This documentation has been moved
L2VPN Pseudowire Switching
Downloads: This chapterpdf (PDF - 224.0KB) The complete bookPDF (PDF - 11.12MB) | Feedback

L2VPN Pseudowire Switching

Table Of Contents

L2VPN Pseudowire Switching

Finding Feature Information

Contents

Prerequisites for L2VPN Pseudowire Switching

Restrictions for L2VPN Pseudowire Switching

Information About L2VPN Pseudowire Switching

How L2VPN Pseudowire Switching Works

How Packets Are Manipulated at the L2VPN Pseudowire Switching Aggregation Point

How to Configure L2VPN Pseudowire Switching

Prerequisites

Examples

Configuration Examples for L2VPN Pseudowire Switching

L2VPN Pseudowire Switching in an Inter-AS Configuration: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for L2VPN Pseudowire Switching


L2VPN Pseudowire Switching


First Published: April 20, 2005
Last Updated: November 20, 2009

This feature module explains how to configure L2VPN Pseudowire Switching, which extends Layer 2 Virtual Private Network (L2VPN) pseudowires across an interautonomous system (inter-AS) boundary or across two separate Multiprotocol Label Switching (MPLS) networks. The feature supports ATM and time-division multiplexing (TDM) attachment circuits (ACs) and Ethernet ACs.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for L2VPN Pseudowire Switching" section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Prerequisites for L2VPN Pseudowire Switching

Restrictions for L2VPN Pseudowire Switching

Information About L2VPN Pseudowire Switching

How to Configure L2VPN Pseudowire Switching

Configuration Examples for L2VPN Pseudowire Switching

Additional References

Feature Information for L2VPN Pseudowire Switching

Prerequisites for L2VPN Pseudowire Switching

For the Cisco 12000 series routers, the L2VPN Pseudowire Switching feature for Any Transport over MPLS (AToM) is supported on the following engines:

E2

E3

E4+

E5

E6

For engines that do not support this feature, the packets are sent to the software and forwarded through the slow path.


Note Engines E1 and E4 do not support L2VPN Pseudowire Switching, even in the slow path.


Restrictions for L2VPN Pseudowire Switching

L2VPN Pseudowire Switching is supported with AToM.

Only static, on-box provisioning is supported.

Sequencing numbers in AToM packets are not processed by L2VPN Pseudowire Switching. The feature blindly passes the sequencing data through the xconnect packet paths, a process that is called transparent sequencing. The endpoint provider-edge (PE) to customer-edge (CE) connections enforce the sequencing.

You can ping the adjacent next-hop PE router. End-to-end label switched path (LSP) pings are not supported.

Do not configure IP or Ethernet interworking on a router where L2VPN Pseudowire Switching is enabled. Instead, configure interworking on the routers at the edge PEs of the network.

The control word negotiation results must match. If either segment does not negotiate the control word, the control word is disabled for both segments.

AToM Graceful Restart is negotiated independently on each pseudowire segment. If there is a transient loss of the label distribution protocol (LDP) session between two AToM PE routers, packets continue to flow.

Per-pseudowire quality of service (QoS) is not supported. Traffic engineering (TE) tunnel selection is supported.

Attachment circuit interworking is not supported.

Information About L2VPN Pseudowire Switching

To configure the L2VPN Pseudowire Switching feature, you should understand the following concepts:

How L2VPN Pseudowire Switching Works

How Packets Are Manipulated at the L2VPN Pseudowire Switching Aggregation Point

How L2VPN Pseudowire Switching Works

L2VPN Pseudowire Switching allows the user to extend L2VPN pseudowires across two separate MPLS networks or across an inter-AS boundary, as shown in Figure 1 and Figure 2.

L2VPN Pseudowire Switching connects two or more contiguous pseudowire segments to form an end-to-end multihop pseudowire. This end-to-end pseudowire functions as a single point-to-point pseudowire.

As shown in Figure 2, L2VPN Pseudowire Switching enables you to keep the IP addresses of the edge PE routers private across inter-AS boundaries. You can use the IP address of the Autonomous System Boundary Routers (ASBRs) and treat them as pseudowire aggregation (PE-agg) routers. The ASBRs join the pseudowires of the two domains.

