Solved: L2TPv3 and Spanning-tree MST

fsebera · ‎04-23-2014

My L2TPv3 peering setup is using 2 Cisco 1841 routers and is working. Spanning-tree PVST is peering across the L2TPv3 tunnel, the head-end is the root for the 3 Vlans. Each Cisco 1841 router interfaces with a Cisco 3750 switch. The router & switch (at each end) interface via an 802.1q trunk.

Topology:

(Host1&2)__3750-1===trunk====1841-1--------L2TPv3-------1841-2=====trunk=====3750-2__(Host3&4)

Native Vlan 500

Host 1 Vlan 555

Host 2 Vlan 556

We want (need) to upgrade to spanning-tree MST but noticed during this change the MST domains remain isolated at each end. We suspect that since the Cisco 1841 routers do not support MST; these routers are creating a spanning-tree domain boundary.

Anyone know if this IS the case or have any suggestions to support MST across the L2TPv3 tunnel?

Thanks Frank

L2TPv3-1# sh l2tun tunn all

L2TP Tunnel Information Total tunnels 2 sessions 2

Tunnel id 259422696 is up, remote id is 3674041411, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 1d22h
Tunnel transport is IP (115)
Remote tunnel name is L2TPv3-2
    Internet Address 192.168.0.5, port 0
Local tunnel name is L2TPv3-1
    Internet Address 192.168.0.1, port 0
L2TP class for tunnel is 555
Counters, taking last clear into account:
    77553 packets sent, 116125 received
    5323208 bytes sent, 8269418 received
    Last clearing of counters never
Counters, ignoring last clear:
    77553 packets sent, 116125 received
    5323208 bytes sent, 8269418 received
Control Ns 14, Nr 16792
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 2
Total resends 2, ZLB ACKs sent 16791
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 1 1 0 0 0 0 0 0
Control message authentication is disabled

Tunnel id 3905588394 is up, remote id is 3875190023, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 1d22h
Tunnel transport is IP (115)
Remote tunnel name is L2TPv3-2
    Internet Address 192.168.0.6, port 0
Local tunnel name is L2TPv3-1
    Internet Address 192.168.0.2, port 0
L2TP class for tunnel is 556
Counters, taking last clear into account:
    79998 packets sent, 113345 received
    5489237 bytes sent, 8070888 received
    Last clearing of counters never
Counters, ignoring last clear:
    79998 packets sent, 113345 received
    5489237 bytes sent, 8070888 received
Control Ns 15, Nr 16794
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 3
Total resends 2, ZLB ACKs sent 16791
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 1 1 0 0 0 0 0 0
Control message authentication is disabled
L2TPv3-1#

L2TPv3-1# sh spanning-tree

No spanning tree instances exist.

3750-1# sh span mst

##### MST0    vlans mapped:   1-554,557-4094
Bridge        address 0013.8072.1a00 priority      4096 (4096 sysid 0)
Root          this switch for the CIST
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/16 Desg BKN*200000 128.18 P2p Bound(PVST) *PVST_Inc

##### MST1    vlans mapped:   555
Bridge        address 0013.8072.1a00 priority      1     (0 sysid 1)
Root          this switch for MST1

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/16 Desg BKN*200000 128.18 P2p Bound(PVST) *PVST_Inc

##### MST2    vlans mapped:   556
Bridge        address 0013.8072.1a00 priority      16386 (16384 sysid 2)
Root          this switch for MST2

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/16 Desg BKN*200000 128.18 P2p Bound(PVST) *PVST_Inc

