Figure 48: VPLS Topology Diagram
In Figure 48, a simple VPLS topology is enabled between routers PE1 and PE2. CE routers CE1 and CE2 use Ethernet-based interfaces to connect VLAN 600 to their local PE router. The PE routers PE1 and PE2 are connected to one another by LSPs enabled across a service provider backbone running MPLS, BGP, RSVP, and OSPF.
In a VPLS routing instance named green, PE1 has a local interface fe-0/1/0 and a virtual port of vt-0/3/0.32770 (the virtual port is created dynamically on the Tunnel Services PIC when VPLS is configured). PE2 has a local interface fe-0/1/0 and a virtual port of vt-0/3/0.32771 in the same green instance. As a result, routers CE1 and CE2 can send Ethernet traffic to one another as if they are physically connected to each other on a LAN.
On Router CE1, the only item you need to configure is the Fast Ethernet interface that connects to PE1. Be sure to write down the VLAN identifier and IP address, so you can match them later on CE2.
Router CE1
- [edit]
- interfaces {
-
- fe-0/1/0 {
- vlan-tagging;# Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS.
-
- unit 0 {
- vlan-id 600;# The Ethernet interface on CE2 must use the same VLAN ID.
-
- family inet {
- address 10.11.3.1/24;
# The interface on CE2 must use the same prefix.
- }
- }
- }
- }
On Router PE1, prepare the router for VPLS by configuring BGP, MPLS, OSPF, and RSVP. (These protocols are the basis for most Layer 2 VPN-related applications, including VPLS.) Include the signaling statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level, because VPLS uses the same infrastructure for internal BGP as Layer 2 VPNs.
 |
Note: In JUNOS Release 7.3 and later, the signaling statement replaces the unicast statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level. You must use the signaling statement if you wish to configure VPLS domains and Layer 2 VPNs simultaneously. |
Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE1. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Be sure to use the same VLAN ID for all Ethernet interfaces that are part of a single VPLS instance. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.
Router PE1
- [edit]
- interfaces {
-
- fe-0/1/0 {
- vlan-tagging;# Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS.
- encapsulation vlan-vpls; # Configure VPLS encapsulation on both the
-
- unit 0 { # physical interface and the logical interface.
- encapsulation vlan-vpls;
- vlan-id 600;# The VLAN ID is the same one used by the CE routers.
- }
- }
-
- so-1/1/0 {
-
- unit 0 {
-
- family inet {
- address 10.11.1.5/30;
- }
- family mpls;
- }
- }
-
- lo0 {
-
- unit 0 {
-
- family inet {
- address 10.245.14.218/32;
- }
- }
- }
- }
- routing-options {
- autonomous-system 69;
-
- forwarding-table {
- export exp-to-fwd;# Applies a policy that selects an LSP for the VPLS instance.
- }
- }
- protocols {
-
- rsvp {
-
- interface all {
- aggregate;
- }
- }
-
- mpls {
-
- label-switched-path pe1-to-pe2
{ # Configure an LSP to reach other VPLS PEs.
- to 10.245.14.219;
- }
- interface all;
- }
-
- bgp {
-
- group vpls-pe {
- type internal;
- local-address 10.245.14.218;
-
- family l2vpn { # VPLS uses the same infrastructure as Layer
2 VPNs
- signaling; # for internal BGP.
- }
- neighbor 10.245.14.217;
- neighbor 10.245.14.219;
- }
- }
-
- ospf {
- traffic-engineering;
-
- area 0.0.0.0 {
-
- interface so-1/1/0.0 {
- metric 11;
- }
-
- interface lo0.0 {
- passive;
- }
- }
- }
- }
- policy-options {
-
- policy-statement exp-to-fwd {
-
- term a {
- from community grn-com; # Matches the community in the VPLS instance.
-
- then {
- install-nexthop lsp pe1-to-pe2; # If there are multiple LSPs that exist
- accept; # between VPLS PE routers, this statement sends
VPLS traffic
- }
- }
- }
- community grn-com members target:11111:1; # Adds the instance to a BGP community.
- }
- routing-instances {
-
- green {
- instance-type vpls; # Configure a VPLS routing instance.
