IOS XE 15.5
IOS XR 5.3
The topology for this demo:
This post will be a focus on P2MP or E-TREE with VPLS. In prior posts we took a look at MP2MP with auto discovery, but we haven't taken a look at it with a manual configuration. Really there isn't much different. In the BGP AD or auto discovery method, we exlicitly configure route target values to be imported and exported. Here we are going to basically going to form P2P psuedowires between the appropriate PEs and use the VPLS domain to flood the data.
The concept of an "E-TREE" is basically where one PE is the "root" and the other PEs are the "leafs". The idea is to explicitly configure a PE to be the root, where we might have a customer that requires connectivity to all sites, but doesn't want the "leaves" to be able to talk to each other. From the Enterprise perspective, I could configure DMVPN in a phase 1 design to accomplish this, but since we're the MPLS L2VPN provider, it's our job. So, we'll configure R1 to be the root of bridge domain 800. R3 and R6 will be the leaves, where we will configure R3 and R6 to only peer with R1, R1 peers with both R3 and R6.
R1
interface g2
service instance 800 ethernet
encapsulation dot1q 800
!
template type pseudowire E_TREE
encapsulation mpls
!
interface pseudowire13
source template type pseudowire E_TREE
neighbor 192.168.1.3 13
interface pseudowire16
source template type pseudowire E_TREE
neighbor 192.168.1.6 16
!
l2vpn vfi context E_TREE
vpn id 800
member pseudowire16
member pseudowire13
!
bridge-domain 800
member GigabitEthernet2 service-instance 800
member vfi E_TREE
One thing that I used this time, due to repetitive configuration is the template option. If you create a pseudowire template/class you can use this in the same a BGP peer group or Prefix List is used. Since I had 3 separate PWs to configured, the template allows me to configure PW specific configurations, like encapsulation, control word, sequencing etc. More on PW advanced stuff later on.
R3
interface g2
service instance 800 ethernet
encapsulation dot1q 800
!
template type pseudowire E_TREE
encapsulation mpls
!
interface pseudowire31
source template type pseudowire E_TREE
encapsulation mpls
neighbor 192.168.1.1 13
!
l2vpn vfi context E_TREE
vpn id 800
member pseudowire31
!
bridge-domain 800
member GigabitEthernet2 service-instance 800
member vfi E_TREE
R6
interface g2
service instance 800 ethernet
encapsulation dot1q 800
!
template type pseudowire E_TREE
encapsulation mpls
!
interface pseudowire61
source template type pseudowire E_TREE
encapsulation mpls
neighbor 192.168.1.1 16
!
l2vpn vfi context E_TREE
vpn id 800
member pseudowire31
!
bridge-domain 800
member GigabitEthernet2 service-instance 800
member vfi E_TREE
Now we can look to see what we have going on in the VPLS domain.
R1
R1#sh l2vpn atom vc | in E_TREE
pw13 192.168.1.3 13 vfi E_TREE UP
pw16 192.168.1.6 16 vfi E_TREE UP
Here we can see that the 2 PWs, 1 to R3 and 1 to R6 are both up.
R1#sh bridge-domain 800
Bridge-domain 800 (4 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
GigabitEthernet2 service instance 800
vfi E_TREE neighbor 192.168.1.5 15
vfi E_TREE neighbor 192.168.1.3 13
vfi E_TREE neighbor 192.168.1.6 16
AED MAC address Policy Tag Age Pseudoport
0 000C.2990.89E9 forward dynamic 299 GigabitEthernet2.EFP800
1 FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0xe8790900
0 000C.29BA.0E21 forward dynamic 300 E_TREE.1004030
0 000C.2994.B818 forward dynamic 297 E_TREE.1004034
We can see that R1 is learning MAC addresses from R3 and R6, as well as from the EFP which is attached to R13. Clearly it's working, but here's the thing, R1 has 2 connections, R3 and R6 will only have 1 each.
R3
R3#sh l2vpn atom vc | in E_TREE
pw31 192.168.1.1 13 vfi E_TREE UP
R3#sh bridge-domain 800
Bridge-domain 800 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
GigabitEthernet2 service instance 800
vfi E_TREE neighbor 192.168.1.1 13
AED MAC address Policy Tag Age Pseudoport
0 000C.2990.89E9 forward dynamic 299 E_TREE.1004019
1 FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0xe7f4ecf0
0 000C.29BA.0E21 forward dynamic 299 GigabitEthernet2.EFP800
R6
R6#sh l2vpn atom vc | in E_TREE
pw61 192.168.1.1 16 vfi E_TREE UP
R6#show bridge-domain 800
Bridge-domain 800 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
GigabitEthernet2 service instance 800
vfi E_TREE neighbor 192.168.1.1 16
AED MAC address Policy Tag Age Pseudoport
0 000C.2990.89E9 forward dynamic 298 E_TREE.100402a
1 FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0xe87208f0
0 000C.2994.B818 forward dynamic 300 GigabitEthernet2.EFP800
So we see that R3 and R6 both connect to R1. Let's see what the customer sees
R1 has 2 connections, 1 to R10 and the other to R7.
R1
R13#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
14 192.168.80.10 Gi2.800 14 01:22:46 152 912 0 315
13 192.168.80.7 Gi2.800 10 01:23:07 1 4500 0 46
R7 and R10 both connect just to R13.
R7#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
5 192.168.80.13 Gi1.800 14 01:23:49 93 558 0 353
R10#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
10 192.168.80.13 Gi1.800 14 01:23:43 57 342 0 362
Thanks for stopping by!
Rob Riker, CCIE #50693
No comments:
Post a Comment