L2TPv3-2# sh l2tun tunn all

L2TP Tunnel Information Total tunnels 2 sessions 2

Tunnel id 3674041411 is up, remote id is 259422696, 1 active sessions
Remotely initiated tunnel
Tunnel state is established, time since change 1d22h
Tunnel transport is IP (115)
Remote tunnel name is L2TPv3-1
    Internet Address 192.168.0.1, port 0
Local tunnel name is L2TPv3-2
    Internet Address 192.168.0.5, port 0
L2TP class for tunnel is 555
Counters, taking last clear into account:
    116312 packets sent, 77684 received
    8282704 bytes sent, 5332116 received
    Last clearing of counters never
Counters, ignoring last clear:
    116312 packets sent, 77684 received
    8282704 bytes sent, 5332116 received
Control Ns 16818, Nr 14
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 1
Total resends 0, ZLB ACKs sent 12
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled

Tunnel id 3875190023 is up, remote id is 3905588394, 1 active sessions
Remotely initiated tunnel
Tunnel state is established, time since change 1d22h
Tunnel transport is IP (115)
Remote tunnel name is L2TPv3-1
    Internet Address 192.168.0.2, port 0
Local tunnel name is L2TPv3-2
    Internet Address 192.168.0.6, port 0
L2TP class for tunnel is 556
Counters, taking last clear into account:
    113532 packets sent, 80129 received
    8084174 bytes sent, 5498145 received
    Last clearing of counters never
Counters, ignoring last clear:
    113532 packets sent, 80129 received
    8084174 bytes sent, 5498145 received
Control Ns 16820, Nr 15
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 3
Total resends 0, ZLB ACKs sent 12
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
L2TPv3-2#

L2TPv3-2# sh spanning-tree

No spanning tree instances exist.

3750-2# sh span mst

##### MST0    vlans mapped:   1-554,557-4094
Bridge        address 000f.2325.a700 priority      0     (0 sysid 0)
Root          this switch for the CIST
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p Bound(PVST)
Fa1/0/14         Desg FWD 200000    128.16   P2p
Fa1/0/15         Desg FWD 200000    128.17   P2p
Fa1/0/17         Desg FWD 200000    128.19   P2p
Fa1/0/21         Desg FWD 200000    128.23   P2p

##### MST1    vlans mapped:   555
Bridge        address 000f.2325.a700 priority      4097 (4096 sysid 1)
Root          this switch for MST1

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p Bound(PVST)
Fa1/0/14         Desg FWD 200000    128.16   P2p

##### MST2    vlans mapped:   556
Bridge        address 000f.2325.a700 priority      8194 (8192 sysid 2)
Root          this switch for MST2

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p Bound(PVST)
Fa1/0/15         Desg FWD 200000    128.17   P2p

Bilal Nawaz · ‎05-01-2014

Why cant we/you just use the physical interfaces to xconnect across instead of sub interfaces? (if it doesn't work) You could just have a normal trunk end to end between the switches? What is the actual requirement here for the sub-interfaces?

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

View solution in original post

Bilal Nawaz · ‎04-23-2014

Hello Frank,

If your tunnel is up and running - I think MST should work as it is only presenting end to end connectivity to the switches. You say trunking works in PVST mode, so I think I can assume MST should also work.

What is the output of "show l2tun tunnel all" on the routers and "show spanning-tree mst" on the switch's.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

paul driver · ‎04-24-2014

Hello

Are you allowing stp of the tunnel?

int x/x
l2protocol-tunnel stp

sh l2protocol-tunnel interface xxx

sh l2protocol-tunnel sum

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎04-24-2014

Hello

Scratch that I was thinking of QiQ not L2tpv3

apologies

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Bilal Nawaz · ‎04-24-2014

Seems like switch 1 is bkn state on that one port in the output? - Why? Please check STP here on this switch - and post a reply, not just edit your original post please.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

fsebera · ‎04-24-2014

Hi Guys,

As it turns out, this Cisco site no longer supports IE. I can open new discussions and edit these discussions but cannot reply to responses. Verified with Cisco Tech support.

Anyway, I'm now using Firefox.

As you pointed out, the port between the switch1 and 1841-1 router is in the "BNK" state which appears to mean that port is receiving inferior BPDUs. I am looking into this issue to determine why. You are right, the router should just encapsulate the frames received from the switch and pass 'em to the other end.

