Beruflich Dokumente
Kultur Dokumente
Table of Contents
Table of Contents
1.1 VPLS Overview.................................................................................................................... 1
1.1.1 Introduction to VPLS.................................................................................................. 1
1.2 Basic VPLS Network Architectures......................................................................................2
1.3 VPLS Operational Principle.................................................................................................. 3
1.3.1 VPLS Basic Transmission Components....................................................................3
1.4 Concepts Related to VPLS................................................................................................... 5
1.4.1 MPLS L2VPN............................................................................................................. 5
1.4.2 CE.............................................................................................................................. 6
1.4.3 PE.............................................................................................................................. 6
1.4.4 VSI............................................................................................................................. 6
1.5 VPLS Basic Configuration.................................................................................................... 6
1.5.2 Configuring Routing Protocols...................................................................................7
1.5.3 Configuring Basic MPLS Functions...........................................................................7
1.5.4 Configuring LDP Expansion Session Peer.................................................................7
1.5.5 Enable MPLS L2VPN................................................................................................8
1.5.6 Creating a VPLS Instance.........................................................................................8
1.5.7 Configuring VLAN for User Access and Binding a VLPS Instance...........................10
1.5.8 Configuring Static MAC Address..............................................................................10
1.5.9 Enabling VLAN VPN on a Port.................................................................................11
1.5.10 Configuring MPLS Packets Redirection.................................................................11
1.5.11 Configuring VPLS Characteristics..........................................................................13
1.6 Displaying and Debugging VPLS.......................................................................................15
1.7 VPLS Basic Configuration Example...................................................................................16
1.8 Troubleshooting VPLS........................................................................................................ 20
VPLS Configuration
VPLS Configuration
Note:
The enhanced service processor card mentioned here refers to the LSB1VPNB card.
Full name
AC
Attachment Circuit
CE
Custom Edge
FEC
VPLS Configuration
Acronym
Full name
FR
Frame Relay
NPE
PE
PW
Pseudo wires
PHP
UPE
VLL
VPLS
VSI
LSP
PE4
VPN 2
Site 1 CE1
CE6
PE1
MPLS network
VPN 1
Site 2
PE3
CE2
PE2
VPN 1
Site 1
CE5
CE4
CE3
VPN 2
Site 2
VPLS Configuration
As shown in Figure 1.1, VPLS can provide point-to-multipoint connection service like
a L3VAN. It can learn MAC addresses and exchange packets between multiple sites.
In addition, it keeps the forwarding tables of the individual VPNs independent with
each other and allows MAC address overlap between VPNs.
Figure 1.2 depicts a hierarchical VPLS network architecture.
VPN 1
Site 1
CE2
VPN 2
Site 1
NPE1
CE1
NPE2
MPLS edge network
UPE2
NPE3
CE4
VPN 2
Site 2
CE3
VPN 1
Site 2
VPLS Configuration
MAC forwarding entries, and map the MAC addresses to corresponding ACs and
PWs. While, the P devices (provider routers, that is, core switches in the backbone
network), only implement MPLS forwarding according to MPLS labels without
considering layer 2 user data encapsulated in MPLS packets.
AC
PW
Tunnel
VPN 1
Site 1
CE1
PW
signaling protocol
Forwarder
CE2
VPN 2
Site 1
PE2
VPN 1
Site 2
MPLS network
PE1
CE3
CE4
VPN 2
Site 2
1. Attachment circuit
An attachment circuit (AC) is a virtual connection link between CE and PE. Users
layer 2 and layer 3 data are transmitted to the peer site through AC without any
modification.
2. Pseudo wire
A pseudo wire (PW) is a bidirectional virtual connection between two VSIs in a VPN.
One PW contains a pair of unidirectional MPLS VCs (virtual circuits). It is established
by PW signaling protocol and carried on LSP. For a VPLS system, a PW is just like a
directly connected path between local and peer ACs, through which users layer 2
data are transmitted transparently.
3. Forwarder
A forwarder is in fact a VPLS forwarding table, it chooses PWs to forward the frames
that PEs received from ACs.
VPLS Configuration
4. Tunnel
A tunnel is a directly connected path between local PE and peer PEs, on which data
is transmitted transparently from one PE to another. A tunnel can carry multiple PWs.
In general, a tunnel is an MPLS tunnel.
5. Encapsulation
Standard PW encapsulation formats and technique are adopted when packets are
transmitted over PWs. VPLS packets carried on PWs have two encapsulation modes:
Tagged and Raw.
6. PW signaling
PW signaling (pseudo wire signaling) protocol on which VPLS bases is used to
establish and maintain PW. It can also be used to automatically discover peer PEs of
VSIs. Currently, PW signaling protocol includes label distribution protocol (LDP) and
border gateway protocol (BGP).
7. Service quality
Service quality maps priority information in the headers of users layer 2 packets to
QoS priority carried on public network before the forwarding of the packets. This
feature generally requires the MPLS network to support traffic-engineering.
