Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Configuring Inter-AS VPLS with MAC Processing at the ASBR

 

This example describes how to configure inter-AS Virtual Private LAN Service (VPLS) with MAC processing between BGP-signaled VPLS and LDP-signaled VPLS. This feature is described in RFC 4761 as multi-AS VPLS option E or method E.

This example is organized in the following sections:

Requirements

To support inter-AS VPLS between BGP-signaled VPLS and LDP-signaled VPLS, your network must meet the following hardware and software requirements:

  • MX Series or M320 routers for the ASBRs.

  • Junos OS Release 9.3 or higher.

  • Gigabit Ethernet or 10-Gigabit Ethernet interfaces.

Note

This configuration example has been tested using the software release listed and is assumed to work on all later releases.

Overview and Topology

VPLS is a key enabler for delivering multipoint Ethernet service. Major service providers have implemented IP and MPLS backbones and offer VPLS services to large enterprises. Growing demand requires the VPLS network to scale to support many VPLS customers with multiple sites spread across geographically dispersed regions. BGP-signaled VPLS signaling offers scaling advantages over LDP-signaled VPLS. In some environments there is a need for BGP-signaled VPLS to interoperate with existing LDP-signaled VPLS.

This example shows one way to configure BGP-signaled VPLS interworking with an existing LDP-signaled VPLS network.

The advantages of the configuration are:

  • You can interconnect customer sites that are spread across different autonomous systems (ASs).

  • LDP-signaled VPLS and BGP-signaled VPLS interworking is supported.

  • Because the ASBR supports MAC operations, customer sites can be connected directly to the ASBR.

  • The inter-AS link is not restricted to Ethernet interfaces.

  • Additional configuration for multihoming is relatively straightforward.

Traffic from the interworking virtual private LAN services is switched at the ASBR. The ASBR does all the data plane operations: flooding, MAC learning, aging, and MAC forwarding for each AS to switch traffic among any customer facing interfaces and between the fully meshed pseudowires in the AS. A single pseudowire is created between the ASBRs across the inter-AS link and the ASBRs forward traffic from the pseudowires in each AS to the peer ASBR.

Each ASBR performs VPLS operations within its own AS and performs VPLS operations with the ASBR in the other AS. The ASBR treats the other AS as a BGP-signaled VPLS site. To establish VPLS pseudowires, VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBRs.

The sample metro network is configured for LDP-signaled VPLS. The core network is configured for BGP-signaled VPLS.

The first part of the example shows the basic configuration steps to configure the logical interfaces, OSPF, internal BGP, LDP, and MPLS. This part of the configuration is the same as other VPLS configurations for LDP-signaled VPLS and BGP-signaled VPLS.

The unique part of the example is configured in the VPLS routing instances, external BGP, and the policy that populates the BGP route table with routes learned from direct routes and OSPF routes. Additional details about the configuration statements are included in the step-by-step procedure.

Figure 1 shows the topology used in this example.

Figure 1: Inter-AS VPLS with MAC Operations Example Topology
Inter-AS VPLS
with MAC Operations Example Topology

Configuration

To configure inter-AS VPLS between BGP-signaled VPLS and LDP-signaled VPLS, perform these tasks.

Note

In any configuration session it is a good practice to periodically use the commit check command to verify that the configuration can be committed.

Configuring Interfaces

Step-by-Step Procedure

To configure interfaces:

  1. On each router, configure an IP address on the loopback logical interface 0 (lo0.0):
  2. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  3. On each router, display the interface information for lo0 and verify that the correct IP address is configured:
    user@host> show interfaces lo0

    In the example above notice that the primary lo0 local address for the inet protocol family on Router ASBR1 is 192:168:3:1.

  4. On each router, configure an IP address and protocol family on the Gigabit Ethernet interfaces. Specify the inet protocol family.
  5. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  6. Display information for Gigabit Ethernet interfaces and verify that the IP address and protocol family are configured correctly.
    user@ASBR2> show interfaces ge-* terse

Configuring OSPF

Step-by-Step Procedure

To configure OSPF:

  1. On the PE and ASBR routers, configure the provider instance of OSPF. Configure OSPF traffic engineering support. Specify area 0.0.0.1 in the LDP-signaled VPLS network and area 0.0.0.0 in the BGP-signaled network. Specify the Gigabit Ethernet logical interfaces between the PE and ASBR routers. Specify lo0.0 as a passive interface.
  2. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  3. Display OSPF neighbor information and verify that the PE routers form adjacencies with the ASBR router in the same area. Verify that the neighbor state is Full.
    user@host> show ospf neighbor

Configuring the Internal BGP Peer Group

Step-by-Step Procedure

The purpose of configuring an internal BGP peer group is to create a full mesh of BGP LSPs among the PE routers in the BGP-signaled AS, including the ASBR routers.

