mpls-l2vpn-vll

Operation Manual – VLLQuidway S8500 Series Routing Switches Table of Contents

Table of Contents

1.1 MPLS L2VPN Overview......................................................................................................1

1.1.1 Introduction to MPLS L2VPN....................................................................................1

1.1.2 Packet Forwarding....................................................................................................2

1.1.3 Implementation.........................................................................................................3

1.2 CCC MPLS L2VPN Configuration.......................................................................................5

1.2.1 Configuring CCC MPLS L2VPN...............................................................................5

1.2.2 CCC MPLS L2VPN Configuration Example..............................................................7

1.3 Martini MPLS L2VPN Configuration..................................................................................11

1.3.1 Configuring Martini MPLS L2VPN...........................................................................11

1.3.2 Martini MPLS L2VPN Configuration Example.........................................................12

1.4 Kompella MPLS L2VPN Configuration..............................................................................16

1.4.1 Configuring Kompella MPLS L2VPN......................................................................16

1.4.2 Kompella MPLS L2VPN Configuration Example.....................................................18

1.5 Displaying and Debugging MPLS L2VPN.........................................................................22

1.6 Troubleshooting MPLS L2VPN.........................................................................................23

Huawei Technologies Proprietary

i

Operation Manual – VLLQuidway S8500 Series Routing Switches MPLS L2VPN

MPLS L2VPN Note:

L2VPN mentioned in the following section refers to the L2VPN implemented through

virtual leased line (VLL).

1.1 MPLS L2VPN Overview

1.1.1 Introduction to MPLS L2VPN

MPLS L2VPN provides MPLS network-based Layer 2 VPN services. For users, an

MPLS L2VPN is a Layer 2 switched network, through which Layer 2 connections can

be established between network nodes.

VPN AVPN A

VPN B

VPN B

CE

CE

CE

CE

PE

PE

PE

VC

VC LSP

PP

VPN AVPN A

VPN B

VPN B

CE

CE

CE

CE

PE

PE

PE

VC

VC LSP

PP

Figure 1-1 MPLS L2VPN

MPLS L2VPN has the following advantages:

Multiple network layer protocols supported, such as IP, IPv6, IPX, and SNA.

Powerfulextensibility. MPLS L2VPN only establishes Layer 2 connections, rather

than imports and manages the routing information. This eases work load of PE

(provider edge) devices and the entire SP (service provider) network remarkably

and thus enables SPs to provide more VPNs and accommodate more users.

Reliability and privacy of user routes. As no user routing information is imported,

there is no need for MPLS L2VPN to obtain and process the information,

ensuring the privacy of user routes.

Error: Reference source not found illustrates the structure of an MPLS L2VPN packet.


1

ChenTao, 08/16/05,

下文用的是“报文”，为统一，这里也用报文(未用帧)。


Tunnel label VC label

Label Stack L2 PDU


Label Stack L2 PDU


Label Stack L2 PDU


Label Stack L2 PDU

Figure 1-2 Structure of an MPLS L2VPN packet

The fields in an MPLS L2VPN packet are described as follows:

Tunnel label (the outer label) is an MPLS lable or a GRE label. It is used to transmit a

packet from one PE to anther.

VC label (the inner label) is a lower layer label used to identify the links between PEs

and CEs. Packets of MPLS L2VPNs implemented through circuit cross connect

(CCC) do not contain this label.

Data in MPLS L2VPN can be encapsulated as Ethernet or VLAN packets at the data

link layer. At present, data of different nodes in a VPN must be encapsulated as the

same type of packets.

1.1.2 Packet Forwarding

In an MPLS L2VPN, CE, PE, and P operate in the same way as those in a

BGP/MPLS VPN. That is, they also forward packets in an MPLS network

transparently by using label stacks. To forward packets in an MPLS L2VPN, tunnels

must be established first between PEs (this can be achieved by either manual

configuration or signaling protocols). When the interfaces connecting PEs and CEs

are up, PEs insert VC labels for packets sent by CE, and then mark them with tunnel

labels. On receiving these packets, the remote PEs strip off the tunnel labels and

send the packets to the corresponding CEs according to their VC labels.

