[an error occurred while processing this directive][an error occurred while processing this directive]

Example: VPLS Configuration (BGP Signaling)

Figure 1: VPLS Topology Diagram

Image g017142.gif

In Figure 1, a simple VPLS topology is enabled between routers PE1 and PE2. CE routers CE1 and CE2 use Ethernet-based interfaces to connect VLAN 600 to their local PE router. The PE routers PE1 and PE2 are connected to one another by LSPs enabled across a service provider backbone running MPLS, BGP, RSVP, and OSPF.

In a VPLS routing instance named green, PE1 has a local interface fe-0/1/0 and a virtual port of vt-0/3/0.32770 (the virtual port is created dynamically on the Tunnel Services PIC when VPLS is configured). PE2 has a local interface fe-0/1/0 and a virtual port of vt-0/3/0.32771 in the same green instance. As a result, routers CE1 and CE2 send Ethernet traffic to one another as if they were physically connected to each other on a LAN.

On Router CE1, the only item you need to configure is the Fast Ethernet interface that connects to PE1. Be sure to write down the VLAN identifier and IP address, so you can match them later on CE2.

Router CE1

[edit]interfaces {fe-0/1/0 {vlan-tagging; # Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS.unit 0 {vlan-id 600; # The Ethernet interface on CE2 must use the same VLAN ID.family inet {address 10.11.3.1/24; # The interface on CE2 must use the same prefix.}}}}

On Router PE1, prepare the router for VPLS by configuring BGP, MPLS, OSPF, and RSVP. (These protocols are the basis for most Layer 2 VPN-related applications, including VPLS.) Include the signaling statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level, because VPLS uses the same infrastructure for internal BGP as Layer 2 VPNs.

Note: In JUNOS Release 7.3 and later, the signaling statement replaces the unicast statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level. You must use the signaling statement if you wish to configure VPLS domains and Layer 2 VPNs simultaneously.

Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE1. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Be sure to use the same VLAN ID for all Ethernet interfaces that are part of a single VPLS instance. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.

Router PE1

[edit]interfaces { fe-0/1/0 { vlan-tagging;# Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS. encapsulation vlan-vpls; # Configure VPLS encapsulation on both theunit 0 { # physical interface and the logical interface. encapsulation vlan-vpls; vlan-id 600;# The VLAN ID is the same one used by the CE routers.}}so-1/1/0 {unit 0 {family inet {address 10.11.1.5/30;}family mpls;}}lo0 {unit 0 {family inet {address 10.245.14.218/32;}}}}routing-options {autonomous-system 69;forwarding-table {export exp-to-fwd; # Apply a policy that selects an LSP for the VPLS instance.}}protocols { rsvp { interface all {aggregate;}} mpls { label-switched-path pe1-to-pe2 { # Configure an LSP to reach other VPLS PEs.to 10.245.14.219;}interface all;}bgp {group vpls-pe {type internal;local-address 10.245.14.218;family l2vpn { # VPLS uses the same infrastructure as Layer 2 VPNssignaling; # for internal BGP.}neighbor 10.245.14.217;neighbor 10.245.14.219;}}ospf {traffic-engineering;area 0.0.0.0 {interface so-1/1/0.0 {metric 11;}interface lo0.0 {passive;}}}}policy-options {policy-statement exp-to-fwd {term a {from community grn-com; # Matches the community in the VPLS instance.then {install-nexthop lsp pe1-to-pe2; # If there are multiple LSPs that exist accept; # between VPLS PE routers, this statement sends VPLS traffic} # over a specific LSP.}}community grn-com members target:11111:1; # Adds the instance to a BGP } # community.routing-instances {green {instance-type vpls; # Configure a VPLS routing instance.interface fe-0/1/0.0;route-distinguisher 10.245.14.218:1;vrf-target target:11111:1; # This value is important to the BGP community.protocols {vpls { # Configure a VPLS site range, site name, and site identifier.site-range 10;site greenPE1 {site-identifier 1;}}}}}

On Router P0, configure BGP, MPLS, OSPF, and RSVP to interconnect PE1 and PE2.

