Tuesday, December 20, 2011

Implementation of EoMPLS (Ethernet Over MPLS)


Introduction
Layer 2 vpn is being used by many of service providers. It can be configure in two ways, one way to use l2 vpn over ip cloud with the help of l2tpv3 and another way is to use over mpls backbone by using encapsulation mpls. In this simulation I will be covering how to configure l2 mpls vpn over mplsvpn cloud.


Figure 1

R0-CE and R4-CE is looking for l2 vpn so that the communication is possible between the both as
they are on same local area network.

How Layer2 MPLS Works
Service provider should use the mpls in the whole cloud to provision l2mpls vpn. The forwarding will be the same as it happens in the case of layer 3 vpn, the only difference is that in that case the customer pool is advertised via MP-iBGP which works as full mesh but in this scenario only point to point will work. If the customer is looking for point to multipoint in that case VPLS (Virtual Private Lan Services) need to be configured which requires minimum of 7600 series router with sip and spa card. In this scenario customer link is terminated on PE router and with the help of xconnect l2 vpn is configured. For every layer2 a unique vc (virtual circuit) is required and the label is generated for that vc only. In our example we are using 100 as vcid, which should be unique on both PEs. When ever the l2 session comes up a new ldp session is being established between the both PEs and the connection is virtually treated as directly connected connection. In simple ldp neighbourship, only directly connected peers can establish the LDP neighbourship but in l2 circuits we get the LDP neighbourship which are not directly connected.

The discovery mechanism is used by the directly connected LDP peers is known to basic discovery
and by l2 circuits is known as extended discovery. Both the peers exchange the targeted hello
messages with each other. TCP session is established by the peers but hellos are exchanged as udp packets over multicast address 224.0.0.2.

Session is always established on loopback address with the remote router and that loopback should be the ldp router id else it won’t work. (Never Perform Loopback Summarization in MPLS)

How The Labels Will Exchange
When the circuit comes up a local label is generated on the basics of vc id and is
exchanged with the remote end router and vice versa.

How The Forwarding Will Work
Labels are already exchanged in the service provider cloud for loopbacks. It means every router is having label information for reaching any other router in the cloud. That label will work as top label which is going to swap at each and every hop underneath that label a vc label is stored which will only come in picture when the packet will reach to its destination PE and that PE has the information of that label against that vc id consequence ip packet will forward towards the customer end.

In figure 1, label 17 is used for IGP and label 19 is used for vc 100. When the packet comes from R0-CE label 19 is imposed on packet against vc 100 and on that one more label is imposed which is 17. In the path only label 17 will be swapped. As in figure1, When label 17 is imposed and forwards to the outgoing interface which is connected to R2-P router. On R2-P router LFIB is checked for label 17 and the outgoing label is showing as pop label because R3-PE is advertising its directly connected interface as implicit null. So at R2-P the top most label is removed and packet is forwarded towards R3-PE with label 19. When the packet reached R3-PE label 19 is checked in local database and come to know that it is being generated for vc 100 consequence ip packet delivered to R4-CE.

How To Check The Status Of Circuit
R1#show mpls l2transport summary
Destination address: 30.30.30.30, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering
1 active vc on MPLS interface Fa0/0
Output 1

How To Check The Neighbourship
R1#show mpls ldp neighbor
Peer LDP Ident: 20.20.20.20:0; Local LDP Ident 10.10.10.10:0
TCP connection: 20.20.20.20.20465 - 10.10.10.10.646
State: Oper; Msgs sent/rcvd: 20/21; Downstream
Up time: 00:11:05
LDP discovery sources:
FastEthernet0/0, Src IP addr: 1.1.1.2
Addresses bound to peer LDP Ident:
1.1.1.2 20.20.20.20 2.2.2.2
Peer LDP Ident: 30.30.30.30:0; Local LDP Ident 10.10.10.10:0
TCP connection: 30.30.30.30.31666 - 10.10.10.10.646
State: Oper; Msgs sent/rcvd: 19/19; Downstream
Up time: 00:09:08
LDP discovery sources:
Targeted Hello 10.10.10.10 -> 30.30.30.30, active, passive
Addresses bound to peer LDP Ident:
2.2.2.1 30.30.30.30
Output 2

How to Check The Label Generated And Received
R1#sh mpls l2transport binding
Destination Address: 30.30.30.30, VC ID: 100
Local Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: n/a
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2]
Remote Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: n/a
VCCV: CC Type: CW [1], RA [2]
Output 3

Output 2 depicts that l2 session is established with peer 30.30.30.30 against VCID 100.
For this particular VCID local label 19 is generated and the 19 is receiving from the
30.30.30.30 peer. The label can be different also. The local label of R1-PE will become
the remote label on R3-PE. Below command depicts the same

R3#show mpls l2transport binding
Destination Address: 10.10.10.10, VC ID: 100
Local Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: n/a
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2]
Remote Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: n/a
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2]
Output 4

The output of Output 3 and 4 depicts that the label exchange information is going correct.
The same command can be used for troubleshooting also.