To configure the internal BGP peer group:

  1. The purpose of this step is to create a full mesh of IBGP peers between the PE routers, including the ASBR routers, within the BGP-signaled AS.

    On Router ASBR2, configure internal BGP. Specify the BGP type as internal. Specify the local address as the local lo0 IP address.

    Specify the inet protocol family. Specify the labeled-unicast statement and the resolve-vpn option. The labeled-unicast statement causes the router to advertise labeled routes out of the IPv4 inet.0 route table and places labeled routes into the inet.0 route table. The resolve-vpn option puts labeled routes in the MPLS inet.3 route table The inet.3 route table is used to resolve routes for the PE router located in the other AS.

    Specify the l2vpn family to indicate to the router that this is a VPLS. Specify the signaling option to configure BGP as the signaling protocol. This enables BGP to carry Layer 2 VPLS NLRI messages for this peer group.

    Specify the lo0 interface IP address of the PE as the neighbor. Configure an autonomous system identifier.

  2. On Router PE2, configure internal BGP. Specify the BGP type as internal. Specify the local address as the local lo0 IP address.

    Specify the l2vpn family to indicate this is a VPLS. Specify the signaling option to configure BGP as the signaling protocol. This enables BGP to carry Layer 2 VPLS NLRI messages.

    Specify the lo0 interface IP address of Router ASBR2 as the neighbor. Configure an autonomous system identifier.

  3. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  4. On Router PE2 and Router ASBR2, display BGP neighbor information and verify that the peer connection state is Established.
    user@ASBR2> show bgp neighbor

Configuring LDP

Step-by-Step Procedure

To configure LDP:

  1. On the PE and ASBR routers, configure LDP with the Gigabit Ethernet interfaces between the PE and ASBR routers, and between the two ASBR routers. To support LDP-signaled VPLS, additionally configure LDP with the lo0.0 interface on Router PE1 and Router ASBR1:
    Note

    The configuration of LDP signaling between the ASBR routers is not required for Inter-AS VPLS. It is included here for reference only and might be used in LDP environments.

  2. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  3. Display LDP configuration information and verify that the correct interfaces are configured. LDP operation can be verified after MPLS is configured.
    user@ASBR1> show configuration protocols ldp

    The preceding example is from ASBR1.

Configuring MPLS

Step-by-Step Procedure

To configure MPLS:

  1. On the PE and ASBR routers, configure MPLS. Enable MPLS on the logical interfaces. Add the Gigabit Ethernet interfaces to the MPLS protocol. This adds entries to the MPLS forwarding table.
  2. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  3. On the PE and ASBR routers, display LDP neighbor information and verify that the directly connected LDP neighbors are listed:
    user@ASBR1> show ldp neighbor

    The preceding example is from ASBR1.

Configuring the External BGP Peer Group Between the Loopback Interfaces

Step-by-Step Procedure

To configure the external BGP (EBGP) peer group between the loopback interfaces:

  1. On Router ASBR1 and Router PE1, configure an autonomous system identifier:
  2. On Router ASBR1, configure an external BGP peer group for the loopback interfaces. Specify the external BGP group type. Include the multihop statement. Specify the local address as the local lo0 IP address. Configure the l2vpn family for BGP signaling. Configure the peer AS as the core AS number. Specify the lo0 IP address of Router ASBR2 as the neighbor.
  3. On Router ASBR2, configure an external BGP peer group for the loopback interfaces. Specify the external BGP group type. Include the multihop statement. The multihop statement is needed because the EBGP neighbors are in different ASs. Specify the local address as the local lo0 IP address. Configure the l2vpn family for BGP signaling. Configure the peer AS as the metro AS number. Specify the lo0 IP address of Router ASBR1 as the neighbor.
  4. On each router, commit the configuration:
    user@host> commit