Router P0

[edit]interfaces {so-0/0/0 {unit 0 {family inet {address 10.11.2.6/30;}family mpls;}} so-1/1/0 { unit 0 {family inet {address 10.11.1.6/30;}family mpls;}}lo0 {unit 0 {family inet {address 10.245.14.217/32;}}}}protocols { rsvp { interface all {aggregate;}} mpls { interface all;}bgp {group vpls-pe {type internal;local-address 10.245.14.217;family l2vpn { # VPLS uses the same infrastructure as Layer 2 VPNssignaling; # for internal BGP.}neighbor 10.245.14.218;neighbor 10.245.14.219;}}ospf {traffic-engineering;area 0.0.0.0 {interface so-1/1/0.0 {metric 11;}interface so-0/0/0.0 {metric 15;}interface lo0.0 {passive;}}}}

On Router PE2, configure BGP, MPLS, OSPF, and RSVP to complement the configuration on PE1. Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE2. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Be sure to use the same VLAN ID for all Ethernet interfaces that are part of a single VPLS instance. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.

Router PE2

[edit]interfaces {fe-0/1/0 { vlan-tagging; # Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS.encapsulation vlan-vpls; # Configure VPLS encapsulation on both theunit 0 { # physical interface and logical interface.encapsulation vlan-vpls;vlan-id 600;# The VLAN ID is the same one used by the CE routers.}}so-0/0/0 {unit 0 {family inet {address 10.11.2.5/30;}family mpls;}}lo0 {unit 0 {family inet {address 10.245.14.219/32;}}}}routing-options {autonomous-system 69;forwarding-table {export exp-to-fwd; # Apply a policy that selects an LSP for the VPLS instance.}}protocols {rsvp {interface all {aggregate;}}mpls {label-switched-path pe2-to-pe1 { # Configure an LSP to other VPLS PE routers.to 10.245.14.218;}interface all;}bgp {group vpls-pe {type internal;local-address 10.245.14.219;family l2vpn { # VPLS uses the same infrastructure as Layer 2 VPNssignaling; # for internal BGP.}neighbor 10.245.14.217;neighbor 10.245.14.218;}}ospf {traffic-engineering;area 0.0.0.0 {interface so-0/0/0.0 {metric 15;}interface lo0.0 {passive;}}}}policy-options {policy-statement exp-to-fwd {term a {from community grn-com; # Matches the community with the VPLS instance.then {install-nexthop lsp pe2-to-pe1; # If there are multiple LSPs that existaccept; # between VPLS PE routers, this statement sends VPLS traffic} # over a specific LSP.}}community grn-com members target:11111:1; # This adds the instance into a BGP community.}routing-instances {green {instance-type vpls; # Configure a VPLS routing instance.interface fe-0/1/0.0;route-distinguisher 10.245.14.219:1;vrf-target target:11111:1; # This value is important for the BGP community.protocols {vpls { # Configure a VPLS site range, site name, and site identifier.site-range 10;site greenPE2 {site-identifier 2;}}}}}

On Router CE2, complete your VPLS network by configuring the Fast Ethernet interface that connects to PE2. Use the same VLAN identifier and IP address prefix used on Router CE1.

Router CE2

[edit]interfaces {fe-0/1/0 {vlan-tagging; # Configure VLAN tagging for VLAN VPLS or extended VLAN VPLS.unit 0 {vlan-id 600; # The Ethernet interface on CE1 must use the same VLAN ID.family inet {address 10.11.3.2/24; # The interface on CE1 must use the same prefix.}}}}

Verifying Your Work

To verify proper operation of VPLS, use the following commands:

  • clear vpls mac-address instance instance-name
  • show interfaces terse
  • show route forwarding-table family mpls
  • show route forwarding-table family vpls (destination | extensive | matching | table)
  • show route instance (detail)
  • show system statistics vpls
  • show vpls connections
  • show vpls statistics