How To Check The MPLS Forwarding
R1#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 20.20.20.20/32 0 Fa0/0 1.1.1.2
17 Pop tag 2.2.2.0/30 0 Fa0/0 1.1.1.2
18 17 30.30.30.30/32 0 Fa0/0 1.1.1.2
19 l2ckt(100) 9067 none point2point
Output 5

From Output 5 it is cleared that 17 label is used as outgoing label 19 label is used for vcid 100 which is point to point connection. Now check the output of MPLS forwarding on R2-P router where 17 should be the local label and pop label is used as outgoing label.

R2#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 10.10.10.10/32 0 Fa0/0 1.1.1.1
17 Pop Tag 30.30.30.30/32 4350 Fa0/1 2.2.2.1
Output 6

How To Check The Label Stack Which Is Depicted In Figure 1
R1#sh mpls l2transport vc 100 detail
Local interface: Fa0/1 up, line protocol up, Ethernet up
Destination address: 30.30.30.30, VC ID: 100, VC status: up
Next hop: 1.1.1.2
Output interface: Fa0/0, imposed label stack {17 19}
Create time: 00:06:10, last status change time: 00:05:37
Signaling protocol: LDP, peer 30.30.30.30:0 up
MPLS VC labels: local 19, remote 19
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 70, send 70
byte totals: receive 7603, send 7603
packet drops: receive 0, seq error 0, send 0
Output 7

Check End To End Connectivity
R0#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 372/560/756 ms
Output 8

Configurations
R0-CE
interface FastEthernet0/1
Description ### Connected With Service Provider End ###
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto

R1-PE
mpls label protocol ldp
interface Loopback0
ip address 10.10.10.10 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.252
ip ospf 1 area 0
duplex auto
speed auto
mpls label protocol ldp
mpls ip
!
interface FastEthernet0/1
description ### CE Is Coming On This Interface ###
no ip address
duplex auto
speed auto
xconnect 30.30.30.30 100 encapsulation mpls
!
router ospf 1
log-adjacency-changes
mpls ldp router-id Loopback0 force

R2-P
mpls label protocol ldp
interface Loopback0
ip address 20.20.20.20 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 1.1.1.2 255.255.255.252
ip ospf 1 area 0
duplex auto
speed auto
mpls label protocol ldp
mpls ip
!
interface FastEthernet0/1
ip address 2.2.2.2 255.255.255.252
ip ospf 1 area 0
duplex auto
speed auto
mpls label protocol ldp
mpls ip
!
router ospf 1
!
mpls ldp router-id Loopback0 force


R3-PE
mpls label protocol ldp
interface Loopback0
ip address 30.30.30.30 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
xconnect 10.10.10.10 100 encapsulation mpls
!
interface FastEthernet0/1
ip address 2.2.2.1 255.255.255.252
ip ospf 1 area 0
duplex auto
speed auto
mpls label protocol ldp
mpls ip
!
router ospf 1
mpls ldp router-id Loopback0 force


R4-CE
interface FastEthernet0/0
Description ### Connected With Service Provider End ###
ip address 192.168.1.2 255.255.255.0
duplex auto
speed auto

People who read this post also read :



6 comments:

strong vpn said...

very informative, i was stuck in config of R1-PE for 100 ips, now i can easily configure!

Business Web Hosting said...

Somehow all that data has to go back and forth between your offices and your cloud service provider.

Unknown said...

What if i use L3 switch as CE router for wimax links termination direct on ethernet port of L3 switch

Anonymous said...

Hi,

I'm also trying to achieve something which is similar on your post. I'm looking at increasing the port count on the PE.

Based on your post, would you think it would be possible to have a 2960X or a 3750X switch uplinked via a routed port-channel to the ME switch. This would give you the extended ports where we could assign the VLAN on the 3750X switch and then pick up the VLAN by creating a sub-interface from the port-channel on the ME switch and apply the x-connect configuration for the EoMPLS?

Thanks.

Anonymous said...

Hi,

I'm also trying to achieve something which is similar on your post. I'm looking at increasing the port count on the PE.

Based on your post, would you think it would be possible to have a 2960X or a 3750X switch uplinked via a routed port-channel to the ME switch. This would give you the extended ports where we could assign the VLAN on the 3750X switch and then pick up the VLAN by creating a sub-interface from the port-channel on the ME switch and apply the x-connect configuration for the EoMPLS?

Thanks.

Unknown said...

Good job,
Simple and straight learning .....

topology points 10.1.1.0/30 and 10.1.2.0/30 networks between R1-R2-R3, instead it should be corrected to 1.1.1.0/30 and 2.2.2.0/30 networks ....

Regs Ravi