Hello everyone!
I`m trying to set up vpls connection between two sites in my lab environment.
I got 4 logical systems set up like this:
PE1 {
interfaces {
ge-0/1/8 {
unit 700 {
encapsulation vlan-vpls;
vlan-id 700;
}
}
lt-0/2/0 {
unit 0 {
description PE1>PE2;
encapsulation ethernet;
peer-unit 1;
family inet {
address 192.168.0.1/30;
}
family mpls;
}
unit 3 {
encapsulation ethernet;
peer-unit 4;
family inet {
address 192.168.0.5/30;
}
family mpls;
}
}
lo0 {
unit 1 {
family inet {
address 1.1.1.1/32 {
primary;
preferred;
}
}
}
unit 100 {
family inet {
address 192.168.100.1/24;
}
}
}
}
protocols {
rsvp {
interface lt-0/2/0.0;
interface lt-0/2/0.3;
}
mpls {
no-propagate-ttl;
label-switched-path PE1-PE2 {
from 1.1.1.1;
to 2.2.2.2;
}
label-switched-path PE1-PE4 {
from 1.1.1.1;
to 4.4.4.4;
}
interface lt-0/2/0.0;
interface lt-0/2/0.3;
interface lo0.1;
}
bgp {
group IBGP {
type internal;
local-address 1.1.1.1;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family evpn {
signaling;
}
peer-as 65000;
neighbor 3.3.3.3;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.1;
interface lt-0/2/0.0 {
interface-type p2p;
}
interface lo0.2;
interface lt-0/2/0.3 {
interface-type p2p;
}
}
}
}
policy-options {
community L2VPNA members target:65000:200;
}
routing-instances {
L2VPNA {
instance-type vpls;
interface ge-0/1/8.700;
route-distinguisher 1.1.1.1:200;
vrf-target target:65000:200;
protocols {
vpls {
site-range 3;
no-tunnel-services;
site L2VPNA_PE1 {
site-identifier 2;
}
}
}
}
L3VPNA {
instance-type vrf;
interface lo0.100;
route-distinguisher 65000:100;
vrf-import VPNA-IMPORT;
vrf-export VPNA-EXPORT;
vrf-target {
import target:65000:100;
export target:65000:100;
}
vrf-table-label;
}
}
routing-options {
router-id 1.1.1.1;
autonomous-system 65000;
resolution;
}
}
PE2 {
interfaces {
lt-0/2/0 {
unit 1 {
description PE2>PE1;
encapsulation ethernet;
peer-unit 0;
family inet {
address 192.168.0.2/30;
}
family mpls;
}
unit 5 {
encapsulation ethernet;
peer-unit 6;
family inet {
address 192.168.0.9/30;
}
family mpls;
}
}
lo0 {
unit 2 {
family inet {
address 2.2.2.2/32 {
primary;
preferred;
}
}
}
unit 102 {
family inet {
address 192.168.150.1/24;
}
}
}
}
protocols {
rsvp {
interface lt-0/2/0.1;
interface lt-0/2/0.5;
}
mpls {
no-propagate-ttl;
label-switched-path PE2-PE1 {
from 2.2.2.2;
to 1.1.1.1;
}
label-switched-path PE2-PE4 {
from 2.2.2.2;
to 4.4.4.4;
}
path PE2-PE4-long {
1.1.1.1 strict;
}
interface lt-0/2/0.1;
interface lt-0/2/0.5;
interface lo0.2;
}
bgp {
group IBGP {
type internal;
local-address 2.2.2.2;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family evpn {
signaling;
}
peer-as 65000;
neighbor 3.3.3.3;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lt-0/2/0.1 {
interface-type p2p;
}
interface lo0.2;
interface lt-0/2/0.5 {
interface-type p2p;
}
}
}
}
routing-options {
router-id 2.2.2.2;
autonomous-system 65000;
resolution;
}
}
PE4 {
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 192.168.4.1/24;
}
}
}
ge-0/1/9 {
unit 600 {
encapsulation vlan-vpls;
vlan-id 600;
}
}
lt-0/2/0 {
unit 8 {
encapsulation ethernet;
peer-unit 7;
family inet {
address 192.168.0.14/30;
}
family mpls;
}
}
lo0 {
unit 4 {
family inet {
address 4.4.4.4/32;
}
}
unit 101 {
family inet {
address 192.168.200.1/24;
}
}
}
}
protocols {
rsvp {
interface lt-0/2/0.8;
}
mpls {
no-propagate-ttl;
label-switched-path PE4-PE2 {
from 4.4.4.4;
to 2.2.2.2;
}
label-switched-path PE4-PE1 {
from 4.4.4.4;
to 1.1.1.1;
}
interface lt-0/2/0.8;
interface lo0.4;
}
bgp {
group IBGP {
type internal;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family evpn {
signaling;
}
export EXPORT-BGP;
neighbor 3.3.3.3 {
local-address 4.4.4.4;
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.4;
interface lt-0/2/0.8 {
interface-type p2p;
}
}
}
}
policy-options {
policy-statement EXPORT-BGP {
from {
route-filter 192.168.4.0/24 exact;
}
then {
next-hop self;
accept;
}
}
community L2VPNA members target:65000:200;
}
routing-instances {
L2VPNA {
instance-type vpls;
interface ge-0/1/9.600;
route-distinguisher 4.4.4.4:200;
vrf-target target:65000:200;
protocols {
vpls {
site-range 3;
no-tunnel-services;
site L2VPNA_PE4 {
site-identifier 1;
}
}
}
}
routing-options {
router-id 4.4.4.4;
autonomous-system 65000;
}
}
RR {
interfaces {
lt-0/2/0 {
unit 4 {
encapsulation ethernet;
peer-unit 3;
family inet {
address 192.168.0.6/30;
}
family mpls;
}
unit 6 {
encapsulation ethernet;
peer-unit 5;
family inet {
address 192.168.0.10/30;
}
family mpls;
}
unit 7 {
encapsulation ethernet;
peer-unit 8;
family inet {
address 192.168.0.13/30;
}
family mpls;
}
}
lo0 {
unit 3 {
family inet {
address 3.3.3.3/32;
}
}
}
}
protocols {
rsvp {
interface lt-0/2/0.4;
interface lt-0/2/0.6;
interface lt-0/2/0.7;
}
mpls {
no-propagate-ttl;
label-switched-path RR-PE4 {
from 3.3.3.3;
to 4.4.4.4;
}
label-switched-path RR-PE2 {
from 3.3.3.3;
to 2.2.2.2;
}
label-switched-path RR-PE1 {
from 3.3.3.3;
to 1.1.1.1;
}
interface lt-0/2/0.7;
interface lt-0/2/0.6;
interface lo0.3;
interface lt-0/2/0.4;
}
bgp {
group IBGP {
type internal;
local-address 3.3.3.3;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
family l2vpn {
signaling;
}
family evpn {
signaling;
}
cluster 0.0.0.1;
multipath;
neighbor 1.1.1.1;
neighbor 2.2.2.2;
neighbor 4.4.4.4;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lt-0/2/0.4 {
interface-type p2p;
}
interface lo0.3;
interface lt-0/2/0.6 {
interface-type p2p;
}
interface lt-0/2/0.7 {
interface-type p2p;
}
}
}
}
routing-options {
router-id 3.3.3.3;
autonomous-system 65000;
resolution;
}
}
So far so good.
But ping from CE1 to CE2 fails.
i`ve checked pseudo-wire both on PE1 and PE4 - it`s ok
run show vpls connections logical-system PE1
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch HS -- Hot-standby Connection
Legend for interface status
Up -- operational
Dn -- down
Instance: L2VPNA
Edge protection: Not-Primary
Local site: L2VPNA_PE1 (2)
connection-site Type St Time last up # Up trans
1 rmt Up Jan 7 13:28:14 2010 1
Remote PE: 4.4.4.4, Negotiated control-word: No
Incoming label: 262145, Outgoing label: 262162
Local interface: lsi.17826048, Status: Up, Encapsulation: VPLS
Description: Intf - vpls L2VPNA local site 2 remote site 1
run show vpls connections logical-system PE4
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch HS -- Hot-standby Connection
Legend for interface status
Up -- operational
Dn -- down
Instance: L2VPNA
Edge protection: Not-Primary
Local site: L2VPNA_PE4 (1)
connection-site Type St Time last up # Up trans
2 rmt Up Jan 7 13:28:14 2010 1
Remote PE: 1.1.1.1, Negotiated control-word: No
Incoming label: 262162, Outgoing label: 262145
Local interface: lsi.51380480, Status: Up, Encapsulation: VPLS
Description: Intf - vpls L2VPNA local site 1 remote site 2
[edit]
Both mac addresses are flooded
run show vpls mac-table logical-system PE1
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Logical system : PE1
Routing instance : L2VPNA
Bridging domain : __L2VPNA__, VLAN : NA
MAC MAC Logical NH RTR
addresssss flags interface Index ID
54:ab:3a:5f:11:a9 D ge-0/1/8.700
b8:70:f4:ae:6b:ec D lsi.17826048
run show vpls mac-table logical-system PE4
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Logical system : PE4
Routing instance : L2VPNA
Bridging domain : __L2VPNA__, VLAN : NA
MAC MAC Logical NH RTR
addresssss flags interface Index ID
54:ab:3a:5f:11:a9 D lsi.51380480
b8:70:f4:ae:6b:ec D ge-0/1/9.600
And both are in forwarding table:
run show route forwarding-table family vpls
Logical system: PE1
Routing table: L2VPNA.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 539 1
lsi.17826048 intf 0 indr 1048577 5
192.168.0.6 Push 262162, Push 299808(top) 942 2 lt-0/2/0.3
54:ab:3a:5f:11:a9/48 user 0 ucst 917 5 ge-0/1/8.700
0x30006/51 user 0 comp 952 2
b8:70:f4:ae:6b:ec/48 user 0 indr 1048577 5
192.168.0.6 Push 262162, Push 299808(top) 942 2 lt-0/2/0.3
ge-0/1/8.700 intf 0 ucst 917 5 ge-0/1/8.700
0x30003/51 user 0 comp 933 2
0x30001/51 user 0 comp 932 2
Logical system: PE4
Routing table: L2VPNA.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 551 1
lsi.51380480 intf 0 indr 1048574 5
192.168.0.13 Push 262145, Push 299824(top) 937 2 lt-0/2/0.8
54:ab:3a:5f:11:a9/48 user 0 indr 1048574 5
192.168.0.13 Push 262145, Push 299824(top) 937 2 lt-0/2/0.8
0x30005/51 user 0 comp 946 2
b8:70:f4:ae:6b:ec/48 user 0 ucst 918 5 ge-0/1/9.600
ge-0/1/9.600 intf 0 ucst 918 5 ge-0/1/9.600
0x30004/51 user 0 comp 936 2
0x30002/51 user 0 comp 935 2
But still i cannot ping CE1 from CE2