Thank you for assisting, Frank

Aninda Chatterjee · ‎04-27-2014

Hey Frank,

This seems a little odd to me. I am perplexed as to why the interfaces on your 3750s facing the 1841s have been elected as boundary ports. I don't have a lot of experience with L2TPv3, however, a boundary port would only get elected if it receives non-MST BPDUs or BPDUs that belong to a different region.

Since you're running MST on both sides, the only possible problem is the latter (a region mismatch for some reason).

Can you provide the output of show spanning-tree mst configuration digest please? Since these switches are considered to be in different regions (based on the outputs I am seeing here), you eventually have a situation where you elect a common root bridge for CIST and based on this, there are certain rules to be followed (on violated of which you run into PVST simulation failures, marked with PVST inconsistency - as you see in your outputs). The rules are detailed here:

http://www.cisco.com/c/en/us/support/docs/lan-switching/multiple-instance-stp-mistp-8021s/116464-configure-pvst-00.html

Regards,

Aninda

fsebera · ‎04-28-2014

Hi Aninda,

Once I matched the IOS on both ends (3750 switches), I no longer get the "BKN*" port status; but Spanning-tree MST is now isolated at each end. EIGRP neighbors are up and operational.

Thanks Frank

! -------------------- MST Configuration Digest

3750-1# sh spanning-tree mst configuration digest
Name      [FIVE]
Revision 1     Instances configured 3
Digest          0xC6E05ABD90C097BFE988A6858A032917
Pre-std Digest 0x1D420F8BF9418F45ABC6CD52A002EBFF
3750-1#

3750-2# sh spanning-tree mst configuration digest
Name      [FIVE]
Revision 1     Instances configured 3
Digest          0xC6E05ABD90C097BFE988A6858A032917
Pre-std Digest 0x1D420F8BF9418F45ABC6CD52A002EBFF
3750-2#

! -------------------- IOS VERSION

3750-1# sh ver | b uptime
3750-1 uptime is 25 minutes
System returned to ROM by power-on
System image file is "flash:c3750-ipservices-mz.122-53.SE.bin"

3750-2# sh ver | b uptime
3750-2 uptime is 1 hour, 18 minutes
System returned to ROM by power-on
System image file is "flash:c3750-ipservices-mz.122-53.SE.bin"

! -------------------- EIGRP Neighbors

3750-1# sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(500)
H   Address                 Interface       Hold Uptime   SRTT   RTO Q Seq
                                            (sec)         (ms)       Cnt Num
1   192.168.1.2             Vl555             14 00:25:06    9   200 0 16
0   172.16.0.2              Vl556             14 00:25:07 1598 5000 0 15

3750-2# sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(500)
H   Address                 Interface       Hold Uptime   SRTT   RTO Q Seq
                                            (sec)         (ms)       Cnt Num
1   192.168.1.1             Vl555             11 00:25:34 1597 5000 0 8
0   172.16.0.1              Vl556             10 00:25:35    8   200 0 7

Peter Paluch · ‎04-28-2014

Hi Frank,

I wonder - how is the L2TP tunnel configured on your 1841 routers? Is it configured using the xconnect command? If so, where is the xconnect used - on the physical Fa0/0 or Fa0/1 interface of the 1841, or on subinterfaces for particular VLANs?

The reason I am asking is that MSTP BPDUs are always untagged, so when they arrive at your 1841 router, they are processed by the physical interface, not by any tagged subinterface. If you are using xconnect on subinterfaces, you are tunneling only the tagged traffic across the L2TP tunnel but the untagged frames including MSTP BPDUs are not being carried over. That would explain why your two sites do not appear to be able to talk to each other in MSTP.

Best regards,
Peter

fsebera · ‎04-28-2014

Hi Peter,

Summary, and config shown below; yea it's very basic.