L2VPN Pseudowire Switching also enables you to keep different administrative or provisioning domains to manage the end-to-end service. At the boundaries of these networks, PE-agg routers delineate the management responsibilities.

Figure 1 L2VPN Pseudowire Switching in an Intra-AS Topology

Figure 2 L2VPN Pseudowire Switching in an Inter-AS Topology

How Packets Are Manipulated at the L2VPN Pseudowire Switching Aggregation Point

Switching AToM packets between two AToM pseudowires is the same as switching any MPLS packet. The MPLS switching data path switches AToM packets between two AToM pseudowires. The following list explains exceptions:

The outgoing virtual circuit (VC) label replaces the incoming VC label in the packet. New Internal Gateway Protocol (IGP) labels and Layer 2 encapsulation are added.

The incoming VC label time-to-live (TTL) field is decremented by one and copied to the outgoing VC label TTL field.

The incoming VC label EXP value is copied to the outgoing VC label EXP field.

The outgoing VC label "Bottom of Stack" S bit in the outgoing VC label is set to 1.

AToM control word processing is not performed at the L2VPN Pseudowire Switching aggregation point. Sequence numbers are not validated. Use the Router Alert label for LSP Ping; do not require control word inspection to determine an LSP Ping packet.

How to Configure L2VPN Pseudowire Switching

Use the following procedure to configure L2VPN Pseudowire Switching on each of the PE-agg routers. In this configuration, you are limited to two neighbor commands after entering the l2 vfi command.

Prerequisites

This procedure assumes that you have configured basic AToM L2VPNs. This procedure does not explain how to configure basic AToM L2VPNs that transport Layer 2 packets over an MPLS backbone. For information on the basic configuration, see Any Transport over MPLS.

For interautonomous configurations, ASBRs require a labeled interface.

SUMMARY STEPS

1. enable

2. configure terminal

3. l2 vfi name point-to-point

4. neighbor ip-address vcid [encapsulation mpls | pw-class pw-class-name]

5. exit

6. exit

7. show mpls l2transport vc [vcid [vc-id | vc-id-min vc-id-max]] [interface name [local-circuit-id]] [destination ip-address | name] [detail]

8. show vfi [vfi-name]

9. ping [protocol] [tag] {host-name | system-address}

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

l2 vfi name point-to-point

Example:

Router(config)# l2 vfi atomtunnel point-to-point

Creates a point-to-point Layer 2 virtual forwarding interface (VFI) and enters VFI configuration mode.

Step 4 

neighbor ip-address vcid [encapsulation mpls | pw-class pw-class-name]

Example:

Router(config-vfi)# neighbor 10.0.0.1 100 pw-class mpls

Configures an emulated VC.

Specify the IP address and the VC ID of the remote router.

Also specify the pseudowire class to use for the emulated VC.

Note Only two neighbor commands are allowed for each l2 vfi point-to-point command.

Step 5 

exit

Example:

Router(config-vfi)# exit

Exits VFI configuration mode.

Step 6 

exit

Example:

Router(config)# exit

Exits global configuration mode.

Step 7 s

show mpls l2transport vc [vcid [vc-id | 
vc-id-min vc-id-max]] [interface name 
[local-circuit-id]] [destination ip-address | 
name] [detail]
Example:
Router# show mpls l2transport vc

Verifies that the L2VPN Pseudowire Switching session has been established.

Step 8 

show vfi [vfi-name]
Example:
Router# show vfi atomtunnel

Verifies that a point-to-point VFI has been established.

Step 9 

ping [protocol] [tag] {host-name | 
system-address} 
Example:
Router# ping 10.1.1.1

When issued from the CE routers, verifies end-to-end connectivity.

