Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add an L3VPN Service Instance

A superuser or network administrator can use Routing Director to provision an Layer 3 VPN (L3VPN) service in their network.

When you create and save an L3VPN service instance, Routing Director generates a create service order. After you provision the service instance, Routing Director activates the automated workflow for fulfilling the service order and provisions the service in the network.

Figure 1 illustrates the high-level workflow for provisioning an L3VPN service.

Figure 1: L3VPN Service Provisioning Workflow L3VPN Service Provisioning Workflow

You can create an L3VPN service instance by uploading a preconfigured JSON file or by entering the details in the GUI fields on the Add L3VPN Service page.

To create an L3VPN service instance:

  1. Click Orchestration > Instances.

    The Service Instances page appears.

  2. Click Add > L3VPN.

    The Add L3VPN wizard appears.

  3. On the General page of the Add L3VPN wizard, enter the values by referring to Table 1.
    Note:

    Fields marked with an asterisk (*) are mandatory.
    Table 1: Fields on the General Page

    Field

    Description

    Upload JSON File

    Click Browse to upload a preconfigured JSON file.

    You see a message that the file is successfully imported. The values specified in the file are automatically populated in the corresponding UI fields.

    Customer*

    Select the name of the customer for whom you are provisioning the service:

    • If you already added the customer name by using the Customer Inventory page (Orchestration > Service > Customers), select the customer name from the drop-down list.

    • Alternatively, click the Add Customer link to create a new customer. See Add a Customer.

    The customer name must be unique within an organization.

    Instance name*

    Enter a name for the service instance. For example, multihomed-l3vpn.

    The instance name can be a set of alphanumeric characters and the special character hyphen (-). The maximum number of characters allowed is 64.
    VPN Service

    VPN Id*

    Enter the ID you want to assign to the VPN. For example, vpn10.

    The VPN ID must not exceed 64 characters.

    VPN Service Topology*

    Select a topology for the VPN service:

    • Any-to-any topology—In this service topology, all VPN sites can exchange network traffic with each other without any restrictions.

    • Hub-spoke topology—In this service topology, spoke sites can exchange network traffic with hub sites, but not with other spoke sites. The hub sites can exchange network traffic with other hub sites.

      Note: The minimum release required to configure L3VPN hub and spoke topology on ACX Series routers is 24.2R1.

    Route Distinguisher Type

    Select the route distinguisher (RD) type. The default RD type is Type 0.

    If Type 1 is selected, the Type 1 values are populated from the NIP or topo resource pool in the Route Distinguishers table at the bottom of the page when you use the Update Placements button. If Type 0 is selected, the Type 0 values are populated from the VPN resource pool in the Route Distinguishers table at the bottom of the page when you use the Update Placements button.

    BGP Color Community

    Select the color of the BGP community that you want to assign to the service.

    This drop-down list is empty when you provision the service instance for the first time. This list is populated when you use the Update Placements option.

    If you want to change a previously assigned color, click the drop-down list and select an alternate color. Or if you do not want to assign any color, click the drop-down list and select the Please select option(s) option to remove the previous selection.

    BGP Link Protection

    Toggle to True to enable BGP link protection to create protected paths for traffic to restore connectivity quickly in case of a link or node failure. The option is set to False, by default.

    Enable BGP PIC Edge

    Toggle to True if you want to enable BGP Prefix-Independent Convergence (PIC) Edge. The option is set to False, by default.

    When BGP PIC Edge is enabled, the protect core statement is configured under the routing-options hierarchy in the PE router.

    BGP PIC Edge allows you to install an L3VPN route, in both IPv4 and IPv6 networks, in the forwarding table as an alternate precomputed path, enabling fast failover when connectivity to a PE router is lost.

    Pinned Reservation

    Configure the service to use reserved resources (pinned resources).

    Brownfield

    Enable this flag if this is a brownfield service. When enabled, this service would be provisioned by using resources reserved for migrating brownfield services to Routing Director.

    Customer

    Enable this flag to allow the service to be provisioned by using resources that are exclusively reserved for the customer associated with this service.

    Instance

    Enable this flag to allow the service to be provisioned by using resources exclusively reserved for this service.

    Service Settings

    Enter common settings applicable for the service.

    Use instance name instead of UUID in device configuration.

    Toggle to True to use the service instance name, instead of UUID, in the device configurations. The specified name is used in configuration such as routing instance name, filter name, policer name, community name, policy statement name, and so on. The instance name must be unique across customers and can be a maximum of 32 characters long.

    Disable it to set it to False, so that the service instance name is auto-converted to a UUID and used in the device configuration. The UUID is a system generated alphanumeric value.

    This option is disabled, by default.

    Active Assurance

    Enabled

    Toggle to True to enable Active Assurance measurements to monitor the service after it is provisioned.

    Active Assurance runs a Test or Monitor to measure the network traffic for the provisioned service. For more information, see Tests and Monitors Overview.

    This option is disabled, by default.

    Monitors

    Toggle to True to enable a Monitor to continously measure the service availability and performance.

    Active Assurance runs a Monitor that contains the configurations to monitor the service during the lifetime of the service.

    Routing Director enables you to configure plug-ins such as Ping, TWAMP, RPM, and so on to monitor the service.

    On Change Tests

    Toggle to True to enable a Test to validate a service after it is provisioned.

    Active Assurance runs a Test that contains the configurations to validate a provisioned service for a finite amount of time.
  4. Click Next to proceed to the Customer Site Settings page of the Add L3VPN wizard. See Add L3VPN Site and Site Network Access Details.
  5. Configure post update placement parameters for the L3VPN service. See Add L3VPN Service Post Update Placements Parameters.
  6. View summary of the L3VPN service and then save and provision the service. See View Summary and Provision an L3VPN Service.

Related Documentation