I need to set up a VPLS (or it could be an L2VPN) between two locations.
Within this VPLS, the customer is expected to run its own L2, so I have no way to know which VLANs they are going to use and I want to let the customer the freedom to trunk all if he wishes to, or to trunk specific VLANs.
The goal is that the customer does whatever he wants without having to ask for configuration changes for adding or removing a VLAN.
On an MX to MX, this is pretty straightforward. However, in my case, the customer is connected to an EX switch and not directly to the MX router. The MX and the EX are connected together with multiple 10G links.
I would like to know if it is possible to terminate "physically" a VPLS on an intermediate an EX switch and if so, any guidance would be extremely appreciated.
totally possible! in fact I have this setup for multiple customers and been in production for years now. There might be a better implementation of this, or my setup might not be industry recommended (which is what Im hoping to find out on this thread as well!!!). I use S-tag for transport over backbone, and do QinQ on the edge EX switches. so everything is encapsulated within one vlan from service provider stand point. This is my base config on the MX (PE node):set routing-instances TEST-VPLS instance-type vplsset routing-instances TEST-VPLS vlan-id <vlan-id>set routing-instances TEST-VPLS interface xe-7/1/1.<vlan-id>set routing-instances TEST-VPLS route-distinguisher <lo0 IP>:xxxxset routing-instances TEST-VPLS vrf-target target:100:xxxxset routing-instances TEST-VPLS protocols vpls site-range 65534set routing-instances TEST-VPLS protocols vpls interface xe-7/1/1.<vlan-id>set routing-instances TEST-VPLS protocols vpls no-tunnel-servicesset routing-instances TEST-VPLS protocols vpls site PE1 site-identifier 1set routing-instances TEST-VPLS protocols vpls vpls-id xxxx1
xe-7/1/1 is the 10G connecting to EX which is our edge EX3400-24t. here is the config on EX:
set interfaces xe-0/2/0 description "UPLINK - to xe-7/1/1"set interfaces xe-0/2/0 vlan-taggingset interfaces xe-0/2/0 mtu 9216set interfaces xe-0/2/0 encapsulation extended-vlan-bridgeset interfaces xe-0/2/0 unit <vlan-id> description <description>set interfaces xe-0/2/0 unit <vlan-id> vlan-id <vlan-id>
set interfaces xe-0/2/3 description "Handoff to customer"set interfaces xe-0/2/3 flexible-vlan-taggingset interfaces xe-0/2/3 native-vlan-id <vlan-id>set interfaces xe-0/2/3 mtu 9216set interfaces xe-0/2/3 encapsulation extended-vlan-bridgeset interfaces xe-0/2/3 unit <vlan-id> description <description>set interfaces xe-0/2/3 unit <vlan-id> vlan-id-list 1-4094set interfaces xe-0/2/3 unit <vlan-id> input-vlan-map pushset interfaces xe-0/2/3 unit <vlan-id> output-vlan-map pop
EX is actually performing the QinQ, I believe you can do this on the MX as well, I preferred to offload that to the CPE as my MX is doing a lot of work. in case needed (like some of my customers) you can allow customer to pass L2 control protocol such as cdp/stp over this setup as well. here is whats needed for this step:
set protocols layer2-control mac-rewrite interface xe-0/2/3 protocol stpset protocols layer2-control mac-rewrite interface xe-0/2/3 protocol vtpset protocols layer2-control mac-rewrite interface xe-0/2/3 protocol cdpset protocols layer2-control mac-rewrite interface xe-0/2/3 protocol vstp
by experience I know different images act differently when it comes to L2CP and integration of that with customers cisco devices. Im using junos 15.1 on EX, tested this on 20.2 with EX4650's as well and it worked. I'm hoping to have experts comment on my setup as well :) is there a better/easier/cleaner way to do this?
best of luck!
I am very thankful for your reply.
I saw a similar but less complete solution while digging the forums, but your example is really awesome and I will surely give it a try. It really saves a lot of headaches to see an option and know that it is working.
I thought I was alone with my corner case and I am glad to see this is not so uncommon. This is very interesting, especially when comparing the density-price per port of an EX/QFX L3 switch vs an MX router (of course the oversubscription is an important part to consider, but it is not a concern in this specific case).
Anyway, I would like to thank you again for taking the time to reply and to share your solution with me!
Glad it was what you needed. looks like I missed a part of the config on EX, you still need to create the vlan and add the interfaces to it. in some case I have this setup traversing more than just 1 EX switch, you can basically extend the vpls (the vlan) over as many switches as you want. this obviously introduces more concerns regarding L2 loops and broadcast domain, but that is a whole different discussion :)