Examples

The following example displays output from the show mpls l2transport vc command:

Router# show mpls l2transport vc

Local intf     Local circuit              Dest address    VC ID Status   
-------------  -------------------------- --------------- ----- ---- 
MPLS PW        10.0.1.1:100               10.0.1.1        100   UP 
MPLS PW        10.0.1.1:100               10.0.1.1        100   UP 

The following example displays output from the show vfi command:

Router# show vfi

VFI name: test, type: point-to-point
 Neighbors connected via pseudowires:
   Router ID        Pseudowire ID
   10.0.1.1         100      
   10.0.1.1         100 

Configuration Examples for L2VPN Pseudowire Switching

This section provides the following configuration example:

L2VPN Pseudowire Switching in an Inter-AS Configuration: Example

L2VPN Pseudowire Switching in an Inter-AS Configuration: Example

Two separate autonomous systems are able to pass L2VPN packets, because the two PE-agg routers have been configured with L2VPN Pseudowire Switching. This example configuration is shown in Figure 3.

Figure 3 L2VPN Pseudowire Switching in an Interautonomous System

PE-agg-1
PE-agg-2

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [pe-agg1]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$Q0Bb$32sIU82pHRgyddWaeB4zs/

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

pseudowire-class SW-PW

encapsulation mpls

!

l2 vfi PW-SWITCH-1 point-to-point

neighbor 172.17.255.3 100 pw-class SW-PW

neighbor 172.16.255.1 16 pw-class SW-PW

!

interface Loopback0

ip address 172.16.255.3 255.255.255.255

no ip directed-broadcast

!

interface Serial0/0

ip address 172.16.0.6 255.255.255.252

no ip directed-broadcast

mpls ip

!

interface Serial1/0

ip address 192.168.0.1 255.255.255.252

no ip directed-broadcast

mpls bgp forwarding

!

router ospf 16

log-adjacency-changes

network 172.16.0.0 0.0.255.255 area 0

!

router bgp 65016

no synchronization

bgp log-neighbor-changes

network 172.16.255.3 mask 255.255.255.255

neighbor 192.168.0.2 remote-as 65017

neighbor 192.168.0.2 send-label

no auto-summary

!

ip classless

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [pe-agg2]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$32jd$zQRfxXzjstr4llV9DcWf7/

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

pseudowire-class SW-PW

encapsulation mpls

!

l2 vfi PW-SWITCH-1 point-to-point

neighbor 172.16.255.3 100 pw-class SW-PW

neighbor 172.17.255.1 17 pw-class SW-PW

!

interface Loopback0

ip address 172.17.255.3 255.255.255.255

no ip directed-broadcast

!

interface Serial0/0

ip address 172.17.0.6 255.255.255.252

no ip directed-broadcast

mpls ip

!

interface Serial1/0

ip address 192.168.0.2 255.255.255.252

no ip directed-broadcast

mpls bgp forwarding

!

router ospf 17

log-adjacency-changes

network 172.17.0.0 0.0.255.255 area 0

!

router bgp 65017

no synchronization

bgp log-neighbor-changes

network 172.17.255.3 mask 255.255.255.255

neighbor 192.168.0.1 remote-as 65016

neighbor 192.168.0.1 send-label

no auto-summary

!

ip classless

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end


A-P1
B-P1

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [a-p1]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$eiUn$rTMnZiYnJxtMTpO0NKpQQ/

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

!

interface Loopback0

ip address 172.16.255.2 255.255.255.255

no ip directed-broadcast

!

interface Serial0/0

ip address 172.16.0.5 255.255.255.252

no ip directed-broadcast

mpls ip

!

interface Serial1/0

ip address 172.16.0.2 255.255.255.252

no ip directed-broadcast

mpls ip

!

router ospf 16

log-adjacency-changes

network 172.16.0.0 0.0.255.255 area 0

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [b-p1]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$svU/$2JmJZ/5gxlW4nVXVniIJe1

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

!

interface Loopback0

ip address 172.17.255.2 255.255.255.255

no ip directed-broadcast

!

interface Serial0/0

ip address 172.17.0.5 255.255.255.252

no ip directed-broadcast

mpls ip

!

interface Serial1/0

ip address 172.17.0.2 255.255.255.252

no ip directed-broadcast

mpls ip

!

