Technical Documentation

Example: VPLS Configuration (BGP and LDP Interworking)

Figure 1: Topology for VPLS Configuration Example

Image g016897.gif

Figure 1, shows two VPLS mesh groups: LDP-1 and the default BGP mesh group. The VPLS instance is named vi in the configuration. Table 1 shows the addresses for the router interfaces in the example topology.

Table 1: Router Interface Addresses for VPLS Configuration Example

Router

Interface

Address

CE1

fe-0/0/3 (link to Router PE1)

10.12.31.1

loopback

10.12.53.1

CE2

fe-0/0/1 (link to Router PE2)

10.12.31.2

loopback

10.12.53.2

PE1

t1-1/1/1 (link to Router PE2)

10.12.100.17

t1-0/1/0 (link to Router B)

10.12.100.2

loopback

10.255.170.106

PE2

t1-0/1/1 (link to Router PE1)

10.12.100.18

t1–0/1/3 (link to Router B)

10.12.100.6

loopback

10.255.170.104

B

t1-0/1/2 (link to Router PE1)

10.12.100.1

t1-0/1/3 (link to Router PE2)

10.12.100.5

so-0/2/2 (link to Router PE3)

10.12.100.9

fe-0/0/3 (link to Router PE4)

10.12.100.13

loopback

10.255.170.98

PE3

s0-0/2/1 (link to Router B)

10.12.100.10

so-0/2/2 (link to Router P0)

10.12.100.21

loopback

10.255.170.96

P0

so-0/2/1 (link to Router PE3)

10.12.100.22

t1-0/1/3 (link to Router PE4)

10.12.100.25

loopback

10.255.170.100

PE4

fe-0/0/3 (link to Router B)

10.12.100.14

t1-0/1/3 (link to Router P0)

10.12.100.26

loopback

10.255.170.102

CE3

ge-1/2/1 (link to PE3)

10.12.31.3

loopback

10.12.53.3

CE4

fe-0/0/2 (link to PE4)

10.12.31.4

loopback

10.12.53.4

On Router CE3, the only item you need to configure is the Gigabit Ethernet interface that connects to PE3.

Router CE3

[edit]interfaces {ge-1/2/1 {unit 0 {family inet {address 10.12.31.1/24;}}}}

On Router PE3, prepare the router for VPLS by configuring BGP, MPLS, OSPF, and LDP. (These protocols are the basis for most Layer 2 VPN-related applications, including VPLS.) Include the signaling statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level, because VPLS uses the same infrastructure for internal BGP as Layer 2 VPNs.

Note: In JUNOS Release 7.3 and later, the signaling statement replaces the unicast statement at the [edit protocols bgp group group-name family l2vpn] hierarchy level. You must use the signaling statement if you wish to configure VPLS domains and Layer 2 VPNs simultaneously.

Next, configure VLAN tagging on the Gigabit Ethernet interface connected to Router CE3. Finally, add the Gigabit Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.

Router PE3

[edit]interfaces {so-0/2/1 {unit 0 {family inet {address 10.12.100.10/30;}family mpls;}so-0/2/2 {unit 0 {family inet {address 10.12.100.21/30;}family mpls;}}ge-1/3/1 {encapsulation ethernet-vpls;unit 0 {family vpls;}}}}protocols {mpls {interface all;}bgp {log-updown;group int {type internal;local-address 10.255.170.96;family l2vpn {signaling;}neighbor 10.255.170.98;neighbor 10.255.170.102;}}ospf {area 0.0.0.0 {interface so-0/2/1.0;interface so-0/2/2.0;interface lo0.0 {passive;}}}ldp {interface so-0/2/1.0;interface so-0/2/2.0;}}routing-instances {v1 {instance-type vpls;interface ge-1/3/1.0;route-distinguisher 10.255.170.96:1;vrf-target target:1:2;protocols {vpls {site-range 10;site 1 {site-identifier 3;}}}}

On Router P0, configure MPLS, OSPF, and LDP to interconnect PE3 and PE4.

