Table Of Contents
Implementing Virtual Private LAN Services
Contents
Prerequisites for Implementing Virtual Private LAN Services
Restrictions for Implementing Virtual Private LAN Services
Information About Implementing Virtual Private LAN Services
Virtual Private LAN Services Overview
VPLS for an MPLS-based Provider Core
Hierarchical VPLS
H-VPLS with Ethernet Access QinQ or QinAny
H-VPLS with PW-access
VPLS Discovery and Signaling
BGP-based VPLS Autodiscovery
BGP Auto Discovery With BGP Signaling
BGP Auto Discovery With LDP Signaling
Bridge Domain
MAC Address-related Parameters
MAC Address Flooding
MAC Address-based Forwarding
MAC Address Source-based Learning
MAC Address Aging
MAC Address Limit
MAC Address Withdrawal
LSP Ping over VPWS and VPLS
VPLS Scalability and Performance Targets
Pseudowire Redundancy for P2P AToM Cross-Connects
How to Implement Virtual Private LAN Services
Configuring a Bridge Domain
Creating a Bridge Domain
Configuring a Pseudowire
Configuring an Access Pseudowire
Enabling Pseudowire Status TLV
Configuring a Backup Pseudowire
Configuring Backup Disable Delay
Associating Members with a Bridge Domain
Configuring Bridge Domain Parameters
Disabling a Bridge Domain
Configuring a Layer 2 Virtual Forwarding Instance
Adding the Virtual Forwarding Instance Under the Bridge Domain
Associating Pseudowires with the Virtual Forwarding Instance
Associating a Virtual Forwarding Instance to a Bridge Domain
Attaching Pseudowire Classes to Pseudowires
Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
Disabling a Virtual Forwarding Instance
Configuring the MAC Address-related Parameters
Configuring the MAC Address Source-based Learning
Disabling the MAC Address Withdrawal
Configuring the MAC Address Limit
Configuring the MAC Address Aging
Disabling MAC Flush at the Bridge Port Level
Configuring VPLS with BGP Autodiscovery and Signaling
Configuring VPLS with BGP Autodiscovery and LDP Signaling
Configuration Examples for Virtual Private LAN Services
Configuing a Pseudowire: Example
Configuring an Access Pseudowire: Example
Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
Configuring Backup Disable Delay: Example
Disabling MAC Flush: Examples
H-VPLS Configuration: Examples
VPLS with QinQ or QinAny: Example
H-VPLS with Access-PWs: Example
Configuring VPLS with BGP Autodiscovery and Signaling: Example
LDP and BGP Configuration
Minimum L2VPN Configuration for BGP Autodiscovery with BGP Signaling
VPLS with BGP Autodiscovery and BGP Signaling
Minimum Configuration for BGP Autodiscovery with LDP Signaling
VPLS with BGP Autodiscovery and LDP Signaling
Additional References
Related Documents
Standards
MIBs
RFCs
Technical Assistance
Implementing Virtual Private LAN Services
This module provides the conceptual and configuration information for Virtual Private LAN Services (VPLS) on Cisco IOS XR software. VPLS supports Layer 2 VPN technology and provides transparent multipoint Layer 2 connectivity for customers.
This approach enables service providers to host a multitude of new services such as broadcast TV, Layer 2 VPNs.
For MPLS Layer 2 virtual private networks (VPNs), see Implementing MPLS Layer 2 VPNs module.
Note 
For more information about MPLS Layer 2 VPN on Cisco IOS XR software and for descriptions of the commands listed in this module, see the "Related Documents" section. To locate documentation for other commands that might appear while executing a configuration task, search online in the Cisco IOS XR software master command index.
Feature History for Implementing Virtual Private LAN Services on Cisco IOS XR Configuration Module
Release
|
Modification
|
Release 3.8.0
|
This feature was introduced.
Support for the bridging funtionality feature (VPLS based) and pseudowire redundancy was added.
|
Release 3.9.0
|
The following features were added:
•Blocking unknown unicast flooding.
•Disabling MAC flush.
|
Release 4.0
|
The following features were added:
•H-VPLS with MPLS Access pseudowire
•H-VPLS with Ethernet Access
•MAC Address withdrawal
|
Release 4.0.1
|
Support for the BGP Autodiscovery with LDP Signaling feature was added.
|
Contents
•Before you configure VPLS, ensure that the network is configured as follows:
•Restrictions for Implementing Virtual Private LAN Services
•Information About Implementing Virtual Private LAN Services
•How to Implement Virtual Private LAN Services
•Configuration Examples for Virtual Private LAN Services
•Additional References
Prerequisites for Implementing Virtual Private LAN Services
Before you configure VPLS, ensure that the network is configured as follows:
•To perform these configuration tasks, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. All command task IDs are listed in individual command references and in the Cisco IOS XR Task ID Reference Guide.
If you need assistance with your task group assignment, contact your system administrator.
•Configure IP routing in the core so that the provider edge (PE) routers can reach each other through IP.
•Configure MPLS and Label Distribution Protocol (LDP) in the core so that a label switched path (LSP) exists between the PE routers.
•Configure a loopback interface to originate and terminate Layer 2 traffic. Make sure that the PE routers can access the other router's loopback interface.
Note The loopback interface is not needed in all cases. For example, tunnel selection does not need a loopback interface when VPLS is directly mapped to a TE tunnel.
Restrictions for Implementing Virtual Private LAN Services
The following restrictions are listed for implementing VPLS:
•All attachment circuits in a bridge domain on an Engine 3 line card must be the same type (for example, port, dot1q, qinq, or qinany), value (VLAN ID), and EtherType (for example, 0x8100, 0x9100, or 0x9200). The Cisco CRS-1 router supports multiple types of attachment circuits in a bridge domain.
•The line card requires ternary content addressable memory (TCAM) Carving configuration. The Cisco CRS-1 router however, does not require the TCAM Carving configuration.
•Virtual Forwarding Instance (VFI) names have to be unique, because a bridge domain can have only one VFI.
•A PW cannot belong to both a peer-to-peer (P2P) cross-connect group and a VPLS bridge-domain. This means that the neighboring IP address and the pseudowire ID have to be unique on the router, because the pseudowire ID is signaled to the remote provider edge.
For the Engine 5 line card, version 1 of the Ethernet SPA does not support QinQ mode and QinAny mode.
Note For the Engine 5 line card, version 2 of the Ethernet SPA supports all VLAN modes, such as VLAN mode, QinQ mode, or QinAny mode. The Cisco CRS-1 router supports only the Ethernet port mode and the 802.1q VLAN mode.
Information About Implementing Virtual Private LAN Services
To implement Virtual Private LAN Services (VPLS), you should understand the following concepts:
•Virtual Private LAN Services Overview
•VPLS for an MPLS-based Provider Core
•Hierarchical VPLS
•VPLS Discovery and Signaling
•Bridge Domain
•MAC Address-related Parameters
•LSP Ping over VPWS and VPLS
•Pseudowire Redundancy for P2P AToM Cross-Connects
Virtual Private LAN Services Overview
Virtual Private LAN Service (VPLS) enables geographically separated local-area network (LAN) segments to be interconnected as a single bridged domain over an MPLS network. The full functions of the traditional LAN such as MAC address learning, aging, and switching are emulated across all the remotely connected LAN segments that are part of a single bridged domain. A service provider can offer VPLS service to multiple customers over the MPLS network by defining different bridged domains for different customers. Packets from one bridged domain are never carried over or delivered to another bridged domain, thus ensuring the privacy of the LAN service.
