Table Of Contents

L2VPN Interworking

Finding Feature Information

Contents

Prerequisites for L2VPN Interworking

Restrictions for L2VPN Interworking

General Restrictions for L2VPN Interworking

Ethernet/VLAN Interworking Restrictions

AToM Interworking Restrictions

Information About L2VPN Interworking

Overview of L2VPN Interworking

L2VPN Interworking Modes

Ethernet Interworking

IP Interworking

How to Configure L2VPN Interworking

Configuring L2VPN Interworking

Verifying the L2VPN Interworking Configuration

Configuration Examples for L2VPN Interworking

Ethernet to VLAN over AToM (Bridged): Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for L2VPN Interworking

L2VPN Interworking

---

First Published: August 26, 2003

Last Updated: May 4, 2009

Layer 2 Virtual Private Network (L2VPN) Interworking allows you to connect disparate attachment circuits. This feature module explains how to configure the following L2VPN Interworking features:

•Ethernet to VLAN Interworking

•Ethernet/VLAN to ATM virtual channel identifier (VPI) and virtual channel identifier (VCI) Interworking

Finding Feature Information

For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for L2VPN Interworking" section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS XE software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

•Prerequisites for L2VPN Interworking

•Restrictions for L2VPN Interworking

•Information About L2VPN Interworking

•How to Configure L2VPN Interworking

•Configuration Examples for L2VPN Interworking

•Additional References

•Feature Information for L2VPN Interworking

Prerequisites for L2VPN Interworking

Before you configure L2VPN Interworking on a router you must enable Cisco Express Forwarding.

Restrictions for L2VPN Interworking

The following sections list the L2VPN Interworking restrictions:

•General Restrictions for L2VPN Interworking

•Ethernet/VLAN Interworking Restrictions

•AToM Interworking Restrictions

General Restrictions for L2VPN Interworking

This section lists general restrictions that apply to L2VPN Interworking. Other restrictions that are platform-specific or device-specific are listed in the following sections.

•The interworking type on one provider edge (PE) router must match the interworking type on the peer PE router.

•Only the following QoS features are supported with L2VPN Interworking:

–Static IP type of service (ToS) or Multiprotocol Label Switching (MPLS) experimental bit (EXP) setting in tunnel header

–One-to-one mapping of VLAN priority bits to MPLS EXP bits

Ethernet/VLAN Interworking Restrictions

The following restrictions apply to Ethernet/VLAN interworking:

•Ethernet interworking for a raw Ethernet port or a VLAN trunk is not supported. Traffic streams are not kept separate when traffic is sent between transport types.

•In routed mode, only one CE router can be attached to an Ethernet PE router.

•There must be a one-to-one relationship between an attachment circuit and the pseudowire. Point-to-multipoint or multipoint-to-point configurations are not supported.

•Configure routing protocols for point-to-point operation on the CE routers when configuring an Ethernet to non-Ethernet setup.

•In the IP interworking mode, the IPv4 (0800) translation is supported. The PE router captures ARP (0806) packets and responds with its own MAC address (proxy ARP). Everything else is dropped.

•The Ethernet or VLAN must contain only two IP devices: PE router and CE router. The PE router performs proxy ARP and responds to all ARP requests it receives. Therefore, only one CE and one PE router should be on the Ethernet or VLAN segment.

•If the CE routers are doing static routing, you can perform the following tasks:

–The PE router needs to learn the MAC address of the CE router to correctly forward traffic to it. The Ethernet PE router sends an Internet Control Message Protocol (ICMP) Router discovery protocol (RDP) solicitation message with the source IP address as zero. The Ethernet CE router responds to this solicitation message. To configure the Cisco CE router's Ethernet or VLAN interface to respond to the ICMP RDP solicitation message, issue the ip irdp command in interface configuration mode. If you do not configure the CE router, traffic is dropped until the CE router sends traffic toward the PE router.

–To disable the CE routers from running the router discovery protocol, issue the ip irdp maxadvertinterval 0 command in interface mode.

