Configuring VPLS Routing Instances

To configure a VPLS routing instance, include the vpls statement:

vpls {active-interface {any;primary interface-name;}connectivity-type (ce | irb);interface-mac-limit limit;label-block-size size; mac-table-aging-time time;mac-table-size size;neighbor neighbor-id;no-tunnel-services;site site-name {active-interface {any;primary interface-name;}interface interface-name {interface-mac-limit limit;}multi-homing;site-identifier identifier;site-preference preference-value;}site-range number;traceoptions {file filename <files number> <size size> <world-readable | no-world-readable>;flag flag <flag-modifier> <disable>;}tunnel-services {devices device-names;primary primary-device-name;}vpls-id vpls-id;}

You can include this statement at the following hierarchy levels:

The configuration for the VPLS routing instance statements is explained in the following sections:

Configuring BGP Signaling for VPLS

You can configure BGP signaling for the VPLS routing instance. BGP is used to signal the pseudowires linking each of the PE routers participating in the VPLS routing instance. The pseudowires carry VPLS traffic across the service provider's network between the VPLS sites.

Note: You cannot configure both BGP signaling and LDP signaling for the same VPLS routing instance. If you attempt to configure the statements that enable BGP signaling for the VPLS routing instance (the site, site-identifier, and site-range statements) and the statements that enable LDP signaling for the same instance (the neighbor and vpls-id statements), the commit operation fails.

Configure BGP signaling for the VPLS routing instance by completing the steps in the following sections:

Configuring the VPLS Site Name and Site Identifier

When you configure BGP signaling for the VPLS routing instance, on each PE router you must configure each VPLS site that has a connection to the PE router. All the Layer 2 circuits provisioned for a VPLS site are listed as the set of logical interfaces (using the interface statement) within the site statement.

You must configure a site name and site identifier for each VPLS site.

To configure the site name and the site identifier, include the site and the site-identifier statements:

site site-name {interface interface-name {interface-mac-limit limit;}site-identifier identifier;}

The numerical identifier can be any number from 1 through 65,534 that uniquely identifies the local VPLS site.

You can include these statements at the following hierarchy levels:

Configuring Automatic Site Identifiers for VPLS

When you enable automatic site identifiers, the Junos OS automatically assigns site identifiers to VPLS sites. To configure automatic site identifiers for a VPLS routing instance, include the automatic-site-id statement:

automatic-site-id {collision-detect-time seconds;new-site-wait-time seconds;reclaim-wait-time minimum seconds maximum seconds;startup-wait-time seconds;}

You can include this statement at the following hierarchy levels:

The automatic-site-id statement includes a number of options that control different delays in network layer reachability information (NLRI) advertisements. All of these options are configured with default values. See the statement summary for the automatic-site-id statement for more information.

The automatic-site-id statement includes the following options:

Configuring the Site Range

When you enable BGP signaling for each VPLS routing instance, you need to configure a site range. The site range specifies the total number of sites in the VPLS. To configure a site range, include the site-range statement:

site-range number;

You can include this statement at the following hierarchy levels:

Note: When you configure the site range, you need to specify a value that is greater than the site identifier. The following configuration example illustrates this issue:

protocols {vpls {site-range 20;no-tunnel-services;site sample {site-identifier 3;}}}

This configuration is valid. However, if the site identifier was a value greater than 20, the VPLS connection would fail.

Configuring the VPLS Site Interfaces

All the Layer 2 circuits you configure for a VPLS site are listed as a set of logical interfaces within the VPLS site configuration.

To configure a logical interface for the VPLS site, include the interface statement:

interface interface-name {interface-mac-limit limit;}

You can include these statements at the following hierarchy levels:

You can also configure a limit on the number of MAC addresses that can be learned from the specified interface. For more information, see Configuring VPLS Routing Instances.

