L2circuit for L2 protocol tunneling
Remember that in the QinQ and L2PT on Junos ELS post we discussed how to configure QinQ and L2PT on EX4600 and how we saw that actually L2PT is not supported on EX4600.
Well, in this post we will discuss about a workaround and that is to configure a L2 Circuit(EoMPLS in Cisco world).
L2 Circuit is supported on EX4600 and we are going to use to “tunnel” the control traffic between two Cisco 3750 switches.
This is the topology:
Let’s start first with the configuration of the PE devices. Their configuration is almost identical with the exception of some IP addresses and the interfaces towards CE devices. Therefore, I will show only the configuration for EX4600-1.
This is the interfaces configuration:
{master:0}[edit] root@EX4600-1# show interfaces xe-0/0/0 { mtu 9216; unit 0 { family inet { address 10.10.10.1/24; } family mpls; } } ge-0/0/9 { mtu 9216; encapsulation ethernet-ccc; unit 0 { family ccc; } } lo0 { unit 0 { family inet { address 1.1.1.1/32; } } } {master:0}[edit] root@EX4600-1#
And this is the configuration of the protocols needed for IGP reachability, labels distribution and to configure the L2 circuit between two PEs:
{master:0}[edit] root@EX4600-1# show protocols ## ## Warning: requires 'mpls' license ## mpls { interface xe-0/0/0.0; interface lo0.0; } ospf { area 0.0.0.0 { interface lo0.0; interface xe-0/0/0.0; } } ldp { interface xe-0/0/0.0; interface lo0.0; } l2circuit { neighbor 1.1.1.2 { interface ge-0/0/9.0 { virtual-circuit-id 10; } } } {master:0}[edit] root@EX4600-1#
Once both PEs are configured, the routing table should look like this:
{master:0}[edit] root@EX4600-1# run show route inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.1/32 *[Direct/0] 04:48:42 > via lo0.0 1.1.1.2/32 *[OSPF/10] 01:21:38, metric 1 > to 10.10.10.2 via xe-0/0/0.0 10.10.10.0/24 *[Direct/0] 01:22:00 > via xe-0/0/0.0 10.10.10.1/32 *[Local/0] 01:22:00 Local via xe-0/0/0.0 224.0.0.2/32 *[LDP/9] 01:20:34, metric 1 MultiRecv 224.0.0.5/32 *[OSPF/10] 04:48:48, metric 1 MultiRecv inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.2/32 *[LDP/9] 00:14:15, metric 1 > to 10.10.10.2 via xe-0/0/0.0 mpls.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0 *[MPLS/0] 04:48:47, metric 1 Receive 1 *[MPLS/0] 04:48:47, metric 1 Receive 2 *[MPLS/0] 04:48:47, metric 1 Receive 13 *[MPLS/0] 04:48:47, metric 1 Receive 299792 *[L2CKT/7] 00:14:15 > via ge-0/0/9.0, Pop Offset: 4 299808 *[LDP/9] 00:14:15, metric 1 > to 10.10.10.2 via xe-0/0/0.0, Pop 299808(S=0) *[LDP/9] 00:14:15, metric 1 > to 10.10.10.2 via xe-0/0/0.0, Pop ge-0/0/9.0 *[L2CKT/7] 00:14:15, metric2 1 > to 10.10.10.2 via xe-0/0/0.0, Push 299776 Offset: 252 l2circuit.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.2:CtrlWord:5:10:Local/96 *[L2CKT/7] 00:14:47, metric2 1 > to 10.10.10.2 via xe-0/0/0.0 1.1.1.2:CtrlWord:5:10:Remote/96 *[LDP/9] 00:14:15 Discard {master:0}[edit] root@EX4600-1#
And this is the L2 circuit:
{master:0}[edit]
root@EX4600-1# run show l2circuit connections
Layer-2 Circuit Connections:
Legend for connection status (St)
EI -- encapsulation invalid NP -- interface h/w not present
MM -- mtu mismatch Dn -- down
EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down
CM -- control-word mismatch Up -- operational
VM -- vlan id mismatch CF -- Call admission control failure
OL -- no outgoing label IB -- TDM incompatible bitrate
NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration
BK -- Backup Connection ST -- Standby Connection
CB -- rcvd cell-bundle size bad SP -- Static Pseudowire
LD -- local site signaled down RS -- remote site standby
RD -- remote site signaled down HS -- Hot-standby Connection
XX -- unknown
Legend for interface status
Up -- operational
Dn -- down
Neighbor: 1.1.1.2
Interface Type St Time last up # Up trans
ge-0/0/9.0(vc 10) rmt Up Oct 4 21:22:36 2016 1
Remote PE: 1.1.1.2, Negotiated control-word: Yes (Null)
Incoming label: 299792, Outgoing label: 299776
Negotiated PW status TLV: No
Local interface: ge-0/0/9.0, Status: Up, Encapsulation: ETHERNET
Flow Label Transmit: No, Flow Label Receive: No
{master:0}[edit]
root@EX4600-1#
Now, let’s move to the CE devices, the Cisco devices. Again, their configuration is almost identical and we will see the configuration for C3750-1 device:
C3750-1#show running-config interface gi1/0/9
Building configuration...
