Maipu and Cisco - MPLS L2VPN and AToM

As discussed in last post about MPLS L2VPN. In this post we will see the configuration for Cisco and Maipu Router both.First of all this technology is known as AToM (Any Traffic over MPLS).

            In this example I tested Maipu 3840 and Cisco 1841. I only taken two routers, simulating that these are acting as PE. Here I shown computers , Both are in same subnet. That means over MPLS cloud we are creating a L2 tunnel.

So that these two laptops can communicate, which are in same subnet.

            In real time this laptops are replaced with Routers and these IP address are assigned to Routers and they can ping each other, It may be /24 or /32. It totally depends on Customer requirement.

For testing and understanding, I feel this is good example. Here you can know how your L2circut is formed from your site to another site.

            In last post, I shown Full setup, This is just for compatibility with Cisco and Maipu. In Cisco little bit more configuration to setup MPLS L2VPN.

Topology :

Configuration -

Cisco 1841 configuration:

pseudowire-class a
 encapsulation mpls

interface Loopback0
 ip address 18.18.18.18 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 mpls ip 
mpls label protocol ldp
 xconnect 37.37.37.37 100 pw-class a
!
interface FastEthernet0/1
 ip address 9.0.10.18 255.255.255.0
 duplex auto
 speed auto
 mpls ip
mpls label protocol ldp
!

!
router ospf 1
 log-adjacency-changes
  network 9.0.10.0 0.0.0.255 area 0
 network 18.18.18.18 0.0.0.0 area 0

mpls ldp router-id Loopback0

MP3840 configuration:

ip mef

ip load-sharing per-destination

mpls ip

interface loopback0

 ip address 37.37.37.37 255.255.255.255

 exit

interface gigaethernet0

 ip address 9.0.10.19 255.255.255.0

 mpls ip

 mpls ldp

 exit

interface gigaethernet1

 mpls ip

 xconnect 18.18.18.18 100 encapsulation mpls

 mpls ldp

 exit

                                    

router ospf 1

 router-id 37.37.37.37

 network 9.0.10.0 area 0

 network 37.37.37.37 0.0.0.0 area 0

 exit

mpls ldp

 router-id 37.37.37.37

 transport-address 37.37.37.37

 targeted-peer 18.18.18.18

 exit

-- you are done, yes but many of you thinking its very simple. yes its simple the important is reachability with peer ip address (loopback IP). That means if you face any issue in xconnect, First you have to check IGP status and routing. It use IGP routing to reach peer router. 

Here same example with Maipu to Maipu for better understanding.

MAIPU TO MAIPU

Configurations

MP3780 configuration :

ip mef

ip load-sharing per-destination

mpls ip

           

interface loopback0

 ip address 37.37.37.37 255.255.255.255

 exit

interface gigaethernet0

 ip address 1.1.1.2 255.255.255.0

 mpls ip

 mpls ldp

 exit

interface gigaethernet1

 mpls ip

 xconnect 18.18.18.18 100 encapsulation mpls

 mpls ldp

 exit

                                   

router ospf 1

 router-id 37.37.37.37

 network 1.1.1.0 0.0.0.255 area 0

 network 37.37.37.37 0.0.0.0 area 0

 exit

mpls ldp

 router-id 37.37.37.37

 transport-address 37.37.37.37

 targeted-peer 18.18.18.18

 exit

MP3840 configuration :

ip mef

ip load-sharing per-destination

mpls ip

interface loopback0

 ip address 18.18.18.18 255.255.255.255

 exit

interface gigaethernet0

 ip address 1.1.1.1 255.255.255.0

 mpls ip

 mpls ldp

 exit

interface gigaethernet1

 mpls ip

 xconnect 37.37.37.37 100 encapsulation mpls

 mpls ldp

 exit

                                    

router ospf 1

 router-id 18.18.18.18

 network 1.1.1.0 0.0.0.255 area 0

 network 18.18.18.18 0.0.0.0 area 0

 exit

mpls ldp

 router-id 18.18.18.18

 transport-address 18.18.18.18

 targeted-peer 37.37.37.37

 exit

Hope this information will help you for better understanding about Cisco AToM and Maipu MPLS L2VPN.

For more information about AToM - Click here 

For any feedback and queries, Plz put comment with your Name and Mail id..