Configuring the VPLS Site Preference

You can specify the preference value advertised for a particular VPLS site. The site preference value is encoded in the BGP local preference attribute. When a PE router receives multiple advertisements with the same VPLS edge (VE) device identifier, the advertisement with the highest local preference value is preferred.

To configure the VPLS site preference, include the site-preference statement:

site-preference preference-value;

You can also specify either the backup option or the primary option for the site-preference statement. The backup option specifies the preference value as 1, the lowest possible value, ensuring that the VPLS site is the least likely to be selected. The primary option specifies the preference value as 65,535, the highest possible value, ensuring that the VPLS site is the most likely to be selected.

For a list of hierarchy levels at which you can include the site-preference statement, see the statement summary section for this statement.

Configuring LDP Signaling for VPLS

You can configure LDP as the signaling protocol for a VPLS routing instance. This functionality is described in RFC 4762, Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling.

The Junos OS does not support all of RFC 4762. When enabling LDP signaling for a VPLS routing instance, network engineers should be aware that only the following values are supported:

To enable LDP signaling for the set of PE routers participating in the same VPLS routing instance, you need to use the vpls-id statement configured at the [edit routing-instances routing-instance-name protocols vpls] hierarchy level to configure the same VPLS identifier on each of the PE routers. The VPLS identifier must be globally unique. When each VPLS routing instance (domain) has a unique VPLS identifier, it is possible to configure multiple VPLS routing instances between a given pair of PE routers.

LDP signaling requires that you configure a full-mesh LDP session between the PE routers in the same VPLS routing instance. Neighboring PE routers are statically configured. Tunnels are created between the neighboring PE routers to aggregate traffic from one PE router to another. Pseudowires are then signaled to demultiplex traffic between VPLS routing instances. These PE routers exchange the pseudowire label, the MPLS label that acts as the VPLS pseudowire demultiplexer field, by using LDP forwarding equivalence classes (FECs). Tunnels based on both MPLS and generic routing encapsulation (GRE) are supported.

Note: You cannot configure both BGP signaling and LDP signaling for the same VPLS routing instance. If you attempt to configure the statements that enable BGP signaling for the VPLS routing instance (the site, site-identifier, and site-range statements), and the statements that enable LDP signaling for the same instance, neighbor and vpls-id, the commit operation fails.

To enable LDP signaling for the VPLS routing instance, complete the steps in the following sections:

Configuring LDP Signaling for the VPLS Routing Instance

To configure the VPLS routing instance to use LDP signaling, you must configure the same VPLS identifier on each PE router participating in the instance. Specify the VPLS identifier with the vpls-id statement:

vpls-id vpls-id;

You can include this statement at the following hierarchy levels:

To configure the VPLS routing instance to use LDP signaling, you also must include the neighbor statement to specify each of the neighboring PE routers that are a part of this VPLS domain:

neighbor neighbor-id;

You can include this statement at the following hierarchy levels:

Configuring LDP Signaling on the Router

To enable LDP signaling, you need to configure LDP on each PE router participating in the VPLS routing instance. A minimal configuration is to enable LDP on the loopback interface, which includes the router identifier (router-id), on the PE router using the interface statement:

interface interface-name;

You can include this statement at the following hierarchy levels:

You can enable LDP on all the interfaces on the router using the all option for the interfaces statement. For more information about how to configure LDP, see the Junos MPLS Applications Configuration Guide.

Configuring VPLS Routing Instance and VPLS Interface Connectivity

You can configure the VPLS routing instance to take down or maintain its VPLS connections depending on the status of the interfaces configured for the VPLS routing instance. By default, the VPLS connection is taken down whenever a customer-facing interface configured for the VPLS routing instance fails. This behavior can be explicitly configured by specifying the ce option for the connectivity-type statement:

connectivity-type ce;

You can alternatively specify that the VPLS connection remain up so long as an Integrated Routing and Bridging (IRB) interface is configured for the VPLS routing instance by specifying the irb option for the connectivity-type statement:

connectivity-type irb;

You can include this statement at the following hierarchy levels:

Configuring the VPLS MAC Table Timeout Interval

You can modify the timeout interval for the VPLS table. We recommend you that configure longer values for small, stable VPLS networks and shorter values for large, dynamic VPLS networks. If the VPLS table does not receive any updates during the timeout interval, the router waits one additional interval before automatically clearing the MAC address entries from the VPLS table.

