Configuring Layer 2 Circuits

To implement Layer 2 circuits, perform the following:

• Configuring an Interface Encapsulation on CE-Facing Interfaces
• Configuring the MPLS Family on Core Interfaces
• Configuring Layer 2 Circuits
• Configuring LDP and an IGP to Transport Layer 2 Circuits
• Option: Applying Traffic Engineering to a Layer 2 Circuit
• Option: Mapping Layer 2 Protocol Control Information into a Layer 2 Circuit
• Option: Configuring APS for Layer 2 Circuits
• Option: Configuring Layer 2 Circuit Trunk Mode on ATM2 IQ Interfaces
• Option: Reserving LSP Bandwidth for a Layer 2 Circuit
• Option: Selecting an MTU for a Layer 2 Circuit
• Option: Configuring Local Interface Switching for a Layer 2 Circuit
• Option: Configuring Layer 2 Circuits Simultaneously over RSVP and LDP LSPs

Configuring an Interface Encapsulation on CE-Facing Interfaces

When you configure Layer 2 circuits, you can use Ethernet, SONET/SDH, and ATM2 IQ interfaces on a PE router. The specific steps you must take to configure these interface types for Layer 2 circuits are described as follows:

• Configuring CCC Encapsulation on CE-Facing Ethernet Interfaces
• Configuring CCC Encapsulation on CE-Facing SONET/SDH Interfaces
• Configuring a CCC Encapsulation and a Layer 2 Circuit Mode on CE-Facing ATM2 IQ Interfaces

Configuring CCC Encapsulation on CE-Facing Ethernet Interfaces

On Ethernet-based CE-facing PE router interfaces, you must configure one of the three Ethernet CCC encapsulation types—Ethernet CCC, VLAN CCC, or Extended VLAN CCC. Use the following guidelines to configure an Ethernet-based interface CCC encapsulation:

• ethernet-ccc—Use Ethernet CCC encapsulation on Ethernet interfaces that must accept packets carrying standard Tag Protocol ID (TPID) values.
• extended-vlan-ccc—Use extended VLAN CCC encapsulation on Ethernet interfaces that have VLAN 802.1Q tagging and must accept packets carrying TPIDs 0x8100, 0x9100, and 0x9901.
• vlan-ccc—Use VLAN CCC encapsulation on Ethernet interfaces with VLAN tagging enabled. VLAN CCC encapsulation supports TPID 0x8100 only. You must configure this encapsulation type on both the physical interface and the logical interface.
• You can configure multiple logical interfaces on Ethernet interfaces configured for VLAN mode. The valid VLAN ID range for the logical interfaces depends upon your PIC type:
  • 1 to 1023—Aggregated Ethernet, 4-port, 8-port, and 12-port Fast Ethernet, and management and internal Ethernet interfaces
  • 1 to 4094—48-port Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet interfaces
  • VLAN ID 0 is reserved for tagging the priority of frames on all Ethernet PICs.
• For encapsulation type vlan-ccc, VLAN IDs from 1 through 511 are reserved for normal VLANs, and VLAN IDs from 512 through 1023 are reserved for CCC VLANs. For encapsulation type extended-vlan-ccc, all valid VLAN IDs per PIC type are valid for CCC VLANs.

For more information about VLAN IDs, see “Binding a VLAN ID to a Logical Interface” in the JUNOS Network Interfaces Configuration Guide.

To configure CCC interface encapsulation, include the encapsulation statement at the [edit interfaces ethernet-interface-fpc/pic/port] hierarchy level and select ethernet-ccc, vlan-ccc, or extended-vlan-ccc as the encapsulation type. If you select the VLAN CCC encapsulation, also include the vlan-ccc statement at the [edit interfaces ethernet-interface-fpc/pic/port unit unit-number encapsulation] logical interface hierarchy level. When using either VLAN CCC or extended VLAN CCC encapsulations, include the vlan-tagging statement at the [edit interfaces ethernet-interface-fpc/pic/port] hierarchy level.

