Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWITCH ROUTER-GSR

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Any Transport Over MPLS- AToM in Gigabit Switch Router- GSR with Cisco expert Syed Nawaz. Nawaz is a Software Engineer with the Carrier Core and Multiservice Business Unit at Cisco Systems, Inc. He is currently working as a team lead for Any Transport over MPLS - AToM. During the Networkers in August, 2003 he was the lead of the Design Clinic staff for High End Routing. Feel free to post any questions relating to Any Transport Over MPLS- AToM in Gigabit Switch Router- GSR. Remember to use the rating system to let Nawaz know if you’ve received an adequate response.

Nawaz might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through November 21. Visit this forum often to view responses to your questions and the questions of other community members.

21 REPLIES
New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hello,

i am working for an ISP and we need to migrate our network to MPLS.We r planning to provide MPLS VPN , MPLS TE, End to end QoS , attacks Restrictions ( coming from outside and from our registered Users) .

we r running a Catalyst 5509 as a backbone Layer 3 Switch ( serving our corporate users) and two Cisco router 7206 vxr with NPE 400 ,one is serving as a Main Gate and Broadband access aggregator for our PPPoE clients and the second one is used as LNS( terminating L2TP tunnels) for our dialup customers.

i don't know how could i start with this , i am new for MPLS.

i am asking what do we need as hardware wise to build a MPLS Network ( Backbone, PE , CE) ? could it be done with the actual devices used ? if not what should i have

then how the features above will be provided to our customers ?

could you please guide me through Basic and simple Docs or urls that elaborate MPLS concept plus implementation , basic configuration .

Thanks & Best Regards,

Ali.

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hello

no insights on my post!!!

Regards,

Ali

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Ali,

Sorry for the delay..

Here is the Info you requested:

how the features above will be provided to our customers ?

You can enable MPLS TE in the core to achieve End-to-End QoS ..Deploy VPN at the edge where you can terminate your PPPoE clients and Dialup customers.

what do we need as hardware wise to build a MPLS Network ( Backbone, PE , CE) ? could it be done with the actual devices used ?

72XX does support MPLS but I am not sure about Catalyst 5509 support for MPLS..You need to check with the Cisco Product support for CAT 5509.

The following links provides you with more information on MPLS concepts and its deployment...

http://www.cisco.com/networkers/nw01/pres/preso/RoutingandSwitchingTechnologies/RST-130-final2.pdf

http://www.cisco.com/en/US/tech/tk436/tk428/tech_configuration_examples_list.html

Let me know if you have any other questions...

Thanks

Nawaz

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

I work in a SP in Florida as a Network Design Engineer and we have currently deployed MPLS VPN in our networks.There are few plans of moving on to L2VPN .

Can you explain me the requirements of deploying AToM as well as detailed explanation of its mechanism.

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Alfred,

If you want to deploy AToM the only requiremnt is the core should be either MPLS enabled or MPLS TE enabled(worst case with few exceptions).

Any Transport over Multiprotocol Label Switching (AToM) is the Cisco solution for transporting Layer 2 packets over a Multiprotocol Label Switching (MPLS) backbone.

AToM Mechanism:

AToM uses a directed LDP session between edge routers for setting up and maintaining connections.Forwarding occurs through the use of 2 level labels,switching between the edge routers.The external label(tunnel label) routes the packet over the MPLS backbone to the egress Provider edge(PE) at the ingress PE. The VC label determines the egress interface , and it binds the layer 2 egress interface to the tunnel label.

thanks

Nawaz

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Nawaz,

How are you?

My question is how many level of label stacking will have when emulated L2 circuit is carried over a MPLS TE tunnel? In general MPLS TE tunnel has two level label stacking, is it right?