As shown in Figure 1.1, CE3 transmits uplink layer 2 packets to PE1 through AC.
When PE1 receives the packets, the forwarder chooses PW to forward them.
According to PW forwarding entries, the system generates two layers of MPLS labels
(private network labels are used to mark the PWs, and public network labels are used
to pass through tunnels to PE2). After the packets reach PE2 through public network
tunnel, the system pops out private network labels (public network labels have
already been popped out on P device through PHP). PE2 forwarder chooses an AC to
forward layer 2 packets from CE3 to CE1.
VPLS Configuration
1. VPLS
This is a kind of point-to-multipoint L2VPN service provided on public networks. VPLS
can connect user sites in different areas together over MAN/WAN as if they are in a
single LAN.
2. VLL
This is a kind of point-to-point L2VPN service provided on public networks. VLL can
connect two sites with each other as if they are directly connected by cables.
However, it cannot provide switching between multipoints.
1.4.2 CE
It is a user device that is directly connected with a service provider's device.
1.4.3 PE
It is an edge router in backbone network connected with CEs. PE is responsible for
VPN service access, it implement packet mapping and forwarding from private
networks to public network tunnels, and vice versa. It has two types: UPE and NPE.
1. UPE
It is a user-facing PE device, a kind of convergence device for users to access the
VPN.
2. NPE
It is a core PE device, locating at the edge of the VPLS core network. It provides
VPLS transparent transmission service in the core network.
The actual VPLS access links are mapped to virtual links through VSIs.
1.4.4 VSI
Through virtual switch instance (VSI) you can map the actually connected links to
each virtual links.
VPLS Configuration
Item
Command
Description
Configuring
routing
in
protocol
for
Operation
Manual
Mandatory
Routing Protocol
public network
2
Configuring
basic
MPLS
MPLS
Basic
Functions
Mandatory
in
functions
Configuring
Mandatory
Mandatory
Mandatory
Mandatory
[Quidway] mac-address
Optional
Configuring
[Quidway -vlan-interface100]
Mandatory
l2 binding vsi
LDP expansion
session peer
4
Enabling
L2VPN
Configuring
VPLS instance
6
Configuring an
IP address of a
peer PE
Configuring
static
MAC
addresses
8
access
and
bind VSI
9
Configuring
[Quidway
-vsi-3com-ldp]
Optional
VPLS
bandwidth
Enabling VLAN
[Quidway -vlan-interface100]
Optional
VPN on port
vlan-vpn enable
Configuring
[Quidway -vlan-interface100]
packet
traffic-redirect
characteristics
10
11
redirection
Mandatory
VPLS Configuration
Command
Command
remote-ip remoteip
VPLS Configuration
remoteip: IP address for the remote peer. This address must be the lsr id of a peer
LSR.
By default, no IP address is configured for a remote peer.
Command
mpls l2vpn
Command
VSI view
VPLS Configuration
When you specify martini as the VPLS connection mode (MPLS L2VPN in Martini
mode adopts expanded LDP to send signaling of VC information), you will enter VSILDP view at the same time.
Table 1.1 Specify martini as the VPLS connection mode
Operation
Command
pwsignal [ ldp ]
Command
vsi-id vsi-id
When you specify a Peer, vc-id defaults to vsi-id. And vsi-id ranges from 1 to
4,294,967,295.
Command
instance
backup-peer
primary-peer
VPLS Configuration
1.5.7 Configuring VLAN for User Access and Binding a VLPS Instance
The port configuration on a VLAN interface differs depending on user access modes.
If user gets access by Ethernet, you must enable VLAN-VPN on the access port of
the VLAN. If user makes H-VPLS access by VLAN, or user's convergence multitenant unit (MTU) makes H-VPLS access by VLAN-VPN, you need not enable VLANVPN on the access port; instead, you must configure the port as Trunk, in this case,
the VLAN tag (VLAN ID currently configured for the user) carried in uplink packets
must be consistent with that of the VLAN bound with the Trunk. If convergence UPE
makes H-VPLS access by LSP, you can bind a VPLS instance to a VLAN containing
no port. Additionally, you cannot bind one instance to multiple VLANs.
Perform the following configuration in VLAN interface view.
Table 1.1 Configure VLAN for user access and bind a VPLS instance
Operation
Command
interface
Remove the binding
Command
VPLS instance
peer peer-ip]
VPLS Configuration
Caution:
User access mode of VSI determines whether you should enable VLAN-VPN on a
port or not. If the access mode is Ethernet, you must enable VLAN-VPN on the
access port such that your private VLAN TAG can be properly transferred. If the
access mode is VLAN, you must set the access port to trunk.
Command
vlan-vpn enable
undo vlan-vpn
Caution:
If GARP VLAN registration protocol (GVRP), spanning tree protocol (STP) or 802.1x
protocol is enabled on a port, VLAN VPN on this port is not allowed to enable.