Configuring CCC Encapsulation on CE-Facing SONET/SDH Interfaces

On SONET/SDH interfaces in a PE router, you can use Frame Relay CCC, Cisco HDLC CCC, or PPP CCC encapsulation for Layer 2 circuits:

• To configure Frame Relay CCC interface encapsulation, include the encapsulation statement at the [edit interfaces so-fpc/pic/port] hierarchy level and select frame-relay-ccc as the encapsulation type. To enable Frame Relay CCC at the logical interface level, include the encapsulation frame-relay-ccc statement at the [edit interfaces so-fpc/pic/port unit unit-number] hierarchy level.
• To configure Cisco HDLC CCC interface encapsulation, include the encapsulation statement at the [edit interfaces so-fpc/pic/port] hierarchy level and select cisco-hdlc-ccc as the encapsulation type.
• To configure PPP CCC interface encapsulation, include the encapsulation statement at the [edit interfaces so-fpc/pic/port] hierarchy level and select ppp-ccc as the encapsulation type.

  [edit]

  interfaces {

  so-0/0/0 {

  encapsulation (frame-relay-ccc | cisco-hdlc-ccc | ppp-ccc);

  unit 0 {

  encapsulation frame-relay-ccc;

  }

  }

  }

Configuring a CCC Encapsulation and a Layer 2 Circuit Mode on CE-Facing ATM2 IQ Interfaces

On ATM2 IQ interfaces in a PE router, you need to configure two encapsulations to enable Layer 2 circuits: one at the [edit interfaces at-fpc/pic/port] hierarchy level and the other at the [edit chassis fpc fpc-slot pic pic-slot] hierarchy level. There are two types of ATM2 IQ Layer 2 circuits: cell-relay mode and ATM Adaptation Layer 5 (AAL5) mode. For both modes, you must specify the Physical Interface Card (PIC) type with the pic-type atm2 statement at the [edit interfaces at-fpc/pic/port atm-options] hierarchy level. You can configure only one mode per PIC at a time. If you need to enable both ATM2 IQ Layer 2 circuit modes in the same router, you must configure the different modes on different PICs.

To configure a cell-relay mode Layer 2 circuit, include the atm-l2circuit-mode cell statement at the [edit chassis fpc fpc-slot pic pic-slot] hierarchy level and the encapsulation atm-ccc-cell-relay statement at both the [edit interfaces at-fpc/pic/port] physical hierarchy level and the [edit interfaces at-fpc/pic/port unit unit-number] logical interface hierarchy level.

For ATM2 IQ Layer 2 circuit cell-relay mode only, you can adjust the cell bundle size at the physical interface level and the logical interface level. To configure, include the cell-bundle-size statement at either the [edit interfaces at-fpc/pic/port atm-options] physical interface hierarchy level or the [edit interfaces at-fpc/pic/port unit unit-number] logical interface hierarchy level. If the statement is included at both levels, the logical interface setting takes precedence. The default value for cell bundle size is 1 and the maximum value is 190. If you configure the cell bundle size statement, you should configure the same value on all ATM2 IQ neighbors.

To configure an AAL5 mode Layer 2 circuit, include the atm-l2circuit-mode aal5 statement at the [edit chassis fpcfpc-slot pic pic-slot] hierarchy level and the encapsulation atm-ccc-vc-mux statement at the [edit interfaces at-fpc/pic/port] hierarchy level:

For more information on how to configure interfaces with CCC encapsulation types, see the JUNOS MPLS Applications Configuration Guide or the JUNOS Network Interfaces Configuration Guide.

Configuring the MPLS Family on Core Interfaces

Because LDP is used as the signaling protocol to transport MPLS labels across the core of the network, you must include the family mpls statement at the [edit interfaces interface-name unit logical-unit-number] hierarchy level. Include the statement on all router interfaces in the path from the local PE router to the remote PE router across the core network that transports the Layer 2 circuit traffic.

Configuring Layer 2 Circuits

After you enable the PE router interfaces with the proper encapsulations, you then configure Layer 2 circuits (also referred to as VCs) between two or more PE router neighbors. To configure a Layer 2 circuit, include the l2circuit statement at the [edit protocols] hierarchy level.

Each Layer 2 circuit is represented by a logical interface on the local PE router, the IP address of the remote PE router neighbor, and a virtual circuit identifier. The logical interface connects the local PE router to the local CE router. The loopback address and router ID of the PE neighbor is commonly the neighbor’s IP address. This address is also the destination end-point of the LSP tunnel, which transports the Layer 2 circuit to the neighbor. The virtual circuit ID uniquely identifies the VC to a specific neighbor.

This combination of logical interface, neighbor address, and virtual circuit ID is used to map a particular LDP forwarding equivalence class (FEC) received from a specific neighbor to a local VC. The egress label is added to a table and is used for sending traffic on that VC between the CE routers.

Both ends of a Layer 2 circuit must use the same Layer 2 technology because the Layer 2 encapsulation type is carried in the LDP FEC. The encapsulation type from a received FEC is matched against the local encapsulation type of the VC. If there is a mismatch, the VC is not established.

To add the IP address of the remote PE router neighbor into a Layer 2 circuit, include the neighbor ip-address statement at the [edit protocols l2circuit] hierarchy level. To map the remote neighbor to the local interface that connects to the CE router, include the interface statement at the [edit protocols l2circuit neighbor ip-address] hierarchy level. To select the identifier for the virtual circuit, include the virtual-circuit-identifier statement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level. To disable default control word processing, include the no-control-word statement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level. Finally, to assign the Layer 2 circuit to a community, include the community community-namestatement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level.

Note: On M-series routing platforms only, if you include the control-word statement at the [edit protocols l2circuit neighbor address interface interface-name] hierarchy level (the default setting for Layer 2 circuits), the software cannot rewrite MPLS EXP bits.

You do not need to specify the encapsulation type at the [edit protocols l2circuit] hierarchy level because it is already specified in the interface configuration.

Configuring LDP and an IGP to Transport Layer 2 Circuits

LDP is used as the signaling protocol to advertise the ingress MPLS label to the remote PE router. For this purpose, a remote LDP neighbor is established using the extended discovery mechanism described in RFC 3036, LDP Specification, and a session is established.

No new configuration is necessary in LDP because the LDP protocol recognizes the Layer 2 circuit configuration and initiates extended neighbor discovery for all Layer 2 circuit neighbors on the remote PE routers. This is very similar to the behavior of LDP when it is tunneled over RSVP. However, you must configure LDP on the lo0.0 interface for extended neighbor discovery to function correctly.

LDP relies on an underlying IGP, such as OSPF or IS-IS. Therefore, configure LDP and your IGP on all routers in the path from the local PE router to the remote PE router across the service provider backbone.

Option: Applying Traffic Engineering to a Layer 2 Circuit

To traffic engineer Layer 2 circuits over multiple LSPs, you must create a community, assign a set of Layer 2 circuits to that community, define a policy to send the community traffic over a desired LSP, and apply the policy to the forwarding table.

To create a community, include the community community-name statement at the [edit policy-options] hierarchy level. To assign a Layer 2 circuit to a community, include the community community-name statement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level. To create a policy that sends community traffic over a specific LSP, include the community community-namestatement at the [edit policy-options policy-statement policy-name term term-name from] hierarchy level and the install-next-hop lsp lsp-name statement at the [edit policy-options policy-statement policy-name term term-name then] hierarchy level. To apply the policy to the forwarding table, include the export policy-name statement at the [edit routing-options forwarding-table] hierarchy level.

Option: Mapping Layer 2 Protocol Control Information into a Layer 2 Circuit

The control word is defined in Internet draft draft-martini-l2circuit-encap-mpls-07.txt Encapsulation Methods for Transport of Layer 2 Frames Over IP and MPLS Networks. It is a set of fields that carry Layer 2 control information across a Layer 2 circuit. The following control word support is available for PE routers:

• Frame Relay—To carry Frame Relay FECN/BECN information in a Layer 2 circuit control word, include the translate-fecn-and-becn statement at the [edit interfaces interface-name encapsulation frame-relay-ccc unit unit-number encapsulation frame-relay-ccc family ccc] hierarchy level. To carry Frame Relay DE information in a Layer 2 circuit control word, include the translate-discard-eligible statement at the [edit interfaces interface-name encapsulation frame-relay-ccc unit unit-number encapsulation frame-relay-ccc family ccc] hierarchy level.

