cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5939
Views
0
Helpful
9
Replies

ASR9K to ME3800 l2vpn Config - Need Help

wbashlor
Level 1
Level 1

Hi,

We have 2 ASR9K's and 6 ME3400's in an OSPF layer 3 ring with an MPLS core. We have been creating VPLS links for customers from ME3400 to ME3400 with no problems. Now we are trying to configure the same VPLS tunnel from a ME3400 to an ASR9K but can't get it to work. Here's the ME3800 config. What config would we need on the ASR9K to make the l2vpn connect? Thanks for any help you can provide.

ME3800X Config:

vlan 81

name test

l2 vfi test manual

vpn id 81

neighbor 10.10.10.10 encapsulation mpls

interface GigabitEthernet0/2

description ** test **

switchport trunk allowed vlan none

switchport mode trunk

mtu 1550

no cdp enable

service instance 81 ethernet

  description ** test **

  encapsulation dot1q 81

  bridge-domain 81

interface Vlan81

description ** test **

mtu 1550

no ip address

xconnect vfi test

9 Replies 9

judebryant
Level 1
Level 1

Interesting,

since you are using bridge-domain, you may have to add the

"rewrite ingress tag pop 1 symmetric"

line to your configuration.

Ill have to look at documentation.

Jude Bryant

Thanks for the reply.

The problem is, we don't know what to use for the matching configuration on the ASR9K. I've tried many to no avail. Problem is, I don't understand VPLS/l2vpn's to the extent to know how to configure the ASR9K to match the ME3800 config. We are researching and learning but it's a slow process. We are new to the ASR9k XR, and ME3800 platforms.

If someone could point us in the right direction we'd be most greatful. Thanks in advance.

Here's one thing I've tried and it doesn't work. This is the config for our ME3400 and ASR9K.

ME3800X Config:

vlan 81

name test

l2 vfi test manual

vpn id 81

neighbor 10.10.10.10 encapsulation mpls

interface GigabitEthernet0/2

description ** test **

switchport trunk allowed vlan none

switchport mode trunk

mtu 1550

no cdp enable

service instance 81 ethernet

  description ** test **

  encapsulation dot1q 81

  bridge-domain 81

interface Vlan81

description ** test **

mtu 1550

no ip address

xconnect vfi test

ASR9K

interface GigabitEthernet0/3/0/2

transceiver permit pid all

interface GigabitEthernet0/3/0/2.81 l2transport

encapsulation dot1q 81

l2vpn

pw-class biomass

encapsulation mpls

protocol ldp

bridge group 81

bridge-domain biomass

interface GigabitEthernet0/3/0/2.81

vfi 81

neighbor 10.10.10.2 pw-id 81

pw-class biomass

Any ideas what we need to do to make this work?

Wbashlor

Here is an example of how this works.  I hope this will be helpful too you.


user/client<==>(switch)<==>(me3800x)<==>(asr9k1)<=mpls=>(asr9k2)<==>(me3800x)<==>(switch)<==>user/client

asr9k1 has loopback0 ip address 1.1.1.1
asr9k2 has loopback0 ip address 2.2.2.2
                                        
client

(Cisco switch)
vlan 200
!
interface gig0/1
description "traffic to_from user_customer"
switchport mode access
switchport access vlan 200
!
interface gig0/24
description "trunk port to_from me3800x"
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 200

(cisco me3800x)
interface gig0/1
description "trunk port to_from switch"
switchport trunk allowed vlan none
switchport mode trunk
mtu 9800
no cdp enable
service instance 200 ethernet
  encapsulation untagged , dot1q 200 (untagged is if you want to tunnel cdp, stp, vtp *please look below)
  l2protocol tunnel cdp stp vtp
  bridge-domain 200
!
interface gig0/2
description "connection to asr9k"
switchport trunk allowed vlan none
switchport mode trunk
no cdp enable
service instance 200 ethernet
  encapsulation untagged , dot1q 200
  rewrite ingress tag pop 1 symmetric
  bridge-domain 200

(asr9k1)
RP/0/RSP0/CPU0:asr9k1(config)#interface te0/0/0/2.200 l2transport
RP/0/RSP0/CPU0:asr9k1(config-if)#description "connection to_from me3800x"
RP/0/RSP0/CPU0:asr9k1(config-if)#encapsulation dot1q 200
RP/0/RSP0/CPU0:asr9k1(config)#l2vpn
RP/0/RSP0/CPU0:asr9k1(config)# xconnect asr9k_mpls
RP/0/RSP0/CPU0:asr9k1(config)#  p2p asr9k2
RP/0/RSP0/CPU0:asr9k1(config)#   interface te0/0/0/2.200
RP/0/RSP0/CPU0:asr9k1(config)#   neighber 2.2.2.2 pw-id 200 (2.2.2.2 is loopback of asr9k2)
RP/0/RSP0/CPU0:asr9k1(config)#end

* if the switches on the edge has a change to its native vlan, it needs to be reflected where the "untagged" word is*

-Regards

Jude

Thanks very much for the reply, but I don't understand mpls enough yet for your post to help me with my specific scenario. I should have posted more info. Here's the actual topology and configs that's currently not working. It will be obvious by the mistakes in the configs that I don't understand MPLS yet, but maybe this gives a better idea of what we are trying to accomplish and what needs correcting in my configs to make it work. Thanks.