The following section shows the output of these commands on Router PE1 as a result of the configuration example:


user@PE1> show interfaces terse
Interface               Admin Link Proto Local                 Remote
so-1/1/0                up    up
so-1/1/0.0              up    up   inet  10.11.1.5/30
                                   mpls
so-1/1/1                up    up
so-1/1/2                up    up
so-1/1/3                up    up
fe-0/1/0                up    up
fe-0/1/0.0              up    up   vpls   # This is the local Fast Ethernet   
# interface.
fe-0/1/1                up    up
fe-0/1/2                up    up
fe-0/1/3                up    up
gr-0/3/0                up    up
ip-0/3/0                up    up
mt-0/3/0                up    up
pd-0/3/0                up    up
pe-0/3/0                up    up
vt-0/3/0                up    up
vt-0/3/0.32770          up    up  # This is the dynamically generated virtual port.
dsc                     up    up
fxp0                    up    up
fxp0.0                  up    up   inet  192.186.14.218/24
fxp1                    up    up
fxp1.0                  up    up   tnp   4
gre                     up    up
ipip                    up    up
lo0                     up    up
lo0.0                   up    up   inet  10.245.14.218       --> 0/0
                                         127.0.0.1           --> 0/0
                                   inet6 fe80::2a0:a5ff:fe28:13e0
                                         feee::10:245:14:218
lsi                     up    up
mtun                    up    up
pimd                    up    up
pime                    up    up
tap                     up    up


user@PE1> show system statistics vpls
vpls:
        0 total packets received
        0 with size smaller than minimum
        0 with incorrect version number
        0 packets for this host
        0 packets with no logical interface
        0 packets with no family
        0 packets with no route table
        0 packets with no auxiliary table
        0 packets with no corefacing entry
        0 packets with no CE-facing entry
         6 mac route learning requests # This indicates that VPLS is working.
        6 mac routes learnt
        0 mac routes aged
        0 mac routes moved

To display VPLS source and destination MAC address accounting information, use the destination, extensive, matching, or table option with the show route forwarding-table family vpls command. When you analyze the display output, keep in mind the following:

  • VPLS MAC address accounting is handled on a per-MAC address basis for each VPLS instance. All information is retrieved from MAC address entries in the MAC address table. VPLS MAC address accounting is performed only on local CE routers.
  • The VPLS counters for source and destination MAC addresses increment continuously until the oldest MAC address entries are removed from the memory buffer, either when the entries time out or if the VPLS instance is restarted.

    user@PE1> show route forwarding-table family vpls extensive
    Routing table: green.vpls [Index 2]
    VPLS:
        
    Destination:  default
      Route type: dynamic             Route reference: 0
      Flags: sent to PFE 
      Next-hop type: flood                 Index: 353      Reference: 1
        
    Destination:  default
      Route type: permanent           Route reference: 0
      Flags: none 
      Next-hop type: discard               Index: 298      Reference: 1
        
    Destination:  fe-0/1/0.0
      Route type: dynamic             Route reference: 0
      Flags: sent to PFE
      Next-hop type: flood                 Index: 355      Reference: 1
        
    Destination:  bb:bb:bb:bb:bb:bb/48 # This MAC address belongs to remote CE2.
      Route type: dynamic             Route reference: 0
      Flags: sent to PFE, prefix load balance  
      Next-hop type: indirect              Index: 351      Reference: 4
      Next-hop type: Push 800000, Push 100002(top)
      Next-hop interface: so-1/1/0.0
        
    Destination:  aa:aa:aa:aa:aa:aa/48 # This MAC address belongs to local CE1.
      Route type: dynamic             Route reference: 0
      Flags: sent to PFE, prefix load balance
      Next-hop type: unicast               Index: 354      Reference: 2
      Next-hop interface: fe-0/1/0.0
    

    user@PE1> show route forwarding-table family vpls
    Routing table: green.vpls
    VPLS:
    Destination        Type RtRef Next hop          Type Index NhRef Netif
    default            dynm     0                   flood  353     1
    default            perm     0                   dscd   298     1
    fe-0/1/0.0         dynm     0                   flood  355     1
    bb:bb:bb:bb:bb:bb/48 # This MAC address belongs to remote CE2.
                       dynm     0                   indr   351     4
                                                    Push 800000, Push 100002(top)
    so-1/1/0.0
    aa:aa:aa:aa:aa:aa/48 # This MAC address belongs to local CE1.
                       dynm     0                   ucst   354     2 fe-0/1/0.0
    