•When the PE router on the Ethernet side receives a VLAN tagged packet from the CE router, the PE router removes the VLAN tag from the Ethernet frame from the CE router. In the reverse direction, the PE router adds the VLAN tag to the frames before sending the frame to the CE router. The VLAN tag needs to be inserted or removed in this way when you configure VLAN to Ethernet interworking, VLAN to Frame Relay, or ATM using Ethernet (bridged) interworking.

This restriction applies if you configure interworking between Ethernet and VLAN with Catalyst switches as the CE routers. The spanning tree protocol is supported for Ethernet interworking. Ethernet interworking between an Ethernet port and a VLAN supports spanning tree protocol only on VLAN 1. Configure VLAN 1 as a nonnative VLAN.

•In bridged interworking from VLAN to Frame Relay, the Frame Relay PE router does not strip off VLAN tags from the Ethernet traffic it receives.

•When you change the interworking configuration on an Ethernet PE router, clear the ARP entry on the adjacent CE router so that it can learn the new MAC address. Otherwise, you might experience traffic drops.

AToM Interworking Restrictions

PFC-based EoMPLS is not supported on ES40 line cards. SVI and EVC/scalable EoMPLS are the alternative options.

Information About L2VPN Interworking

The following sections provide an introduction to L2VPN interworking.

•Overview of L2VPN Interworking

•L2VPN Interworking Modes

Overview of L2VPN Interworking

Layer 2 transport over MPLS and IP already exists for like-to-like attachment circuits, such as Ethernet-to-Ethernet or PPP-to-PPP. L2VPN Interworking builds on this functionality by allowing disparate attachment circuits to be connected. An interworking function facilitates the translation between the different Layer 2 encapsulations.

The L2VPN Interworking feature supports Ethernet to VLAN ( 802.1Q) over AToM. The features and restrictions for like-to-like functionality also apply to L2VPN Interworking.

L2VPN Interworking Modes

L2VPN Interworking works in either Ethernet ("bridged") mode or IP ("routed") mode. You specify the mode by issuing the interworking {ethernet | ip} command in pseudowire-class configuration mode.

The interworking command causes the attachment circuits to be terminated locally. The two keywords perform the following functions:

•The ethernet keyword causes Ethernet frames to be extracted from the attachment circuit and sent over the pseudowire. Ethernet end-to-end transmission is assumed. Attachment circuit frames that are not Ethernet are dropped. In the case of VLAN, the VLAN tag is removed, leaving an untagged Ethernet frame.

•The ip keyword causes IP packets to be extracted from the attachment circuit and sent over the pseudowire. Attachment circuit frames that do not contain IPv4 packets are dropped.

The following sections explain more about Ethernet and IP interworking modes.

Ethernet Interworking

Ethernet Interworking is also called bridged interworking. Ethernet frames are bridged across the pseudowire. The CE routers could be natively bridging Ethernet or could be routing using a bridged encapsulation model, such as Bridge Virtual Interface (BVI) or RBE. The PE routers operate in Ethernet like-to-like mode.

This mode is used to offer the following services:

•LAN services—An example is an enterprise that has several sites, where some sites have Ethernet connectivity to the service provider (SP) network and others have ATM connectivity. The enterprise wants LAN connectivity to all its sites. In this case, traffic from the Ethernet or VLAN of one site can be sent through the IP/MPLS network and encapsulated as bridged traffic over an ATM VC of another site.

•Connectivity services—An example is an enterprise that has different sites that are running an Internal Gateway Protocol (IGP) routing protocol, which has incompatible procedures on broadcast and nonbroadcast links. The enterprise has several sites that are running an IGP, such as Open Shortest Path First (OSPF) or Intermediate System to Intermediate System (IS-IS), between the sites. In this scenario, some of the procedures (such as route advertisement or designated router) depend on the underlying Layer 2 protocol and are different for a point-to-point ATM connection versus a broadcast Ethernet connection. Therefore, the bridged encapsulation over ATM can be used to achieve homogenous Ethernet connectivity between the CE routers running the IGP.