To modify the timeout interval for the VPLS table, include the mac-table-aging-time statement:

mac-table-aging-time seconds;

You can include this statement at the following hierarchy levels:

Note: The mac-table-aging-time statement is not available on MX Series routers.

Configuring the Size of the VPLS MAC Address Table

You can modify the size of the VPLS media access control (MAC) address table. The default table size is 512 MAC addresses, the minimum is 16 addresses, and the maximum is 65,536 addresses.

If the MAC table limit is reached, new MAC addresses can no longer be added to the table. Eventually the oldest MAC addresses are removed from the MAC address table automatically. This frees space in the table, allowing new entries to be added. However, as long as the table is full, new MAC addresses are dropped.

To change the VPLS MAC table size for each VPLS or VPN routing instance, include the mac-table-size statement:

mac-table-size size;

You can include this statement at the following hierarchy levels:

When you include the mac-table-size statement, the affected interfaces include all interfaces within the VPLS routing instance, including the local interfaces, the LSI interfaces, and the VT interfaces.

Limiting the Number of MAC Addresses Learned from an Interface

You can configure a limit on the number of MAC addresses learned by a VPLS routing instance using the mac-table-size statement. If the MAC table limit is reached, new MAC addresses can no longer be added to the table. Eventually the oldest MAC addresses are removed from the MAC address table automatically. This frees space in the table, allowing new entries to be added. However, as long as the table is full, new MAC addresses are dropped.

Because this limit applies to each VPLS routing instance, the MAC addresses of a single interface can consume all the available space in the table, preventing the routing instance from acquiring addresses from other interfaces.

You can limit the number of MAC addresses learned from each interface configured for a VPLS routing instance. To do so, include the interface-mac-limit statement:

interface-mac-limit limit;

You can include this statement at the following hierarchy levels:

The interface-mac-limit statement affects the local interfaces only (the interfaces facing CE devices).

Configuring the interface-mac-limit statement at the [edit routing-instances routing-instance-name protocols vpls] hierarchy level causes the same limit to be applied to all of the interfaces configured for that specific routing instance.

You can also limit the number of MAC addresses learned by a specific interface configured for a VPLS routing instance. This gives you the ability to limit particular interfaces that you expect might generate a lot of MAC addresses.

To limit the number of MAC addresses learned by a specific interface, include the interface-mac-limit statement at the following hierarchy levels:

The MAC limit configured for an individual interface at this hierarchy level overrides any value configured at the [edit routing-instances routing-instance-name protocols vpls] hierarchy level. Also, the MAC limit configured using the mac-table-size statement can override the limit configured using the interface-mac-limit statement.

The MAC address limit applies to customer-facing interfaces only.

Removing Addresses from the MAC Address Database

You can enable MAC flush processing for the VPLS routing instance or for the mesh group under a VPLS routing instance. MAC flush processing removes MAC addresses from the MAC address database that have been learned dynamically. With the dynamically learned MAC addresses removed, MAC address convergence requires less time to complete.

You can clear dynamically learned MAC addresses from the MAC address database by including the mac-flush statement:

mac-flush [ explicit-mac-flush-message-options ];

To clear dynamically learned MAC addresses globally across all devices participating in the routing instance, you can include the statement at the following hierarchy levels:

To clear the MAC addresses on the routers in a specific mesh group, you can include the statement at the following hierarchy levels:

For certain cases where MAC flush processing is not initiated by default, you can also specify explicit-mac-flush-message-options to additionally configure the router to send explicit MAC flush messages under specific conditions. For a list of the explicit MAC flush message options you can include with this statement, see the summary section for this statement.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.