[j-nsp] Juniper BGP signaled VPLS interoperability, site-id issue
Misak Khachatryan
m.khachatryan at gnc.am
Thu Nov 10 05:50:00 EST 2016
Hello,
we have MPLS network solely built on Juniper MX routers. We have 2
route reflectors, 16 PE routers, and of course lot of VPLS configured.
Recently we decided to try Mikrotik for some non critical and low
bandwidth sites. Statically configured VPLS connected to Juniper VPLS
via mesh groups works OK, but we hit some limitations, especially that
there can be only 14 mesh-group per vpls.
Then we decided to try BGP signaled VPLS and hit this strange problem.
8 of our Juniper PEs recognizing the Mikrotik site and establishing
pseudowires with no problem, other 8 see site but not establishing any
connection, having site status of OL, which means no outgoing label.
Tried RouterOS 6.36.4, 6.37.1, and latest 6.38rc25, same result.
Mikrotik site ID is 41
Working site IDs are - 5,20,22,24,25,28,33,35
These site IDs not working 1,3,6,8,10,12,14,15
LDP seems OK.
Mikrotik config:
# nov/10/2016 13:28:11 by RouterOS 6.36.4
# software id = 7LGJ-TXAC
#
/interface bridge
add name=Loopback0 protocol-mode=none
add name=Test_VPLS protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] l2mtu=2000
mac-address=6C:3B:6B:09:60:D2 mtu=1972 name=Up_Link
set [ find default-name=ether3 ] arp=disabled l2mtu=1500
mac-address=6C:3B:6B:09:60:D4
/routing bgp instance
set default as=65500 client-to-client-reflection=no router-id=10.255.255.41
/routing ospf instance
set [ find default=yes ] router-id=10.255.255.41
/interface bridge port
add bridge=Test_VPLS interface=ether3
/interface vpls bgp-vpls
add bridge=Test_VPLS bridge-cost=0 bridge-horizon=1
export-route-targets=65500:5000 import-route-targets=65500:5000
name=Test \
route-distinguisher=10.255.255.41:5000 site-id=41 use-control-word=no
/ip address
add address=10.255.255.41 interface=Loopback0 network=10.255.255.41
add address=10.255.25.10/30 interface=Up_Link network=10.255.25.8
/mpls
set propagate-ttl=no
/mpls interface
set [ find default=yes ] mpls-mtu=2000
/mpls ldp
set enabled=yes lsr-id=10.255.255.41 transport-address=10.255.255.41
/mpls ldp interface
add interface=Up_Link
add interface=Loopback0
/routing bgp peer
add address-families=l2vpn name=Abovyan remote-address=10.255.255.6
remote-as=65500 ttl=default update-source=Loopback0
add address-families=l2vpn name=Vanadzor remote-address=10.255.255.3
remote-as=65500 ttl=default update-source=Loopback0
/routing ospf interface
add interface=Loopback0 network-type=point-to-point
add disabled=yes interface=Management-Bridge network-type=broadcast
add cost=100 interface=Up_Link network-type=broadcast
/routing ospf network
add area=backbone network=10.255.255.41/32
add area=backbone network=10.255.25.8/30
Juniper PE VPLS config:
show routing-instances Mikrotik_VPLS
instance-type vpls;
interface ae2.3;
route-distinguisher 10.255.255.1:5000;
vrf-target target:65500:5000;
protocols {
vpls {
no-tunnel-services;
site yerevan {
site-identifier 1;
interface ae2.3;
}
connectivity-type permanent;
}
}
Juniper output on connection status:
[code]show vpls connections instance Mikrotik_VPLS extensive
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch
Legend for interface status
Up -- operational
Dn -- down
Instance: Mikrotik_VPLS
Edge protection: Not-Primary
Local site: yerevan (1)
Number of local interfaces: 1
Number of local interfaces up: 1
IRB interface present: no
ae2.3
Label-base Offset Size Range Preference
329680 1 8 8 100
Label-base Offset Size Range Preference
328928 41 8 1 100
connection-site Type St Time last up # Up trans
41 rmt OL
But when i change site-id on Juniper lets say to 25 from working list
or 125 in this example, everything seems to work.