Maipu - MPLS L2VPN

Many times we came across terms like, L2VPN (layer 2 vpn), In this section we will see how to configure L2 VPN in MPLS for Maipu Routers. It’s a service which a service provider offers to customer. SP provide end to end L2 VPN over own MPLS cloud.

So that customer can use own IP addresses and customer will feel that they have dedicated Point to Point link from one site to another site. L2 vpn is emulating legacy costly point to point links.

Since these are configured on shared media, that’s why the cost will be cheap than dedicated point to point connection from Telco.

Here is a MPLS topology and two different customers VPN sites.

Topology 

MPLS L2VPN Network diagram

Description of Topology

In the configuration instance, router 1 and router 3 are PE devices; router 2 is the P device; the P and PE devices form the MPLS backbone network. Here, router 1 and router 2 are connected via the serial port; router 2 and router 3 are connected via Ethernet interface. In the MPLS backbone network, run the IGP routing protocol and label distributing protocol LDP. 

The MPLS network is connected to two different VPN users (VPN A and VPN B). The MPLS network adopts the LDP to distribute the L2VPN virtual circuit labels to realize the intercommunication between VPN A/Site1 connected to router 1 and VPN A/Site2 connected to router 3 (corresponding to VPN A), as well as the intercommunication between VPN B/Site1 connected to router 1 and VPN B/Site2 connected to router 3 (corresponding to VPN B).

Configuration Template -

The configuration of router 1:

Command	Description
Router1(config)# mpls ip	Enable the global MPLS label forwarding
Router1(config)# interface loopback0	Configure the loopback port (IP address is 1.1.1.1)
Router1 (config-if-loopback0)# ip address 1.1.1.1 255.255.255.255
Router1 (config-if-loopback0)# exit
Router1 (config)# interface fastethernet 0	Configure f0
Router1 (config-if-fastethernet0)# mpls ip	Configure mpls ip
Router1 (config-if-fastethernet0)# xconnect 3.3.3.3 100 encapsulation mpls	Configure f0to encapsulate the VPWS virtual circuit
Router1 (config-if-fastethernet0)#exit
Router1 (config)# interface fastethernet 1	Configure f1
Router1 (config-if-fastethernet1)# mpls ip	Configure mpls ip
Router1 (config-if-fastethernet1)# xconnect 3.3.3.3 200 encapsulation mpls	Configure f1 to encapsulate the VPWS virtual circuit
Router1 (config-if-fastethernet1)# exit
Router1 (config)# interface serial 0/1	Configure the frame relay interface
Router1 (config-if-serial0/1)# physical-layer sync
Router1 (config-if-serial0/1)# encapsulation frame-relay
Router1 (config-if-serial0/1)# frame-relay lmi-type ansi
Router1 (config-if-serial0/1)# exit
Router1 (config)# interface serial0/1.1 multipoint	Configure the frame relay sub interface
Router1 (config-if-serial0/1.1)# frame-relay interface-dlci 22
Router1 (config-fr-dlci)#exit
Router1 (config-if-serial0/1.1)# ip address 21.0.0.1 255.255.255.0
Router1 (config-if-serial0/1.1)# ip ospf network point-to-multipoint
Router1 (config-if-serial0/1.1)# mpls ip	Enable the label forwarding of the interface
Router1 (config-if-serial0/1.1)# mpls ldp	Enable the LDP protocol on the interface
Router1 (config-if-serial0/1.1)# exit
Router1 (config)# router ospf 1	Configure IGP (OSPF)
Router1 (config-ospf)# network 1.1.1.1 0.0.0.0 area 0
Router1 (config-ospf)# network 21.0.0.0 0.0.0.255 area 0
Router1 (config-ospf)#exit
Router1 (config)# mpls ldp	Configure the LDP protocol
Router1 (config-ldp)# router-id 1.1.1.1	Configure the router-id of the LDP
Router1 (config-ldp)# targeted-peer 3.3.3.3	Configure the LDP target peer entity
Router1 (config-ldp)# transport-address 1.1.1.1	Configure the LDP transmission address
Router1 (config-ldp)#exit

The configuration of router 2:

Command	Description
Router2(config)# mpls ip	Enable the global MPLS label forwarding
Router2(config)# interface loopback0	Configure the loopback port (the IP address is 2.2.2.2)
Router2 (config-if-loopback0)# ip address 2.2.2.2 255.255.255.255
Router2 (config-if-loopback0)# exit
Router2 (config)# interface fastethernet 1	Configure f1
Router2 (config-if-fastethernet1)# ip address 22.0.0.1 255.255.255.0	Configure the IP address
Router2 (config-if-fastethernet1)# mpls ip	Configure mpls ip
Router2 (config-if-fastethernet1)# mpls ldp	Configure f1 to enable LDP
Router2 (config-if-fastethernet1)#exit
Router2 (config)# interface serial0/1	Configure the frame relay interface
Router2 (config-if- serial0/1)# physical-layer sync
Router2 (config-if- serial0/1)# clock rate 2000000
Router2 (config-if- serial0/1)# encapsulation frame-relay
Router2 (config-if-serial0/1)# frame-relay lmi-type ansi
Router2 (config-if-serial0/1)# frame-relay intf-type dce
Router2 (config-if-serial0/1)# exit
Router2 (config)# interface serial0/1.1 multipoint	Configure the frame relay sub interface
Router2 (config-if-serial0/1.1)# frame-relay interface-dlci 22
Router2 (config-fr-dlci)#exit
Router2 (config-if-serial0/1.1)# ip address 21.0.0.2 255.255.255.0
Router2 (config-if-serial0/1.1)# ip ospf network point-to-multipoint
Router2 (config-if-serial0/1.1)# mpls ip	Enable the label forwarding of the interface
Router2 (config-if-serial0/1.1)# mpls ldp	Enable the LDP protocol on the interface
Router2 (config-if-serial0/1.1)# exit
Router2 (config)# router ospf 1	Configure IGP (OSPF)
Router2 (config-ospf)# network 21.0.0.0 0.0.0.255 area 0
Router2 (config-ospf)# network 22.0.0.0 0.0.0.255 area 0
Router2 (config-ospf)# network 2.2.2.2 0.0.0.0 area 0
Router2 (config-ospf)#exit
Router2 (config)# mpls ldp	Configure the LDP protocol
Router2 (config-ldp)# router-id 2.2.2.2	Configure the router-id of the LDP
Router2 (config-ldp)# transport-address 2.2.2.2	Configure the LDP transmission address
Router2 (config-ldp)#exit

The configuration of router 3:

Command	Description
Router3(config)# mpls ip	Enable the global MPLS label forwarding
Router3(config)# interface loopback0	Configure the loopback port (the IP address is 3.3.3.3)
Router3 (config-if-loopback0)# ip address 3.3.3.3 255.255.255.255
Router3 (config-if-loopback0)# exit
Router3(config) # port 0/0
Router3 (config-port-0/0)# port mode access	Configure port0/0 as access mode
Router3 (config-port-0/0)# port access vlan 2	Bind vlan2 with port0/0
Router3 (config-port-0/0)# exit
Router3 (config)# interface vlan 2	Configure vlan 2
Router3(config-if-vlan2)#ip address 22.0.0.2 255.255.255.0	Configure IP address
Router3 (config-if-vlan2)# mpls ip	Configure mpls ip
Router3 (config-if-vlan2)# mpls ldp	Configure vlan 2 to enable LDP
Router3 (config-if-vlan2)#exit
Router3 (config)# interface fastethernet 0	Configure f0
Router3 (config-if-fastethernet0)# mpls ip	Configure mpls ip
Router3 (config-if-fastethernet0)# xconnect 1.1.1.1 100 encapsulation mpls	Configure f0to encapsulate the VPWS virtual circuit
Router3 (config-if-fastethernet0)# exit
Router3 (config)# interface fastethernet 1	Configure f1
Router3 (config-if-fastethernet1)# mpls ip	Configure mpls ip
Router3 (config-if-fastethernet1)# xconnect 1.1.1.1 200 encapsulation mpls	Configure f1to encapsulate the VPWS virtual circuit
Router3 (config-if-fastethernet1)# exit
Router3 (config)# router ospf 1	Configure IGP (OSPF)
Router3 (config-ospf)# network 22.0.0.0 0.0.0.255 area 0
Router3 (config-ospf)# network 3.3.3.3 0.0.0.0 area 0
Router3 (config-ospf)#exit
Router3 (config)# mpls ldp	Configure the LDP protocol
Router3 (config-ldp)# router-id 3.3.3.3	Configure the router-id of the LDP
Router3 (config-ldp)# targeted-peer 1.1.1.1	Configure the LDP target peer entity
Router3 (config-ldp)# transport-address 3.3.3.3	Configure the LDP transmission address
Router3 (config-ldp)#exit