VPLS transports Ethernet 802.3, VLAN 802.1q, and VLAN-in-VLAN (Q-in-Q) traffic across multiple sites that belong to the same Layer 2 broadcast domain. VPLS offers simple Virtual LAN services that include flooding broadcast, multicast, and unknown unicast frames that are received on a bridge. The VPLS solution requires a full mesh of pseudowires that are established among provider edge (PE) routers. The VPLS implementation is based on Label Distribution Protocol (LDP)-based pseudowire signaling.
A VFI is a virtual bridge port that is capable of performing native bridging functions, such as forwarding, based on the destination MAC address, source MAC address learning and aging.
After provisioning attachment circuits, neighbor relationships across the MPLS network for this specific instance are established through a set of manual commands identifying the end PEs. When the neighbor association is complete, a full mesh of pseudowires is established among the network-facing provider edge devices, which is a gateway between the MPLS core and the customer domain.
The service provider network starts switching the packets within the bridged domain specific to the customer by looking at destination MAC addresses. All traffic with unknown, broadcast, and multicast destination MAC addresses is flooded to all the connected customer edge devices, which connect to the service provider network. The network-facing provider edge devices learn the source MAC addresses as the packets are flooded. The traffic is unicasted to the customer edge device for all the learned MAC addresses.
VPLS requires the provider edge device to be MPLS-capable. The VPLS provider edge device holds all the VPLS forwarding MAC tables and Bridge Domain information. In addition, it is responsible for all flooding broadcast frames and multicast replications.
Note VPLS with Traffic Engineering Fast Reroute (TE FRR) is not supported.
VPLS for an MPLS-based Provider Core
VPLS is a multipoint Layer 2 VPN technology that connects two or more customer devices using bridging techniques. The VPLS architecture allows for the end-to-end connection between the Provider Edge (PE) routers to provide Multipoint Ethernet Services.
VPLS requires the creation of a bridge domain (Layer 2 broadcast domain) on each of the PE routers. The access connections to the bridge domain on a PE router are called attachment circuits (AC).
The attachment circuits can be a set of physical ports, virtual ports, or both that are connected to the bridge at each PE device in the network.
The MPLS/IP provider core simulates a virtual bridge that connects the multiple attachment circuits on each of the PE devices together to form a single broadcast domain. A VFI is created on the PE router for each VPLS instance. The PE routers make packet-forwarding decisions by looking up the VFI of a particular VPLS instance. The VFI acts like a virtual bridge for a given VPLS instance. More than one attachment circuit belonging to a given VPLS are connected to the VFI. The PE router establishes emulated VCs to all the other PE routers in that VPLS instance and attaches these emulated VCs to the VFI. Packet forwarding decisions are based on the data structures maintained in the VFI.
Hierarchical VPLS
Hierarchical VPLS (H-VPLS) is an extension of basic VPLS that provides scaling and operational benefits. H-VPLS provides a solution to deliver Ethernet multipoint services over MPLS. H-VPLS partitions a network into several edge domains that are interconnected using an MPLS core. The use of Ethernet switches at the edge offers significant technical and economic advantages. H-VPLS also allows Ethernet point-to-point and multipoint Layer 2 VPN services, as well as Ethernet access to high-speed Internet and IP VPN services.
Two flavors of H-VPLS are:
•Ethernet access in the edge domain
•MPLS access in the edge domain
H-VPLS with Ethernet Access QinQ or QinAny
Figure 8 shows Ethernet access for H-VPLS. The edge domain can be built using Ethernet switches and techniques such as QinQ. Using Ethernet as the edge technology simplifies the operation of the edge domain and reduces the cost of the edge devices.
Figure 8 Ethernet Access for H-VPLS
H-VPLS with PW-access
Figure 9 shows pseudowire (PW) access for H-VPLS. The edge domain can be an MPLS access network. In this scenario, the U-PE device carries the customer traffic from attachment circuits (AC) over the point to point (p2p) pseudowires. The p2p pseudowires terminate in a bridge domain configured on the N-PE device.
Access PW is configured as a member directly under a bridge domain. A bridge-domain in N-PE1 can have multiple ACs (physical/VLAN Ethernet ports), multiple access PWs and one VFI (consisting of core PWs) as members, is depicted in Figure 9.
Figure 9 PW access for H-VPLS
VPLS Discovery and Signaling
VPLS is a Layer 2 multipoint service and it emulates a LAN service across a WAN. VPLS enables service providers to interconnect several LAN segments over a packet-switched network and make them behave as a single LAN. Service providers can provide a native Ethernet access connection to customers using VPLS.
The VPLS control plane consists of two important components, autodiscovery and signaling:
• VPLS Autodiscovery eliminates the need to manually provision VPLS neighbors. VPLS Autodiscovery enables each VPLS PE router to discover other provider edge (PE) routers that are part of the same VPLS domain.
•Once the PEs are discovered, pseudowires (PWs) are signaled and established across pairs of PE routers, forming a full mesh of PWs across PE routers in a VPLS domain.
Figure 10 VPLS Autodiscovery and Signaling
BGP-based VPLS Autodiscovery
An important aspect of VPN technologies, including VPLS, is the ability of network devices to automatically signal information to other devices, about any association with a particular VPN. Autodiscovery requires this information to be distributed to all members of a VPN. VPLS is a multipoint mechanism for which BGP is well-suited.
BGP-based VPLS autodiscovery eliminates the need to manually provision VPLS neighbors. VPLS autodiscovery enables each VPLS PE router to discover other provider edge (PE) routers that are part of the same VPLS domain. VPLS Autodiscovery also tracks occurrences when PE routers are added to, or removed from, the VPLS domain. When the discovery process is complete, each PE router has the information required to setup VPLS pseudowires (PWs).
BGP Auto Discovery With BGP Signaling
The implementation of VPLS in a network requires the establishment of a full mesh of PWs between the provider edge (PE) routers. The PWs can be signaled using BGP signaling.
Figure 11 Discovery and Signaling Attributes
The BGP signaling and autodiscovery scheme has these components:
•A means by which a PE can learn which remote PEs are members of a given VPLS. This process is known as autodiscovery.
•A means by which a PE can learn about the pseudowire label that is expected by a given remote PE for a given VPLS. This process is known as signaling.
The BGP Network Layer Reachability Information (NLRI) takes care of both these components simultaneously. The NLRI generated by a given PE contains necessary information required by other PEs. These components enable the automatic setup of a full mesh of pseudowires for each VPLS, without having to manually configure those pseudowires on each PE.
NLRI Format for VPLS with BGP AD and Signaling
Figure 12 shows the NLRI format for VPLS with BGP AD and Signaling.
Figure 12 NLRI Format
BGP Auto Discovery With LDP Signaling
Signaling of pseudowires requires exchange of information between two endpoints. Label Distribution Protocol (LDP) is better suited for point-to-point signaling. The signaling of pseudowires, between provider edge devices, uses targeted LDP sessions to exchange label values and attributes, and configure the pseudowires.