router ospf 17

log-adjacency-changes

network 172.17.0.0 0.0.255.255 area 0

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end


PE1
PE2

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [pe1]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$9z8F$2A1/YLc6NB6d.WLQXF0Bz1

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

pseudowire-class ETH-PW

encapsulation mpls

!

interface Loopback0

ip address 172.16.255.1 255.255.255.255

no ip directed-broadcast

!

interface Ethernet0/0

no ip address

no ip directed-broadcast

no cdp enable

xconnect 172.16.255.3 16 pw-class ETH-PW

!

interface Serial1/0

ip address 172.16.0.1 255.255.255.252

no ip directed-broadcast

mpls ip

!

router ospf 16

log-adjacency-changes

network 172.16.0.0 0.0.255.255 area 0

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [pe2]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$rT.V$8Z6Dy/r8/eaRdx2TR/O5r/

!

ip subnet-zero

ip cef

no ip domain-lookup

mpls label protocol ldp

pseudowire-class ETH-PW

encapsulation mpls

!

interface Loopback0

ip address 172.17.255.1 255.255.255.255

no ip directed-broadcast

!

interface Ethernet0/0

no ip address

no ip directed-broadcast

no cdp enable

xconnect 172.17.255.3 17 pw-class ETH-PW

!

interface Serial1/0

ip address 172.17.0.1 255.255.255.252

no ip directed-broadcast

mpls ip

!

router ospf 17

log-adjacency-changes

network 172.17.0.0 0.0.255.255 area 0

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end


CE1
CE2

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [ce1]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$o9N6$LSrxHufTn0vjCY0nW8hQX.

!

ip subnet-zero

ip cef

no ip domain-lookup

!

interface Ethernet0/0

ip address 10.0.0.1 255.255.255.252

no ip directed-broadcast

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end

version 12.0

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname [ce2]

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$YHo6$LQ4z5PdrF5B9dnL75Xvvm1

!

ip subnet-zero

ip cef

no ip domain-lookup

!

interface Ethernet0/0

ip address 10.0.0.2 255.255.255.252

no ip directed-broadcast

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

no cns aaa enable

end


Additional References

Related Documents

Related Topic
Document Title

Any Transport over MPLS

Any Transport over MPLS

Pseudowire redundancy

L2VPN Pseudowire Redundancy

High availability for AToM

AToM Graceful Restart

L2VPN interworking

L2VPN Interworking

Layer 2 local switching

Layer 2 Local Switching

PWE3 MIB

Pseudowire Emulation Edge-to-Edge MIBs for Ethernet and Frame Relay Services

Packet sequencing

Any Transport over MPLS (AToM) Sequencing Support


Standards

Standard
Title

draft-ietf-pwe3-control-protocol-14.txt

Pseudowire Setup and Maintenance using LDP

draft-martini-pwe3-pw-switching-01.txt

Pseudo Wire Switching


MIBs

MIB
MIBs Link

CISCO-IETF-PW-MIB

CISCO-IETF-PW-MPLS-MIB

CISCO-IETF-PW-ENET-MIB

CISCO-IETF-PW-FR-MIB

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFCs
Title

None


Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html


Feature Information for L2VPN Pseudowire Switching

Table 1 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Releases 12.2(28)SB or 12.2(33)SRB or a later release appear in the table

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for L2VPN Pseudowire Switching 

Feature Name
Releases
Feature Information

L2VPN Pseudowire Switching

12.0(31)S
12.2(28)SB
12.2(33)SRB
12.2(33)SRD2 12.2(33)SRE

This feature configures L2VPN Pseudowire Switching, which extends L2VPN pseudowires across an interautonomous system (inter-AS) boundary or across two separate MPLS networks.

In Cisco IOS Release 12.2(28)SB, support was added for the Cisco 7200 and 7301 series routers.

In 12.2(33)SRD2, support was added for ATM and TDM ACs.

The following commands were introduced or modified: l2 vfi point-to-point, neighbor (L2VPN Pseudowire Switching), show vfi.