- interface fe-0/1/0.0;
- route-distinguisher 10.245.14.218:1;
- vrf-target target:11111:1; #
This value is important to the BGP community.
-
- protocols {
-
- vpls {# Configure a VPLS site
range, site name, and site identifier.
- site-range 10;
-
- site greenPE1 {
- site-identifier 1;
- }
- }
- }
- }
- }
On Router P0, configure BGP, MPLS, OSPF, and RSVP to interconnect PE1 and PE2.
Router P0
- [edit]
- interfaces {
-
- so-0/0/0 {
-
- unit 0 {
-
- family inet {
- address 10.11.2.6/30;
- }
- family mpls;
- }
- }
-
- so-1/1/0 {
-
- unit 0 {
-
- family inet {
- address 10.11.1.6/30;
- }
- family mpls;
- }
- }
-
- lo0 {
-
- unit 0 {
-
- family inet {
- address 10.245.14.217/32;
- }
- }
- }
- }
- protocols {
-
- rsvp {
-
- interface all {
- aggregate;
- }
- }
-
- mpls {
- interface all;
- }
-
- bgp {
-
- group vpls-pe {
- type internal;
- local-address 10.245.14.217;
-
- family l2vpn { # VPLS uses the
same infrastructure as Layer 2 VPNs
- signaling; #for internal BGP.
- }
- neighbor 10.245.14.218;
- neighbor 10.245.14.219;
- }
- }
-
- ospf {
- traffic-engineering;
-
- area 0.0.0.0 {
-
- interface so-1/1/0.0 {
- metric 11;
- }
-
- interface so-0/0/0.0 {
- metric 15;
- }
-
- interface lo0.0 {
- passive;
- }
- }
- }
- }
On Router PE2, configure BGP, MPLS, OSPF, and RSVP to complement the configuration on PE1. Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE2. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Be sure to use the same VLAN ID for all Ethernet interfaces that are part of a single VPLS instance. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.
Router PE2
- [edit]
- interfaces {
-
- fe-0/1/0 {
- vlan-tagging; # Configure VLAN
tagging for VLAN VPLS or extended VLAN VPLS.
- encapsulation vlan-vpls; # Configure
VPLS encapsulation on both the
-
- unit 0 { # physical interface and logical interface.
- encapsulation vlan-vpls;
- vlan-id 600;# The VLAN ID is
the same one used by the CE routers.
- }
- }
-
- so-0/0/0 {
-
- unit 0 {
-
- family inet {
- address 10.11.2.5/30;
- }
- family mpls;
- }
- }
-
- lo0 {
-
- unit 0 {
-
- family inet {
- address 10.245.14.219/32;
- }
- }
- }
- }
- routing-options {
- autonomous-system 69;
-
- forwarding-table {
- export exp-to-fwd; # Applies
a policy that selects an LSP for the VPLS instance.
- }
- }
- protocols {
-
- rsvp {
-
- interface all {
- aggregate;
- }
- }
-
- mpls {
-
- label-switched-path pe2-to-pe1
{ # Configure an LSP to other VPLS PE routers.
- to 10.245.14.218;
- }
- interface all;
- }
-
- bgp {
-
- group vpls-pe {
- type internal;
- local-address 10.245.14.219;
-
- family l2vpn { # VPLS uses the
same infrastructure as Layer 2 VPNs
- signaling; # for internal BGP.
- }
- neighbor 10.245.14.217;
- neighbor 10.245.14.218;
- }
- }
-
- ospf {
- traffic-engineering;
-
- area 0.0.0.0 {
-
- interface so-0/0/0.0 {
- metric 15;
- }
-
- interface lo0.0 {
- passive;
- }
- }
- }
- }
- policy-options {
-
- policy-statement exp-to-fwd {
-
- term a {
- from community grn-com; # Matches the community with the
VPLS instance.
-
- then {
- install-nexthop lsp pe2-to-pe1; # If there are multiple
LSPs that exist
- accept; # between VPLS PE routers, this statement sends
VPLS traffic
- }
- }
- }
- community grn-com members target:11111:1; # This adds the
instance into a BGP community.
- }
- routing-instances {
-
- green {
- instance-type vpls; # Configure
a VPLS routing instance.