Current configuration : 138 bytes
!
interface GigabitEthernet1/0/9
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,200
switchport mode trunk
end
C3750-1#
If the L2 circuit is operating as it should be, then CDP and STP between the two CE devices should work.
This is the CDP neighbour of C3750-1:
C3750-1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
C3750-2 Gig 1/0/9 127 S I WS-C3750G Gig 1/0/10
C3750-1#
And check how C3750-1 is concluding that C3750-2 is the root bridge for the two VLANs:
C3750-1#show spanning-tree bridge
Hello Max Fwd
Vlan Bridge ID Time Age Dly Protocol
---------------- --------------------------------- ----- --- --- --------
VLAN0100 32868 (32768, 100) f4ac.c105.d200 2 20 15 rstp
VLAN0200 32968 (32768, 200) f4ac.c105.d200 2 20 15 rstp
C3750-1#
C3750-1#show spanning-tree active
VLAN0100
Spanning tree enabled protocol rstp
Root ID Priority 32868
Address 0027.0c1a.db80
Cost 4
Port 9 (GigabitEthernet1/0/9)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32868 (priority 32768 sys-id-ext 100)
Address f4ac.c105.d200
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/9 Root FWD 4 128.9 P2p
VLAN0200
Spanning tree enabled protocol rstp
Root ID Priority 32968
Address 0027.0c1a.db80
Cost 4
Port 9 (GigabitEthernet1/0/9)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32968 (priority 32768 sys-id-ext 200)
Address f4ac.c105.d200
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/9 Root FWD 4 128.9 P2p
C3750-1#
And let’s confirm that C3750-2 is the root bridge:
C3750-2#show spanning-tree bridge
Hello Max Fwd
Vlan Bridge ID Time Age Dly Protocol
---------------- --------------------------------- ----- --- --- --------
VLAN0100 32868 (32768, 100) 0027.0c1a.db80 2 20 15 rstp
VLAN0200 32968 (32768, 200) 0027.0c1a.db80 2 20 15 rstp
C3750-2#show spanning-tree active
VLAN0100
Spanning tree enabled protocol rstp
Root ID Priority 32868
Address 0027.0c1a.db80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32868 (priority 32768 sys-id-ext 100)
Address 0027.0c1a.db80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/10 Desg FWD 4 128.10 P2p
VLAN0200
Spanning tree enabled protocol rstp
Root ID Priority 32968
Address 0027.0c1a.db80
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32968 (priority 32768 sys-id-ext 200)
Address 0027.0c1a.db80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi1/0/10 Desg FWD 4 128.10 P2p
C3750-2#
So as it seems, the protocols are tunneled through the two EX4600 and the two Cisco 3750 are operating as they were directly connected.
As a side note, you could use RSVP to advertise the labels along with RSVP-signaled LSPs.
This is what needs to be changed(again the output for EX4600-1):
{master:0}[edit]
root@EX4600-1# show | compare rollback 1
[edit protocols]
- rsvp {
- interface xe-0/0/0.0;
- interface lo0.0;
- }
[edit protocols mpls]
- label-switched-path 1-to-2 {
- to 1.1.1.2;
- no-cspf;
- }
[edit protocols ldp]
+ interface xe-0/0/0.0;
{master:0}[edit]
root@EX4600-1#
And that would be all.
You don’t have always the option to configure L2 circuit between PEs in order to tunnel L2 protocols when the regular L2PT is not working/supported, but it’s good to know how do it.
I hope you will find this post useful when you will be looking for options on how to tunnel L2 protocols.
Paris ARAU
Latest posts by Paris ARAU (see all)
- Junos Fusion – Part IV – Satellite policies and uplink failure detection - 30 July 2018
- Junos Fusion – Part III – Satellite commands and traffic forwarding - 16 July 2018
- Junos Fusion – Part II – Configuration, Administration and Operation - 16 July 2018
- Junos Fusion – Part I – Overview, Components, Ports and Software - 11 July 2018
- Vagrant – Part IV – Network topology using Juniper and Cumulus - 26 April 2018
[…] I won’t discuss how to set up the L2VPN as we already did this several times, one example being L2circuit for L2 protocol tunneling. […]