[j-nsp] VPLS pass tagged/untagged traffic

Kevin Wormington kworm at sofnet.com
Sun Mar 8 19:43:37 EDT 2015 

Hi Adam,

The suggestion from Chris to simply omit the vlan stuff seems to work 
fine.  I think I was making it more complicated than it should have 
been.  With the vlan config stuff I had the vpls connections would not 
come up on either side so not traffic would pass and there were no macs 
learned.

Thanks,

Kevin

On 03/08/2015 05:19 PM, Adam Vitkovsky wrote:
> Hi Kevin,
>
> I'd like to make sure I understand the issue correctly, so tagged frames
> are passed but untagged frames are not passed?
> Or you can't get any traffic across whatsoever please?
>
> Juniper implementation of flexible VLAN matching sucks big times.
>
> The cmd "vlan-id-range 1-4096" instructs the IFL to accept only frames
> with (at least)* one dot1q tag from a range 1-4096
> So if you would like to accept also untagged frames you might need to
> remove this restriction.
>
> Unfortunately it appears there's no simple knob as "encapsulation
> default" as is in Cisco
> And in order to accept tagged and untagged frames under one IFL you have
> to sacrifice one VLAN ID for this purpose say 4096 and consider it as
> native on the trunk towards aggregation switch.
> So when an untagged frame arrives at the interface it's accepted as IFL
> 0 assumes it belongs to native VLAN and accepts the frame for further
> processing.
> And the config gets more stupid when there are double-tagged frames to
> be accepted by other IFLs on the trunk.
>
> on the PE1 logical system:
> interfaces {
> ge-1/1/0 {
> native-vlan-id 4096
> unit 0 {
> encapsulation vlan-vpls
> vlan-id-range 1-4096
> family vpls; (have tried with and without this)
> }
> }
>
> (at least)*
> -I only assume that is the case as there doesn't seem to be an
> equivalent of Cisco's "exact" keyword which can be used to only accept
> frames with exactly 1 or 2 tags
>
>
> Otherwise have you checked the mac-address-table of routing instance
> VPLS1 if you are at least learning the mac addresses of incoming frames?
>
> adam
>> -----Original Message-----
>> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
>> Of Kevin Wormington
>> Sent: 08 March 2015 13:52
>> To:juniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net>
>> Subject: Re: [j-nsp] VPLS pass tagged/untagged traffic
>>
>> Eduardo,
>>
>> I have tried the following for encapsulation on the ingress port.  The
>> vpls connections are down...one in the LD status and the other in RD.
>> PE2 logical system configured identically other than using port ge-1/1/8
>> as ingress.
>>
>> main instance:
>>
>>      ge-1/1/0 {
>>          encapsulation flexible-ethernet-services;
>>          flexible-vlan-tagging;
>>      }
>>
>>
>>
>> on the PE1 logical system:
>>          interfaces {
>>              ge-1/1/0 {
>>                  unit 0 {
>> 		    encapsulation vlan-vpls
>>                      vlan-id-range 1-4096
>>                      family vpls; (have tried with and without this)
>>                  }
>>              }
>>
>> then on the routing instance in PE1:
>>
>>          routing-instances {
>>              VPLS1 {
>>                  instance-type vpls;
>>                  vlan-id all;
>>                  interface ge-1/1/0.0;
>>                  route-distinguisher 10.100.0.4:100;
>>                  vrf-target target:127:100;
>>                  protocols {
>>                      vpls {
>>                          site-range 4;
>>                          site CE1 {
>>                              site-identifier 1;
>>                          }
>>                      }
>>                  }
>>              }
>>          }
>>
>>
>>
>> On 03/08/2015 01:37 AM, Eduardo Schoedler wrote:
>> > Probably is your encapsulation on ingress port.
>> >
>> > --
>> > Eduardo
>> >
>> > Em domingo, 8 de março de 2015, Kevin Wormington <kworm at sofnet.com
>> > <mailto:kworm at sofnet.com>> escreveu:
>> >
>> >     Hi,
>> >
>> >     On MX (Specifically MX80 w/12.3R9.4) is it possible to pass all
>> >     customer CE traffic whether it's tagged or untagged from a port on
>> >     PE1 to a port on PE2 using VPLS (BGP/RSVP)?
>> >
>> >     I have a lab system using logical systems with ports looped back and
>> >     I can get untagged traffic to work fine, but can't seem to get it to
>> >     pass everything through.
>> >
>> >     Thanks,
>> >
>> >     Kevin
>> >     _________________________________________________
>> >     juniper-nsp mailing listjuniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net>
>> >https://puck.nether.net/__mailman/listinfo/juniper-nsp
>> >     <<https://puck.nether.net/mailman/listinfo/juniper-nsp>>
>> >
>> >
>> >
>> > --
>> > Eduardo Schoedler
>> >
>> _______________________________________________
>> juniper-nsp mailing listjuniper-nsp at puck.nether.net <mailto:juniper-nsp at puck.nether.net>
>>https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> ------------------------------------------------------------------------
> This email has been scanned for email related threats and delivered
> safely by Mimecast.
> For more information please visit http://www.mimecast.com
> ------------------------------------------------------------------------

More information about the juniper-nsp mailing list