- interface fe-0/1/0.0;
- route-distinguisher 10.245.14.219:1;
- vrf-target target:11111:1; #
This value is important for the BGP community.
-
- protocols {
-
- vpls { # Configure a VPLS site
range, site name, and site identifier.
- site-range 10;
-
- site greenPE2 {
- site-identifier 2;
- }
- }
- }
- }
- }
On Router CE2, complete your VPLS network by configuring the Fast Ethernet interface that connects to PE2. Use the same VLAN identifier and IP address prefix used on Router CE1.
Router CE2
- [edit]
- interfaces {
-
- fe-0/1/0 {
- vlan-tagging; # Configure VLAN tagging for VLAN VPLS or
extended VLAN VPLS.
-
- unit 0 {
- vlan-id 600; # The Ethernet interface on CE1 must use the
same VLAN ID.
-
- family inet {
- address 10.11.3.2/24; # The interface on CE1 must use the
same prefix.
- }
- }
- }
- }
To verify proper operation of VPLS, use the following commands:
The following section shows the output of these commands on Router PE1 as a result of the configuration example:
user@PE1> show interfaces terse Interface Admin Link Proto Local Remote
so-1/1/0 up up
so-1/1/0.0 up up inet 10.11.1.5/30
mpls
so-1/1/1 up up
so-1/1/2 up up
so-1/1/3 up up
fe-0/1/0 up up
fe-0/1/0.0 up up vpls # This is the local Fast Ethernet
# interface.
fe-0/1/1 up up
fe-0/1/2 up up
fe-0/1/3 up up
gr-0/3/0 up up
ip-0/3/0 up up
mt-0/3/0 up up
pd-0/3/0 up up
pe-0/3/0 up up
vt-0/3/0 up up
vt-0/3/0.32770 up up # This is the dynamically generated virtual port.
dsc up up
fxp0 up up
fxp0.0 up up inet 192.186.14.218/24
fxp1 up up
fxp1.0 up up tnp 4
gre up up
ipip up up
lo0 up up
lo0.0 up up inet 10.245.14.218 --> 0/0
127.0.0.1 --> 0/0
inet6 fe80::2a0:a5ff:fe28:13e0
feee::10:245:14:218
lsi up up
mtun up up
pimd up up
pime up up
tap up up
user@PE1> show system statistics vpls vpls:
0 total packets received
0 with size smaller than minimum
0 with incorrect version number
0 packets for this host
0 packets with no logical interface
0 packets with no family
0 packets with no route table
0 packets with no auxiliary table
0 packets with no corefacing entry
0 packets with no CE-facing entry
6 mac route learning requests # This indicates that VPLS is working.
6 mac routes learnt
0 mac routes aged
0 mac routes moved
To display VPLS source and destination MAC address accounting information, use the destination, extensive, matching, or table option with the show route forwarding-table family vpls command. When you analyze the display output, keep in mind the following:
user@PE1> show route forwarding-table
family vpls extensive Routing table: green.vpls [Index 2]
VPLS:
Destination: default
Route type: dynamic Route reference: 0
Flags: sent to PFE
Next-hop type: flood Index: 353 Reference: 1
Destination: default
Route type: permanent Route reference: 0
Flags: none
Next-hop type: discard Index: 298 Reference: 1
Destination: fe-0/1/0.0
Route type: dynamic Route reference: 0
Flags: sent to PFE
Next-hop type: flood Index: 355 Reference: 1
Destination: bb:bb:bb:bb:bb:bb/48 # This MAC address belongs to remote CE2.
Route type: dynamic Route reference: 0
Flags: sent to PFE, prefix load balance
Next-hop type: indirect Index: 351 Reference: 4
Next-hop type: Push 800000, Push 100002(top)
Next-hop interface: so-1/1/0.0
Destination: aa:aa:aa:aa:aa:aa/48 # This MAC address belongs to local CE1.