  [edit]

  interfaces {

  interface-name {

  encapsulation frame-relay-ccc;

  unit 0 {

  encapsulation frame-relay-ccc;

  point-to-point;

  dlci 512;

  family ccc {

  translate-fecn-and-becn;

  translate-discard-eligible;

  }

  }

  }

  }

• ATM AAL5 mode—For ATM2 IQ interfaces, the ATM AAL5 control word contains bit fields to carry sequence numbers, ATM cell loss priority (CLP), and explicit forward congestion indication (EFCI) information. When you configure ATM Layer 2 circuits, the control word carries the sequence number, CLP, and EFCI information by default. No additional configuration is necessary.
• ATM cell-relay mode—For ATM2 IQ interfaces, the ATM cell-relay control word supports sequence number processing only. Once you configure a cell-relay mode Layer 2 circuit, the sequence number information is carried by default. No additional configuration is necessary.

Option: Configuring APS for Layer 2 Circuits

To apply Automatic Protection Switching (APS) to a Layer 2 circuit, you must configure an APS working circuit and a protect circuit on PE router interfaces that support SONET options (such as SONET/SDH, ATM, and ATM2 IQ interfaces) and circuit cross-connect (CCC) encapsulation types. Then, you must configure the working circuit as the primary Layer 2 circuit interface and the protect circuit as the protected Layer 2 circuit interface. Note that APS only protects the PE-CE link and not the entire Layer 2 circuit.

To configure an APS working circuit, include the working-circuit statement at the [edit interfaces interface-name sonet-options aps] hierarchy level. To configure an APS protect circuit, include the protect-circuit statement at the [edit interfaces interface-name sonet-options aps] hierarchy level. To configure the primary Layer 2 circuit interface, include the interface statement at the [edit protocols l2circuit neighbor ip-address] hierarchy level. To configure the protected Layer 2 circuit interface, include the protect-interface statement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level.

Option: Configuring Layer 2 Circuit Trunk Mode on ATM2 IQ Interfaces

When you configure Layer 2 circuits on CE-facing ATM2 IQ interfaces in a PE router that connects to some vendors’ ATM switches, you can create a trunk. The trunk bundles several ATM cell streams into one LSP, preserves the cell loss priority (CLP) and class-of-service (CoS) information of the cells within the experimental (EXP) bits of the MPLS header, and provides network-to-network interface (NNI) or user-to-network interface (UNI) information within a proprietary header. A physical interface supports a total of 32 logical trunks in NNI mode and 8 logical trunks when you use the UNI option. To configure a trunk, include the trunk statement at the [edit chassis fpc fpc-slot pic pic-slot atm-l2circuit-mode] hierarchy level, select NNI or UNI mode with the nni or uni statement, and specify a number of bits in the ATM header that will carry an identifier with the id-width statement. You can choose a value from 1 through 8 for the identifier width.

You can also configure several trunk options at the [edit interfaces at-fpc/pic/port unit unit-number] hierarchy level:

• To specify an ATM interface as the control channel for a Layer 2 circuit trunk, include the control-channel statement at the [edit interfaces at-fpc/pic/port unit unit-number] hierarchy level.
• To specify a trunk identifier, include the trunk-id statement at the [edit interfaces at-fpc/pic/port unit unit-number] hierarchy level. Trunk ID values range from 0 through 31.
• To configure the amount of bandwidth reserved for the trunk, include the trunk-bandwidth statement at the [edit interfaces at-fpc/pic/port unit unit-number] hierarchy level and specify a value from 1,000,000 bps (1 Mbps) through 542,526,792 bps.
• To apply a CoS scheduler map to the trunk, include the atm-scheduler-map statement at the [edit interfaces at-fpc/pic/port unit unit-number] hierarchy level. This statement must reference an ATM2 IQ interface-based scheduler map at the [edit interfaces at-fpc/pic/port atm-options scheduler-maps map-name] hierarchy level.

  interfaces {

  at-fpc/pic/port {

  atm-options {

  pic-type atm2;

  scheduler-maps {

  map-name {

  ...

  }

  }

  unit unit-number {

  atm-scheduler-map map-name;

  control-channel;

  trunk-id id-number;

  trunk-bandwidth bandwidth;

  }

  }

  }

  }

You can configure a variety of CoS-related statements for an ATM2 IQ interface-based scheduler map. To select the CoS mode used for virtual circuits, include the vc-cos-mode statement at the [edit interfaces at-fpc/pic/port atm-options scheduler-maps map-name] hierarchy level. To specify forwarding class settings, include the priority, transmit-weight, and epd-threshold statements at the [edit interfaces at-fpc/pic/port atm-options scheduler-maps map-name forwarding-class class-name] hierarchy level. For more information about CoS, see the JUNOS Class of Service Configuration Guide.

