET
> >         Description: Intf - vpls VPLS2001 neighbor 172.16.0.11 vpls-id 100
> >
> >
> > Cisco_PE#show mpls l2transport vc
> >
> > Local intf     Local circuit              Dest address    VC ID      Status
> > -------------  -------------------------- --------------- ---------- ----------
> > VFI vpls1      VFI                        172.16.0.12     100        UP
> >
> >
> > If anyone has some config advice, i'm open to it!
> >
> >
> >
> > -----------------------------------
> > Ben Boyd
> > ben at sinatranetwork.com
> > http://about.me/benboyd
> >
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 
>

More information about the juniper-nsp mailing list