Router P0

[edit]interfaces {t1-0/1/3 {unit 0 {family inet {address 10.12.100.25/30;}family mpls;}so-0/2/1 {unit 0 {family inet {address 10.12.100.22/30;}family mpls;}}}protocols {mpls {interface all;}ospf {area 0.0.0.0 {interface so-0/2/1.0;interface t1-0/1/3.0;interface lo0.0 {passive;}}}ldp {interface t1-0/1/3.0;interface so-0/2/1.0;}}

On Router PE4, configure BGP, MPLS, OSPF, and LDP to complement the configuration on PE3. Next, configure VLAN tagging on the Fast Ethernet interface connected to Router CE4. Include VLAN VPLS encapsulation at both the physical and logical interface levels. Finally, add the Fast Ethernet interface into a VPLS routing instance and specify the site range, site ID number, and site name.

Router PE4

[edit]interfaces {fe-0/0/2 {encapsulation ethernet-vpls;unit 0 {family vpls;}fe-0/0/3 {unit 0 {family inet {address 10.12.100.14/30;}family mpls;}}t1-0/1/3 {unit 0 {family inet {address 10.12.100.26/30;}family mpls;}}}protocols {mpls {interface all;}bgp {log-updown;group int {type internal;local-address 10.255.170.102;family l2vpn {signaling;}neighbor 10.255.170.96;neighbor 10.255.170.98;}}}ospf {area 0.0.0.0 {interface fe-0/0/3.0;interface t1-0/1/3.0;interface lo0.0 {passive;}}}ldp {interface fe-0/0/3.0;interface t1-0/1/3.0;interface lo0.0;}}

On Router CE4, configure the Fast Ethernet interface that connects to PE4.

Router CE4

[edit]interfaces {fe-0/0/2 {unit 0 {family inet {address 10.12.31.4/24;}}}}

On Router B, the area border router, configure the interfaces. Next, configure BGP, MPLS, OSPF, and LDP. Be sure to include the loopback interface in the LDP configuration by including the interface lo0.0 statement at the [edit protocols ldp] hierarchy level. For BGP, include the signaling statement at the [edit bgp group group-name family l2vpn] hierarchy level. Last, configure the VPLS instance with both BGP and LDP signaling. Configure the LDP-1 mesh group by including the mesh-group ldp1 statement at the [edit routing-instances v1 protocols vpls] hierarchy level.

Router B

[edit]interfaces {fe-0/0/3 {unit 0 {family inet {address 10.12.100.13/30;}family mpls;}}t1-0/1/2 {unit 0 {family inet {address 10.12.100.1/30;}family mpls;}}t1-0/1/3 {unit 0 {family inet {address 10.12.100.5/30;}family mpls;}}so-0/2/2 {unit 0 {family inet {address 10.12.100.9/30;}family mpls;}}}protocols {mpls {interface all;}bgp {log-updown;group int {type internal;local-address 10.255.170.98;family l2vpn {signaling;}neighbor 10.255.170.96;neighbor 10.255.170.102;}}ospf {area 0.0.0.0 {interface t1-0/1/2.0;interface t1-0/1/3.0;interface so-0/2/2.0;interface fe-0/0/3.0;interface lo0.0 {passive;}}}ldp {interface fe-0/0/3.0;interface t1-0/1/2.0;interface t1-0/1/3.0;interface so-0/2/2.0;interface lo0.0;}}routing-instances {v1 {instance-type vpls;route-distinguisher 10.255.170.98:1;vrf-target target:1:2;protocols {vpls {site-range 10;site 1 {site-identifier 1;}vpls-id 101;mesh-group ldp-1 {neighbor 10.255.170.106;neighbor 10.255.170.104;}}}}}

Finally, configure the LDP PE routers. On Router PE1, prepare the router for VPLS by configuring LDP, MPLS, and OSPF. Next, configure VPLS encapsulation on the Fast Ethernet interface connected to CE1. Finally, add the Fast Ethernet interface to the routing instance, specifying the VPLS ID and the neighboring routers’ loopback addresses.