    

    user@PE1> show route forwarding-table family mpls
    Routing table: mpls
    MPLS:
    Destination        Type RtRef Next hop          Type Index NhRef Netif
    default            perm     0                   dscd    19     1
    0                  user     0                   recv    18     3
    1                  user     0                   recv    18     3
    2                  user     0                   recv    18     3
    100000             user     0 10.11.1.6         swap  100001     so-1/1/0.0
    800002             user     0                   Pop              vt-0/3/0.32770
    vt-0/3/0.32770 (VPLS)
                       user     0                   indr   351     4
                                                    Push 800000, Push 100002(top) so-1/1/0.0
    
    

    user@PE1> show route instance green detail
    green:
      Router ID: 0.0.0.0
      Type: vpls              State: Active
      Interfaces:
        fe-0/1/0.0  # This is the local Fast Ethernet interface.
        vt-0/3/0.32770  # This is the dynamically generated VPLS virtual port.
      Route-distinguisher: 10.245.14.218:1
      Vrf-import: [ __vrf-import-green-internal__ ]
      Vrf-export: [ __vrf-export-green-internal__ ]
      Vrf-import-target: [ target:11111:1 ]
      Vrf-export-target: [ target:11111:1 ]
      Tables:
        green.l2vpn.0          : 2 routes (2 active, 0 holddown, 0 hidden)
    
    

    user@PE1> show vpls connections
    L2VPN Connections:
    Legend for connection status (St)   
    OR -- out of range              WE -- intf encaps != instance encaps
    EI -- encapsulation invalid     Dn -- down
    EM -- encapsulation mismatch    VC-Dn -- Virtual circuit down
    CM -- control-word mismatch     -> -- only outbound conn is up
    CN -- circuit not present       <- -- only inbound  conn is up
    OL -- no outgoing label         Up -- operational
    NC -- intf encaps not CCC/TCC   XX -- unknown
    NP -- interface not present
    Legend for interface status
    Up -- operational
    Dn -- down
    Instance: green
    Local site: greenPE1 (1)
        connection-site           Type  St     Time last up          # Up trans
        2                         rmt   Up     Jan 24 06:26:49 2003           1
          Local interface: vt-0/3/0.32770, Status: Up, Encapsulation: VPLS
          Remote PE: 10.245.14.219, Negotiated control-word: No
          Incoming label: 800002, Outgoing label: 800000
    
    

    user@PE1> show system statistics vpls
    vpls:
            0 total packets received
            0 with size smaller than minimum
            0 with incorrect version number
            0 packets for this host
            0 packets with no logical interface
            0 packets with no family
            0 packets with no route table
            0 packets with no auxiliary table
            0 packets with no corefacing entry
            0 packets with no CE-facing entry
            7 mac route learning requests
            7 mac routes learnt
            0 mac routes aged
            0 mac routes moved
    
    

    user@PE1> show route instance green detail
    green:
      Router ID: 0.0.0.0
      Type: vpls              State: Active
       Interfaces:
        fe-0/1/0.0
        vt-0/3/0.32770
      Route-distinguisher: 10.245.14.218:1
      Vrf-import: [ __vrf-import-green-internal__ ]
      Vrf-export: [ __vrf-export-green-internal__ ]
      Vrf-import-target: [ target:11111:1 ]
      Vrf-export-target: [ target:11111:1 ]
      Tables:
        green.l2vpn.0          : 2 routes (2 active, 0 holddown, 0 hidden)
    

    user@PE1> show vpls statistics
    Layer-2 VPN Statistics:
    Instance: green
       Local interface: fe-0/1/0.0, Index: 351
       Remote provider edge router: 10.245.14.219
         Multicast packets:                   363
         Multicast bytes  :                 30956
         Flood packets    :                     0
         Flood bytes      :                     0
       Local interface: vt-0/3/0.32770, Index: 354
       Remote provider edge router: 10.245.14.219
         Multicast packets:                   135
         Multicast bytes  :                 12014
         Flood packets    :                   135
         Flood bytes      :                 12014
    

To clear all MAC address entries for a VPLS instance from the VPLS table, issue the clear vpls mac-address instance instance-name command. Add the logical-system logical-system-name option to clear entries in a VPLS instance within a logical system. Use the mac-address option to remove individual MAC addresses.


Published: 2010-04-15

[an error occurred while processing this directive]