Figure 13 Discovery and Signaling Attributes
A PE router advertises an identifier through BGP for each VPLS instance. This identifier is unique within the VPLS instance and acts like a VPLS ID. The identifier enables the PE router, receiving the BGP advertisement, to identify the VPLS associated with the advertisement, and import it to the correct VPLS instance. In this manner, for each VPLS, a PE router learns which other PE routers are members of the VPLS.
The LDP protocol is used to configure a pseudowire to all other PE routers. The FEC 129 standard is used for signaling. The information carried by FEC 129 includes the VPLS ID, the Target Attachment Individual Identifier (TAII) and the Source Attachment Individual Identifier (SAII).
The LDP advertisement also contains the inner label or VPLS label that is expected for incoming traffic over the pseudowire. This enables the LDP peer to identify the VPLS instance with which the pseudowire is to be associated, and the label value that it is expected to use when sending traffic on that pseudowire.
NLRI and Extended Communities
Figure 12 depicts NLRI and extended communities.
Figure 14 NLRI and Extended Communities
Bridge Domain
The native bridge domain refers to a Layer 2 broadcast domain consisting of a set of physical or virtual ports (including VFI). Data frames are switched within a bridge domain based on the destination MAC address. Multicast, broadcast, and unknown destination unicast frames are flooded within the bridge domain. In addition, the source MAC address learning is performed on all incoming frames on a bridge domain. A learned address is aged out. Incoming frames are mapped to a bridge domain, based on either the ingress port or a combination of both an ingress port and a MAC header field.
By default, split horizon is enabled on a bridge domain. In other words, any packets that are coming on either the attachment circuits or pseudowires are not returned on the same attachment circuits or pseudowires. In addition, the packets that are received on one pseudowire are not replicated on other pseudowires in the same VFI.
MAC Address-related Parameters
The MAC address table contains a list of the known MAC addresses and their forwarding information. In the current VPLS design, the MAC address table and its management are distributed. In other words, a copy of the MAC address table is maintained on the route processor (RP) card and the line cards.
These topics provide information about the MAC address-related parameters:
•MAC Address Flooding
•MAC Address-based Forwarding
•MAC Address Source-based Learning
•MAC Address Aging
•MAC Address Limit
•MAC Address Withdrawal
MAC Address Flooding
Ethernet services require that frames that are sent to broadcast addresses and to unknown destination addresses be flooded to all ports. To obtain flooding within VPLS broadcast models, all unknown unicast, broadcast, and multicast frames are flooded over the corresponding pseudowires and to all attachment circuits. Therefore, a PE must replicate packets across both attachment circuits and pseudowires.
MAC Address-based Forwarding
To forward a frame, a PE must associate a destination MAC address with a pseudowire or attachment circuit. This type of association is provided through a static configuration on each PE or through dynamic learning, which is flooded to all bridge ports.
Note In this case, split horizon forwarding applies; for example, frames that are coming in on an attachment circuit or pseudowire are not sent out of the same attachment circuit or pseudowire. The pseudowire frames, which are received on one pseudowire, are replicated on to other attachment circuits, VFI pseudowires and access pseudowires.
MAC Address Source-based Learning
When a frame arrives on a bridge port (for example, pseudowire or attachment circuit) and the source MAC address is unknown to the receiving PE router, the source MAC address is associated with the pseudowire or attachment circuit. Outbound frames to the MAC address are forwarded to the appropriate pseudowire or attachment circuit.
MAC address source-based learning uses the MAC address information that is learned in the hardware forwarding path. The updated MAC tables are sent to all line cards (LCs) and program the hardware for the router.
The number of learned MAC addresses is limited through configurable per-port and per-bridge domain MAC address limits.
MAC Address Aging
A MAC address in the MAC table is considered valid only for the duration of the MAC address aging time. When the time expires, the relevant MAC entries are repopulated. When the MAC aging time is configured only under a bridge domain, all the pseudowires and attachment circuits in the bridge domain use that configured MAC aging time.
A bridge forwards, floods, or drops packets based on the bridge table. The bridge table maintains both static entries and dynamic entries. Static entries are entered by the network manager or by the bridge itself. Dynamic entries are entered by the bridge learning process. A dynamic entry is automatically removed after a specified length of time, known as aging time, from the time the entry was created or last updated.
If hosts on a bridged network are likely to move, decrease the aging-time to enable the bridge to adapt to the change quickly. If hosts do not transmit continuously, increase the aging time to record the dynamic entries for a longer time, thus reducing the possibility of flooding when the hosts transmit again.
MAC Address Limit
The MAC address limit is used to limit the number of learned MAC addresses. The limit is set at the bridge domain level and the port level. When the MAC address limit is violated, the system is configured to take one of the actions that are listed in Table 2.
Table 2 MAC Address Limit Actions
Action
|
Description
|
Limit flood
|
Discards the new MAC addresses.
|
Limit no-flood
|
Discards the new MAC addresses. Flooding of unknown unicast packets is disabled.
|
Shutdown
|
Disables the bridge domain or bridge port. When the bridge domain is down, none of the bridging functions, such as learning, flooding, forwarding, and so forth take place for the bridge domain. If a bridge port is down as a result of the action, the interface or pseudowire representing the bridge port remains up but the bridge port is not participating in the bridge. When disabled, the port or bridge domain is manually brought up by using an EXEC CLI.
|
When a limit is exceeded, the system is configured to perform the following notifications:
•Syslog (default)
•Simple Network Management Protocol (SNMP) trap
•Syslog and SNMP trap
•None (no notification)
To clear the MAC limit condition, the number of MACs must go below 75 percent of the configured limit.
Note On the Cisco CRS-1 router, MAC address limit action is supported only on the ACs and not on core pseudowires.
MAC Address Withdrawal
For faster VPLS convergence, you can remove or unlearn the MAC addresses that are learned dynamically. The Label Distribution Protocol (LDP) Address Withdrawal message is sent with the list of MAC addresses, which need to be withdrawn to all other PEs that are participating in the corresponding VPLS service.
For the Cisco IOS XR VPLS implementation, a portion of the dynamically learned MAC addresses are cleared by using the MAC addresses aging mechanism by default. The MAC address withdrawal feature is added through the LDP Address Withdrawal message. To enable the MAC address withdrawal feature, use the withdrawal command in l2vpn bridge group bridge domain MAC configuration mode. To verify that the MAC address withdrawal is enabled, use the show l2vpn bridge-domain command with the detail keyword.
Note By default, the LDP MAC Withdrawal feature is enabled on Cisco IOS XR.
The LDP MAC Withdrawal feature is generated due to the following events:
•Attachment circuit goes down. You can remove or add the attachment circuit through the CLI.
•MAC withdrawal messages are received over a VFI pseudowire and are not propagated over access pseudowires. RFC 4762 specifies that both wildcards (by means of an empty Type, Length and Value [TLV]) and a specific MAC address withdrawal. Cisco IOS XR software supports only a wildcard MAC address withdrawal.
LSP Ping over VPWS and VPLS
For Cisco IOS XR software, the existing support for the Label Switched Path (LSP) ping and traceroute verification mechanisms for point-to-point pseudowires (signaled using LDP FEC128) is extended to cover the pseudowires that are associated with the VFI (VPLS). Currently, the support for the LSP ping and traceroute is limited to manually configured VPLS and access pseudowires (signaled using LDP FEC128). Virtual Circuit Connection Verification (VCCV) is also supported on access pseudowires. For information about VCCV support and the ping mpls pseudowire command, see Cisco IOS XR MPLS Command Reference for the Cisco CRS Router.
VPLS Scalability and Performance Targets
The Cisco CRS-1router employs the ternary content addressable memory (TCAM) to meet the performance and scalable targets over VPLS.
Table 3 describes the scalability and performance targets for the Cisco CRS-1 router.
Table 3 VPLS Scalability and Performance Targets
Performance
|
Scalability Target
|
Maximum bridge domains per Line Card
|
1024
|
Maximum bridge domains per system
|
1024
|
Maximum MACs per bridge domain
|
15999
|
Maximum MACs per Line Card
|
65536
|
Maximum MACs per system
|
65536
|
Maximum attachment circuits per bridge domain
|
4085
|
Maximum pseudowires per bridge domain
|
256
|
Maximum pseudowires per system
|
16340
|
Pseudowire Redundancy for P2P AToM Cross-Connects
Backup pseudowires (PW) are associated with the corresponding primary pseudowires. A backup PW is not programmed to forward data when inactive. It is activated only if a primary PW fails. This is known as pseudowire redundancy. The primary reason for backing up a PW is to reduce traffic loss when a primary PW fails. When the primary PW is active again, it resumes its activity.
A primary PW can be associated with only one backup PW. Similarly, a backup PW can be associated with only one primary PW.
It is recommended to enable pseudowire status time length value (TLV) for optimal switchover performance.
Note This feature is supported only for an AToM instance on the Cisco XR 12000 Series Router, and for an EoMPLS instance on the Cisco CRS-1 router.
How to Implement Virtual Private LAN Services
This section describes the tasks that are required to implement VPLS:
•Configuring a Bridge Domain
•Configuring a Layer 2 Virtual Forwarding Instance
•Configuring the MAC Address-related Parameters
•Configuring VPLS with BGP Autodiscovery and Signaling
•Configuring VPLS with BGP Autodiscovery and LDP Signaling
Configuring a Bridge Domain
These topics describe how to configure a bridge domain:
•Creating a Bridge Domain
•Configuring a Pseudowire
•Configuring an Access Pseudowire
•Associating Members with a Bridge Domain
•Configuring Bridge Domain Parameters
•Disabling a Bridge Domain
•Configuring a Layer 2 Virtual Forwarding Instance
Creating a Bridge Domain
Perform this task to create a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group-name
4. bridge-domain bridge-domain-name
5. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Pseudowire
Perform this task to configure a pseudowire under a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. exit
7. neighbor {A.B.C.D} {pw-id value}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi-name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures the virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
•Use the vfi-name argument to configure the name of the specified virtual forwarding interface.
|
Step 6
|
exit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)# exit
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Exits the current configuration mode.
|
Step 7
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# neighbor
10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID. The range is 1 to 4294967295.
|
Step 8
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring an Access Pseudowire
Perform this task to configure an access pseudowire under a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. interface type interface-path-id
6. neighbor {A.B.C.D} {pw-id value}
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
interface type interface-path-id
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface
GigabitEthernet 0/4/0/0
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)#
|
Enters interface configuration mode and adds an interface to a bridge domain that allows packets to be forwarded and received from other interfaces that are part of the same bridge domain.
|
Step 6
|
exit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)# exit
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Exits the current configuration mode.
|
Step 7
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# neighbor
10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID. The range is 1 to 4294967295.
|
Step 8
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-pw)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Enabling Pseudowire Status TLV
When a pseudowire is setup, label distribution protocol (LDP) determines the method for signaling pseudowire status. Cisco IOS-XR provides a configuration option that allows you to enable pseudowire status type length value (TLV).
Note Unless pseudowire status TLV is explicitly enabled under L2VPN configuration, the default signaling method is Label Withdrawal. Pseudowire status TLV must be enabled on both local and remote PEs. If only one provider edge router is configured with the pw-status tlv command, then label withdrawal method is used.
Perform this task to enable pseudowire status TLV.
SUMMARY STEPS
1. configure
2. l2vpn
3. pw-status tlv
4. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
pw-status tlv
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# pw-status tlv
|
Enables pseudowire status TLV.
|
Step 4
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn)#end
or
RP/0/RP0/CPU0:router(config-l2vpn)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Backup Pseudowire
Perform this task to configure a backup pseudowire for a point-to-point neighbor.
SUMMARY STEPS
1. configure
2. l2vpn
3. xconnect group group name
4. p2p xconnect name
5. neighbor ip-address pw-id number
6. backup neighbor ip-address pw-id number
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
xconnect group group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# xconnect group A
RP/0/RP0/CPU0:router(config-l2vpn-xc)#
|
Enters the name of the cross-connect group.
|
Step 4
|
p2p xconnect name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc)# p2p
rtrX_to_rtrY
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)#
|
Enters a name for the point-to-point cross-connect.
|
Step 5
|
neighbor ip-address pw-id number
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)# neighbor
1.1.1.1 pw-id 2
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire segment for the cross-connect.
|
Step 6
|
backup neighbor ip-address pw-id number
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)# backup
neighbor 1.1.1.1 pw-id 2
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
|
Configures the backup pseudowire for the point-to-point neighbor.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
end
or
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Backup Disable Delay
The Backup Disable Delay function specifies the time for which the primary pseudowire in active state waits before it takes over for the backup pseudowire. Perform this task to configure a disable delay.
SUMMARY STEPS
1. configure
2. l2vpn
3. pw-class class name
4. backup disable delay seconds
5. exit
6. xconnect group group name
7. p2p xconnect name
8. neighbor ip-address pw-id number
9. pw-class class name
10. backup neighbor ip-address pw-id number
11. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
pw-class class_1
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# pw-class class_1
RP/0/RP0/CPU0:router(config-l2vpn-pwc)#
|
Configures the pseudowire class name.
|
Step 4
|
backup disable delay seconds
Example:
RP/0/RP0/CPU0:router(config-l2vpn-pwc)# backup
disable delay 20
RP/0/RP0/CPU0:router(config-l2vpn-pwc)#
|
Specifies how long a backup pseudowire virtual circuit (VC) should wait before resuming operation after the primary pseudowire VC becomes nonfunctional.
|
Step 5
|
exit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-pwc)# exit
|
Exits the pseudowire class submode.
|
Step 6
|
xconnect group group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# xconnect group A
RP/0/RP0/CPU0:router(config-l2vpn-xc)#
|
Enters the name of the cross-connect group.
|
Step 7
|
p2p xconnect name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc)# p2p
rtrX_to_rtrY
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)#
|
Enters a name for the point-to-point cross-connect.
|
Step 8
|
neighbor ip-address pw-id number
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)# neighbor
1.1.1.1 pw-id 2
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire segment for the cross-connect.
|
Step 9
|
pw-class class_1
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw)#
pw-class class_1
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire class name.
|
Step 10
|
backup neighbor ip-address pw-id number
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw)# backup
neighbor 1.1.1.1 pw-id 2
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
|
Configures the backup pseudowire for the point-to-point neighbor.
|
Step 11
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
end
or
RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating Members with a Bridge Domain
After a bridge domain is created, perform this task to assign interfaces to the bridge domain. The following types of bridge ports are associated with a bridge domain:
•Ethernet and VLAN
•VFI
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group-name
4. bridge-domain bridge-domain-name
5. interface type interface-path-id
6. static-mac-address {MAC-address}
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
interface type interface-path-id
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# interface
GigabitEthernet 0/4/0/0
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)#
|
Enters interface configuration mode and adds an interface to a bridge domain that allows packets to be forwarded and received from other interfaces that are part of the same bridge domain.
|
Step 6
|
static-mac-address {MAC-address}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)#
static-mac-address 1.1.1
|
Configures the static MAC address to associate a remote MAC address with a pseudowire or any other bridge interface.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-ac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Bridge Domain Parameters
To configure the bridge domain parameters, associate the following parameters with a bridge domain:
•Maximum transmission unit (MTU)—Specifies that all members of a bridge domain have the same MTU. The bridge domain member with a different MTU size is not used by the bridge domain even though it is still associated with a bridge domain.