Qiu

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi qiu,

MPLS TE tunnel label stack varies for different deployment scenarios.

take for eg the topology below.:

P1--P2--P3--P4--P5

Scenario 1:

if you configure a TE tunnel from P1 to P2 its a one hop tunnel , then the label stack will be either 1 or 0 depending on whether you enabled PHP(penultimate hop popping) on P2 or not

Scenario 2:

If you configure a TE tunnel from P1 to P3 or P1 to P4 it is more than 1 hop hence the label stack is 1 or 2(if PHP is disabled at P3 for P1->P3 tunnel or PHP is disabled at P4 for P1->P4 tunnel)

Scenario 3:

If the following 3 conditions are met:

1.Enabled MPLS(basic) on all P routers

2.Configured a TE tunnel from P1 to P3

3.Enabled MPLS on the TE tunnel

and if you send a packet from p1 to P5 then the number of labels used will be 2 .

The top most will be a TE tunnel label to switch packet from tunnel head (P1) to tunnel tail (P3) and the 2nd label will be a MPLS label for P3,P4 to switch the packet based on MPLS(basic) label to P5

Now to answer your question on level of label stacking will have when emulated L2 circuit is carried over a MPLS TE tunnel..what we need to add is 1 more AToM label for all the above cases..

For Scenario 1: it will be 1 or 2 if PHP enabled

For Scenario 2: it will be 2 or 3 if PHP enabled

For Scenario 3: it will be 3

the following link provides you with more info on MPLS TE labels with AToM

http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a008016102a.html#1056790

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Nawaz,

My Question revolved around QoS for L2VPN.

What are the different QoS features supported for EoMPLS,ATMoMPLS and FRoMPLS.

regards

Robert

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Robert,

Here are the different QoS mechanisms supported for different Transports.

EoMPLS:

*******

At the edge, Ethernet frames can be prioritized and bandwidth can be allocated between classes in order to implement sophisticated Service Level Agreements (SLAs). At the core, packets are treated according to their MPLS EXP marking, and the QoS policies implemented in the core of the network. EoMPLS supports 802.1p mapping to MPLS EXP bits.

It is also possible to assign an EXP value and to disregard the 802.1p value from the incoming interface. As a whole,the QoS mechanisms supported allow Service Providers to implement sophisticated SLAs for Ethernet subscribers while maintaining a scalable core design.

ATMoMPLS:

*********

AAL5 over MPLS sets the EXP bits in the MPLS header based on a static value or based on traffic policing (RFC 2697 / RFC 2698). Cell-Loss-Priority (CLP) marking is possible in the egress port where traffic is delivered to the subscriber. However, ingress EXP bit setting based on the cell-loss-priority (CLP) value in the cell header will be

supported in Phase 2.

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hello Nawaz,

We are thinking to deploy AToM over our network with some aprteners in other domains. We have succesfully tested some configuration but we need some especial.

We must cross multiple domain.

So we have decided that the best solution to cross domains is to make one Traffic engineered tunnel to the first domain router, to stitch the LSP to another LSP to transport to the Border of the another domain, and there to stitch to another LSP.

The midle domain is Juniper based and it's support LSP stitching. But the problem is that we don't no how to attach the TE- LSP to the L2 circuit. The VC ID are exchanged properly, any traffic between PE1 and PE2 are passing through the TE tunnel, but the L2 circuit report:

tb1.nl#show mpls l2transport vc detail

Local interface: PO4/1/0 up, line protocol up, HDLC up

Destination address: 172.19.0.1, VC ID: 1, VC status: down

Preferred path: not configured

Default path: path untagged

Tunnel label: not ready

Output interface: unknown, imposed label stack {}

Create time: 4d21h, last status change time: 00:43:25

Signaling protocol: LDP, peer 172.19.0.1:0 up

MPLS VC labels: local 16, remote 16

Group ID: local 0, remote 3

MTU: local 4470, remote 4470

Remote interface description: Link to FR

Sequencing: receive disabled, send disabled

VC statistics:

packet totals: receive 338, send 0

byte totals: receive 1352, send 0

packet drops: receive 0, send 0

The tunnel config is:

interface Tunnel1

description tn-to-IT

ip unnumbered Loopback0

no ip directed-broadcast

tunnel destination 172.18.0.1

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng autoroute announce

tunnel mpls traffic-eng path-option 1 explicit identifier 1

tunnel mpls traffic-eng record-route

If we put all routers in the same domain, and we make one direct tunnel between the two PE everithing is working fine with this config.

Do you have any idea how can we fix this issue ?

Thank you,

Regards

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi ,

The best way to attach a L2 VPN circuit to a TE tunnel is to use Tunnel Selection feature in AToM.

For every AToM VC you can specify a predefined TE path..

The config is as follows:

To specify the path that traffic uses (an MPLS TE tunnel or destination IP address/DNS name), use the

preferred-path command in pseudowire submode configuration mode.

preferred-path [interface tunnel tunnel-number

If there is a need to cross other domains the only thing you need to worry about is can you ping the other end of AToM VC(PE) && is there a label associated with the other end of AToM VC(PE).

This label can be a MPLS label or a TE label.

your scenario is more of CSC/InterAS where you are crossing different domains...

But if the domains are not enabled for CSC/InterAS then in that case there might not be a MPLS label associated with the other PE end

Hence AToM will not work for the above scenario.

Let me know if you need more info.

Thanks

Nawaz

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Nawaz

Thank you,

Your information was realy valuable, and has solve my problem.

Yes in my scenario we want to cross multiple AS-es.

Thanks,

Otto

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Dear Friend

We are also trying similar arrangement, with a difference that all Domain/AS have Cisco 75xx Routers. My input may help you some way and may be you may advise, if we are in wrong direction.

1. We have following IP connectivity

CE1-PE1--P--> Over GRE Tunnel Connected to other AS PE2-CE2. The Tunnel is having "IP CEF distributed" & " ip route-cache flow" enabled.

2. We have enabled the "mpls ip" over Tunnel Interface (i.e. GRE) on both RTRs i.e. PE2 & P.

3. The VC on PE1 & PE comes up, it recognized both VC & Tunnel (outer i.e. LSP) Labels and l2 traffic flows from PE1 to PE2 but there is no traffic from PE2 to PE1 over L2 VC & hence end to end connectivity is not through.

4. We simulated the similar setup in one single AS i.e. ours, initially it did not work & gave similar problems but it started working fine when we followed following sequence on PE2(in simulated situation in our AS)

a. no ip route-cache cef

b.ip route-cache flow

c.ip route-cache distributed

We have observed strange thing, that end to end L2 Traffic does not work, if we disable Netflow Switching on Tunnel Interface (no ip route-cache flow). Now, we are aiming to try the same thing in Real Scenario in next 3-4 days & may share results with you.

Would appreciate yr views on the same.

Shailendra

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Dear Nawaj

1. Kindly go through my previous posting on the same subject, please share yr views on the same[IOS on PE & P RTR is 12.0(25)S1].

2. Through one of your reply on the same subject, I observe that Inter-AS ATOM VC can only be established if both AS are CSC/Inter-AS enabled, please clarify what do you mean by this "CSC/Inter-AS"? Do you mean Inter-AS MPLS based on MP-BGP, which is normally used to make L3 VPNs, I am not sure how this could help, please help to understand this if you meant the same.

3. I have another associated question on ATOM to carry IGX(CE) VoAAL2 Traffic over MPLS Cloud using ATOM. The CE end has 2 Mbps Trunk Port, please confirm what equivalent 2 Mbps ATM PA would be required on PE end which support "AAL2" or Is there any other encapsulation/method(on PE end) to carry this "VoAAL2.

Would appreciate your kind reply on the same.

Shailendra

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi, Nawaz,

My question is about setting a L2VPN over IGP load-sharing paths. I have used L2VPN for over an year on 7200/7500 routers. Now I need to setup a l2vpn to a router to which several equal-cost OSPF paths exist and are used in a load-sharing per-packet scheme for other MPLS traffic and MPLS/VPN layer 3 vpns. The reason for that is that I need to offer one L2VPN circuit with more capacity than that of a single interface towards this router.

I have read that MPLS AToM does not support out-of-order packets. So, is it possible for a L2vpn circuit to use load-shared paths at all? Or has it someting to do with the cef load-sharing algorithm - original/universal/tunnel?

When I configure a L2vpn to the destination loopback, visible with equal costs via several IGP paths, the L2VPN traffic flows only through one of the "ip load-sharing per-packet" interfaces (other traffic uses all paths)

My other question is about MTUs: have you experienced problems with the L2VPN transport when the physical PE core interface MTU cannot be set above 1500 and "ip mtu" is used.

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi ,

Load Balancing at PE is different from load balancing at P routers.

In the case there are multiple equal-cost routes between the ingress PE and egress PE, load sharing will occur wherever two or more equal-cost routes exist.

If the ingress PE has multiple paths to its next hop, i.e. it has multiple tunnel labels for the next hop, the tunnel labels are put into an array. Then the VC label is hashed into an index value that is used to select a tunnel label from the array. The selected tunnel label is placed on the top of the label stack of a particular VC.

In the MPLS backbone, where there are multiple paths to the egress PE on a P router, i.e. multiple choices for the outgoing label destined to the same egress PE, the topmost label is selected by hashing the bottommost label of the packet into an index value and using the index to map to an outgoing label.

This technique ensures all packets on the same VC get sent along the same path, and hence minimizes the misordering of packets.

MTU ISSUE:

#########

The following calculation helps you determine the size of the packets traveling through the core network.

You set the MTU on the core-facing interfaces of the P and PE routers to accommodate packets of this

size. The MTU should be greater than or equal to the total bytes of the items in the following equation:

Core MTU >= (Edge MTU + Transport header + AToM header + (MPLS label stack * MPLS label

size))

Hope it helps...

Thanks

Nawaz

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi,

Thanks for your answer, from which I assume VCs cannot use multiple paths. Still I'm a little confused with the "load sharing will occur wherever two or more equal-cost routes exist" statement you made before the explanation of one label election you write below it. My topology is the following:

- - - -2xFEth - - - - - - - - - - - - - - - - 2xE1 - - - - - - - - - - - - - - - E1

(PE1)========(P1)=================(P2)--------(PE2)\

\ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -/

ATM\_______________________(P2)_______________/E1

The l2transport VC is configured between PE1 and PE2 loopbacks. The 2xFE and 2xE1 IP MPLS interfaces two-by-two have equal costs, and "ip load-sharing per-packet". PE1 has 3 equal-cost OSPF routes to PE2 - via 2xFE and ATM interface (ospf cost are assigned so that PE1 sees PE2 loopback via these 3 paths with = costs). ATM subintf also has a "load-sharing per-packet" configuration statement.

So I expect load-balancing first on the PE1 and than (on one of the paths) on P1 (two E1 - two IP MPLS interfaces). The two paths from PE1 through P1 toward PE2 use the same labels for PE2 prefixes. One of the 3 paths is shown as the "current path" in a round-roubin fashion:

PE1#sh ip cef [PE2-lo0] internal [PE2-lo0], version 2707399, epoch 0, per-packet sharing

0 packets, 0 bytes

tag information set, shared

local tag: 90

via [(P2)-ATM-intf-address], ATM3/0.162, 6 dependencies

traffic share 1

next hop [(P2)-ATM-intf-address], ATM3/0.162

valid adjacency

tag rewrite with AT3/0.162, point2point, tags imposed: {58}

via [(P1)-fe0/1-intf-address], FastEthernet0/1, 7 dependencies

traffic share 1, current path

next hop [(P1)-fe0/1-intf-address], FastEthernet0/1

valid adjacency

tag rewrite with Fa0/1, [(P1)-fe0/1-intf-address], tags imposed: {70}

via [(P1)-fe0/0.1-intf-address], FastEthernet0/0.1, 2 dependencies

traffic share 1

next hop [(P1)-fe0/0.1-intf-address], FastEthernet0/0.1

valid adjacency

tag rewrite with Fa0/0.1, [(P1)-fe0/0.1-intf-address], tags imposed: {70}

0 packets, 0 bytes switched through the prefix

Load distribution: 0 1 2 0 1 2 0 1 2 0 1 2 0 1 2 (refcount 16)

Hash OK Interface Address Packets Tags imposed

1 Y ATM3/0.162 point2point 0 {58}

2 Y FastEthernet0/1 [(P1)-fe0/1-intf-address] 0 {70}

3 Y FastEthernet0/0.1 [(P1)-fe0/0.1-intf-address] 0 {70}

4 Y ATM3/0.162 point2point 0 {58}

5 Y FastEthernet0/1 [(P1)-fe0/1-intf-address] 0 {70}

6 Y FastEthernet0/0.1 [(P1)-fe0/0.1-intf-address] 0 {70}

7 Y ATM3/0.162 point2point 0 {58}

8 Y FastEthernet0/1 [(P1)-fe0/1-intf-address] 0 {70}

9 Y FastEthernet0/0.1 [(P1)-fe0/0.1-intf-address] 0 {70}

10 Y ATM3/0.162 point2point 0 {58}

11 Y FastEthernet0/1 [(P1)-fe0/1-intf-address] 0 {70}

12 Y FastEthernet0/0.1 [(P1)-fe0/0.1-intf-address] 0 {70}

13 Y ATM3/0.162 point2point 0 {58}

14 Y FastEthernet0/1 [(P1)-fe0/1-intf-address] 0 {70}

15 Y FastEthernet0/0.1 [(P1)-fe0/0.1-intf-address] 0 {70}

Can I make the l2vpn VC packets get sent along the 3 paths for load-sharing as other MPLS traffic does?

In another scenario I transfer another l2vpn VC to a router, where there is per-packet load-sharing only between PE and the first P router, the effect is the same - only one FE interface is used between the PE1 and P routers.

Thanks in advance,

Nikolay

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

what you are asking for is per packet loadbalancing of AToM VC traffic over Equal Cost IGP LSPs to PE2.

Right now that kind of loadbalancing is not supported as we determined that for

l2 circuits we really want the traffic for each VC to be carried over the same label switched path.

AToM currently only supports flow based loadbalancing. We select the IGP LSP

to use during setup using a hash built from the vc label.

Statistically, as you have more vcs we expect the vcs to be loadbalanced using

the available path.

Please use "show mpls for" and "show mpls l2 vc detail" output and it should

show you which label stack is used and which IGP loadbalances.

Are you seeing cases where some IGP Equal cost paths to PE2 are not be used?

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Nawaz,

Thanks for the answer.

As for your last question, I have NO observations that some of the equal cost paths are never used to set-up a new VC.

Nikolay

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi,

I have few questions regarding MPLS TE:

1)Does Cisco's MPLS tunnel implementation does not enforce the limit on the tunnel reserved bandwidth? If yes, pl. give me some material to know more about it

2)Does CAR policing is not implementable on tunnel interfaces, if yes pl. let me know more about it

3)In case of Diff_serv. TE, does preemption is purely based on tunnel priority and age? Pl. let me know more about this.

Thanks,

Bala

New Member

Re: ASK THE EXPERT- ANY TRANSPORT OVER MPLS- AToM IN GIGABIT SWI

Hi Bala,

Here is some info :

> 1)Does Cisco's MPLS tunnel implementation does not enforce the limit

> on the tunnel reserved bandwidth? If yes, pl. give me some material to

> know more about it

No, we don't; the reservation is purely control plane.

> 2)Does CAR policing is not implementable on tunnel interfaces, if yes

> pl. let me know more about it

output policing might work on a TE tunnel interface on some platforms, but not most, and most assuredly not on gsr.

> 3)In case of Diff_serv. TE, does preemption is purely based on tunnel

> priority and age? Pl. let me know more about this.

preemption is based on priority, and within that it's pretty random.

Thx

Nawaz

147
Views
5
Helpful
21
Replies
CreatePlease to create content