[j-nsp] L2Circuit VLAN-CCC EX4550

Marcus Stoegbauer marcus at grmpf.org
Tue Aug 27 16:13:26 EDT 2013


On 23.08.2013, at 14:25, Giuliano Medalha <giuliano at wztech.com.br> wrote:

> People,
> 
> We have an issue when implementing vlan-CCC in JUNIPER EX4550 switches.
> 
> When we put the port like the following mode:
> 
> set interfaces xe-0/0/10 encapsulation vlan-ccc
> set interfaces xe-0/0/10 vlan-tagging
> set interfaces xe-0/0/10 unit 600 vlan-id 600
> 
> When we close L2Circuit with non-JUNIPER switches (like cisco or extreme)
> the EX4550 is doing a kind of POP in Ethernet framing removing the VLAN-ID
> (frames incoming xe-0/0/10 port).
> 
> The communication cannot be established with the neighbor switch.
> 
> Using MX series at the same environment there is no problems and the
> behavior is correct (the 802.1Q label entering the port is not altered).
> 
> Do you think there is some kind of bug on JUNOS code for EX4550 ?
> 

TL; DR: 
On (Juniper) devices that support it set the following on the customer facing interface on the non-EX side:
set int xe-1/2/0 unit 600 vlan-id 600 input-vlan-map pop
set int xe-1/2/0 unit 600 vlan-id 600 output-vlan-map push

Long version:

This comes close to behavior I noticed too when evaluating EX4550 for Pseudowire termination and it affects all connections between EX4550 and non-EX devices. It was supposed to be tracked under PR865452 and fixed in 12.3R3, 12.2R5, 13.2R1; but with a current 12.3 I still see the issue. I just haven't come around to opening a case again yet.

The problem here is exactly what you are describing, with a Pseudowire between EX4550 (I haven't tested any other EX in this scenario) and a non-EX device (in my case: MX and ACX) and "encapsulation-type ethernet" configured under protocols l2circuit. What actually happens in my case is this:

            Ethernet      PW      Ethernet
            tagged                tagged
            VLAN 888              VLAN 888
Cust Site A ---------> EX ---> MX ---------> Cust Site B

The interfaces towards Cust are tagged with VLAN 888, similar to your setup. Customer Site A tags the frame with VLAN 888, sends it to EX. EX removes the VLAN tag before sending the ethernet frame onto the Pseudowire, but MX does not add VLAN tag 888 before sending it to Customer Site B, so the CPE on Site B discards the frame because it does not know what to do with it.

The reverse direction is even more fun:

            Ethernet      PW      Ethernet
            tagged                tagged
            VLAN 888              VLAN 888
Cust Site B ---------> MX ---> EX ---------> Cust Site A

Cust Site B tags the frame with VLAN 888 again, MX does not alter the VLAN tag and sends the frame onto the Pseudowire as it is. EX on the other hand likes to be special and adds VLAN 888 to the ethernet frame, so in this case Site B gets ethernet frames that are tagged with two VLAN tags 888, which does not make the CPE on Site A very happy either.

One side (EX or non-EX) is behaving wrongly here, it's open to debate which side though.

   Marcus


More information about the juniper-nsp mailing list