THANKS for the assistance.

switch-1===trunk===f0/0-1841-f0/1---L2TPv3...........--snip--

1841-1
boot system flash:c1841-adventerprisek9-mz.151-4.M8.bin
l2tp-class 555
authentication
hello 10
password 555
!
l2tp-class 556
hello 10
!
pseudowire-class five-five-five
encapsulation l2tpv3
protocol l2tpv3 555
ip local interface Loopback555
!
pseudowire-class five-five-six
encapsulation l2tpv3
protocol l2tpv3 556
ip local interface Loopback556
!
interface Loopback555
ip address 192.168.0.1 255.255.255.255
!
interface Loopback556
ip address 192.168.0.2 255.255.255.255
!
interface FastEthernet0/0.500
encapsulation dot1Q 500 native
!
interface FastEthernet0/0.555
encapsulation dot1Q 555
xconnect 192.168.0.5 555 encapsulation l2tpv3 pw-class five-five-five
!
interface FastEthernet0/0.556
encapsulation dot1Q 556
xconnect 192.168.0.6 556 encapsulation l2tpv3 pw-class five-five-six
!
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.0
!
router eigrp L2TP
address-family ipv4 unicast autonomous-system 90
!
topology base
exit-af-topology
network 10.0.0.0 0.0.0.255
network 192.168.0.1 0.0.0.0
network 192.168.0.2 0.0.0.0
eigrp router-id 10.0.0.1
exit-address-family

1841-2
boot system flash:c1841-adventerprisek9-mz.151-4.M8.bin
!
l2tp-class 555
authentication
hello 10
password 555
!
l2tp-class 556
hello 10
!
pseudowire-class five-five-five
encapsulation l2tpv3
protocol l2tpv3 555
ip local interface Loopback555
!
pseudowire-class five-five-six
encapsulation l2tpv3
protocol l2tpv3 556
ip local interface Loopback556
!
interface Loopback555
ip address 192.168.0.5 255.255.255.255
!
interface Loopback556
ip address 192.168.0.6 255.255.255.255
!
interface FastEthernet0/0.500
encapsulation dot1Q 500 native
!
interface FastEthernet0/0.555
encapsulation dot1Q 555
xconnect 192.168.0.1 555 pw-class five-five-five
!
interface FastEthernet0/0.556
encapsulation dot1Q 556
xconnect 192.168.0.2 556 encapsulation l2tpv3 pw-class five-five-six
!
interface FastEthernet0/1
ip address 10.0.0.2 255.255.255.0
!
router eigrp L2TP
address-family ipv4 unicast autonomous-system 90
!
topology base
exit-af-topology
network 10.0.0.0 0.0.0.255
network 192.168.0.5 0.0.0.0
network 192.168.0.6 0.0.0.0
eigrp router-id 10.0.0.2
exit-address-family

Peter Paluch · ‎04-28-2014

Hi Frank,

Well, this config supports my theory.

Suggestion: would you mind configuring one more L2TP pseudowire that interconnects the Fa0/0.500 subinterfaces? That pseudowire would be carrying the untagged frames because of the native VLAN setting of the subinterfaces, and that should take care of transporting the MSTP BPDUs across.

Please give it a try and let us know. Thanks!

Best regards,
Peter

fsebera · ‎04-29-2014

Hey Peter,

I really appreciate yours and all other folks assisting me with this issue. I was hoping this would be the fix, long story short - Na da.

Summary, I added an xconnect peering statement for vlan 500.

In trying to save space, I hope the font is not too small, please advise.