Error: Reference source not found illustrates changes of the label stack of a packet

during the forwarding.


2


L2 PDUL2 PDUT V L2 PDUV L2 PDU

L2 PDU: Data link layer packet

T: Tunnel label

V: VC label

CE1 PE1 P PE2CE2



V:

CE1 PE1 P PE2CE2



T: Tunnel label

V: VC label

CE1 PE1 P PE2CE2



V:

CE1 PE1 P PE2CE2

Figure 1-3 Label stack processing of MPLS L2VPN

1.1.3 Implementation

At present, the official standard for MPLS L2VPN has not been established yet.

However, the PPVPN (Provider-provisioned Virtual Private Network) group of IETF

(Internet Engineering Task Force) defines multiple framework drafts, two of which are

commonly used. They are known as Martini draft and Kompella draft. Till May, 2005,

they are depicted in the following documents respectively:

draft-martini-l2circuit-trans-m pls-09.txt

draft-kompella-ppvpn-l2vpn-02.txt

Martini draft defines the way to implement MPLS L2VPN by establishing point-to-point

links. Here, LDP (label distribution protocol) is used as the signaling protocol to

exchange VC labels. This kind of MPLS L2VPNs is known as Martini MPLS L2VPNs.

Kompella draft defines how to establish MPLS L2VPNs in MPLS networks through

end-to-end (CE-to-CE) connections. At present, BGP (border gateway protocol) is

used as the signaling protocol to propagate the information about Layer 2 reachability

and VC labels. This kind of MPLS L2VPNs is known as Kompella MPLS L2VPN.

Also, you can establish MPLS L2VPNs without signaling protocols. In this case,

MPLS L2VPN services are provided through statically configured VC labels. An

example of this is CCC, which implement MPLS L2VPNs through static configuration.

Error: Reference source not found describes the features and implementation ways of

the above three types of MPLS L2VPNs.


3


Table 1-1 Features and implementation ways of the three types of MPLS L2VPNs

VPN type Implementation Feature

CCC

Configures static LSPs to

implement MPLS L2VPN.

You must manually

configure two LSPs (for

sending and receiving

packets respectively) for

each CCC connection

node by node (including

PEs and Ps). The

configured LSPs can only

be used to transmit

packets of the

corresponding CCC

connections.

Data is transmitted

through packets with

single-layer labels. LSPs

are used exclusively.

No signaling is needed to

transmit the Layer 2 VPN

information. Only MPLS

forwarding is required. In

this way, CEs of different

SPs can be

interconnected easily.

Martini

Uses extended LDP as the

signaling to transmit the

VC information.

Uses VC-TYPE and VC-ID

to identify VCs. VC-TYPE

indicates the encapsulation

type of data link layer, and

VC-ID uniquely identifies a

VC.

PEs connecting CEs

exchange VC labels

through LDPs. They bind

the corresponding CEs

through VC-IDs.

Local switching like CCC

is not available.

An LSP can be shared by

multiple VCs.


4


VPN type Implementation Feature

Kompella

Similar to Layer 3

BGP/MPLS VPN defined in

RFC2547.

PEs discover Layer 2 VPN

nodes automatically

through IBGP sessions

established between them.

They also propagate the

VPN information.

Labels are distributed in

the form of label blocks,

which enables multiple

connections being

assigned tags

simultaneously. The size of

a tag block is determined

by CE range (user-

configurable).

Vpn-target is used to

differentiate VPNs.

Users can assign extra

labels to VPNs for future

use. This eases the

configuration work loads

of VPN deployment and

capacity expansion.

Vpn-target is used to

identify VPNs. This brings

great flexibility for VPN

networking.

Connections between

CEs are not concerned.

This type of MPLS

L2VPN is implemented by

dividing the entrie SP

network into different

VPNs and numbering

these CEs in the VPNs.

To establish a connection

between two CEs, you

need to set the local CE

ID and the remote CE ID

on the PE, and specify

the Circuit ID assigned for

the connection by the

local CE.


5


Note:

You also can configure LSPs without P devices.