•Flooding—Enables or disables flooding on the bridge domain. By default, flooding is enabled.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. flooding disable
6. mtu bytes
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters l2vpn configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
flooding disable
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# flooding
disable
|
Configures flooding for traffic at the bridge domain level or at the bridge port level.
|
Step 6
|
mtu bytes
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mtu 1000
|
Adjusts the maximum packet size or maximum transmission unit (MTU) size for the bridge domain.
•Use the bytes argument to specify the MTU size, in bytes. The range is from 64 to 65535.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Disabling a Bridge Domain
Perform this task to disable a bridge domain. When a bridge domain is disabled, all VFIs that are associated with the bridge domain are disabled. You are still able to attach or detach members to the bridge domain and the VFIs that are associated with the bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. shutdown
6. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
shutdown
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Shuts down a bridge domain to bring the bridge and all attachment circuits and pseudowires under it to admin down state.
|
Step 6
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Layer 2 Virtual Forwarding Instance
These topics describe how to configure a Layer 2 virtual forwarding instance (VFI):
•Adding the Virtual Forwarding Instance Under the Bridge Domain
•Associating Pseudowires with the Virtual Forwarding Instance
•Associating a Virtual Forwarding Instance to a Bridge Domain
•Attaching Pseudowire Classes to Pseudowires
•Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
•Disabling a Virtual Forwarding Instance
Adding the Virtual Forwarding Instance Under the Bridge Domain
Perform this task to create a Layer 2 Virtual Forwarding Instance (VFI) on all provider edge devices under the bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-vpn)#
end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-vpn)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating Pseudowires with the Virtual Forwarding Instance
After a VFI is created, perform this task to associate one or more pseudowires with the VFI.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor A.B.C.D {pw-id value}
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor A.B.C.D {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
neighbor 10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating a Virtual Forwarding Instance to a Bridge Domain
Perform this task to associate a VFI to be a member of a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. static-mac-address {MAC address}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi vfi name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor A.B.C.D {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
neighbor 10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
static-mac-address {MAC address}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
static-mac-address 1.1.1
|
Configures the static MAC address to associate a remote MAC address with a pseudowire or any other bridge interface.
|
Step 8
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Attaching Pseudowire Classes to Pseudowires
Perform this task to attach a pseudowire class to a pseudowire.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. pw-class {class name}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
neighbor 10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
pw-class {class name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
pw-class canada
|
Configures the pseudowire class template name to use for the pseudowire.
|
Step 8
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
Perform this task to configure the Any Transport over Multiprotocol (AToM) pseudowires by using the static labels. A pseudowire becomes a static AToM pseudowire by setting the MPLS static labels to local and remote.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. mpls static label {local value} {remote value}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
neighbor 10.1.1.2 pw-id 1000
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
mpls static label {local value} {remote value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
mpls static label local 800 remote 500
|
Configures the MPLS static labels and the static labels for the access pseudowire configuration. You can set the local and remote pseudowire labels.
|
Step 8
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Disabling a Virtual Forwarding Instance
Perform this task to disable a VFI. When a VFI is disabled, all the previously established pseudowires that are associated with the VFI are disconnected. LDP advertisements are sent to withdraw the MAC addresses that are associated with the VFI. However, you can still attach or detach attachment circuits with a VFI after a shutdown.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. shutdown
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
shutdown
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
shutdown
|
Disables the virtual forwarding interface (VFI).
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
RP/0/RP0/CPU0:router# show l2vpn bridge-domain
detail
|
Displays the state of the VFI. For example, if you shut down the VFI, the VFI is shown as shut down under the bridge domain.
|
Configuring the MAC Address-related Parameters
These topics describe how to configure the MAC address-related parameters:
•Configuring the MAC Address Source-based Learning
•Disabling the MAC Address Withdrawal
•Configuring the MAC Address Limit
•Configuring the MAC Address Aging
•Disabling MAC Flush at the Bridge Port Level
The MAC table attributes are set for the bridge domains.
Configuring the MAC Address Source-based Learning
Perform this task to configure the MAC address source-based learning.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. learning disable
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
learning disable
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
learning disable
|
Overrides the MAC learning configuration of a parent bridge or sets the MAC learning configuration of a bridge.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
RP/0/RP0/CPU0:router# show l2vpn bridge-domain
detail
|
Displays the details that the MAC address source-based learning is disabled on the bridge.
|
Disabling the MAC Address Withdrawal
Perform this task to disable the MAC address withdrawal for a specified bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. withdraw { access-pw disable | disable }
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
withdraw { access-pw disable | disable }
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
withdraw access-pw disable
|
Disables the MAC address withdrawal for the specified bridge domain.
Note Mac address withdrawal is generated when the access pseudowire is not operational.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
P/0/RP0/CPU0:router# show l2vpn bridge-domain detail
|
Displays detailed sample output to specify that the MAC address withdrawal is enabled. In addition, the sample output displays the number of MAC withdrawal messages that are sent over or received from the pseudowire.
|
The following sample output shows the MAC address withdrawal fields:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
Bridge group: siva_group, bridge-domain: siva_bd, id: 0, state: up, ShgId: 0, MSTi: 0
Broadcast & Multicast: enabled
MAC address aging time: 300 s Type: inactivity
MAC address limit: 4000, Action: none, Notification: syslog
DHCPv4 Snooping: disabled
MAC Filter: Static MAC addresses:
ACs: 1 (1 up), VFIs: 1, PWs: 2 (1 up)
AC: GigabitEthernet0/4/0/1, state is up
MTU 1500; XC ID 0x5000001; interworking none; MSTi 0 (unprotected)
Broadcast & Multicast: enabled
MAC address aging time: 300 s Type: inactivity
MAC address limit: 4000, Action: none, Notification: syslog
DHCPv4 Snooping: disabled
packet totals: receive 6,send 0
byte totals: receive 360,send 4
PW: neighbor 1.1.1.1, PW ID 1, state is down ( local ready )
PW class not set, XC ID 0xff000001
Encapsulation MPLS, protocol LDP
PW type Ethernet, control word enabled, interworking none
PW backup disable delay 0 sec
------------ ------------------------------ -------------------------
Interface siva/vfi unknown
Control word enabled unknown
------------ ------------------------------ -------------------------
Create time: 19/11/2007 15:20:14 (00:25:25 ago)
Last time status changed: 19/11/2007 15:44:00 (00:01:39 ago)
MAC withdraw message: send 0 receive 0
Configuring the MAC Address Limit
Perform this task to configure the parameters for the MAC address limit.