L2TPv3-1# sh l2tun tunnel summary
L2TP Tunnel Information Total tunnels 3 sessions 3
LocTunID   RemTunID   Remote Name   State Remote Address Sessn L2TP Class/
                                                           Count VPDN Group
576104132 3202338412 L2TPv3-2      est    192.168.0.5     1     555
2506539814 1724305895 L2TPv3-2      est    192.168.0.4     1     500
4214364482 3344189129 L2TPv3-2      est    192.168.0.6     1     556
L2TPv3-1#

L2TPv3-2# sh l2tun tunn summary
L2TP Tunnel Information Total tunnels 3 sessions 3
LocTunID   RemTunID   Remote Name   State Remote Address Sessn L2TP Class/
                                                           Count VPDN Group
1724305895 2506539814 L2TPv3-1      est    192.168.0.3     1     500
3202338412 576104132 L2TPv3-1      est    192.168.0.1     1     555
3344189129 4214364482 L2TPv3-1      est    192.168.0.2     1     556
L2TPv3-2#

3750-1# sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/0/16 on 802.1q trunking 500

Port Vlans allowed on trunk
Fa1/0/16 500-556

Port Vlans allowed and active in management domain
Fa1/0/16 500,555-556

Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/16 500,555-556
3750-1#

3750-2# sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/0/13 on 802.1q trunking 500

Port Vlans allowed on trunk
Fa1/0/13 500-556

Port Vlans allowed and active in management domain
Fa1/0/13 500,555-556

Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/13 500,555-556
3750-2#

3750-1# sh spanning-tree mst

##### MST0    vlans mapped:   1-554,557-4094
Bridge        address 0013.8072.1a00 priority      32768 (32768 sysid 0)
Root          this switch for the CIST
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/1          Desg FWD 200000    128.3    P2p Edge
Fa1/0/2          Desg FWD 200000    128.4    P2p Edge
Fa1/0/3          Desg FWD 200000    128.5    P2p
Fa1/0/16         Desg FWD 200000    128.18   P2p

##### MST1    vlans mapped:   555
Bridge        address 0013.8072.1a00 priority      32769 (32768 sysid 1)
Root          this switch for MST1

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/2          Desg FWD 200000    128.4    P2p Edge
Fa1/0/16         Desg FWD 200000    128.18   P2p

##### MST2    vlans mapped:   556
Bridge        address 0013.8072.1a00 priority      4098 (4096 sysid 2)
Root          this switch for MST2

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/3          Desg FWD 200000    128.5    P2p
Fa1/0/16         Desg FWD 200000    128.18   P2p

3750-1#

3750-2# sh spanning-tree mst

##### MST0    vlans mapped:   1-554,557-4094
Bridge        address 000f.2325.a700 priority      4096 (4096 sysid 0)
Root          this switch for the CIST
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p
Fa1/0/14         Desg FWD 200000    128.16   P2p
Fa1/0/15         Desg FWD 200000    128.17   P2p
Fa1/0/17         Desg FWD 200000    128.19   P2p
Fa1/0/21         Desg FWD 200000    128.23   P2p

##### MST1    vlans mapped:   555
Bridge        address 000f.2325.a700 priority      4097 (4096 sysid 1)
Root          this switch for MST1

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p
Fa1/0/14         Desg FWD 200000    128.16   P2p

##### MST2    vlans mapped:   556
Bridge        address 000f.2325.a700 priority      32770 (32768 sysid 2)
Root          this switch for MST2

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa1/0/13         Desg FWD 200000    128.15   P2p
Fa1/0/15         Desg FWD 200000    128.17   P2p

3750-2#

3750-1# sh arp
Protocol Address          Age (min) Hardware Addr   Type   Interface
Internet 192.168.1.1             -   0013.8072.1a42 ARPA   Vlan555
Internet 192.168.1.2            19   000f.2325.a742 ARPA   Vlan555
Internet 172.16.0.1              -   0013.8072.1a43 ARPA   Vlan556
Internet 172.16.0.2             19   000f.2325.a743 ARPA   Vlan556
3750-1#

3750-2# sh arp
Protocol Address          Age (min) Hardware Addr   Type   Interface
Internet 192.168.1.1            19   0013.8072.1a42 ARPA   Vlan555
Internet 192.168.1.2             -   000f.2325.a742 ARPA   Vlan555
Internet 172.16.0.1             19   0013.8072.1a43 ARPA   Vlan556
Internet 172.16.0.2              -   000f.2325.a743 ARPA   Vlan556
3750-2#

3750-1# ping 192.168.1.2

Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

3750-1# ping 172.16.0.2

Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms

Bilal Nawaz · ‎04-29-2014

Hello Frank, I have just tested this and seems to work fine - here is my config below. Perhaps you can pick something out that differs between configs...?

SW1 (e1/0) ------ (e0/0) R1 (e0/1) ------PSDWRE------ (e0/1) R2 (e0/0) ------ (e1/0) SW2

I have created SVI's on SW1 and 2 to test end to end connectivity, using vlan 500 as my carrier of MST BPDU's. (Native all the way through end to end)

Hope this helps

R1
===============================================
l2tp-class bilal
authentication
password password
!
l2tp-class bilal1
authentication
password password1
!
pseudowire-class bilal
encapsulation l2tpv3
ip local interface Loopback0
!
pseudowire-class bilal1
encapsulation l2tpv3
ip local interface Loopback1
!
interface Loopback0
ip address 192.168.0.1 255.255.255.255
!
interface Loopback1
ip address 192.168.1.1 255.255.255.255
!
interface Ethernet0/0
no ip address
!
interface Ethernet0/0.500
encapsulation dot1Q 500 native
xconnect 192.168.0.2 500 pw-class bilal
!
interface Ethernet0/0.501
encapsulation dot1Q 501
xconnect 192.168.1.2 501 pw-class bilal1
!
interface Ethernet0/1
ip address 10.0.0.1 255.255.255.252

router eigrp 100
network 10.0.0.1 0.0.0.0
network 192.168.0.1 0.0.0.0
network 192.168.1.1 0.0.0.0
===============================================
R2
===============================================

l2tp-class bilal
authentication
password password
!
l2tp-class bilal1
authentication
password password1
!
pseudowire-class bilal
encapsulation l2tpv3
ip local interface Loopback0
!
pseudowire-class bilal1
encapsulation l2tpv3
ip local interface Loopback1
!
interface Loopback0
ip address 192.168.0.2 255.255.255.255
!
interface Loopback1
ip address 192.168.1.2 255.255.255.255
!
interface Ethernet0/0
no ip address
!
interface Ethernet0/0.500
encapsulation dot1Q 500 native
xconnect 192.168.0.1 500 pw-class bilal
!
interface Ethernet0/0.501
encapsulation dot1Q 501
xconnect 192.168.1.1 501 pw-class bilal1
!
interface Ethernet0/1
ip address 10.0.0.2 255.255.255.252

router eigrp 100
network 10.0.0.2 0.0.0.0
network 192.168.0.2 0.0.0.0
network 192.168.1.2 0.0.0.0
===============================================
SW1
===============================================
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
name bilal
revision 1
instance 1 vlan 500-501
!
interface Ethernet1/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 500
switchport trunk allowed vlan 500,501
switchport mode trunk
!
interface Vlan500
ip address 50.50.50.1 255.255.255.252
!
interface Vlan501
ip address 51.51.51.1 255.255.255.252
===============================================
SW2
===============================================
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
name bilal
revision 1
instance 1 vlan 500-501
!
interface Ethernet1/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 500
switchport trunk allowed vlan 500,501
switchport mode trunk
!
interface Vlan500
ip address 50.50.50.2 255.255.255.252
!
interface Vlan501
ip address 51.51.51.2 255.255.255.252
===============================================
===============================================
===============================================
Verification
===============================================
R1

R1#show ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface       Hold Uptime   SRTT   RTO Q Seq
                                            (sec)         (ms)       Cnt Num
0   10.0.0.2                Et0/1             14 00:54:59    5   200 0 11
R1#show l2tp tunn