1.2 CCC MPLS L2VPN Configuration

1.2.1 Configuring CCC MPLS L2VPN

Table 1-2 Configure CCC MPLS L2VPN

Configuration

stepCommand Description

Enter system view system-view —

Configure LASR ID mpls lsr-id X.X.X.X Required

Enable MPLS mpls Required

Create the egress

for the static LSP

static-lsp egress lsp-name

l2vpn incoming-interface

vlan-interface vlan-id in-

label in-label

Required. Before configuring

a CCC connection, you need

to configure two static LSPs

between the two PEs and all

P routers in between for

bidirectional packets. Refer

to corresponding sections in

the command manual for

more information about these

commands and

corresponding undo

commands.

Create the ingress

for the static LSP

static-lsp ingress lsp-name

l2vpn nexthop next-hop-

addr out-label out-label

Create the transit

for the static LSP

static-lsp transit lsp-name

l2vpn incoming-interface

vlan-interface vlan-id in-

label in-label { nexthop

next-hop-addr | outgoing-

interface vlan-interface

vlan-id } out-label out-label

Quit MPLS view

and enter system

view

quit —

Enable MPLS

L2VPNmpls l2vpn Required

Establish local

CCC connection

ccc ccc-connection-name


vlan-id out-interface

Required. Two types of CCC

connections exist: local CCC

connection and remote CCC


6

wx0180, 08/23/05,

对此表达不确定。


Configuration


connection. A local CCC

connection is established

between two local CEs. It

can be switched directly by

the PE without being

configured a static LSP. A

remote CCC connection is

established between the

local CE and a remote CE.

The two CEs are attached to

different PEs. In this case,

you need to configure two

static LSPs for bidirectional

packets transmitted between

the two PEs.

Establish remote

CCC connection

ccc ccc-connection-name


vlan-id transmit-lsp

transmit-lsp-name receive-

lsp receive-lsp-name

Caution:

In L2VPN, you can configure only one virtual circuit for each VLAN interface.

L2VPN supports VLAN interfaces only. When you configure an L2VPN on a VLAN

interface, data is encapsulated as Ethernet packets by default.

You must use cards with the silk screen of CA (such as LSB2FT48CA) for CCC

MPLS L2VPN.

You can configure only one VLAN on the access side of each VPN private

network. Each VLAN can have only one interface, and all the VLANs connecting to

the interface must have IGMP disabled.

You must configure two static LSPs for each remote CCC connection. Two CCC

connections cannot share one static LSP.

A static LSP used by a remote CCC connection cannot be used for other purposes

(such as carrying IP packets and BGP/MPLS VPN packets). When you configure a

static LSP for a CCC connection, the next hop must be the IP address from which

the ARP packets are learnt.


7


1.2.2 CCC MPLS L2VPN Configuration Example

I. Network requirements

CEs and the corresponding PEs shown in Error: Reference source not found are

interconnected through their GigabitEthernet ports. Data is encapsulated as Ethernet

packets at the data link layer. A local connection is required between CE-A and CE-B,

and a remote connection between CE-A and CE-C.

II. Network diagram

Local connection

Remote connection

CE A

CE B

CE CPE A PE BPVLAN212

VLAN212

VLAN212

VLAN211 VLAN211

VLAN213

VLAN214CE A

CE B

P PPPPPPPP

VLAN211

PP

Local connection

Remote connection

CE A

CE B


VLAN212

VLAN212

VLAN211 VLAN211

VLAN213

VLAN214CE A

CE B

P PP

Local connection

Remote connection

CE A

CE B


VLAN212

VLAN212

VLAN211 VLAN211

VLAN213

VLAN214CE A

CE B

P PPPPPPPP

VLAN211

PP

Figure 1-4 Network diagram for CCC MPLS L2VPN

III. Configuration procedure

Configure PE-A.