After completing the configuration, use the show mpls ldp session command to view whether the session of targeted-peer is set up, as follows:

Router1#show mpls ldp session

Peer IP Address    IF Name         My Role   State                     DeadTime

3.3.3.3                 serial0/1.1        Passive    OPERATIONAL   00:02:26

                       After setting up the session of targeted-peer, the LDP protocol distributes the VPN label. Here, you can use the show mpls forward command to view whether the VPN label is distributed, as follows:

Router1#show mpls forwarding-table l2-circuit

Codes: L - LDP, B - MP-BGP, R - RSVP, M – Mapped-Route, U - UNSPEC S - SYNC Flag

Pro Ident  FEC          Inlabel Outlabel Outgoing         Next hop     RxPkts    TxPkts    TxBytes   Flag

L  -VC-   100             /           512        serial0/1.1        3.3.3.3         0               0             0

L  -VC-   200             /           513        serial0/1.1        3.3.3.3         0               0             0

The L2VPN communication needs to adopt the tunnel of the PSN network. In the instance, the PSN tunnel is the LSP (Label Switched Path) set up by LDP. The show mpls forward command can be used to view whether LSP is set up, as follows.

Router1#show mpls forwarding-table global

Codes: L - LDP, B - MP-BGP, R - RSVP, U - UNSPEC S - SYNC Flag

Pro Ident   FEC  Inlabel Outlabel  Outgoing         Next hop     RxPkts    TxPkts    TxBytes   Flag

L  global  3.3.3.3/32    /  2048        serial0/1.1        21.0.0.2      0              0              0

Here, the L2VPN is set up and can communicate normally.

If the MPLS fast forwarding high-speed cache is enabled, the router adopts the high-speed cache to forward the MPLS packets. You can use the show mpls cache command to view, as follows:

Router1#show mpls cache

Ident   FEC     Inlabel Outgoing         OLS                      uses Fwdpkts

-VC-  100                     /          serial0/1.1        |2048|512|             0     0   

-VC-  200                     /          serial0/1.1        |2048|513|             0     0   

You can see that each VC in the high-speed cache creates the fast forwarding item and uses the OLS to finish constructing the packet and then forward it.

If the fault appears, you can use the debug mpls packet command to track the packet forwarding, so as to get the information for analyzing the fault. In normal state, the following debug information can be viewed via the debug mpls packet command.

06:17:05: Receive link layer packet from interface(fastethernet0), and vc id(100)

06:17:05: Pushing VC label(512), nexthop(3.3.3.3)

06:17:05: Pushing Tunnel label(2048), nexthop(21.0.0.2)

06:17:05: Send packet out through interface(serial0/1.1)

06:17:05: Receive mpls packet from interface(serial0/1.1), LABEL(1024), TTL(2), EXP(0)

06:17:05: Popping label 1024 for Virtual Circuit

06:17:05: Send packet out through interface(fastethernet0)

First receive the L2 packet from the fastethernet0 interface, label it with VC 512 and PSN tunnel 2048, and then forward it out from the interface serial0/1.1. The Penultimate-Hop Popping (PHP) is enabled when the packet returns, so only one layer of VC label is left; he debug information shows that the MPLS packet of label 1024 is received from the interface serial0/1.1; the VC label 1024 is popped; the packet is sent out from the fastethernet0 interface.

Note -

• If the MPLS fast forwarding mechanism is enabled, the packet adopts the high-speed cache forwarding and there is no debug information. Therefore, to debug the packet forwarding information, disable the fast forwarding high-speed cache in the interface configuration mode.

• If L2VPN is bound to Ethernet sub interface and there is switch between the interface on PE and CE, the switch must support VLAN, which needs to be configured correctly.

I know this post is too long. But to cover this topic in detail for Maipu to Maipu, I need to explain in detail. So this post is long.

I know many of you will be thinking how Maipu and Cisco will work together in this scenario. Suppose one PE is Cisco and another one is Maipu. That time how will be configuration. Since in Cisco the configuration is little bit more.

I will cover that configuration in coming post.

Hope this information will help you for understanding of MPLS L2VPN.

For any feedback and query, Plz put comment with Name and Mail id.