Note MAC Address Limit action is supported only on the ACs and not on the core pseudowires.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. limit
7. maximum {value}
8. action {flood | no-flood | shutdown}
9. notification {both | none | trap}
10. end
or
commit
11. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
limit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# limit
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
|
Sets the MAC address limit for action, maximum, and notification and enters L2VPN bridge group bridge domain MAC limit configuration mode.
|
Step 7
|
maximum {value}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
maximum 5000
|
Configures the specified action when the number of MAC addresses learned on a bridge is reached.
|
Step 8
|
action {flood | no-flood | shutdown}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
action flood
|
Configures the bridge behavior when the number of learned MAC addresses exceed the MAC limit configured.
|
Step 9
|
notification {both | none | trap}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
notification both
|
Specifies the type of notification that is sent when the number of learned MAC addresses exceeds the configured limit.
|
Step 10
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 11
|
show l2vpn bridge-domain [detail]
Example:
RP/0/RP0/CPU0:router# show l2vpn bridge-domain
detail
|
Displays the details about the MAC address limit.
|
Configuring the MAC Address Aging
Perform this task to configure the parameters for MAC address aging.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. aging
7. time {seconds}
8. type {absolute | inactivity}
9. end
or
commit
10. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
aging
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# aging
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
|
Enters the MAC aging configuration submode to set the aging parameters such as time and type.
|
Step 7
|
time {seconds}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
time 300
|
Configures the maximum aging time.
•Use the seconds argument to specify the maximum age of the MAC address table entry. The range is from 300 to 30000 seconds. Aging time is counted from the last time that the switch saw the MAC address. The default value is 300 seconds.
|
Step 8
|
type {absolute | inactivity}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
type absolute
|
Configures the type for MAC address aging.
•Use the absolute keyword to configure the absolute aging type.
•Use the inactivity keyword to configure the inactivity aging type.
|
Step 9
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 10
|
show l2vpn bridge-domain [detail]
Example:
RP/0/RP0/CPU0:router# show l2vpn bridge-domain
detail
|
Displays the details about the aging fields.
|
Disabling MAC Flush at the Bridge Port Level
Perform this task to disable the MAC flush at the bridge domain level.
You can disable the MAC flush at the bridge domain, bridge port or access pseudowire levels. By default, the MACs learned on a specific port are immediately flushed, when that port becomes nonfunctional.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group name
4. bridge-domain bridge-domain name
5. mac
6. port-down flush disable
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
RP/0/RP0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
csco
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters l2vpn bridge group bridge domain MAC configuration mode.
|
Step 6
|
port-down flush disable
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)#
port-down flush disable
|
Disables MAC flush when the bridge port becomes nonfunctional.
|
Step 7
|
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring VPLS with BGP Autodiscovery and Signaling
Perform this task to configure BGP-based autodiscovery and signaling.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group-name
4. bridge-domain bridge-domain-name
5. vfi {vfi-name}
6. vpn-id vpn-id
7. autodiscovery bgp
8. rd {as-number:nn | ip-address:nn | auto}
9. route-target {as-number:nn | ip-address:nn | export | import}
10. route-target import {as-number:nn | ip-address:nn}
11. route-target export {as-number:nn | ip-address:nn}
12. signaling-protocol bgp
13. ve-id {number}
14. ve-range {number}
15. commit
or
end
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
metroA
|
Enters configuration mode for the named bridge group.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
bridge-domain east
|
Enters configuration mode for the named bridge domain.
|
Step 5
|
vfi {vfi-name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi
vfi-east
|
Enters virtual forwarding instance (VFI) configuration mode.
|
Step 6
|
vpn-id vpn-id
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
vpn-id 100
|
Specifies the identifier for the VPLS service. The VPN ID has to be globally unique within a PE router; that is the same VPN ID cannot exist in multiple VFIs on the same PE router. In addition, a VFI can have only one VPN ID.
|
Step 7
|
autodiscovery bgp
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
autodiscovery bgp
|
Enters BGP autodiscovery configuration mode where all BGP autodiscovery parameters are configured.
This command is not provisioned to BGP until the VPN ID and the signaling protocol is configured.
|
Step 8
|
rd {as-number:nn|ip-address:nn|auto}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
rd auto
|
Specifies the route distinguisher (RD) under the VFI.
The RD is used in the BGP NLRI to identify VFI. Only one RD can be configured for each VFI, and except for rd auto, the same RD cannot be configured in multiple VFIs on the same PE.
When rd auto is configured, the RD value is:
{BGP Router ID}:{16 bits auto-generated unique index}.
|
Step 9
|
route-target {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target 500:99
|
Specifies the route target (RT) for the VFI.
At least one import and one export route target (or just one route target with both roles) need to be configured in each PE in order to establish BGP autodiscovery between PEs.
If no export or import keyword is specified, it means that the RT is both import and export. A VFI can have multiple export or import RTs. However, the same RT is not allowed in multiple VFIs in the same PE.
|
Step 10
|
route-target import {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target import 200:20
|
Specifies the import route target for the VFI.
The PE compares import route target with the RT in the received NLRI: the RT in the received NLRI must match the import RT to determine that the RTs belong to the same VPLS service.
|
Step 11
|
route-target export {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target export 100:10
|
Specifies the export route target for the VFI.
Export route target is the RT that will be in the NLRI advertised to other PEs.
|
Step 12
|
signaling-protocol bgp
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
signaling-protocol bgp
|
Specifies the signaling protocol to be used to manage the pseudowires.
|
Step 13
|
ve-id {number}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad-
sig)# ve-id 10
|
Specifies the local PE identifier for the VFI for VPLS configuration.
The VE ID identifies a VFI within a VPLS service. This means that VFIs in the same VPLS service cannot share the same VE ID. The scope of the VE ID is only within a bridge domain. Therefore, VFIs in different bridge domains within a PE can still use the same VE ID.
|
Step 14
|
ve-range {number}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad-si
g)# ve-range 40
|
Overrides the minimum size of VPLS edge (VE) blocks.
The default minimum size is 10. Any configured VE range must be higher than 10.
|
Step 15
|
end
or
commit
Example:
RP0RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad
-
sig)# end
or
RP0RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad
-
sig)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring VPLS with BGP Autodiscovery and LDP Signaling
Perform this task to configure BGP-based Autodiscovery and signaling.
SUMMARY STEPS
1. configure
2. l2vpn
3. route-id
4. bridge group bridge-group-name
5. bridge-domain bridge-domain-name
6. vfi {vfi-name}
7. autodiscovery bgp
8. vpn-id vpn-id
9. rd {as-number:nn | ip-address:nn | auto}
10. route-target {as-number:nn | ip-address:nn | export | import}
11. route-target import {as-number:nn | ip-address:nn}
12. route-target export {as-number:nn | ip-address:nn}
13. signaling-protocol ldp
14. vpls-id {as-number:nn | ip-address:nn}
15. commit
or
end
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/RP0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/RP0/CPU0:router(config)# l2vpn
|
Enters L2VPN configuration mode.
|
Step 3
|
router-id ip-address
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# router-id
1.1.1.1
|
Specifies a unique Layer 2 (L2) router ID for the provider edge (PE) router.