# Enable MPLS globally.

[Quidway] mpls lsr-id 1.1.1.1

[Quidway] mpls

# Enable MPLS L2VPN globally.

[Quidway] mpls l2vpn

# Configure VLAN 211.

[Quidway] vlan 211

[Quidway-vlan211] port gigabitethernet 2/1/1

[Quidway-Vlan211] interface vlan 211

[Quidway-Vlan-interface211] quit


[Quidway] vlan 212


[Quidway-vlan212] interface vlan 212




8


[Quidway] vlan 213




# Enable MPLS on the interface of VLAN 214.

[Quidway] vlan 214


[Quidway-vlan214] quit

[Quidway] interface vlan-interface 214

[Quidway-Vlan-interface214] ip address 5.5.5.1 24

[Quidway-Vlan-interface214] mpls


# Configure the local connection.

[Quidway] ccc local-conn interface vlan-interface 211 outgoing-interface

vlan-interface 213

# Configure a static LSP, with the out-label of 100 and the egress interface being the

interface of VLAN 214.

[Quidway] mpls

[Quidway-mpls] static-lsp ingress PEA-PEB l2vpn nexthop 5.5.5.2 out-label

100

# Configure a static LSP, with the in-label of 211 and the ingress interface being the


[Quidway-mpls] static-lsp egress PEB-PEA l2vpn incoming-interface vlan-

interface 214 in-label 211

# Configure the remote connection.

[Quidway] ccc remote-connection interface vlan-interface 212 transmit-lsp

PEA-PEB receive-lsp PEB-PEA

Configure PE-B.



[Quidway] mpls




[Quidway] vlan 211




9




[Quidway] vlan 212



[Quidway] interface Vlan-interface 212



# Configure a static LSP, with the out-label of 200 and the egress interface being the


[Quidway-mpls] static-lsp ingress nexthop 6.6.6.2 out-label 200

# Configure a static LSP, with the in-label of 101 and the ingress interface being the


[Quidway-mpls] static-lsp egress PEA-PEB l2vpn incoming-interface vlan-

interface 212 in-label 101

# Configure the remote connection.

[Quidway] ccc remote-connection interface vlan-interface 211 transmit-lsp

PEB-PEA receive-lsp PEA-PEB

Configure P.


[Quidway] mpls

[Quidway] vlan 211






[Quidway] vlan 212






# Configure a static LSP, with the in-label of 100, the ingress interface being the

interface of VLAN 211, the out-label of 101, and the egress interface being the


[Quidway-mpls] static-lsp transit PEA-PEB l2vpn incoming-intergace vlan-

interface 211 in-label 100 nexthop 6.6.6.1 out1going-interface vlan-

interface 212 out-label 101


10


# Configure a static LSP, with the in-label of 200, the ingress interface being the

interface of VLAN 212, the out-label of 211, and the egress interface being the


[Quidway-mpls] static-lsp transit PEB-PEA l2vpn incoming-interface vlan-

interface 212 in-label 200 nexthop 5.5.5.1 out-label 211

Caution:

Following must be met to make a local CCC connection to go up:

The interfaces of the two CE are physically up.

The encapsulattion types of the interfaces of the two CEs are the same and are

supported by the MPLS L2VPN.

For Layer 2 connections with the MPLS L2VPN being VLAN encapsulation, the VLAN

IDs of the interfaces of the two CEs can either be the same or different. However, if a

trunk is configured between the CEs and the PEs on both sides, the VLAN IDs of the

interfaces of the two CEs must be the same.

1.3 Martini MPLS L2VPN Configuration

1.3.1 Configuring Martini MPLS L2VPN

Table 1-1 Configure Martini MPLS L2VPN

Configuration



Configure the LSR

IDmpls lsr-id X.X.X.X Required


Quit to system view quit —


11


Configure the LDP

remote peer

mpls ldp remote-peer

index

Required. Before configuring

the connection, you need to

enable LDP on each router

along the connection and

configure the LDP remote

peer on the peer PE. Refer to

LDP Configuration in MPLS

module for the configuration

related to LDP .


Enter VLAN

interface viewInterface vlan vlan id —

Create a Martini

MPLS L2VPN

virtual connection

in VLAN interface

view

mpls l2vc ip-address vc-id

Required. To configure a

Martini MPLS L2VPN on a

PE, you need to provide the

IP address (Isr-id) of the peer

PE and specify the VC ID.

The combination of the VC

ID and the encapsulation

type must be unique on the

PE.


Enable MPLS

L2VPNmpls l2vpn Required

Caution:

You must use cards with the silk screen of CA (such as LSB2FT48CA) on the

public network access side when configuring Martini MPLS L2VPN.


network. Each VLAN can have only one interface. And all the VLANs connecting

to the interface must have IGMP disabled.

