Junos OS

Expand all | Collapse all

H-VPLS with multiple L2circuits to one neighbor

Jump to Best Answer
  • 1.  H-VPLS with multiple L2circuits to one neighbor

    Posted 01-16-2013 06:46

    Hi,

    I'm running into a limitation on JUNOS. I can't imagine that it's not possible, so I'm desperately looking for expertise on this subject 🙂

     

    I want to make a VPLS with 3 connections (in the production network there could be much more PE's, but in the lab there is only 1). One connections is a physical connection inside the VPLS on the PE router. 

    The other 2 connections are LDP signaled L2circuits to create a H-VPLS configuration.

     

    The topology looks like the drawing below.

     

    Lab topology.jpg

     

    Configuration looks like this:

     

    routing-instances {
        BSOD-ELAN {
            instance-type vpls;
            interface ge-0/1/0.3300;
            protocols {
                vpls {
                    no-tunnel-services;
                    site CE3 {
                        site-identifier 1;
                        interface ge-0/1/0.3300;
                    }
                    mesh-group CE1 {
                        vpls-id 3300;
                        neighbor 1.1.1.1;
                    }
                    mesh-group CE2 {
                        vpls-id 3301;
                        neighbor 1.1.1.1;
                    }
                }
            }
        }
    }

     

    Now this configuration will NOT commit. JUNOS does not support multiple L2circuits in a single H-VPLS configuration going to the same neighbor, although they are different VPLS-IDs (VC IDs). 

     

    It does work in multiple VPLS configurations or when using different neighbors. 

    I tried using a second loopback address on the CMTS (neighbor 1.1.1.1), but as there is still only a single TCP session. The pseudowire using the second loopback address is not coming up as well.

     

    The CMTS does not support any other signaling than LDP xconnects (Cisco UBR), so this is the only option we have on the CMTS. On the MX we are free to use any configuration necessary.

     

    Does anybody have experience with this kind of set-up, so a PE router with multiple CE's behind it setting up multiple L2circuits. 



  • 2.  RE: H-VPLS with multiple L2circuits to one neighbor
    Best Answer

    Posted 01-16-2013 07:21

    Hello there,

    I tried to configure same setup using logical systems on MX80, JUNOS 12.2.R2 in the lab (but wthout CMTS, of course) and it commits & works:

     

    aarseniev@mx80# show routing-instances 
    LDP-VPLS {
        instance-type vpls;
        vlan-id 2022;
        interface ge-1/1/10.2022;
        protocols {
            vpls {
                no-tunnel-services;
                site CE3 {
                    interface ge-1/1/10.2022;
                }
                mesh-group MG1 {
                    vpls-id 2022;
                    neighbor 203.0.113.3 {
                        encapsulation-type ethernet-vlan;
                    }
                }
                mesh-group MG2 {
                    vpls-id 2023;
                    neighbor 203.0.113.3 {
                        encapsulation-type ethernet-vlan;
                    }
                }
            }
        }
    }

     

    aarseniev@mx80# run show vpls connections logical-system MX1-RR 
    Layer-2 VPN connections:
    
    Legend for connection status (St)   
    EI -- encapsulation invalid      NC -- interface encapsulation not CCC/TCC/VPLS
    EM -- encapsulation mismatch     WE -- interface and instance encaps not same
    VC-Dn -- Virtual circuit down    NP -- interface hardware not present 
    CM -- control-word mismatch      -> -- only outbound connection is up
    CN -- circuit not provisioned    <- -- only inbound connection is up
    OR -- out of range               Up -- operational
    OL -- no outgoing label          Dn -- down                      
    LD -- local site signaled down   CF -- call admission control failure      
    RD -- remote site signaled down  SC -- local and remote site ID collision
    LN -- local site not designated  LM -- local site ID not minimum designated
    RN -- remote site not designated RM -- remote site ID not minimum designated
    XX -- unknown connection status  IL -- no incoming label
    MM -- MTU mismatch               MI -- Mesh-Group ID not available
    BK -- Backup connection          ST -- Standby connection
    PF -- Profile parse failure      PB -- Profile busy
    RS -- remote site standby        SN -- Static Neighbor
    LB -- Local site not best-site   RB -- Remote site not best-site
    VM -- VLAN ID mismatch
    
    Legend for interface status 
    Up -- operational           
    Dn -- down
    
    Instance: VPN-C2
      Local site: CE11 (2)
        connection-site           Type  St     Time last up          # Up trans
        1                         rmt   Up     Jan  9 20:03:53 2013           1
          Remote PE: 203.0.113.3, Negotiated control-word: No
          Incoming label: 262177, Outgoing label: 262154
          Local interface: lsi.118489091, Status: Up, Encapsulation: VPLS
            Description: Intf - vpls VPN-C2 local site 2 remote site 1
    
    Instance: LDP-VPLS
      Mesh-group connections: MG1
        Neighbor                  Type  St     Time last up          # Up trans
        203.0.113.3(vpls-id 2022) rmt   Up     Jan 16 16:11:27 2013           1
          Remote PE: 203.0.113.3, Negotiated control-word: No
          Incoming label: 262401, Outgoing label: 262401
          Negotiated PW status TLV: No
          Local interface: lsi.118489092, Status: Up, Encapsulation: VLAN
            Description: Intf - vpls LDP-VPLS neighbor 203.0.113.3 vpls-id 2022
      Mesh-group connections: MG2
        Neighbor                  Type  St     Time last up          # Up trans
        203.0.113.3(vpls-id 2023) rmt   Up     Jan 16 16:11:27 2013           1
          Remote PE: 203.0.113.3, Negotiated control-word: No
          Incoming label: 262402, Outgoing label: 262402
          Negotiated PW status TLV: No
          Local interface: lsi.118489093, Status: Up, Encapsulation: VLAN
            Description: Intf - vpls LDP-VPLS neighbor 203.0.113.3 vpls-id 2023
    

     I suspect that because you haven't explicitly specified "encapsulation-type" under mesh-group <> neighbor <>, then it defaulted to ETHERNET as opposed to ETHERNET-VLAN. And because one cannot have port-based L2circuit to 2 separate active neighbors, your commit fails.

    HTH

    Thanks

    Alex



  • 3.  RE: H-VPLS with multiple L2circuits to one neighbor

    Posted 01-17-2013 01:53

    Hi Alex,

     

    Thanks for the great reply!  It depends a little what the Cable Modems support, they should specify (and support) the VLAN encapsulation towards the CMTS. Testing it today and will let know the results.

     

    Again thanks!

     

    Rick



  • 4.  RE: H-VPLS with multiple L2circuits to one neighbor

    Posted 01-24-2013 01:23

    In turned out that this is a limitation of JUNOS 10.4. The MX in the lab is now upgraded to JUNOS 11.4R6.5 and everything works now! 

     

    We now run into another limitation and that is the amount of mesh-groups we can create. As we need different VPLS-ID's (VC-IDs) for each pseudowire going over the CMTS towards cable modems we need to configure them in separate mesh-groups.

     

    The current limitation of the MX is that you can configure a maximum of 14 mesh-groups.

    There could be situations that there are more than 14 customers behind one CMTS. 

     

     

    The Junos OS can support up to 16 mesh groups on MX Series routers and up to 128 on M Series and T Series routers. However, two mesh groups are created by default, one for the CE routers and one for the PE routers. Therefore, the maximum number of user-defined mesh groups is 14 for MX Series routers and 126 for M Series and T Series routers. PE router mesh groups are not supported on J Series routers.

     

    What surprises me is that this tight limit is only on the MX platform, as the documentation states that M/T series support up to 126 mesh-groups. Where the MX is a MUCH stronger box than many M and T serie devices. 

    Would anyone know why this limitation is there and about a workaround that we would be able to use?



  • 5.  RE: H-VPLS with multiple L2circuits to one neighbor

    Posted 08-22-2014 14:13

    Hi Rick

     

    did you ever find a way to have more than 14 neighbours in a vpls group on the MX platform ? i have a requirement for 130 odd neigbours each with unique vc-ids under the same vpls instance.

     

    Thanks



  • 6.  RE: H-VPLS with multiple L2circuits to one neighbor

    Posted 12-02-2014 23:44

    Just for the benefit of anyone else the feature below was added from 14.2, which addreses this exact requrement.

     

    Create multiple pseudowires on a per-virtual circuit basis (MX Series)—Starting in

    Junos OS Release 14.2, you can create multiple pseudowires between the same pair

    of PEs in LDP-VPLS for a single routing instance, using the same loopback address.

    Do this with the vpls-id-list option under LDP-VPLS neighbor. For each pseudowire

    created under a neighbor, VPLS creates a VT/LSI interface and adds both it and the

    labelroute to the mpls.0 table. Each pseudowire terminates in its specifiedmesh-group.

    Support is added at the following CLI hierarchy level: [edit routing-instances

    routing-instance-name protocols vpls mesh-group mesh-group-name neighbor address

    pseudowire-status-tlv vpls-id-list vc-id-numbers 1-4294967295]. For more information,

    see the vpls-id-list command reference



  • 7.  RE: H-VPLS with multiple L2circuits to one neighbor

    Posted 05-08-2020 05:04

    That's an old request, but if someone is facing the same issue, you can use l2circuit and stitch them to your vpls using logical-tunnels.

     

    BR,

    Amine