[j-nsp] MX5-T VPLS fowarding problem

Mathias Sundman mathias at nilings.se
Fri Mar 29 09:51:05 EDT 2013 

On 03/29/2013 02:36 PM, sthaug at nethelp.no wrote:
>> I got an off-list message from Diogo saying that the logical interface
>> (VLAN ID) on each side must be the same, unless you do some
>> pop/push/swap magic. Changing that did solve the problem! I still don't
>> see why though. I only use the VLAN locally on each site to separate the
>> traffic between multiple customers in the access switches, so the VLAN
>> tag should never be included in the actual frames forwarded between the
>> routers.
> The BGP-based VPLS RFC (RFC 4761) specifies in section 4.1:
>
>     Ethernet frames received from CE devices are encapsulated for
>     transmission over the packet switched network connecting the PEs.
>     The encapsulation is as in [7].
OK, then I understand. I consider the customer switch/router that they 
attach outside my access-switch the "CE Device", while the RFC consider 
the first device connected to the PE router the CE device regardless of 
how it's used, and I guess that's where the confusion is created.

> where reference 7 is RFC 4448, which in its turn says:
>
>     In Ethernet PW operates in one of two modes: "raw mode" or "tagged
>     mode".  In tagged mode, each frame MUST contain at least one 802.1Q
>     [802.1Q] VLAN tag, and the tag value is meaningful to the NSPs at the
>     two PW termination points.
>
> Tagged mode is what you get if you have a VLAN subinterface and you
> don't do anything specific to remove the tag. Thus you should *expect*
> the VLAN tag to be included.
>
> It would have been possible for Juniper to automatically translate
> VLAN IDs on output - this is what for instance Cisco does on single-
> tagged pseudowires. Such automatic translation means that the VLAN
> IDs don't have to match. However, Juniper has chosen not to do such
> automatic translation.
>

My goal is to use Q-in-Q on the trunk between my PE router and my 
access-switch, and then q-tunnel mode on the customer port to allow him 
to transport any VLANs he want inside the VPLS tunnel.

So, if I want to achieve that without having to use the same outer VLAN 
ID between my PE and access-switch on each side, what do I have todo?

Can I just pop the ingress outer tag (my S-VLAN) and consider it a RAW 
mode PW, or will it not allow the customer VLANs to be transported then?

or would I have to swap in incoming S-VLAN to a common VLAN between my 
PEs and then swap it back to the locally unique S-VLAN used at each site?

Thx

More information about the juniper-nsp mailing list