L2VPN supports VLAN interfaces only. When you configure an L2VPN on a VLAN

interface, data is encapsulated as Ethernet packets by default.


12


1.3.2 Martini MPLS L2VPN Configuration Example


CEs shown in Error: Reference source not found are in the same VLAN as the

corresponding PEs resides in. A remote connection is required between CE-A and

CE-B.

II. Network diagram

VLAN212CE A CE BPE A PE BP

VLAN212

VLAN212VLAN211

VLAN211VLAN211


VLAN212

VLAN212VLAN211

VLAN211VLAN211

Figure 1-5 Network diagram for Martini MPLS L2VPN


2) Configure PE-A.

# Configure the LSR ID. Enable MPLS, LDP, and MPLS L2VPN.

[Quidway-A] mpls lsr-id 2.2.2.2

[Quidway-A] mpls

[Quidway-A-mpls] quit

[Quidway-A] mpls ldp

[Quidway-A] mpls l2vpn


[Quidway-A] vlan 212

[Quidway-A-vlan212] port gigabitethernet 2/1/2

[Quidway-A-vlan212]interface vlan 212


# Configure the VLAN interface.

[Quidway-A] vlan 211

[Quidway-A-vlan211] port gigabitethernet 2/1/1

[Quidway-A-vlan211] quit

[Quidway-A] interface Vlan-interface 211

[Quidway-A-Vlan-interface211] ip address 168.1.1.1 255.255.0.0

[Quidway-A-Vlan-interface211] mpls

[Quidway-A-Vlan-interface211] mpls ldp

# Configure an IP address for the loopback interface, which is used as the router ID.


13

wx0180, 08/23/05,



[Quidway-A] interface loopback 0

[Quidway-A-LoopBack0] ip address 192.1.1.1 255.255.255.255

# Enable OSPF.

[Quidway-A] ospf 1

[Quidway-A-ospf-1] area 0.0.0.0

[Quidway-A-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0



# Create an LSP tunnel.

[Quidway-A] mpls ldp

# Configure the LDP remote peer.

[Quidway-A] mpls ldp remote-peer 1

[Quidway-A-remote-peer-1] remote-ip 192.1.1.2

# Configure a Martini MPLS L2VPN connection.

[Quidway-A] interface vlan-interface 212

[Quidway-A-Vlan-interface212] mpls l2vc 192.1.1.2 20

3) Configure PE-B.


[Quidway-B] mpls lsr-id 192.1.1.2

[Quidway-B] mpls

[Quidway-B-mpls] quit

[Quidway-B] mpls ldp

[Quidway-B] mpls l2vpn


[Quidway-B] vlan 211

[Quidway-B-vlan211] port gigabitethernet 2/1/1

[Quidway-B-vlan211] interface Vlan-interface 211

[Quidway-Vlan-interface 211] quit


[Quidway-B] vlan 212

[Quidway-B-vlan212] port gigabitethernet 2/1/2

[Quidway-B-vlan212] quit

[Quidway-B] interface Vlan-interface 212


14


[Quidway-B-Vlan-interface212] ip address 169.1.1.1 255.255.0.0

[Quidway-B-Vlan-interface212] mpls

[Quidway-B-Vlan-interface212] mpls ldp

# Configure an IP address for the loopback interface, which is used as the LSR ID.

[Quidway-B] interface loopback 0

[Quidway-B-LoopBack0] ip address 192.1.1.2 255.255.255.255

# Enable OSPF.

[Quidway-B] ospf 1

[Quidway-B-ospf-1] area 0.0.0.0

[Quidway-B-ospf-1-area-0.0.0.0] network 192.1.1.2 0.0.0.0



# Create an LSP tunnel.

[Quidway-B] mpls

[Quidway-B-mpls] mpls ldp

# Configure the LDP remote peer.

[Quidway-B] mpls ldp remote-peer 1

[Quidway-B-mpls-remote1] remote-ip 192.1.1.1

# Configure a Martini MPLS L2VPN connection.

[Quidway-B] interface vlan-interface 211

[Quidway-B-Vlan-interface211] mpls l2vc 192.1.1.1 20

4) Configure P.