The router ID must be configured for LDP signaling, and is used as the L2 router ID in the BGP NLRI, SAII (local L2 Router ID) and TAII (remote L2 Router ID). Any arbitrary value in the IPv4 address format is acceptable.
Note Each PE must have a unique L2 router ID. This CLI is optional, because a PE automatically generates a L2 router ID using the LDP router ID.
|
Step 4
|
bridge group bridge-group-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# bridge group
metroA
|
Enters configuration mode for the named bridge group.
|
Step 5
|
bridge-domain bridge-domain-name
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg)#
bridge-domain east
|
Enters configuration mode for the named bridge domain.
|
Step 6
|
vfi {vfi-name}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd)# vfi
vfi-east
|
Enters virtual forwarding instance (VFI) configuration mode.
|
Step 7
|
vpn-id vpn-id
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
vpn-id 100
|
Specifies the identifier for the VPLS service. The VPN ID has to be globally unique within a PE router; that is the same VPN ID cannot exist in multiple VFIs on the same PE router. In addition, a VFI can have only one VPN ID.
|
Step 8
|
autodiscovery bgp
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi)#
autodiscovery bgp
|
Enters BGP autodiscovery configuration mode where all BGP autodiscovery parameters are configured.
This command is not provisioned to BGP until the VPN ID and the signaling protocol is configured.
|
Step 9
|
rd {as-number:nn|ip-address:nn|auto}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
rd auto
|
Specifies the route distinguisher (RD) under the VFI.
The RD is used in the BGP NLRI to identify VFI. Only one RD can be configured for each VFI, and except for rd auto, the same RD cannot be configured in multiple VFIs on the same PE.
When rd auto is configured, the RD value is:
{BGP Router ID}:{16 bits auto-generated unique index}.
|
Step 10
|
route-target {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target 500:99
|
Specifies the route target (RT) for the VFI.
At least one import route target and one export route target (or just one route target with both roles) need to be configured in each PE in order to establish BGP autodiscovery between PEs.
If no export or import keyword is specified, it means that the RT is both import and export. A VFI can have multiple export or import RTs. However, the same RT is not allowed in multiple VFIs in the same PE.
|
Step 11
|
route-target import {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target import 200:20
|
Specifies the import route target for the VFI.
The PE compares the import route target with the RT in the received NLRI: the RT in the received NLRI must match the import RT to determine that the RTs belong to the same VPLS service.
|
Step 12
|
route-target export {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
route-target export 100:10
|
Specifies the export route target for the VFI.
Export route target is the RT that will be in the NLRI advertised to other PEs.
|
Step 13
|
signaling-protocol ldp
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad)#
signaling-protocol ldp
|
Enables LDP signaling, and enters the LDP signaling configuration submode where LDP signaling parameters are configured.
|
Step 14
|
vpls-id {as-number:nn|ip-address:nn}
Example:
RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad-
sig)# vpls-id 10:20
|
Specifies VPLS ID which identifies the VPLS domain during signaling.
This command is optional in all PEs that are in the same Autonomous System (that is, PEs that share the same ASN) because a default VPLS ID is automatically generated using BGP's ASN and the configured VPN ID (that is, the default VPLS ID equals ASN:VPN-ID). If an ASN of 4 bytes is used, the lower two bytes of the ASN are used to build the VPLS ID. In case of InterAS, the VPLS ID must be explicitly configured. Only one VPLS ID can be configured for each VFI, and the same VPLS ID cannot be used for multiple VFIs.
|
Step 15
|
end
or
commit
Example:
RP0RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad
-sig)# end
or
RP0RP/0/RP0/CPU0:router(config-l2vpn-bg-bd-vfi-ad
-sig)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuration Examples for Virtual Private LAN Services
This section includes the following configuration examples:
•Configuing a Pseudowire: Example
•Configuring an Access Pseudowire: Example
•Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
•Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
•Configuring Backup Disable Delay: Example
•Disabling MAC Flush: Examples
•H-VPLS Configuration: Examples
•Configuring VPLS with BGP Autodiscovery and Signaling: Example
Configuing a Pseudowire: Example
This example shows how to configure a pseudowire:
bridge group bridge group1
bridge-domain bridge-domain my_domain
neighbor 10.1.1.1 pw-id 100
Configuring an Access Pseudowire: Example
This example shows how to configure access pseudowire:
bridge group bridge group1
bridge-domain bridge-domain domain1
interface GigabitEthernet 0/1/0/2
neighbor 10.1.1.2 pw-id 200
Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
These configuration examples show how to create a Layer 2 VFI with a full-mesh of participating VPLS provider edge (PE) nodes.
The following configuration example shows how to configure PE 1:
neighbor 2.2.2.2 pw-id 1---PW1
neighbor 3.3.3.3 pw-id 1---PW2
ipv4 address 1.1.1.1 255.255.255.25
The following configuration example shows how to configure PE 2:
interface GigabitEthernet0/0---AC
neighbor 1.1.1.1 pw-id 1---PW1
neighbor 3.3.3.3 pw-id 1---PW2
ipv4 address 2.2.2.2 255.255.255.25
The following configuration example shows how to configure PE 3:
interface GigabitEthernet0/0---AC
neighbor 1.1.1.1 pw-id 1---PW1
neighbor 2.2.2.2 pw-id 1---PW2
ipv4 address 3.3.3.3 255.255.255.25
Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
The following configuration shows how to configure VPLS for a PE-to-CE nodes:
interface GigabitEthernet0/0
l2transport---AC interface
no ipv4 directed-broadcast
Configuring Backup Disable Delay: Example
The following example shows how a backup delay is configured for point-to-point PW where the backup disable delay is 50 seconds:
backup neighbor 2.2.2.2 pw- id 5
The following example shows how a backup delay is configured for point-to-point PW where the backup disable delay is never:
backup neighbor 2.2.2.2 pw-id 5
Disabling MAC Flush: Examples
You can disable the MAC flush at the following levels:
•bridge domain
•bridge port (attachment circuit (AC))
•access pseudowire (PW)
The following example shows how to disable the MAC flush at the bridge domain level:
The following example shows how to disable the MAC flush at the bridge port level:
The following example shows how to disable the MAC flush at the access pseudowire level:
neighbor 10.1.1.1 pw-id 1000
H-VPLS Configuration: Examples
This example shows how to configure hierarchical VPLS (H-VPLS). All examples in this section are based on the following topology where N-PE1 is the H-VPLS Node:
VPLS with QinQ or QinAny: Example
Global Interface Configuration at N-PE1:
interface GigabitEthernet0/0/0/0
dot1q tunneling ethertype 0x9200
interface GigabitEthernet0/0/0/1
dot1q tunneling ethertype 0x9100
interface GigabitEthernet0/0/0/0.1 l2transport
interface GigabitEthernet0/0/0/1.1 l2transport
L2VPN Configuration at N-PE1:
interface GigabitEthernet0/0/0/0.1
interface GigabitEthernet0/0/0/1.1
neighbor 6.6.6.6 pw-id 10
Global Interface Configuration at N-PE2:
interface GigabitEthernet0/6/0/0
dot1q tunneling ethertype 0x9200
interface GigabitEthernet0/6/0/1
dot1q tunneling ethertype 0x9100
interface GigabitEthernet0/6/0/0.1 l2transport
interface GigabitEthernet0/6/0/1.1 l2transport
L2VPN Configuration at N-PE2:
interface GigabitEthernet0/6/0/0.1
interface GigabitEthernet0/6/0/1.1
neighbor 5.5.5.5 pw-id 10
H-VPLS with Access-PWs: Example
Router Configuration at U-PE1:
interface GigabitEthernet0/1/1/0.1 --> Local AC
neighbor 5.5.5.5 pw-id 100 --> Access PW to N-PE1
interface GigabitEthernet0/1/1/0.1 l2transport
Router Configuration at U-PE2:
interface GigabitEthernet0/2/5/0.1 --> Local AC
neighbor 5.5.5.5 pw-id 100 --> Access PW to N-PE1
interface GigabitEthernet0/2/5/0.1 l2transport
Router Configuration at N-PE1:
interface GigabitEthernet0/1/4/0.1 ? Local AC
neighbor 1.1.1.1 pw-id 100 --> Access PW to U-PE1
neighbor 2.2.2.2 pw-id 100 --> Access PW to U-PE2
neighbor 6.6.6.6 pw-id 100 --> Core PW to N-PE2
interface GigabitEthernet0/1/4/0.1 l2transport
Router Configuration at N-PE2:
interface GigabitEthernet0/2/1/0.1 --> Local AC
neighbor 5.5.5.5 pw-id 100 --> Core PW to N-PE1
interface GigabitEthernet0/2/1/0.1 l2transport
Configuring VPLS with BGP Autodiscovery and Signaling: Example
This section contains these configuration examples:
•LDP and BGP Configuration
•Minimum L2VPN Configuration for BGP Autodiscovery with BGP Signaling
•VPLS with BGP Autodiscovery and BGP Signaling
•Minimum Configuration for BGP Autodiscovery with LDP Signaling
•VPLS with BGP Autodiscovery and LDP Signaling
LDP and BGP Configuration
Figure 15 illustrates an example of LDP and BGP configuration.