Route type: dynamic Route reference: 0
Flags: sent to PFE, prefix load balance
Next-hop type: unicast Index: 354 Reference: 2
Next-hop interface: fe-0/1/0.0
user@PE1> show route forwarding-table family
vpls Routing table: green.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default dynm 0 flood 353 1
default perm 0 dscd 298 1
fe-0/1/0.0 dynm 0 flood 355 1
bb:bb:bb:bb:bb:bb/48 # This MAC address belongs to remote CE2.
dynm 0 indr 351 4
Push 800000, Push 100002(top)
so-1/1/0.0
aa:aa:aa:aa:aa:aa/48 # This MAC address belongs to local CE1.
dynm 0 ucst 354 2 fe-0/1/0.0
user@PE1> show route forwarding-table family
mpls Routing table: mpls
MPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 19 1
0 user 0 recv 18 3
1 user 0 recv 18 3
2 user 0 recv 18 3
100000 user 0 10.11.1.6 swap 100001 so-1/1/0.0
800002 user 0 Pop vt-0/3/0.32770
vt-0/3/0.32770 (VPLS)
user 0 indr 351 4
Push 800000, Push 100002(top) so-1/1/0.0
user@PE1> show route instance green detail green:
Router ID: 0.0.0.0
Type: vpls State: Active
Interfaces:
fe-0/1/0.0 # This is the local Fast Ethernet interface.
vt-0/3/0.32770 # This is the dynamically generated VPLS virtual port.
Route-distinguisher: 10.245.14.218:1
Vrf-import: [ __vrf-import-green-internal__ ]
Vrf-export: [ __vrf-export-green-internal__ ]
Vrf-import-target: [ target:11111:1 ]
Vrf-export-target: [ target:11111:1 ]
Tables:
green.l2vpn.0 : 2 routes (2 active, 0 holddown, 0 hidden)
user@PE1> show vpls connections L2VPN Connections:
Legend for connection status (St)
OR -- out of range WE -- intf encaps != instance encaps
EI -- encapsulation invalid Dn -- down
EM -- encapsulation mismatch VC-Dn -- Virtual circuit down
CM -- control-word mismatch -> -- only outbound conn is up
CN -- circuit not present <- -- only inbound conn is up
OL -- no outgoing label Up -- operational
NC -- intf encaps not CCC/TCC XX -- unknown
NP -- interface not present
Legend for interface status
Up -- operational
Dn -- down
Instance: green
Local site: greenPE1 (1)
connection-site Type St Time last up # Up trans
2 rmt Up Jan 24 06:26:49 2003 1
Local interface: vt-0/3/0.32770, Status: Up, Encapsulation: VPLS
Remote PE: 10.245.14.219, Negotiated control-word: No
Incoming label: 800002, Outgoing label: 800000
user@PE1> show system statistics vpls vpls:
0 total packets received
0 with size smaller than minimum
0 with incorrect version number
0 packets for this host
0 packets with no logical interface
0 packets with no family
0 packets with no route table
0 packets with no auxiliary table
0 packets with no corefacing entry
0 packets with no CE-facing entry
7 mac route learning requests
7 mac routes learnt
0 mac routes aged
0 mac routes moved
user@PE1> show route instance green detail green:
Router ID: 0.0.0.0
Type: vpls State: Active
Interfaces:
fe-0/1/0.0
vt-0/3/0.32770
Route-distinguisher: 10.245.14.218:1
Vrf-import: [ __vrf-import-green-internal__ ]
Vrf-export: [ __vrf-export-green-internal__ ]
Vrf-import-target: [ target:11111:1 ]
Vrf-export-target: [ target:11111:1 ]
Tables:
green.l2vpn.0 : 2 routes (2 active, 0 holddown, 0 hidden)
user@PE1> show vpls statistics Layer-2 VPN Statistics:
Instance: green
Local interface: fe-0/1/0.0, Index: 351
Remote provider edge router: 10.245.14.219
Multicast packets: 363
Multicast bytes : 30956
Flood packets : 0
Flood bytes : 0
Local interface: vt-0/3/0.32770, Index: 354
Remote provider edge router: 10.245.14.219
Multicast packets: 135
Multicast bytes : 12014
Flood packets : 135
Flood bytes : 12014
To clear all MAC address entries for a VPLS instance from the VPLS table, issue the clear vpls mac-address instance instance-name command. Add the logical-system logical-system-name option to clear entries in a VPLS instance within a logical system. Use the mac-address option to remove individual MAC addresses.