Configuring the External BGP Peer Group Between the Inter-AS Link Interfaces

Step-by-Step Procedure

The purpose of configuring external BGP peer groups between the inter-AS link interfaces is to create a full mesh of BGP LSPs among the ASBR routers. To configure the external BGP peer group between the inter-AS link interfaces:

  1. On Router ASBR1, configure a policy to export OSPF and direct routes, including the lo0 address of the PE routers, into BGP for the establishment of label-switched paths (LSPs):
  2. On Router ASBR1, configure an external BGP peer group for the inter-AS link. Specify the external BGP group type. Specify the local inter-AS link IP address as the local address. Configure the inet family and include the labeled-unicast and resolve-vpn statements. The labeled-unicast statement advertises labeled routes out of the IPv4 inet.0 route table and places labeled routes into the inet.0 route table. The resolve-vpn option stores labeled routes in the MPLS inet.3 route table.

    Include the export statement and specify the policy you created. Configure the peer AS as the core AS number. Specify the inter-AS link IP address of Router ASBR2 as the neighbor.

  3. On Router ASBR2, configure a policy to export OSPF and direct routes, including the lo0 address, into BGP for the establishment of LSPs:
  4. On Router ASBR2, configure an external BGP peer group for the inter-AS link. Specify the external BGP group type. Specify the local inter-AS link IP address as the local address. Configure the inet family and include the labeled-unicast and resolve-vpn statements. Include the export statement and specify the policy you created. Configure the peer AS as the core AS number. Specify the inter-AS link IP address of Router ASBR1 as the neighbor.
  5. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  6. On Router ASBR1, display the BGP neighbors. Verify that the first peer is the IP address of the Gigabit Ethernet interface of Router ASBR2. Verify that the second peer is the IP address of the lo0 interface of Router ASBR2. Also verify that the state of each peer is Established. Notice that on Router ASBR1 the NLRI advertised by Router ASBR2 the inter-AS link peer is inet-labeled-unicast and the NLRI advertised by Router ASBR2 the loopback interface peer is l2vpn-signaling.
    user@ASBR1> show bgp neighbor
  7. On Router ASBR2, display the BGP summary. Notice that the first peer is the IP address of the Gigabit Ethernet interface of Router ASBR1, the second peer is the IP address of the lo0 interface of Router ASBR1, and the third peer is the lo0 interface of Router PE2. Verify that the state of each peer is Established.
    user@ASBR2> show bgp summary
  8. On Router PE2, display the BGP group. Verify that the peer is the IP address of the lo0 interface of Router ASBR2. Verify that the number of established peer sessions is 1.
    user@PE1> show bgp group

Configuring the VPLS Routing Instances

Step-by-Step Procedure

To configure the VPLS routing instances:

  1. On Router PE1, configure the VPLS routing instance. To enable a VPLS instance, specify the vpls instance type. Configure VPLS on the CE-facing Gigabit Ethernet interface. Configure the CE-facing interface to use ethernet-vpls encapsulation.
  2. On Router PE1, configure the VPLS protocol within the routing instance. To uniquely identify the virtual circuit, configure the VPLS identifier. The VPLS identifier uniquely identifies each VPLS in the router. Configure the same VPLS ID on all the routers for a given VPLS.

    Specify the IP address of the lo0 interface on Router ASBR2 as the neighbor.

    Configure the CE-facing interface to use ethernet-vpls encapsulation and the vpls protocol family.

  3. On Router ASBR1, configure the VPLS routing instance. To enable a VPLS instance, specify the vpls instance type. Configure a route distinguisher and a VRF target. The vrf-target statement causes default VRF import and export policies to be generated that accept and tag routes with the specified target community.Note

    A route distinguisher allows the router to distinguish between two identical IP prefixes used as VPN routes. Configure a different route distinguisher on each ASBR router.

    Note

    You must configure the same VRF target on both ASBR routers.

  4. On Router ASBR1, configure the VPLS protocol within the routing instance.

    Configure the VPLS identifier. Specify the IP address of the lo0 interface on Router PE1 as the neighbor.

    Note

    The VPLS identifier uniquely identifies each LDP-signaled VPLS in the router. Configure the same VPLS ID on Router PE1 and Router ASBR1.