L2TP Tunnel Information Total tunnels 2 sessions 2

LocTunID   RemTunID   Remote Name   State Remote Address Sessn L2TP Class/
                                                           Count VPDN Group
206571605 1161265982 R2            est    192.168.0.2     1     l2tp_default_cl
2176721311 1170715457 R2            est    192.168.1.2     1     l2tp_default_cl
R1#show ip route | inc D
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
D        192.168.0.2 [90/409600] via 10.0.0.2, 00:49:01, Ethernet0/1
D        192.168.1.2 [90/409600] via 10.0.0.2, 00:10:45, Ethernet0/1
===============================================
===============================================
R2

R2#show ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface       Hold Uptime   SRTT   RTO Q Seq
                                            (sec)         (ms)       Cnt Num
0   10.0.0.1                Et0/1             14 00:55:56    6   200 0 11
R2#show l2tp tunn

L2TP Tunnel Information Total tunnels 2 sessions 2

LocTunID   RemTunID   Remote Name   State Remote Address Sessn L2TP Class/
                                                           Count VPDN Group
1161265982 206571605 R1            est    192.168.0.1     1     l2tp_default_cl
1170715457 2176721311 R1            est    192.168.1.1     1     l2tp_default_cl
R2#show ip route | inc D
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
D        192.168.0.1 [90/409600] via 10.0.0.1, 00:50:19, Ethernet0/1
D        192.168.1.1 [90/409600] via 10.0.0.1, 00:11:43, Ethernet0/1

===============================================
===============================================
SW1

SW1#show spanning-tree mst 1

##### MST1    vlans mapped:   500-501
Bridge        address aabb.cc00.0100 priority      32769 (32768 sysid 1)
Root          this switch for MST1

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Et1/0 Desg FWD 2000000 128.33 Shr

SW1#ping 50.50.50.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/2/4 ms
SW1#ping 51.51.51.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 51.51.51.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms

===============================================
===============================================
SW2

SW2#show spanning-tree mst 1

##### MST1    vlans mapped:   500-501
Bridge        address aabb.cc00.0400 priority      32769 (32768 sysid 1)
Root          address aabb.cc00.0100 priority      32769 (32768 sysid 1)
            port    Et1/0           cost      2000000              rem hops 19

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Et1/0 Root FWD 2000000 128.33 Shr

SW2#ping 50.50.50.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
SW2#ping 51.51.51.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 51.51.51.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

fsebera · ‎04-30-2014

Could this (license) be my problem; although I didn't think the 1841 router played in the new Cisco license setup. Not sure and not familiar with Cisco's new licensing configuration. Any thoughts? :(

L2TPv3-2# sh license right-to-use
% No RightToUse Licenses are Active !!

L2TPv3-2# sh license status
                License Type Supported
        permanent               Non-expiring node locked license
        paid subscription       Expiring node locked subscription license
                                with valid end date
        extension subscription Expiring node locked subscription license
        evaluation subscription Expiring node locked subscription license

                License Operation Supported
        install    Install license
        clear      Clear license
        annotate   Comment license
        save       Save license
        revoke     Revoke license
        call-home License call-home

                Call-home Operation Supported
        show pak   Display license pak via call-home
        install    Install license via call-home
        revoke     Revoke license via call-home
        resend     Fetch license via call-home

                Device status
        Device Credential type: IMAGE
        Device Credential Verification: PASS
        Rehost Type: HARDWARE

SWIFT url status
Swift URL set to default value : https://tools.cisco.com/SWIFT/Licensing

fsebera · ‎04-30-2014

Update:

If I remove the trunk setup between the 3750<==>1841 at both ends and use a single vlan end-to-end, spanning-tree MST performs as expected. I can assign either 3750 switch to be root, works fine.

I will downgrade the IOS on the 1841 routers and give it another try.

More later!!

Guys, THANKS again for all the help!!!