Router PE1

[edit]interfaces {fe-0/0/3 {encapsulation ethernet-vpls;unit 0 {family vpls;}}t1-0/1/0 {unit 0 {family inet {address 10.12.100.2/30;}family mpls;}}t1-1/1/1 {unit 0 {family inet {address 10.12.100.17/30;}family mpls;}}}protocols {mpls {interface all;}ospf {area 0.0.0.0 {interface t1-0/1/0.0;interface t1-1/1/1.0;interface lo0.0 {passive;}}}ldp {interface t1-0/1/0.0;interface t1-1/1/1.0;interface lo0.0;}}routing-instances {v1 {instance-type vpls;interface fe-0/0/3.0;protocols {vpls {vpls-id 101;neighbor 10.255.170.98;neighbor 10.255.170.104;}}}}

Next, configure the Fast Ethernet interface on Router CE1 that connects to Router PE1.

Router CE1

[edit]interfaces {fe-0/0/3 {unit 0 {family inet {address 10.12.31.1/24;}}}}

On Router PE2, prepare the router for VPLS by configuring LDP, MPLS, and OSPF. Next, configure VPLS encapsulation on the Fast Ethernet interface connected to Router CE1. Finally, add the Fast Ethernet interface to the routing instance, specifying the VPLS ID and the neighboring routers’ loopback addresses.

Router PE2

[edit]interfaces {t1-0/1/1 {unit 0 {family inet {address 10.12.100.18/30;}family mpls;}t1-0/1/3 {unit 0 {family inet {address 10.12.100.6/30;}family mpls;}}fe-1/0/2 {encapsulation ethernet-vpls;unit 0 {family vpls;}}}protocols {mpls {interface all;}ospf {area 0.0.0.0 {interface t1-0/1/3.0;interface t1-0/1/1.0;interface lo0.0 {passive;}}}ldp {interface t1-0/1/1.0;interface t1-0/1/3.0;interface lo0.0;}}routing-instances {v1 {instance-type vpls;interface fe-1/0/2.0;protocols {vpls {vpls-id 101;neighbor 10.255.170.98;neighbor 10.255.170.106;}}}}

Finally, on Router CE2 configure the Fast Ethernet interface connected to PE2:

Router CE2

[edit]interfaces {fe-0/0/1 {unit 0 {family inet {address 10.12.31.2/24;}}}}

Verifying Your Work

To verify proper operation of VPLS, use the following commands:

  • show bgp summary
  • show ldp neighbor
  • show vpls connections
  • show route forwarding-table family vpls (destination | extensive | matching | table)
  • show interfaces vt* terse
  • show vpls flood extensive
  • show vpls statistics

The following section shows the output of some of these commands on Router B as a result of the configuration example.

Use the show bgp summary command to verify BGP signaling for VPLS is up.


user@PB> show bgp summary
Groups: 1 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
bgp.l2vpn.0            2          2          0          0          0          0
Peer               AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn 
State|#Active/Received/Damped...
10.255.170.96   65000        124        125       0       0       54:26 Establ
  bgp.l2vpn.0: 1/1/0
  v1.l2vpn.0: 1/1/0
10.255.170.102  65000        122        124       0       0       54:18 Establ
  bgp.l2vpn.0: 1/1/0
  v1.l2vpn.0: 1/1/0

Use the show ldp neighbors command to verify that LDP signaling for VPLS is up.


user@B> show ldp neighbors
Address            Interface          Label space ID         Hold time
10.255.170.104     lo0.0              10.255.170.104:0         41
10.255.170.106     lo0.0              10.255.170.106:0         38
10.12.100.14       fe-0/0/3.0         10.255.170.102:0         12
10.12.100.10       so-0/2/2.0         10.255.170.96:0          14
10.12.100.2        t1-0/1/2.0         10.255.170.106:0         14
10.12.100.6        t1-0/1/3.0         10.255.170.104:0         13

To verify that the VPLS connections are up, use the show vpls connections command.


user@B>show vpls connections
Layer-2 VPN connections:

Legend for connection status (St)
EI -- encapsulation invalid      NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch     WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down    NP -- interface hardware not present
CM -- control-word mismatch      -> -- only outbound connection is up
CN -- circuit not provisioned    <- -- only inbound connection is up
OR -- out of range               Up -- operational
OL -- no outgoing label          Dn -- down
LD -- local site signaled down   CF -- call admission control failure
RD -- remote site signaled down  SC -- local and remote site ID collision LN -- local site not designated  LM -- local site ID not minimum designated RN -- remote site not designated RM -- remote site ID not minimum designated XX -- unknown connection status  IL -- no incoming label
MM -- MTU mismatch               MI -- Mesh-Group ID not availble

Legend for interface status
Up -- operational
Dn -- down

Instance: v1
BGP-VPLS State
  Local site: 1 (1)
    connection-site           Type  St     Time last up          # Up trans
    3                         rmt   Up     Jan 22 16:38:47 2008           1
      Local interface: vt-0/3/0.1048834, Status: Up, Encapsulation: VPLS
        Description: Intf - vpls v1 local site 1 remote site 3
      Remote PE: 10.255.170.96, Negotiated control-word: No
      Incoming label: 800258, Outgoing label: 800000
    4                         rmt   Up     Jan 22 16:38:54 2008           1
      Local interface: vt-0/3/0.1048835, Status: Up, Encapsulation: VPLS
        Description: Intf - vpls v1 local site 1 remote site 4
      Remote PE: 10.255.170.102, Negotiated control-word: No
      Incoming label: 800259, Outgoing label: 800000 LDP-VPLS State
VPLS-id: 101
  Mesh-group connections: m1
    Neighbor                  Type  St     Time last up          # Up trans
    10.255.170.104(vpls-id 101) rmt Up     Jan 22 16:38:40 2008           1
      Local interface: vt-0/3/0.1048833, Status: Up, Encapsulation: ETHERNET
        Description: Intf - vpls v1 neighbor 10.255.170.104 vpls-id 101
      Remote PE: 10.255.170.104, Negotiated control-word: No
      Incoming label: 800001, Outgoing label: 800000
    10.255.170.106(vpls-id 101) rmt Up     Jan 22 16:38:39 2008           1
      Local interface: vt-0/3/0.1048832, Status: Up, Encapsulation: ETHERNET
        Description: Intf - vpls v1 neighbor 10.255.170.106 vpls-id 101
      Remote PE: 10.255.170.106, Negotiated control-word: No
      Incoming label: 800000, Outgoing label: 800000

To display VPLS routes (MAC addresses) in the vpls forwarding table, use the show route forwarding-table family vpls command.


user@B> show route forwarding-table family vpls
Routing table: v1.vpls
VPLS:
Destination        Type RtRef Next hop           Type Index NhRef Netif
default            perm     0                    rjct   540     1
vt-0/3/0.1048832   user     0                    comp   587     3
vt-0/3/0.1048833   user     0                    comp   587     3
vt-0/3/0.1048834   user     0                    comp   589     3
vt-0/3/0.1048835   user     0                    comp   589     3
00:17:cb:c2:10:01/48
                   dynm     0                    indr 262143     4
                                                Push 800000   580     2 
t1-0/1/3.0
00:17:cb:c2:10:02/48
                   dynm     0                    indr 262145     4
                              10.12.100.14      Push 800000   594     2 
fe-0/0/3.0
00:17:cb:c2:10:03/48
                   dynm     0                    indr 262142     4
                                                Push 800000   576     2 
t1-0/1/2.0
00:17:cb:c2:10:bd/48
                   dynm     0                    indr 262144     4
                                                Push 800000   585     2 
so-0/2/2.0

To display VPLS source and destination MAC address accounting information, use the destination, extensive, matching, or table option with the show route forwarding-table family vpls command. When you analyze the display output, keep in mind the following:

  • VPLS MAC address accounting is handled on a per-MAC address basis for each VPLS instance. All information is retrieved from MAC address entries in the MAC address table. VPLS MAC address accounting is performed only on local CE routers.
  • The VPLS counters for source and destination MAC addresses increment continuously until the oldest MAC address entries are removed from the memory buffer, either when the entries time out or if the VPLS instance is restarted.

To display status information about Virtual Loopback Tunnel interfaces in the VPLS instance, use the show interfaces vt* terse command.


user@B> show interfaces vt* terse
Interface               Admin Link Proto    Local                 Remote
vt-0/3/0                up    up
vt-0/3/0.1048832        up    up   vpls
vt-0/3/0.1048833        up    up   vpls
vt-0/3/0.1048834        up    up   vpls
vt-0/3/0.1048835        up    up   vpls

To display VPLS route information related to the flood process, use the show vpls flood extensive command.


user@B> show vpls flood extensive
Name: v1
CEs: 0
VEs: 4
  Flood route prefix: 0x4a/32
  Flood route type: IFF_FLOOD
  Flood route owner: vt-0/3/0.1048834
  Flood group name: __ves__
  Flood group index: 0
  Nexthop type: comp
  Nexthop index: 589
    Flooding to:
    Name             Type          NhType          Index
    m1               Group          comp            588
        Composition: flood-to-all
        Flooding to:
        Name             Type          NhType          Index
        vt-0/3/0.1048832 VE             indr            262142
        vt-0/3/0.1048833 VE             indr            262143

  Flood route prefix: 0x4b/32
  Flood route type: IFF_FLOOD
  Flood route owner: vt-0/3/0.1048835
  Flood group name: __ves__
  Flood group index: 0
  Nexthop type: comp
  Nexthop index: 589
    Flooding to:
    Name             Type          NhType          Index
    m1               Group          comp            588
        Composition: flood-to-all
        Flooding to:
        Name             Type          NhType          Index
        vt-0/3/0.1048832 VE             indr            262142
        vt-0/3/0.1048833 VE             indr            262143

  Flood route prefix: 0x48/32
  Flood route type: IFF_FLOOD
  Flood route owner: vt-0/3/0.1048832
  Flood group name: m1
  Flood group index: 2
  Nexthop type: comp
  Nexthop index: 587
    Flooding to:
    Name             Type          NhType          Index
    __ves__          Group          comp            586
        Composition: flood-to-all
        Flooding to:
        Name             Type          NhType          Index
        vt-0/3/0.1048834 VE             indr            262144
        vt-0/3/0.1048835 VE             indr            262145

  Flood route prefix: 0x49/32
  Flood route type: IFF_FLOOD
  Flood route owner: vt-0/3/0.1048833
  Flood group name: m1
  Flood group index: 2
  Nexthop type: comp
  Nexthop index: 587
    Flooding to:
    Name             Type          NhType          Index
    __ves__          Group          comp            586
        Composition: flood-to-all
        Flooding to:
        Name             Type          NhType          Index
        vt-0/3/0.1048834 VE             indr            262144
        vt-0/3/0.1048835 VE             indr            262145

To view packet flow statistics for the VPLS instance, use the show vpls statistics command:


user@B> show vpls statistics
Instance: v1
   Local interface: vt-0/3/0.1048832, Index: 72
   Remote PE: 10.255.170.106
     Multicast packets:                     6
     Multicast bytes  :                   360
     Flooded packets  :                    16
     Flooded bytes    :                  1188
     Current MAC count:                     1
   Local interface: vt-0/3/0.1048833, Index: 73
   Remote PE: 10.255.170.104
     Multicast packets:                     4
     Multicast bytes  :                   240
     Flooded packets  :                     6
     Flooded bytes    :                   398
     Current MAC count:                     1
   Local interface: vt-0/3/0.1048834, Index: 74
   Remote PE: 10.255.170.96
     Multicast packets:                     2
     Multicast bytes  :                   120
     Flooded packets  :                     4
     Flooded bytes    :                   278
     Current MAC count:                     1
   Local interface: vt-0/3/0.1048835, Index: 75
   Remote PE: 10.255.170.102
     Multicast packets:                     1
     Multicast bytes  :                    60
     Flooded packets  :                     2
     Flooded bytes    :                   158
     Current MAC count:                     1

Published: 2010-04-15