show vpls connections instance Mikrotik_VPLS
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch
Legend for interface status
Up -- operational
Dn -- down
Instance: Mikrotik_VPLS
Edge protection: Not-Primary
Local site: yerevan (125)
connection-site Type St Time last up # Up trans
41 rmt Up Nov 10 12:24:34 2016 1
Remote PE: 10.255.255.41, Negotiated control-word: No
Incoming label: 329680, Outgoing label: 9162
Local interface: lsi.1638426, Status: Up, Encapsulation: VPLS
Description: Intf - vpls Mikrotik_VPLS local site 125 remote site 41
I've noticed that label block sizes are different for Juniper and
Mikrotik, here is the BGP table from Route Reflector:
show route table bgp.l2vpn.0 community target:*:5000 detail
bgp.l2vpn.0: 9870 destinations, 9870 routes (9870 active, 0 holddown, 0 hidden)
10.255.255.1:5000:125:41/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.1:5000
Next hop type: Indirect
Address: 0x418e29f0
Next-hop reference count: 3621
Source: 10.255.255.1
Protocol next hop: 10.255.255.1
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:20:53 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.1+179
Announcement bits (1): 0-BGP_RT_Background
AS path: I
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 0, site preference: 100
Accepted
Label-base: 329680, range: 8, offset: 41
Localpref: 100
Router ID: 10.255.255.1
10.255.255.1:5000:125:121/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.1:5000
Next hop type: Indirect
Address: 0x418e29f0
Next-hop reference count: 3621
Source: 10.255.255.1
Protocol next hop: 10.255.255.1
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:20:54 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.1+179
Announcement bits (1): 0-BGP_RT_Background
AS path: I
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 0, site preference: 100
Accepted
Label-base: 328928, range: 8, offset: 121
Localpref: 100
Router ID: 10.255.255.1
10.255.255.41:5000:41:0/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.41:5000
Next hop type: Indirect
Address: 0x4561eea0
Next-hop reference count: 4
Source: 10.255.255.41
Protocol next hop: 10.255.255.41
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:37:02 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.41+179
Announcement bits (1): 0-BGP_RT_Background
AS path: ?
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 1500
Accepted
Label-base: 9117, range: 16, offset: 0
Localpref: 100
Router ID: 10.255.255.41
10.255.255.41:5000:41:16/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.41:5000
Next hop type: Indirect
Address: 0x4561eea0
Next-hop reference count: 4
Source: 10.255.255.41
Protocol next hop: 10.255.255.41
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:27:36 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.41+179
Announcement bits (1): 0-BGP_RT_Background
AS path: ?
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 1500
Accepted
Label-base: 9133, range: 16, offset: 16
Localpref: 100
Router ID: 10.255.255.41
10.255.255.41:5000:41:32/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.41:5000
Next hop type: Indirect
Address: 0x4561eea0
Next-hop reference count: 4
Source: 10.255.255.41
Protocol next hop: 10.255.255.41
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:38:39 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.41+179
Announcement bits (1): 0-BGP_RT_Background
AS path: ?
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 1500
Accepted
Label-base: 9101, range: 16, offset: 32
Localpref: 100
Router ID: 10.255.255.41
10.255.255.41:5000:41:112/96 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.255.255.41:5000
Next hop type: Indirect
Address: 0x4561eea0
Next-hop reference count: 4
Source: 10.255.255.41
Protocol next hop: 10.255.255.41
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Active Int Ext>
Local AS: 65500 Peer AS: 65500
Age: 1:20:52 Metric2: 1
Validation State: unverified
Task: BGP_65500.10.255.255.41+179
Announcement bits (1): 0-BGP_RT_Background
AS path: ?
Communities: target:65500:5000 Layer2-info: encaps:
VPLS, control flags:[0x0] , mtu: 1500
Accepted
Label-base: 9149, range: 16, offset: 112
Localpref: 100
Router ID: 10.255.255.41
Mikrotik uses base 16, while Juniper - 8. But changing
label-block-size on Juniper config doesn't help.
So, is there something I'm missing? Any help appreciated.
Best regards,
Misak Khachatryan,
More information about the juniper-nsp
mailing list