[Quidway-P] mpls lsr-id 192.1.1.3

[Quidway-P] mpls

[Quidway-P-mpls] quit

[Quidway-P] mpls ldp

[Quidway-P] mpls l2vpn

# Configure an IP address for the loopback interface, which is used as the LSR ID.

[Quidway-P] interface loopback 0

[Quidway-P-LoopBack0] ip address 192.1.1.3 255.255.255.255

[Quidway-P-LoopBack0] quit



15


[Quidway-P] vlan 211

[Quidway-P-vlan211] port gigabitethernet 2/1/1

[Quidway-P-vlan211] quit

[Quidway-P] interface Vlan-interface 211

[Quidway-P-Vlan-interface211] mpls

[Quidway-P-Vlan-interface211] mpls ldp

[Quidway-P-Vlan-interface211] ip address 168.1.1.2 255.255.0.0

[Quidway-P-Vlan-interface211] quit

[Quidway-P] vlan 212

[Quidway-P-vlan212 port gigabitethernet 2/1/2

[Quidway-P-vlan212] quit

[Quidway-P] interface Vlan-interface 212

[Quidway-P-Vlan-interface212] mpls

[Quidway-P-Vlan-interface212] mpls ldp

[Quidway-P-Vlan-interface212] ip address 169.1.1.2 255.255.0.0

# Enable OSPF.

[Quidway-P] ospf 1

[Quidway-P-ospf-1] area 0.0.0.0

[Quidway-P-ospf-1-area-0.0.0.0] network 168.1.0.0 0.0.255.255



Caution:

Following must be met to make an LDP Layer 2 VPN to go up:

The interfaces of the two CE are physically up.

Two LSP tunnels, which are opposite in direction, exist between two PEs.

The encapsulattion types of interfaces of the two CEs are the same and are

supported by the MPLS L2VPN.

LDP remote sessions exist between PEs and are in Operational state.

To establish a tunnel, routes to the peer PE are necessary. So you need to configure

IGP (interior gateway protocol) on each router along the path, such as OSPF.


16


1.4 Kompella MPLS L2VPN Configuration

1.4.1 Configuring Kompella MPLS L2VPN

Table 1-1 Configure Kompella MPLS L2VPN

Configuration



Configure the LSR

IDmpls lsr-id X.X.X.X Required


Perform BGP

(border gateway

protocol) related

configuration. Make

sure BGP operates

properly and

routers can

discover routes to

other routers.

Refer to BGP Configuration

in Routing Protocol module.

Required. In a Kompella

MPLS L2VPN, the extended

BGP is used as the signaling

protocol to distribute VC

labels. So, you also need to

configure BGP parameters

on PEs. As for the MPLS

L2VPN itself, it has no

special requirements on the

BGP configuration.

Enter L2VPN

address family

view.

l2vpn-family Required

Activate the peer or

peergroup.

peer { group-name | peer-

address } enable

Required. By default, only

the peers of BGP IPv4

unicast address families are

active. The peer groups of

other types are deactivated

and thus cannot exchange

the routing information.


Create a VPN and

specify the

encapsulation type.

mpls l2vpn vpn-name [

encapsulation Ethernet ]

Required. The default

encapsulation type is

Ethernet.


17


Configuration


Configure the RD

(route

distinguisher) of the

MPLS L2VPN

route-distinguisher route-

distinguisher

Required. For an MPLS

L2VPN, you must configure

the RD before performing

other configurations. An RD

cannot be modified once it is

configured. The only way to

modify a configured RD is to

remove the corresponding

MPLS L2VPN and create

another one. As for L2VPN, it

is recommended that you

assign a unique RD for each

VPN.

Configure the VPN-

target of the MPLS

L2VPN

vpn-target vpn-target-ext-

community [ import-

extcommunity| export-

extcommunity | both ]

Required

Configure the

Layer 2 MTU

(maximum

transmission unit)

of the VPN

mtu mtu

Optional. You can configure

the Layer 2 MTU for the

VPN. For the entire network,

only one valid VPN MTU

exists. If two interconnected

PEs are configured with

different MTUs, the smaller

one is adopted.