Command
VPLS Configuration
Operation
Command
When you define the flow template, the total size of all the elements in the template
must be less than 16 bytes.
Command
Command
traffic-redirect inbound { link-group { aclnumber | acl-name } [ rule rule [ systemindex index ] ] | ip-group { acl-number | aclname } [ rule rule [ system-index index ] ] }
interface { interface-name | interface-type
interface-num } destination-vlan l3-vpn
VPLS Configuration
Command
bandwidth vpn-speed
Command
broadcast-restrain restrain-number
percentage
VPLS Configuration
Command
mtu mtu
instance
Command
qos { 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | { userdefine-table p p p p p p p p } }
Command
description TEXT
VPLS instance
undo description
shut
VPLS instance
undo shut
mac-table limit
VPLS Configuration
Command
connection information
individual
kinds
Command
of
L2VPN
debugging
Disable
individual
kinds
of
L2VPN
debugging
undo
debugging
mpls
l2vpn
VPLS Configuration
2. Network diagram
CE1
VL AN 100 PE1
10.10.10.10/24
e6/1/48
VLAN 10
5.6.7.8 g4/1/1
VPN1
10.10.10.11/24
VL AN 10
g4/1/1
1.2.3.4
VPN1
Figure 1.1 Network diagram for VPLS configuration of back-to back PEs
3. Configuration procedure
(1)
Configure PE1
# Configure the router id used to advertise OSPF routing information. Generally, the
virtual interface address of both mpls lsr-id and loopback0 can be configured with the
same IP address.
[PE1] router id 5.6.7.8
# Configure mpls lsr-id. Enable MPLS and MPLS LDP globally.
[PE1] mpls lsr-id 5.6.7.8
[PE1] mpls
[PE1] mpls ldp
# Configure a 32-bit loopback address, which is used to create LSP.
[PE1] interface loopback0
[PE1 -LoopBack0] ip address 5.6.7.8 32
# Configure a public VLAN, add a port to it, configure an IP address for the virtual
interface, then, enable MPLS and MPLS LDP on the interface.
[PE1] vlan 10
[PE1-vlan10] port GigabitEthernet 4/1/1
[PE1-vlan10] interface vlan 10
[PE1-vlan-interface10] ip address 10.10.10.10 24
[PE1-vlan-interface10] mpls
[PE1-vlan-interface10] mpls ldp enable
# # Configure OSPF to set up routes.
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 5.6.7.8 0.0.0.0
VPLS Configuration
VPLS Configuration
(2)
Configure PE2
# Configure the router id used to advertise OSPF routing information. Generally, the
virtual interface address of both mpls lsr-id and loopback0 can be configured with the
same IP address.
[PE2] router id 1.2.3.4
# Configure mpls lsr-id. Enable MPLS and MPLS LDP globally.
[PE2] mpls lsr-id 1.2.3.4
[PE2] mpls
[PE2] mpls ldp
# Configure a 32-bit loopback address, which is used to create LSP.
[PE2] interface loopback0
[PE2 -LoopBack0] ip address 1.2.3.4 32
# Configure a public VLAN, add a port to it, configure the IP address for the virtual
interface, then, enable MPLS and MPLS LDP on the interface.
[PE2] vlan 10
[PE2-vlan10] port GigabitEthernet 4/1/1
[PE2-vlan10] interface vlan 10
[PE2-vlan-interface10] ip address 10.10.10.11 24
[PE2-vlan-interface10] mpls
[PE2-vlan-interface10] mpls ldp enable
# Configure OSPF to set up routes.
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 1.2.3.4 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 10.10.10.11 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] import-route direct
[PE2-ospf-1] quit
# Configure a LDP remote peer (PE1) to set up LDP session.
[PE2] mpls ldp remote-peer 1
[PE2-mpls-remote2] remote-ip 5.6.7.8
# Enable L2VPN globally.
VPLS Configuration
VPLS Configuration
The LSP tunnel over the public network is not set up for the two ends: verify that
the route is available on both end, you can successfully ping the loopback port of
the peer, and the LDP session is normal.
Expansion session is abnormal: verify that the commands used to configure the
expansion session are executed on both ends, and the configurations are all
right.
The virtual interface of the private VLAN is not bound with the corresponding
VPLS instance, or is DOWN: make sure the interface is UP, or the PW to the
UPE is UP.
The parameters for the peer or the MTU value of the VPLS instance is inconsistent:
verify that the MTU value configured for the VPLS instance is consistent on both end,
and the vc-id and transmission mode for the peer is also consistent.
Symptom 2: Packets cannot be forwarded.
The enhanced card is not in place: use the display device command to verify
that the enhanced card is in Normal state.
The enhanced card version is inconsistent with the SRP version: verify the
enhanced card version.
The flow template and redirection are not correctly configured on the public side:
verify the port for the public network is correctly configured.