L2circuit for L2 protocol tunneling

Remember that in the QinQ and L2PT on Junos ELS post we discussed how to configure QinQ and L2PT on EX4600 and how we saw that actually L2PT is not supported on EX4600.

Well, in this post we will discuss about a workaround and that is to configure a L2 Circuit(EoMPLS in Cisco world).

L2 Circuit is supported on EX4600 and we are going to use to “tunnel” the control traffic between two Cisco 3750 switches.

This is the topology:

 

cisco_l2circuit

 

Let’s start first with the configuration of the PE devices. Their configuration is almost identical with the exception of some IP addresses and the interfaces towards CE devices. Therefore, I will show only the configuration for EX4600-1.

This is the interfaces configuration:

 

{master:0}[edit]
root@EX4600-1# show interfaces
xe-0/0/0 {
    mtu 9216;
    unit 0 {
        family inet {
            address 10.10.10.1/24;
        }
        family mpls;
    }
}
ge-0/0/9 {
    mtu 9216;
    encapsulation ethernet-ccc;
    unit 0 {
        family ccc;
    }
}
lo0 {
    unit 0 {
        family inet {
            address 1.1.1.1/32;
        }
    }
}

{master:0}[edit]
root@EX4600-1#

 

And this is the configuration of the protocols needed for IGP reachability, labels distribution and to configure the L2 circuit between two PEs:

 

{master:0}[edit]
root@EX4600-1# show protocols
##
## Warning: requires 'mpls' license
##
mpls {
    interface xe-0/0/0.0;
    interface lo0.0;
}
ospf {
    area 0.0.0.0 {
        interface lo0.0;
        interface xe-0/0/0.0;
    }
}
ldp {
    interface xe-0/0/0.0;
    interface lo0.0;
}
l2circuit {
    neighbor 1.1.1.2 {
        interface ge-0/0/9.0 {
            virtual-circuit-id 10;
        }
    }
}

{master:0}[edit]
root@EX4600-1#

 

Once both PEs are configured, the routing table should look like this:

 

{master:0}[edit]
root@EX4600-1# run show route

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.1/32         *[Direct/0] 04:48:42
                    > via lo0.0
1.1.1.2/32         *[OSPF/10] 01:21:38, metric 1
                    > to 10.10.10.2 via xe-0/0/0.0
10.10.10.0/24      *[Direct/0] 01:22:00
                    > via xe-0/0/0.0
10.10.10.1/32      *[Local/0] 01:22:00
                      Local via xe-0/0/0.0
224.0.0.2/32       *[LDP/9] 01:20:34, metric 1
                      MultiRecv
224.0.0.5/32       *[OSPF/10] 04:48:48, metric 1
                      MultiRecv

inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.2/32         *[LDP/9] 00:14:15, metric 1
                    > to 10.10.10.2 via xe-0/0/0.0

mpls.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0                  *[MPLS/0] 04:48:47, metric 1
                      Receive
1                  *[MPLS/0] 04:48:47, metric 1
                      Receive
2                  *[MPLS/0] 04:48:47, metric 1
                      Receive
13                 *[MPLS/0] 04:48:47, metric 1
                      Receive
299792             *[L2CKT/7] 00:14:15
                    > via ge-0/0/9.0, Pop       Offset: 4
299808             *[LDP/9] 00:14:15, metric 1
                    > to 10.10.10.2 via xe-0/0/0.0, Pop
299808(S=0)        *[LDP/9] 00:14:15, metric 1
                    > to 10.10.10.2 via xe-0/0/0.0, Pop
ge-0/0/9.0         *[L2CKT/7] 00:14:15, metric2 1
                    > to 10.10.10.2 via xe-0/0/0.0, Push 299776 Offset: 252

l2circuit.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.2:CtrlWord:5:10:Local/96
                   *[L2CKT/7] 00:14:47, metric2 1
                    > to 10.10.10.2 via xe-0/0/0.0
1.1.1.2:CtrlWord:5:10:Remote/96
                   *[LDP/9] 00:14:15
                      Discard

{master:0}[edit]
root@EX4600-1#

 

And this is the L2 circuit:

 

{master:0}[edit]
root@EX4600-1# run show l2circuit connections
Layer-2 Circuit Connections:

Legend for connection status (St)
EI -- encapsulation invalid      NP -- interface h/w not present
MM -- mtu mismatch               Dn -- down
EM -- encapsulation mismatch     VC-Dn -- Virtual circuit Down
CM -- control-word mismatch      Up -- operational
VM -- vlan id mismatch           CF -- Call admission control failure
OL -- no outgoing label          IB -- TDM incompatible bitrate
NC -- intf encaps not CCC/TCC    TM -- TDM misconfiguration
BK -- Backup Connection          ST -- Standby Connection
CB -- rcvd cell-bundle size bad  SP -- Static Pseudowire
LD -- local site signaled down   RS -- remote site standby
RD -- remote site signaled down  HS -- Hot-standby Connection
XX -- unknown

Legend for interface status
Up -- operational
Dn -- down
Neighbor: 1.1.1.2
    Interface                 Type  St     Time last up          # Up trans
    ge-0/0/9.0(vc 10)         rmt   Up     Oct  4 21:22:36 2016           1
      Remote PE: 1.1.1.2, Negotiated control-word: Yes (Null)
      Incoming label: 299792, Outgoing label: 299776
      Negotiated PW status TLV: No
      Local interface: ge-0/0/9.0, Status: Up, Encapsulation: ETHERNET
      Flow Label Transmit: No, Flow Label Receive: No

{master:0}[edit]
root@EX4600-1#

 

Now, let’s move to the CE devices, the Cisco devices. Again, their configuration is almost identical and we will see the configuration for C3750-1 device:

 

C3750-1#show running-config interface gi1/0/9
Building configuration...

Current configuration : 138 bytes
!
interface GigabitEthernet1/0/9
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 100,200
 switchport mode trunk
end

C3750-1#

 

If the L2 circuit is operating as it should be, then CDP and STP between the two CE devices should work.

This is the CDP neighbour of C3750-1:

 

C3750-1#show cdp  neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
C3750-2          Gig 1/0/9         127              S I   WS-C3750G Gig 1/0/10
C3750-1#

 

And check how C3750-1 is concluding that C3750-2 is the root bridge for the two VLANs:

 

C3750-1#show spanning-tree bridge

                                                   Hello  Max  Fwd
Vlan                         Bridge ID              Time  Age  Dly  Protocol
---------------- --------------------------------- -----  ---  ---  --------
VLAN0100         32868 (32768, 100) f4ac.c105.d200    2    20   15  rstp
VLAN0200         32968 (32768, 200) f4ac.c105.d200    2    20   15  rstp
C3750-1#
C3750-1#show spanning-tree active

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868
             Address     0027.0c1a.db80
             Cost        4
             Port        9 (GigabitEthernet1/0/9)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32868  (priority 32768 sys-id-ext 100)
             Address     f4ac.c105.d200
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/9             Root FWD 4         128.9    P2p



VLAN0200
  Spanning tree enabled protocol rstp
  Root ID    Priority    32968
             Address     0027.0c1a.db80
             Cost        4
             Port        9 (GigabitEthernet1/0/9)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32968  (priority 32768 sys-id-ext 200)
             Address     f4ac.c105.d200
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/9             Root FWD 4         128.9    P2p


C3750-1#

 

And let’s confirm that C3750-2 is the root bridge:

 

C3750-2#show  spanning-tree bridge

                                                   Hello  Max  Fwd
Vlan                         Bridge ID              Time  Age  Dly  Protocol
---------------- --------------------------------- -----  ---  ---  --------
VLAN0100         32868 (32768, 100) 0027.0c1a.db80    2    20   15  rstp
VLAN0200         32968 (32768, 200) 0027.0c1a.db80    2    20   15  rstp
C3750-2#show spanning-tree active

VLAN0100
  Spanning tree enabled protocol rstp
  Root ID    Priority    32868
             Address     0027.0c1a.db80
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32868  (priority 32768 sys-id-ext 100)
             Address     0027.0c1a.db80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/10            Desg FWD 4         128.10   P2p



VLAN0200
  Spanning tree enabled protocol rstp
  Root ID    Priority    32968
             Address     0027.0c1a.db80
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32968  (priority 32768 sys-id-ext 200)
             Address     0027.0c1a.db80
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/10            Desg FWD 4         128.10   P2p


C3750-2#

 

So as it seems, the protocols are tunneled through the two EX4600 and the two Cisco 3750 are operating as they were directly connected.

As a side note, you could use RSVP to advertise the labels along with RSVP-signaled LSPs.

This is what needs to be changed(again the output for EX4600-1):

 

{master:0}[edit]
root@EX4600-1# show | compare rollback 1
[edit protocols]
-   rsvp {
-       interface xe-0/0/0.0;
-       interface lo0.0;
-   }
[edit protocols mpls]
-    label-switched-path 1-to-2 {
-        to 1.1.1.2;
-        no-cspf;
-    }
[edit protocols ldp]
+    interface xe-0/0/0.0;

{master:0}[edit]
root@EX4600-1#

 

And that would be all.

You don’t have always the option to configure L2 circuit between PEs in order to tunnel L2 protocols when the regular L2PT is not working/supported, but it’s good to know how do it.

I hope you will find this post useful when you will be looking for options on how to tunnel L2 protocols.

The following two tabs change content below.

Paris ARAU

Paris ARAU is a networking professional with strong background on routing and switching technologies. He is a holder of CCIE R&S and dual JNCIE(SP and ENT). The day to day work allows him to dive deeply in networking technologies. Part of the continuously training, he is focusing on Software Defined Network and cloud computing.

Comments

This post currently has one response

Leave a Reply

Your email address will not be published. Required fields are marked *

Sidebar



%d bloggers like this: