I found the "! Incomplete

jerome.schlumberger · ‎08-19-2014

Hello,

We are currently trying to configure a l2tunnel between a ME3600X (running 15.3(3)S3 with the AdvancedMetroIPAccess licence) and a 3925 (running 15.0(1)M2 with the datak9 licence).
We are part of a CsC architecture, playing the role of the customer carrier, using BGP for label distribution between the Backbone carrier and the Customer carrier.
Our architecture is quite flat as the CE and PE roles are on the same routers.

we have the view on the following architecture and can configure the R1, RCV1, RCV2 and R2 routers :
R1 --- RCV1---(Backbone Carrier)---RCV2--- R2

We have 3 sites A,B and C but only 2 dark fibers to connect them.
We are using the CsC to build a L2 tunnel and close the triangle :

   A-ME=tun=3925-B
     \        /
     df          df
      \          /
          \      /
               C

For year were using a 2911 and a 3900 to build the tunnel and it was good. The tunnel was build with an xconnect l2tpv3.
we replaced our 2911 for a ME3600X few weeks ago following the advice of our backbone CsC contact, and we are now facing the following problem :

the configuration we used is not working any more : we can build the tunnel but the spanning tree BDPU are not passing through (We use rstp for spanning-tree protocol).

3925 : ______________
pseudowire-class backup-sro-ypa
encapsulation l2tpv3
ip local interface GigabitEthernet0/0/0.777

interface GigabitEthernet0/1
description interface connecting site B
no ip address
duplex auto
speed auto
no keepalive
no cdp enable
xconnect 10.193.32.50 5 pw-class backup-sro-ypa

interface GigabitEthernet0/0/0.777
description interface facing the CsC
encapsulation dot1Q 777
ip address 10.193.32.42 255.255.255.252
mpls bgp forwarding
!

ME3600 : ______________
pseudowire-class backup-ypa-sro
encapsulation l2tpv3
sequencing both
ip local interface Vlan777

interface GigabitEthernet0/1
description interface facing the CsC
switchport trunk allowed vlan none
switchport mode trunk
mtu 1512
service instance 777 ethernet
description *** Transport vers to CsC***
encapsulation dot1q 777
rewrite ingress tag pop 1 symmetric
l2protocol tunnel
bridge-domain 777
!
!
interface GigabitEthernet0/2
description interface connecting site A
no switchport
no ip address
xconnect 10.193.32.42 5 encapsulation l2tpv3 pw-class backup-ypa-sro

interface Vlan777
description vers RCV
dampening
mtu 1512
ip address 10.193.32.50 255.255.255.252
no ip unreachables
mpls bgp forwarding
______________

As we have no experience with the ME3600X and their EVC and service instance concepts we have a hard time figuring out what solution to use :

- According to this post l2tpv3 is not supported on the ME3600X : https://supportforums.cisco.com/discussion/11919131/configuring-pseudowire-between-3800-router-and-me3600x
- According to this one it seems possible to interoperate a tunnel between a 2911 and a Me3600 : https://supportforums.cisco.com/discussion/11848451/eompls-and-layer-2-tunneling
Our need is slightly different though, as we are trying to pass a dot1Q trunk in the tunnel.

We tried to switch to encapsulation mpls, with no luck so far...

Any help or feedback would be greatly appreciated.

Best Regards,
Jérôme Schlumberger

jerome.schlumberger · ‎08-22-2014

News from the lab...

I decided to start again my config from scratch :

On the ME3600X___________ :

pseudowire-class backup-ypa-sro
encapsulation l2tpv3
ip local interface Vlan777
sequencing both

interface GigabitEthernet0/2
description *** Backup L2 VLans Internes avec RSROHES1 ***
no switchport
no ip address
no keepalive
no cdp enable
xconnect 10.193.32.42 5 pw-class backup-ypa-sro

On the 3900___________

pseudowire-class backup-sro-ypa
encapsulation l2tpv3
ip local interface GigabitEthernet0/0/0.777
sequencing both

interface GigabitEthernet0/1
description Tunnel_BB_HEIGVD
no ip address
duplex auto
speed auto
no keepalive
no cdp enable
xconnect 10.193.32.50 5 pw-class backup-sro-ypa

-> The "sequencing both" is mandatory to get the tunnel UP.

-> I configured l3 interfaces on the devices facing the ends of the tunnel and I can't ping them. Looking a little bit more carefully, I noticed that the arp table does not fill on the 3900, but it does on the 3600. I guessed that's a limitation on the 3600, but still not sure.

I then tried to switch to mpls encapsulation with the following configuration :

On the ME3600X_____________________________
pseudowire-class backup-ypa-sro
encapsulation mpls

interface GigabitEthernet0/2
description *** Backup L2 VLans Internes avec RSROHES1 ***
no switchport
no ip address
no cdp enable
xconnect 10.193.32.42 5 pw-class backup-ypa-sro

On the 3900___________
pseudowire-class backup-sro-ypa
encapsulation mpls

interface GigabitEthernet0/1
description Tunnel_BB_HEIGVD
no ip address
duplex auto
speed auto
no keepalive
no cdp enable
xconnect 10.193.32.50 5 pw-class backup-sro-ypa

This time, impossible to get the tunnel UP :

sh xconnect all detail :

XC ST Segment 1                         S1 Segment 2                         S2
------+---------------------------------+--+---------------------------------+--
DN     ac   Gi0/1(Ethernet)              UP mpls 10.193.32.50:5               DN
            Interworking: none                   Local VC label 147
                                                 Remote VC label unassigned
                                                 pw-class: backup-sro-ypa

Actually, as I am in a CsC architecture using BGB for label distribution with the CsC core, there is not ldp neighbor, and it seems to be the reason why I can't get the tunnel UP.

I am now trying to avoid ldp for the signaling of the tunnel using AToM Static Pseudowire Provisioning but I am to much of a newbie for that. I get a "Incomplete AToM manual config" when configuring the xconnect on the me3600...

Here is my config on the ME3600x so far :

pseudowire-class backup-ypa-sro
encapsulation mpls
protocol none

interface GigabitEthernet0/2
description *** Backup L2 VLans Internes avec RSROHES1 ***
no switchport
no ip address
no cdp enable
xconnect 10.193.32.42 5 encapsulation mpls manual pw-class backup-ypa-sro
! Incomplete AToM manual config

Funny, I tried to configure

RYPRC01(config-if-xconn)#mpls label 0 1048500

on the xconnect sub config section of the interface, but it won't appear in the config...

I am really stuck, and any help would really be appreciated.

Best Regards,

Jérôme Schlumberger

ปลาวาฬทราย RMUTT CPE IX · ‎05-10-2015

I found the "! Incomplete AToM manual config" on ME-3800.

Anyone know what is it?

kalianetTO · ‎07-27-2015

In case someone looking at this. To configure l2vpn on me-3600x or me-3800x

### me-3600x

l2vpn vfi context 2BRAS
vpn id 104
member 10.254.0.1 encapsulation mpls

bridge-domain 104
member GigabitEthernet0/15 service-instance 104

interface GigabitEthernet0/16
description *** L2VPN - 2BRAS via ha-ag1:g0/23 ***
switchport trunk allowed vlan none
switchport mode trunk
mtu 9000
service instance 104 ethernet
encapsulation dot1q 11,15

### Access switch ha-ag1

interface GigabitEthernet0/23
description *** Connection to ha-cs1:Gi0/16 L2VPN 2BRAS ***
switchport trunk allowed vlan 11,15
switchport mode trunk
end

Should do the same to the other side(s).. you can do point-to-point or point-to-multipoint (just add new member to the l2vpn vfi context).

l2 tunnel between me3600x and 3925