Create a CE or

modify the CE

range of an existing

CE

ce name id id [ range range

] [ default-offset offset ]

Required. Each CE created

on a PE needs to uniquely

correspond to one actual CE

device connected to the PE.

You need to specify a unique

ID for these CEs. You can

also specify the CE range. It

is desired that the CE ID

begins with 1 and increases

in step of 1.

Enter an existing

CEce name


18


Configuration


Create connections

between CEs

connection [ ce-offset

offset ] { interface vlan-

interface vlan-id }

Required. When planning a

VPN, you can specify CE IDs

for CEs beginning with 1 and

increasing in step of 1, and

then establish connections

by CE IDs. You can establish

connections with CE offset

not provided for simplifying

the configuration. In this

case, the default CE offset is

used.

Caution:

You can only change the CE range to a number larger than the existing one. For

example, you can change a CE range from 10 to 20, rather than from 10 to 5. The

only way to change a CE range to a smaller number is to remove the CE and

create a new one.

You must use cards with the silk screen of CA (such as LSB2FT48CA) on the

public network access side when configuring Kompella MPLS L2VPN.


network. Each VLAN can have only one interface. And all the VLANs connecting

to the interface must have IGMP disabled.

In Kompella MPLS L2VPN, the encapsulation type on the access side of each

private network must be Ethernet.

1.4.2 Kompella MPLS L2VPN Configuration Example


CEs shown in Figure 1-2 are in the same VLAN as the corresponding PEs resides in.

A remote connection is required between CE-A and CE-B.


19

wx0180, 08/23/05,



II. Network diagram


VLAN212

VLAN212VLAN211

VLAN211VLAN211


VLAN212

VLAN212VLAN211

VLAN211VLAN211

Figure 1-2 Network diagram for Kompella MPLS L2VPN


5) Configure PE-A.



[Quidway] mpls

# Configure an IP address for the loopback interface.

[Quidway] interface loopback 0

[Quidway-LoopBack0] ip address 1.1.1.1 32




[Quidway] vlan 211


[Quidway-Vlan211] interface vlan 211



[Quidway] vlan 212





[Quidway] vlan 213





[Quidway] vlan 214



20






[Quidway-Vlan-interface214] mpls ldp

[Quidway-Vlan-interface214] mpls ldp transport-ip interface


# Configure BGP.

[Quidway] bgp 100

[Quidway-bgp] group 100 internal

[Quidway-bgp] peer 100 connect-interface loopback0

[Quidway-bgp] peer 3.3.3.3 group 100

[Quidway-bgp] l2vpn-family

[Quidway-bgp-af-l2vpn] peer 100 enable

# Create and configure the VPN.

[Quidway] mpls l2vpn vpn1 encapsulation ethernet

[Quidway-mpls-l2vpn-vpn1] route-distinguisher 100:1

[Quidway-mpls-l2vpn-vpn1] vpn-target 100:1

# Create CE1 and configure the corresponding connection.

[Quidway-mpls-l2vpn-vpn1] ce ce1 id 1 range 200

[Quidway-mpls-l2vpn-vpn1-ce1] connection ce-offset 2 interface vlan-

interface 212


interface 213

[Quidway-mpls-l2vpn-vpn1-ce1] quit

# Enable OSPF.

[Quidway] ospf 1 router-id 1.1.1.1

[Quidway-ospf-1] area 0.0.0.0

[Quidway-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[Quidway-ospf-1-area-0.0.0.0] network 5.5.5.0 0.0.0.255

6) Configure PE-B.



