Ciscos, BGP, L2TPV3 pseudowires and loopback IPs

Ryan Finnesey ryan.finnesey at
Thu Nov 11 15:00:33 CST 2010

It is L2TPv3 I think that Sprint is using for there "MPLS" offer and
Sprint Link Frame Service.

-----Original Message-----
From: Jeff Saxe [mailto:jsaxe at] 
Sent: Thursday, November 11, 2010 7:29 AM
To:; James Smallacombe
Subject: RE: Ciscos, BGP, L2TPV3 pseudowires and loopback IPs

Agreed: We used to use L2TPv3 tunnels fairly often to provide nailed-up
private VLAN services to clients when we could only procure a Layer 3
circuit from another provider. They're pretty simple to set up and work
reliably, although you may need to maintain both ends of the L2TPv3 at
approximately matching IOS versions... at one point we had a perfectly
working customer, then I upgraded a router at one end of the tunnel, and
they suddenly had major, unexplainable packet loss all through the day.
After I upgraded the other end, it returned to working fine.

But yeah, you don't really need a loopback. We routinely terminated the
tunnels on the WAN address closest to the Internet. I think the only
time I had to introduce a loopback was when one router was a tunnel
terminator for two far-end locations, and when I tried to configure the
second peer it complained at me. Also one time I wanted to have two
parallel tunnels between the same source and destination routers (which
is perfectly fine, because it has a tunnel discriminator number that
keeps the two customers' traffic separate), except I also wanted to do
some fancy QoS prioritization on one of them. By the time the traffic
hits the WAN interface, the tunnel discriminator is buried too far down
in the packet to use any "match" statements in the QoS, so I made one of
the tunnels have a separate L2TPv3 endpoint on each router, and then I
could just match on destination IP address.

But that was a weird edge case. Most of the time we just used the
outside Internet address, either T1 or Ethernet. Email me back privately
if you want me to dig up the configs out of our CatTools archive.

-- Jeff Saxe
Blue Ridge InternetWorks
Charlottesville, VA

From: David Freedman [david.freedman at]
Sent: Wednesday, November 10, 2010 1:22 PM
To: nanog at
Subject: Re: Ciscos, BGP, L2TPV3 pseudowires and loopback IPs

> We will need to set up a L2TPV3 tunnel to their old location (single 
> homed, no BGP on that side).  Upon initial reading of Cisco docs to do

> this, we will need a routable IP on a loopback interface for starters.

I'm pretty sure this is just a recommendation based on good practise
(routeability to endpoints), I'm sure since you are not multihomed you
can just use "ip local interface WAN1" and be done with it, I seem to
remember doing something similar in an l2tpv3 pw class and it working.

> Using one from the /24 LAN is out unless we subnet it, which we don't 
> want to do.
> So the question is, can I just "move" the PTP IP address x.x.129.174 
> from the WAN interface to the loopback like this?
>  interface Loopback0
>   ip address x.x.129.174  (that's the mask we're using
>             the WAN- Cisco's loopback examples show .255)
>  interface WAN1 (actually a gigether)
>   ip unnumbered loopback0  (or no ip addr?)
>  neighbor x.x.128.173 update-source Loopback0

No, if you were to do this you should get a new transfer network, you
can't have the same address on two interfaces (and in fact, you should
really be stealing an address from your internal /24 which doesn't
require any re-subnetting (if you are happy for this address to be
unreachable) and it should have a /32 mask...


David Freedman
Group Network Engineering
Claranet Group

More information about the NANOG mailing list