Option: Reserving LSP Bandwidth for a Layer 2 Circuit

You can specify the amount of bandwidth in bytes per second that must be available on an LSP for a specific Layer 2 circuit. By using a bandwidth constraint for a Layer 2 circuit, the router performs a type of call admission control. If an LSP exists that contains the required bandwidth, the Layer 2 circuit is established. If the bandwidth is not available on an LSP, the Layer 2 circuit is not established.

To configure bandwidth requirements for a Layer 2 circuit, include the bandwidth statement at the [edit protocols mpls label-switched-path lsp-name] hierarchy level and the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level.

You can also assign minimum bandwidth requirements for class-of-service (CoS) queues within a Layer 2 circuit and its corresponding LSP. Class type (CT) queues 0, 1, 2, and 3 in a Layer 2 circuit or LSP correspond to the standard four CoS queues available on M-series, MX-series, and T-series routing platforms. To enable mapping of class type queues to the standard CoS queues, include the bandwidth-model statement at the [edit protocols mpls diffserv-te] hierarchy level. To assign specific bandwidth requirements to each class type queue, include the ct0, ct1, ct2, and ct3 statements at the [edit protocols mpls label-switched-path lsp-name bandwidth] hierarchy level and the [edit protocols l2circuit neighbor ip-address interface interface-name bandwidth] hierarchy level.

For more information about class of service, see the JUNOS Class of Service Configuration Guide.

Option: Selecting an MTU for a Layer 2 Circuit

To configure the MTU for each individual Layer 2 circuit, include the mtu statement at the [edit protocols l2circuit neighbor ip-address interface interface-name] hierarchy level. If the MTU setting between Layer 2 circuit neighbors does not match, the Layer 2 circuit is torn down.

Note: If you configure an MTU value for an ATM cell relay interface on an ATM2 PIC and simultaneously configure an MTU value for a Layer 2 circuit that uses the same ATM2 PIC, the MTU value for the Layer 2 circuit takes precedence when calculating the cell bundle size and is advertised to Layer 2 circuit neighbors.

Option: Configuring Local Interface Switching for a Layer 2 Circuit

You can terminate a Layer 2 circuit locally on an ingress PE router. To configure a locally terminated circuit, include the local-switching statement at the [edit protocols l2circuit] hierarchy level. Select the Layer 2 circuit interfaces you want to connect locally, specify any APS protect interfaces, and configure an end interface. To select the Layer 2 circuit interfaces that are connected locally, include the interface statement at the [edit protocols l2circuit local-switching] hierarchy level. To configure an end interface, include the end-interface statement at the [edit protocols l2circuit local-switching interface interface-name] hierarchy level. To specify APS protect interfaces, include the protect-interface statement at the [edit protocols l2circuit local-switching interface interface-name] or [edit protocols l2circuit local-switching interface interface-name end-interface interface-name] hierarchy levels.

Option: Configuring Layer 2 Circuits Simultaneously over RSVP and LDP LSPs

You can configure a Layer 2 circuit simultaneously over an RSVP LSP and an LDP LSP between the same two routing platforms. To accomplish this, do the following:

• Configure two loopback addresses—a primary and a secondary loopback.
• Configure the RSVP LSP using the primary loopback address.
• Configure the LDP LSP using the secondary loopback address. You can accomplish this by advertising the secondary loopback address as a forwarding equivalence class (FEC) in LDP.
• Configure the transport tunnel endpoint (also known as a packet-switched network [PSN] tunnel endpoint in the IETF drafts) to be used for transporting the Layer 2 circuit traffic. To configure the tunnel endpoint, include the psn-tunnel-endpoint statement at the [edit protocols l2circuit] hierarchy level. By default, the tunnel endpoint is the same as the address of the Layer 2 circuit neighbor.

To verify that your configuration is operational, issue the show l2circuit connections command. This command has been enhanced to display tunnel endpoints. For more information about configuring Layer 2 circuits simultaneously over RSVP and LDP LSPs, see the JUNOS VPNs Configuration Guide.