[j-nsp] VPLS Frustrations (Juniper - Cisco)

Aaron Dewell aaron.dewell at gmail.com
Tue Mar 27 11:03:50 EDT 2012


For the flexibility of however they want to do it, I'd suggest CCC and just take the whole port over the network.  There are two disadvantages to that plan however.  One is that it's point to point only, the second is that it's not supported on Cisco.  

L2vpn (kompella) with encapsulation CCC might solve the problem as well.  

CCC is the old-school Juniper way of doing this pre-l2circuit/l2vpn/vpls.  

Aaron

On Mar 27, 2012, at 8:57 AM, Humair Ali wrote:
> Hi Ben
> 
> not sure if you raised it before, but if you are looking at QinQ, and
> point-to-point is a viable solution, you should be able to do QinQ accross
> L2circuit .
> 
> In regards to the Switched network between PE & CE , why not use CFM to
> monitor the service end to end.
> 
> but if you are planning to add more site , then it might become cumbersome
> though
> 
> Regards
> 
> On 27 March 2012 15:33, Ben Boyd <ben at sinatranetwork.com> wrote:
> 
>> The CE's can tag or not tag, they want freedom to do whatever they wish.
>> 
>> There is no BGP.  It's all LDP signaled.  That's why an L2VPN isn't
>> possible and VPLS is our only way.
>> you hve a swtiched network
>> 
>> I'm trying to accomplish Q-in-Q or more exactly "possiblyQ-in-Q".
>> 
>> JTAC thinks this is a bug as the Juniper is sending STP traffic and
>> tagging correctly, but it isn't decapsulating the STP traffic coming back.
>> 
>> 
>> 
>> -----------------------------------
>> Ben Boyd
>> ben at sinatranetwork.com
>> http://about.me/benboyd
>> 
>> 
>> 
>> 
>> On Mar 22, 2012, at 4:48 PM, Keegan Holley wrote:
>> 
>>> Try changing your encapsulation to flexible ethernet services.  It's
>> been a while since I set this up from scratch, but I've never seen a vpls
>> neighbor defined only site-id's and site ranges.  That may not be your
>> problem though.  Are your CE's tagging?  encap vpls only supports untagged
>> packets from the CE.  vlan-vpls or flexible is required to pass dot1q tags.
>> You should think about doing q-in-q to isolate your topology from the
>> customers.  What does your BGP look like?  Both L2VPN and VPLS are actually
>> BGP signalled so your (MP)BGP config is important too.
>>> 
>>> 
>>> 
>>> 
>>> 2012/3/22 Ben Boyd <ben at sinatranetwork.com>
>>> A straight l2 circuit wouldn't work because of a switched-network
>> between a PE and the CE.
>>> 
>>> L2VPN wouldn't work because BGP isn't used as MPLS transport mechanism.
>>> 
>>> 
>>> Updated Setup:
>>> 
>>> CE switch #1 (untagged/tagged) -------- MX240 (11.4R1.14) -------- P
>> router -------- Cisco PE (tagged) -------- Switched Network -------- CE
>> switch #2 (untagged/tagged)
>>> 
>>> 
>>> 
>>> -----------------------------------
>>> Ben Boyd
>>> ben at sinatranetwork.com
>>> http://about.me/benboyd
>>> 
>>> 
>>> 
>>> 
>>> On Mar 22, 2012, at 11:34 AM, Ben Boyd wrote:
>>> 
>>>> 
>>>> All,
>>>> 
>>>> I'm running into VPLS frustrations in an MX.  I'd like to create a
>> VPLS instance in which a customer can plug in a device on any port in our
>> network and we'll pass the traffic no matter what type of traffic it is
>> (we're just a wire).  For example, they can plug in a switch/router where
>> the interface is tagging traffic or not tagging traffic.
>>>> 
>>>> This particular example is one CE-switch to another CE-Switch, but
>> we'll eventually add several additional switches and routers in the same
>> VPLS instance.
>>>> 
>>>> Right now, I am seeing BPDU's received from one CE switch to another
>> CE switch, but I'm not seeing any coming back.
>>>> 
>>>> I'm also not able to ping from CE to CE on any VLAN.
>>>> 
>>>> Here is the Setup:
>>>> 
>>>> CE switch #1 (untagged/tagged) -------- MX240 (11.4R1.14) -------- P
>> router -------- Cisco PE -------- CE switch #2 (untagged/tagged)
>>>> 
>>>> CE switch #2 is receiving BPDUs from CE switch #1, however CE switch
>> #1 isn't receiving BPDU's from CE switch #2
>>>> 
>>>> 
>>>> Relevant MX240 config:
>>>> admin at interop-MX240# show interfaces ge-2/1/0
>>>> mtu 9192;
>>>> encapsulation ethernet-vpls;
>>>> unit 0 {
>>>>    family vpls;
>>>> }
>>>> 
>>>> 
>>>> admin at interop-MX240# show routing-instances VPLS2001
>>>> instance-type vpls;
>>>> vlan-id all;
>>>> interface ge-2/1/0.0;
>>>> protocols {
>>>>    vpls {
>>>>        no-tunnel-services;
>>>>        vpls-id 100;
>>>>        mtu 9216;
>>>>        neighbor 172.16.0.11;
>>>>    }
>>>> }
>>>> 
>>>> admin at interop-MX240# show protocols layer2-control
>>>> mac-rewrite {
>>>>    interface ge-2/1/0 {
>>>>        protocol {
>>>>            stp;
>>>>            vtp;
>>>>            cdp;
>>>>        }
>>>>    }
>>>> }
>>>> 
>>>> The VPLS VC is up from MX240 to Cisco PE.
>>>> 
>>>> admin at interop-MX240# run show vpls connections
>>>> Instance: VPLS2001
>>>>  VPLS-id: 100
>>>>    Neighbor                  Type  St     Time last up          # Up
>> trans
>>>>    172.16.0.11(vpls-id 100)  rmt   Up     Mar 22 11:13:33 2012
>>    1
>>>>      Remote PE: 172.16.0.11, Negotiated control-word: No
>>>>      Incoming label: 262151, Outgoing label: 119
>>>>      Negotiated PW status TLV: No
>>>>      Local interface: lsi.1052423, Status: Up, Encapsulation: ETHERNET
>>>>        Description: Intf - vpls VPLS2001 neighbor 172.16.0.11 vpls-id
>> 100
>>>> 
>>>> 
>>>> Cisco_PE#show mpls l2transport vc
>>>> 
>>>> Local intf     Local circuit              Dest address    VC ID
>> Status
>>>> -------------  -------------------------- --------------- ----------
>> ----------
>>>> VFI vpls1      VFI                        172.16.0.12     100        UP
>>>> 
>>>> 
>>>> If anyone has some config advice, i'm open to it!
>>>> 
>>>> 
>>>> 
>>>> -----------------------------------
>>>> Ben Boyd
>>>> ben at sinatranetwork.com
>>>> http://about.me/benboyd
>>>> 
>>> 
>>> _______________________________________________
>>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>> 
>>> 
>> 
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>> 
> 
> 
> 
> -- 
> Humair
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp




More information about the juniper-nsp mailing list