  5. On Router ASBR1, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol to establish the EBGP pseudowire. As a best practice for more complex topologies involving multihoming, configure a site preference.
  6. On Router ASBR1, configure the VPLS mesh group peer-as statement within the routing instance to specify which ASs belong to this AS mesh group. Configure the peer AS for the mesh group as all.

    This statement enables the router to establish a single pseudowire between the ASBR routers. VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBR routers. All autonomous systems are in one mesh group.

  7. On ASBR2, configure the VPLS routing instance. To enable a VPLS instance, specify the vpls instance type. Configure a route distinguisher and a VRF target. The vrf-target statement causes default VRF import and export policies to be generated that accept and tag routes with the specified target community.Note

    A route distinguisher allows the router to distinguish between two identical IP prefixes used as VPN routes. Configure a different route distinguisher on each ASBR router.

    Note

    You must configure the same VRF target community on both ASBR routers.

  8. On Router ASBR2, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol.
  9. On Router ASBR2, configure the VPLS mesh group within the routing instance to specify which VPLS PEs belong to this AS mesh group. Configure the peer AS for the mesh group as all.

    This statement enables the router to establish a single pseudowire between the ASBR routers. VPLS NLRI messages are exchanged across the EBGP sessions on the inter-AS links between the ASBR routers. All autonomous systems are in one mesh group.

  10. On Router PE2, configure the VPLS routing instance. To enable a VPLS instance, specify the vpls instance type. Configure VPLS on the CE-facing Gigabit Ethernet interface. Configure a route distinguisher and a VRF target.
  11. On Router PE2, configure the VPLS site within the routing instance. Configure the site identifier as required by the protocol.

    Configure the CE-facing interface to use ethernet-vpls encapsulation and the vpls protocol family.

  12. On each router, commit the configuration:
    user@host> commit check
    configuration check succeeds
    user@host> commit
    commit complete
  13. On the PE routers, display the CE-facing Gigabit Ethernet interface information and verify that the encapsulation is configured correctly:
    user@host> show interfaces ge-1/3/0

Results

This section describes commands you can use to test the operation of the VPLS.

  1. To verify the VPLS connections have been established, enter the show vpls connections command on Router PE 1.
    user@PE1> show vpls connections

    In the display from Router PE1, verify that the neighbor is the lo0 address of Router ASBR1 and that the status is Up.

  2. To verify the VPLS connections have been established, enter the show vpls connections command on Router ASBR 1.
    user@ASBR1> show vpls connections

    In the display from Router ASBR1, verify that the neighbor is the lo0 address of Router PE1 and that the status is Up.

  3. To verify the VPLS connections have been established, enter the show vpls connections command on Router ASBR2.
    user@ASBR2> show vpls connections

    In the display from Router ASBR2, verify that the neighbor is the lo0 address of Router PE2 and that the status is Up.

  4. To verify the VPLS connections have been established, enter the show vpls connections command on Router PE2.
    user@PE2> show vpls connections

    In the display from Router PE2, verify that the remote PE is the lo0 address of Router ASBR2 and that the status is Up.

  5. To verify that the CE routers can send and receive traffic across the VPLS, use the ping command.
    user@CE1> ping 10.10.11.2
    user@CE2> ping 10.10.11.1

    If Router CE1 can send traffic to and receive traffic from Router CE2 and Router CE2 can send traffic to and receive traffic from Router CE1, the VPLS is performing correctly.

  6. To display the configuration for Router CE1, use the show configuration command.

    For your reference, the relevant sample configuration for Router CE1 follows.

  7. To display the configuration for Router PE1, use the show configuration command.

    For your reference, the relevant sample configuration for Router PE1 follows.

  8. To display the configuration for Router ASBR1, use the show configuration command.

    For your reference, the relevant sample configuration for Router ASBR1 follows.

  9. To display the configuration for Router ASBR2, use the show configuration command.

    For your reference, the relevant sample configuration for Router ASBR2 follows.

  10. To display the configuration for Router PE2, use the show configuration command.

    For your reference, the relevant sample configuration for Router PE2 follows.

  11. To display the configuration for Router CE2, use the show configuration command.

    For your reference, the relevant sample configuration for Router CE2 follows.