Figure 15
LDP and BGP Configuration
Configuration at PE1:
ipv4 address 1.1.1.100 255.255.255.255
ipv4 address 1.1.1.10 255.255.255.255
interface GigabitEthernt0/1/0/0
address-family l2vpn vpls-vpws
address-family l2vpn vpls-vpws
Configuration at PE2:
ipv4 address 2.2.2.200 255.255.255.255
ipv4 address 2.2.2.20 255.255.255.255
interface GigabitEthernt0/1/0/0
address-family l2vpn vpls-vpws
address-family l2vpn vpls-vpws
Minimum L2VPN Configuration for BGP Autodiscovery with BGP Signaling
This example illustrates the minimum L2VPN configuration required for BGP Autodiscovery with BGP Signaling, where any parameter that has a default value is not configured.
(config-l2vpn)# bridge group {bridge group name}
(config-l2vpn-bg)# bridge-domain {bridge domain name}
(config-l2vpn-bg-bd)# vfi {vfi name}
(config-l2vpn-bg-bd-vfi)# vpn-id 10
(config-l2vpn-bg-bd-vfi)# autodiscovery bgp
(config-l2vpn-bg-bd-vfi-ad)# rd auto
(config-l2vpn-bg-bd-vfi-ad)# route-target 1.1.1.1:100
(config-l2vpn-bg-bd-vfi-ad)# signaling-protocol bgp
(config-l2vpn-bg-bd-vfi-ad-sig)# ve-id 1
(config-l2vpn-bg-bd-vfi-ad-sig)# commit
VPLS with BGP Autodiscovery and BGP Signaling
Figure 16 illustrates an example of configuring VPLS with BGP autodiscovery (AD) and BGP Signaling.
Figure 16
VPLS with BGP autodiscovery and BGP signaling
Configuration at PE1:
interface GigabitEthernet0/1/0/1.1
! AD independent VFI attributes
! Auto-discovery attributes
Configuration at PE2:
interface GigabitEthernet0/1/0/2.1
! AD independent VFI attributes
! Auto-discovery attributes
This is an example of NLRI for VPLS with BGP AD and signaling:
Discovery attributes
NLRI sent at PE1:
Router Distinguisher = 3.3.3.3:32770
NLRI sent at PE2:
Router Distinguisher = 1.1.1.1:32775
Minimum Configuration for BGP Autodiscovery with LDP Signaling
This example illustrates the minimum L2VPN configuration required for BGP Autodiscovery with LDP Signaling, where any parameter that has a default value is not configured.
(config-l2vpn)# bridge group {bridge group name}
(config-l2vpn-bg)# bridge-domain {bridge domain name}
(config-l2vpn-bg-bd)# vfi {vfi name}
(config-l2vpn-bg-bd-vfi)# autodiscovery bgp
(config-l2vpn-bg-bd-vfi-ad)# vpn-id 10
(config-l2vpn-bg-bd-vfi-ad)# rd auto
(config-l2vpn-bg-bd-vfi-ad)# route-target 1.1.1.1:100
(config-l2vpn-bg-bd-vfi-ad)# commit
VPLS with BGP Autodiscovery and LDP Signaling
Figure 17 illustrates an example of configuring VPLS with BGP autodiscovery (AD) and LDP Signaling.
Figure 17
VPLS with BGP autodiscovery and LDP signaling
Configuration at PE1:
Configuration at PE2:
Discovery and Signaling Attributes
Configuration at PE1:
BGP Router ID - 1.1.1.100
L2VPN Router ID - 10.10.10.10
Route Distinguisher - 1:100
Common Configuration between PE1 and PE2:
Configuration at PE2:
BGP Router ID - 2.2.2.200
L2VPN Router ID - 20.20.20.20
Route Distinguisher - 2:200
Discovery Attributes
NLRI sent at PE1:
Source Address - 1.1.1.10
Destination Address - 2.2.2.20
Route Distinguisher - 1:100
L2VPN Router ID - 10.10.10.10
NLRI sent at PE2:
Source Address - 2.2.2.20
Destination Address - 1.1.1.10
Route Distinguisher - 2:200
L2VPN Router ID - 20.20.20.20
Route Target - 12:12
Additional References
For additional information related to implementing VPLS, refer to the following references:
Related Documents
Related Topic
|
Document Title
|
Cisco IOS XR L2VPN command reference document
|
MPLS Virtual Private Network Commands on Cisco IOS XR Software module in Cisco IOS XR MPLS Command Reference
|
MPLS VPLS-related commands
|
MPLS Virtual Private LAN Services Commands on Cisco IOS XR Software module in Cisco IOS XR MPLS Command Reference
|
MPLS Layer 2 VPNs
|
Implementing MPLS Layer 2 VPNs on Cisco IOS XR Software module in Cisco IOS XR MPLS Configuration Guide
|
MPLS VPNs over IP Tunnels
|
MPLS VPNs over IP Tunnels on Cisco IOS XR Software module in Cisco IOS XR MPLS Configuration Guide
|
Cisco CRS router getting started material
|
Cisco IOS XR Getting Started Guide
|
Information about user groups and task IDs
|
Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide
|
Standards
|
|
Title
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
|
—
|
MIBs
RFCs
RFCs
|
Title
|
RFC 3931
|
Layer Two Tunneling Protocol - Version 3 (L2TPv3)
|
RFC 4447
|
Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP), April 2006
|
RFC 4448
|
Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006
|
Technical Assistance
Description
|
Link
|
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
|
http://www.cisco.com/techsupport
|
Feedback