Click to make larger:

Here are the current configs (not working):

ME3800 Config

pseudowire-class biomass

encapsulation mpls

l2 vfi biomass manual

vpn id 81

interface GigabitEthernet0/3

switchport trunk allowed vlan none

switchport mode trunk

mtu 1550

no cdp enable

service instance 81 ethernet

  description ** biomass **

  encapsulation dot1q 81

  rewrite ingress tag pop 1 symmetric

  bridge-domain 81

interface TenGigabitEthernet0/1

no switchport

dampening

mtu 9216

bandwidth 10000000

ip address 10.10.10.33 255.255.255.254

ip ospf network point-to-point

ip ospf mtu-ignore

ip ospf bfd

logging event link-status

load-interval 30

mpls ip

flowcontrol receive on

bfd interval 200 min_rx 200 multiplier 3

ip rsvp bandwidth

interface Vlan81

mtu 1550

ip address 192.168.100.21 255.255.255.0

xconnect 10.10.10.10 81 encapsulation mpls pw-class biomass

  ! Incomplete or Invalid Xconnect config

ASR9K Config

interface GigabitEthernet0/3/0/2

transceiver permit pid all

!

interface GigabitEthernet0/3/0/2.81 l2transport

encapsulation dot1q 81

rewrite ingress tag pop 1 symmetric

interface TenGigE0/3/0/0

bandwidth 10000000

cdp

mtu 9216

ipv4 address 10.10.10.32 255.255.255.254

flow-control bidirectional

dampening

transceiver permit pid all

l2vpn

pw-class biomass

  encapsulation mpls

   protocol ldp

  !

!

xconnect group biomass

  p2p biomass

   interface GigabitEthernet0/3/0/2.81

   neighbor 10.10.10.2 pw-id 81

bridge group biomass

Thanks for the additional info.

I will look at this carefully and reply when the opportunity arises.  I assume you are running the ME3800X models with 15.1 or higher code and the advanced services with allows full mpls configurations.

I will also assume your IGP (OSPF) is configured correctly as well.

Chat with you soon

Jude

      

attached ASR9K Config Sheet

Yes, we are running 15.1(2)EY on the 3800's. In our lab, we used a spare ME3800X and a spare ASR9k. It was mirrored (IOS, configs, etc) from a connecting ME3800 and ASR9k in our our production MPLS core ring. Layer 3 (OSPF) routing and MPLS functionality was verified but I'll be glad to run any requested show commands for verification.

Thanks for all your help, we greatly appreciate it.

No need to make any changes.  I will write a config and post it soon.

The config I wrote was for point to point pseudowire/EFP.  You are attempting VPLS so the config changes somewhat.

Please read this documentation,

http://www.cisco.com/en/US/docs/switches/metro/me3600x_3800x/software/release/15.2_2_S/configuration/guide/swmpls.html#wp1213789

Look for section;

EFPs and Ethernet over Multiprotocol Layer Switching (EoMPLS)

Enabling EoMPLS

This section includes this information about configuring EoMPLS on a switch used as a provider-edge router:

Default EoMPLS Configuration

EoMPLS Configuration Guidelines

Configuring EoMPLS

Configuring the Pseudowire Using Pseudowire Class

Configuring L2VPN Interworking

EoMPLS and EVC

Packet Flow in an EoMPLS Network

Configuring L2VPN Pseudowire Redundancy

Routed VPLS/EoMPLS

I particularly like the EVC XConnection configuration because you have the option of creating VLan based service instances without globally defining the VLan itself.  I understand the 3800x has Asics for bridge-domain processing, not done with software like the 7600 router.

Also when encapsulating with MPLS the ASR9Ks are only label swapping.  No additional VLan based configuration required. 

This option also gives you the ability to create traffic engineering from 3800x to 3800x. Primary, secondary, and tertiary using FRR.  Or you cant just let the IGP to take care of LSP dynamically.

I understand the 3800x has Asics for bridge-domain processing, not done with software, however you have to globally define the vlan you are bridging.

I hope this helps you.

-Regards

Jude

Jude

Jude,

We greatly appreciate the reply and the information but we already have the config for the ME3800, we just need the ASR9k config to match it. To give you a bit of more information we have a mix of 8 ME3800's and 2 ASR9Ks in our new MPLS network. We have moved many customers from our old ring to our new ring using VPLS services successfully. Up until now, all customers hang off of ME3800's, but now we need to move a customer(s) to utilize VPLS services from a ME3800 to one of our ASR9K's, a new experience for us as the configs are totally different with XR. With that said, here's an example of a customer with a p2p circuit we are providing today from a ME3800 to ME3800 using VPLS services over our MPLS core.

ME3800 A Config

no ip igmp snooping vlan 500

vlan 500

l2 vfi TEST_P2P manual

vpn id 500

neighbor 10.10.10.6 encapsulation mpls

interface GigabitEthernet0/6

switchport trunk allowed vlan none

switchport mode trunk

mtu 1550

no cdp enable

service instance 500 ethernet

  encapsulation dot1q 500

  bridge-domain 500

interface Vlan500

mtu 1550

no ip address

xconnect vfi TEST_P2P

ME3800 B Config

no ip igmp snooping vlan 500

vlan 500

l2 vfi TEST_P2P2 manual

vpn id 500

neighbor 10.10.10.3 encapsulation mpls

interface GigabitEthernet0/2

switchport trunk allowed vlan none

switchport mode trunk

mtu 1550

no cdp enable

service instance 500 ethernet

  encapsulation dot1q 500

  bridge-domain 500

interface Vlan500

mtu 1550

no ip address

xconnect vfi TEST_P2P2

For our current customer we need to move, one of their locations is off of a ME3800 and the other is off of an ASR9k. So we need an ASR9k config to match one of the ME3800 configs above. Does that make sense? I'm sorry if I wasn't clear before.

Wbashlor,

Sorry I misunderstood.  The ASR9k configuration is very similar to the 3800X

Look at the picture I posted of the Multiple services on same port example.  The E-LAN(VPLS) sample config is what you need to use.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: