Juniper MX - Routed pseudowire using LDP - VPWS or VPLS
Ben Bartsch
uwcableguy at gmail.com
Mon Mar 19 21:15:48 UTC 2018
Absolutely! I'm running a eBGP session over this ATM. We are going to try
to backhaul our customers through a Dell whitebox running IPI OcNOS
configured with an 'LDP fabric' to a core MX.
To use an IRB as a L3 endpoint you have to use VPLS on the MX (Junos
version 15.1R6.7). I was missing a couple of key commands highlighted in
red:
show configuration interfaces irb.997 | display set
set interfaces irb unit 997 description
VLAN-997->PWHE->POD1-3550-S1_VLAN_997
set interfaces irb unit 997 bandwidth 10g
set interfaces irb unit 997 family inet mtu 9178
set interfaces irb unit 997 family inet address 10.240.16.101/30
show configuration routing-instances VPLS-LAB-0997 | display set
set routing-instances VPLS-LAB-0997 instance-type vpls
set routing-instances VPLS-LAB-0997 vlan-id 997
set routing-instances VPLS-LAB-0997 routing-interface irb.997
set routing-instances VPLS-LAB-0997 protocols vpls encapsulation-type
ethernet-vlan
set routing-instances VPLS-LAB-0997 protocols vpls no-tunnel-services
set routing-instances VPLS-LAB-0997 protocols vpls vpls-id 997
set routing-instances VPLS-LAB-0997 protocols vpls mtu 9100
set routing-instances VPLS-LAB-0997 protocols vpls neighbor 10.240.0.73
set routing-instances VPLS-LAB-0997 protocols vpls connectivity-type irb
show vpls connections extensive
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not
CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not
same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch HS -- Hot-standby Connection
Legend for interface status
Up -- operational
Dn -- down
Instance: VPLS-LAB-0997
VPLS-id: 997
Number of local interfaces: 0
Number of local interfaces up: 0
lsi.1048592 Intf - vpls VPLS-LAB-0997 neighbor
10.240.0.73 vpls-id 997
Neighbor Type St Time last up # Up trans
10.240.0.73(vpls-id 997) rmt Up Mar 19 10:25:38 2018 1
Remote PE: 10.240.0.73, Negotiated control-word: No
Incoming label: 262148, Outgoing label: 52786
Negotiated PW status TLV: No
Local interface: lsi.1048592, Status: Up, Encapsulation: VLAN
Description: Intf - vpls VPLS-LAB-0997 neighbor 10.240.0.73 vpls-id
997
Flow Label Transmit: No, Flow Label Receive: No
Connection History:
Mar 19 10:25:38 2018 status update timer
Mar 19 10:25:38 2018 PE route changed
Mar 19 10:25:38 2018 Out lbl Update 52786
Mar 19 10:25:38 2018 In lbl Update 262148
Mar 19 10:25:38 2018 loc intf up lsi.1048592
The other end of my VPLS circuit is a Dell S4048-ON running IP Infusion
OcNOS (it is very Cisco IOS-ish) v1.3.3:
sh run mpls
mpls vpls VPLS-LAB-0997 997
redundancy-role primary
signaling ldp
vpls-type vlan
vpls-peer 10.240.0.11
exit-signaling
!
router ldp
router-id 10.240.0.73
targeted-peer ipv4 10.240.0.11
exit-targeted-peer-mode
transport-address ipv4 10.240.0.73
sh run int xe4
!
interface xe4
description XE4->POD1-3550-S1_GI0/2
speed 1g
switchport
load-interval 30
mtu 9100
mpls-vpls VPLS-LAB-0997 vlan 997
ac-admin-status up
exit-if-vpls
And the CE is just a simple L3 VLAN. We are using an old Cisco 3550
running 12.2(46)SE IPSERVICESK9 that we found laying around:
POD1-3550-S1#sh run int gi0/2
Building configuration...
Current configuration : 219 bytes
!
interface GigabitEthernet0/2
description GI0/2->POD3-4048-S1_XE4
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 997
switchport mode trunk
load-interval 30
speed nonegotiate
end
POD1-3550-S1#sh run int vlan 997
Building configuration...
Current configuration : 115 bytes
!
interface Vlan997
description VLAN_997_VLAN-BASED-VPWS-ROUTED-PW
ip address 10.240.16.102 255.255.255.252
end
Hope this helps. My head hurts from banging it my desk for the last couple
of weeks. :)
-ben
On Mon, Mar 19, 2018 at 3:25 PM, Chuck Anderson <cra at wpi.edu> wrote:
> Would you mind sharing the solution(s)? I've stiched a L2 PW using
> lt-interfaces.
>
> Thanks.
>
> On Mon, Mar 19, 2018 at 11:51:36AM -0500, Ben Bartsch wrote:
> > I want to thank everyone who contacted me on and off list on this
> request.
> > I now have two methods to land a layer 3 endpoint on a layer 2 circuit
> to a
> > remote PE. I very much appreciate the input, feedback, and assistance.
> I
> > hope I personally get to meet all of you that reached out to me at a
> future
> > NANOG meeting. Thanks again!
> >
> > -ben
> >
> > On Sat, Mar 17, 2018 at 9:25 AM, Ben Bartsch <uwcableguy at gmail.com>
> wrote:
> >
> > > When we had Cisco ASR 920/903 and ASR9k, I could attach a layer 2
> > > pseudowire endpoint on that device to a layer 3 BDI/BVI. I'm trying
> to do
> > > the same thing on a Juniper MX 480/960 and it does not appear to be
> > > supported (for LDP at least - MP-BGP might be supported). We could do
> > > either VPWS or VPLS on the PE device handoff to the CE (layer 2 only).
> > > JTAC has somewhat confirmed this is not supported for LDP, but they
> only do
> > > break/fix, not new config. We do not have professional services (we
> are
> > > broke).
> > >
> > > Any Juniper routerheads out there that have seen this done using LDP
> > > without having to hairpin on the MX?
> > >
> > > Thanks, y'all.
> > >
> > > -ben
>
More information about the NANOG
mailing list