IP Interworking

IP Interworking is also called routed interworking. The CE routers encapsulate IP on the link between the CE and PE routers. A new VC type is used to signal the IP pseudowire in MPLS. Translation between the Layer 2 and IP encapsulations across the pseudowire is required. Special consideration needs to be given to address resolution and routing protocol operation, because these are handled differently on different Layer 2 encapsulations.

This mode is used to provide IP connectivity between sites, regardless of the Layer 2 connectivity to these sites. It is different from a Layer 3 VPN because it is point-to-point in nature and the service provider does not maintain any customer routing information.

Address resolution is encapsulation dependent:

•Ethernet uses ARP

•Frame Relay and ATM use Inverse ARP

•PPP uses IPCP

Therefore, address resolution must be terminated on the PE router. End-to-end address resolution is not supported. Routing protocols operate differently over broadcast and point-to-point media. For Ethernet, the CE routers must either use static routing or configure the routing protocols to treat the Ethernet side as a point-to-point network.

How to Configure L2VPN Interworking

The following sections explain the tasks you can perform to configure L2VPN Interworking:

•Configuring L2VPN Interworking (required)

•Verifying the L2VPN Interworking Configuration (optional)

Configuring L2VPN Interworking

L2VPN Interworking allows you to connect disparate attachment circuits. Configuring the L2VPN Interworking feature requires that you add the interworking command to the list of commands that make up the pseudowire. The steps for configuring the pseudowire for L2VPN Interworking are included in this section. You use the interworking command as part of the overall AToM configuration. For specific instructions on configuring AToM, see the Any Transport over MPLS document.

SUMMARY STEPS

1. enable

2. configure terminal

3. pseudowire-class name

4. encapsulation {mpls | l2tpv3}

5. interworking {ethernet | ip}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	pseudowire-class name Example: Router(config)# pseudowire-class class1	Establishes a pseudowire class with a name that you specify and enters pseudowire class configuration mode.
Step 4	encapsulation {mpls | l2tpv3} Example: Router(config-pw)# encapsulation mpls	Specifies the tunneling encapsulation, which is either mpls or l2tpv3.
Step 5	interworking {ethernet | ip} Example: Router(config-pw)# interworking ip	Specifies the type of pseudowire and the type of traffic that can flow across it.

Verifying the L2VPN Interworking Configuration

To verify the L2VPN Interworking configuration, you can use the following commands.

SUMMARY STEPS

1. show arp

2. ping

3. show mpls l2transport vc detail

DETAILED STEPS

---

Step 1 show arp

You can issue the show arp command between the CE routers to ensure that data is being sent:

Router# show arp

Protocol   Address       Age (min)   Hardware Addr    Type    Interface

Internet   10.1.1.5           134    0005.0032.0854   ARPA    FastEthernet0/0/0

Internet   10.1.1.7             -    0005.0032.0000   ARPA    FastEthernet0/0/0

Step 2 ping

You can issue the ping command between the CE routers to ensure that data is being sent:

Router# ping 10.1.1.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Step 3 show mpls l2transport vc detail (AToM only)

You can verify the AToM configuration by using the show mpls l2transport vc detail command. In the following example, the interworking type is shown in bold.

PE1

PE2

Router# show mpls l2transport vc detail Local interface: Fa1/1/0 up, line protocol up, FastEthernet up Destination address: 10.9.9.9, VC ID: 123, VC status: up Preferred path: not configured Default path: active Tunnel label: 17, next hop 10.1.1.3 Output interface: Fa4/0/0, imposed label stack {17 20} Create time: 01:43:50, last status change time: 01:43:33 Signaling protocol: LDP, peer 10.9.9.9:0 up MPLS VC labels: local 16, remote 20 Group ID: local 0, remote 0 MTU: local 1500, remote 1500 Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 15, send 4184 byte totals: receive 1830, send 309248 packet drops: receive 0, send 0