[Quidway] mpls


21


# Configure an IP address for the loopback interface.

[Quidway] interface loopback 0

[Quidway-LoopBack0] ip address 3.3.3.3 32




[Quidway] vlan 211




[Quidway] vlan 212





[Quidway] vlan 213





[Quidway] vlan 214






[Quidway-Vlan-interface214] mpls ldp

[Quidway-Vlan-interface214] mpls ldp transport-ip interface


# Configure BGP.

[Quidway] bgp 100

[Quidway-bgp] group 100 internal

[Quidway-bgp] peer 100 connect-interface loopback0


22


[Quidway-bgp] peer 1.1.1.1 group 100

[Quidway-bgp] l2vpn-family

[Quidway-bgp-af-l2vpn] peer 100 enable

# Create and configure VPN1.

[Quidway] mpls l2vpn vpn1 encapsulation ethernet

[Quidway-mpls-l2vpn-vpn1] route-distinguisher 100 :1

[Quidway-mpls-l2vpn-vpn1] vpn-target 100 :1

# Create CE2 and configure the corresponding connection.



interface 212




interface 213


# Enable OSPF.

[Quidway] ospf 1 router-id 3.3.3.3

[Quidway -ospf-1] area 0.0.0.0

[Quidway -ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[Quidway -ospf-1-area-0.0.0.0] network 6.6.6.0 0.0.0.255

7) Configure the P device.

The configuration of P device is the same as that of standard MPLS configuration.

Refer to the P router Configuration of BGP/MPLS VPN in Basic MPLS Operation

Manual.

1.5 Displaying and Debugging MPLS L2VPN

After the above configuration, you can verify your configuration concerning MPLS

L2VPN by executing the display command in any view and checking the output

information.

You can execute the debugging command in user view to debug MPLS L2VPN.


23

wx0180, 08/23/05,

规范问题：是具体的手册名吗？是否要斜体？


Table 1-1 Display and debug L2VPN

Configuration


Display information

about a CCC

connection

display ccc [ ccc-name |

type [ local | remote ] ]

You can execute the two

commands in any view.

Display information

about a Martini

MPLS L2VPN

connection

display mpls l2vc

[ interface vlan-interface

vlan-id | verbose ]

Display

VLL/Kompella

information about a

specified interface

display mpls l2vpn [

vsi_name [ local_ce |

remote_ce ] | connection [

vsi_name [ down | remote-

ce | up | verbose ] | brief |

interface Vlan-interface

vlan-id ] | forwarding-info {

vc-label | interface

interface-type } ]

Display information

about the system

or about Kompella

MPLS L2VPNs

display bgp l2vpn all

Enable debugging

for MPLS L2VPN

debugging mpls l2vpn { all

| advertisement | error |

event | connections [


vlan-id ] }

Execute this command in

user view.

1.6 Troubleshooting MPLS L2VPN

Symptom 1: Fail to configure Layer 2 VPN on the VLAN interface.

Solution:

Check to see if MPLS/BGP VPN, multicast, or VLL is enabled on the VLAN

interface. Because you cannot perform Layer 2 VPN configuration on a VLAN

interface if MPLS/BGP VPN, multicasting, or VLL is enabled on it.


24


Check to see if the VLAN is a Super-Vlan or a Sub-Vlan. You can perform the

Layer 2 VPN configuration only on common VLAN interfaces.

Symptom 2: Fail to ping the peer from one end of a Martini MPLS L2VPN

connection. The VC is down and the Remote value is invalid.

Solution:

VC state being down indicates the encapsulation types or VC IDs of the two

ends are not the same. Make sure the interface types (Access or Trunk) of the

two PE interfaces and the VC IDs of the two ends are consistent.

As for the invalid Remote value, make sure you have configured the Remote

parameters and the peer addresses correctly.

Symptom 3: Fail to ping the peer of a Kompella MPLS L2VPN connection. The

Connection is down and the VPN value is null.

Solution:

VPN value being null indicates the VPN is configured incorrectly. Make sure the

VPN configurations (such as RD, RT) of the both ends are consistent, and the

connection configurations of the two CEs on both ends are correct.

Connection being down indicates configurations concerning encapsulation of

the two ends are not the same. Make sure the encapsulation types and MTUs

configured for the local and remote PE devices are consistent. A connection

fails if the encapsulation types configured on the two ends are not the same.

Symptom 4: Fail to ping the peer end of a CCC MPLS L2VPN connection. The

sending and receiving channels are up, so does the linkconnection.

Solution:

Make sure the in-label and out-label configured on the both ends correspond to

each other. If a P device exists, make sure its forwarding connection

configuration is correct, and the next hop configured statically is configured.


25

mpls-l2vpn-vll

Documents

Transcript of mpls-l2vpn-vll