Router# show mpls l2transport vc detail Local interface: Fa2/0/0.3 up, line protocol up, Eth VLAN 10 up MPLS VC type is FastEthernet, interworking type is FastEthernet Destination address: 10.8.8.8, VC ID: 123, VC status: up Preferred path: not configured Default path: active Tunnel label: 16, next hop 10.1.1.3 Output interface: Fa6/0/0, imposed label stack {16 16} Create time: 00:00:26, last status change time: 00:00:06 Signaling protocol: LDP, peer 10.8.8.8:0 up MPLS VC labels: local 20, remote 16 Group ID: local 0, remote 0 MTU: local 1500, remote 1500 Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 5, send 0 byte totals: receive 340, send 0 packet drops: receive 0, send 0

---

Configuration Examples for L2VPN Interworking

The following section shows an example of L2VPN Interworking:

•Ethernet to VLAN over AToM (Bridged): Example

Ethernet to VLAN over AToM (Bridged): Example

The following example shows the configuration of Ethernet to VLAN over AToM:

PE1	PE2
ip cef ! mpls label protocol ldp mpls ldp router-id Loopback0 force ! pseudowire-class atom-eth-iw encapsulation mpls interworking ethernet ! interface Loopback0 ip address 10.8.8.8 255.255.255.255 ! interface FastEthernet1/0/0.1 encapsulation dot1q 100 xconnect 10.9.9.9 123 pw-class atom-eth-iw	ip cef ! mpls label protocol ldp mpls ldp router-id Loopback0 force ! pseudowire-class atom  encapsulation mpls ! interface Loopback0  ip address 10.9.9.9 255.255.255.255 ! interface FastEthernet0/0/0  no ip address ! interface FastEthernet1/0 xconnect 10.9.9.9 123 pw-class atom

Additional References

The following sections provide references related to the L2VPN Interworking feature.

Related Documents

Related Topic	Document Title
MPLS commands	Multiprotocol Label Switching Command Reference
Any Transport over MPLS	Any Transport over MPLS

Standards

Standards	Title
draft-ietf-l2tpext-l2tp-base-03.txt	Layer Two Tunneling Protocol (Version 3) 'L2TPv3'
draft-martini-l2circuit-trans-mpls-09.txt	Transport of Layer 2 Frames Over MPLS
draft-ietf-pwe3-frame-relay-03.txt.	Encapsulation Methods for Transport of Frame Relay over MPLS Networks
draft-martini-l2circuit-encap-mpls-04.txt.	Encapsulation Methods for Transport of Layer 2 Frames Over IP and MPLS Networks
draft-ietf-pwe3-ethernet-encap-08.txt.	Encapsulation Methods for Transport of Ethernet over MPLS Networks
draft-ietf-pwe3-hdlc-ppp-encap-mpls-03.txt.	Encapsulation Methods for Transport of PPP/HDLC over MPLS Networks
draft-ietf-ppvpn-l2vpn-00.txt.	An Architecture for L2VPNs

MIBs

MIBs	MIBs Link
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.	To locate and download MIBs for selected platforms, Cisco IOS XE software releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs

RFCs

RFCs	Title
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.	—

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport

Feature Information for L2VPN Interworking

Table 1 lists the features in this module and provides links to specific configuration information.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS XE software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

---

Note Table 1 lists only the Cisco IOS XE software release that introduced support for a given feature in a given Cisco IOS XE software release train. Unless noted otherwise, subsequent releases of that Cisco IOS XE software release train also support that feature.

---

Table 1 Feature Information for L2VPN Interworking 

Feature Name	Releases	Feature Information
L2VPN Interworking-Ethernet-to-VLAN Interworking	Cisco IOS XE Release 2.4	This feature allows disparate attachment circuits to be connected. An interworking function facilitates the translation between the different Layer 2 encapsulations. The following section provides information about this feature: •Restrictions for L2VPN Interworking •Information About L2VPN Interworking •How to Configure L2VPN Interworking The following commands were introduced or modified: debug frame-relay pseudowire, debug ssm, interworking, mtu, pseudowire-class, show l2tun session, show l2tun tunnel, show mpls l2transport vc, show platform.

CCDE, CCSI, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0903R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2003-2009 Cisco Systems, Inc. All rights reserved.