Cisco Catalyst SD-WAN Network Configuration Guide, Releases 26.x and Later

PDF

Methods to verify Layer 2 VPN using CLI

Want to summarize with AI?

Log in

View a Layer 2 VPN status

To view the remote peer information, system IP, status, and related information, use the show l2vpn sdwan [instance instance-id][vc-id vc-id] command.

This is an example for a Cisco IOS XE Catalyst SD-WAN device.

Device# show l2vpn sdwan instance 13 vc-id 13
VC_ID: 13 Bridge-domain: 13
Local l2vpn status: UP
Local Pseudoports: GigabitEthernet7 service instance 13

View L2VPN information learned through OMP route on a Cisco SD-WAN Controller

To view the specific L2-route or path learned in the specific VPN and virtual circuit, use the show sdwan omp l2-routes[vpn vpn-id] [vc-id vc-id] command. If the vpn and vc-id are not included, the command shows Layer 2 routes learned through OMP from all VPNs across the Cisco Catalyst SD-WAN fabric.

This is a sample output from the show omp l2-routes command displaying Layer 2 routes learned through OMP for Cisco SD-WAN Controllers.

Device# show omp l2-routes | tab
C   -> chosen
I   -> installed
Red -> redistributed
Rej -> rejected
L   -> looped
R   -> resolved
S   -> stale
Ext -> extranet
Inv -> invalid
Stg -> staged
IA  -> On-demand inactive
U   -> TLOC unresolved

                                                                                                                                   REMOTE  
                                     ROUTE                   IP                   SITE                   PATH                      SITE    
VPN    VC ID        ORIGINATOR       TYPE   MAC ADDRESS      ADDRESS  VPN TYPE    ID    FROM PEER        ID     LABEL    STATUS    ID      
-------------------------------------------------------------------------------------------------------------------------------------------
12     12           172.16.255.15    vpn    0000.0000.0000   ::       p2p         500   172.16.255.15    66     1004     C,R       501     
                                                                                        172.16.255.15    69     1004     C,R       501     
                                                                                        172.16.255.20    1      1004     C,R       501     
                                                                                        172.16.255.20    2      1004     C,R       501     
12     12           172.16.255.27    vpn    0000.0000.0000   ::       p2p         501   172.16.255.20    1      1014     C,R       500     
                                                                                        172.16.255.27    70     1014     C,R       500     
13     13           172.16.255.15    vpn    0000.0000.0000   ::       multipoint  500   172.16.255.15    66     1006     C,R       -       
                                                                                        172.16.255.15    69     1006     C,R       -       
                                                                                        172.16.255.20    1      1006     C,R       -       
                                                                                        172.16.255.20    2      1006     C,R       -       
13     13           172.16.255.27    vpn    0000.0000.0000   ::       multipoint  501   172.16.255.20    1      1016     C,R       -       
                                                                                        172.16.255.27    70     1016     C,R       -       
13     13           172.16.255.32    vpn    0000.0000.0000   ::       multipoint  503   172.16.255.20    1      1007     C,R       -       
                                                                                        172.16.255.32    71     1007     C,R       -       
14     1            172.16.255.27    vpn    0000.0000.0000   ::       multipoint  501   172.16.255.20    1      1018     C,R       -       
                                                                                        172.16.255.27    70     1018     C,R       -       
15     1            172.16.255.15    vpn    0000.0000.0000   ::       p2p         500   172.16.255.15    66     1020     C,R       501     
                                                                                        172.16.255.15    69     1020     C,R       501     
                                                                                        172.16.255.20    1      1020     C,R       501     
                                                                                        172.16.255.20    2      1020     C,R       501     
15     1            172.16.255.27    vpn    0000.0000.0000   ::       p2p         501   172.16.255.20    1      1020     C,R       500     
                                                                                        172.16.255.27    70     1020     C,R       500     

View Bridge-domain information

To verify information related to bridge domains within the context of Forwarding Table Management Daemon (FTMD), use the show platform software sdwan ftmd bridge-domain command on a device.

This is a sample output from the show platform software sdwan ftmd bridge-domain command that displays information related to bridge domains within the context of Forwarding Table Management Daemon (FTMD).

Device# show platform software sdwan ftmd bridge-domain 
L2vpn Bridge-domain 12 Table:
  sdwan efp dpidx: 4210708(0x404014)
  Label: 1004 lbl-nhop-id: 196611 (binosId=0xf830003f)
  Bum Label: 1005 bum-lbl-nhop-id: 196612 (binosId=0xf830004f)
  Remote Site Table(1 entries in total):
    remote-site-id: 501 sla-nhop-id: 29 (binosId=0xf80001df)

L2vpn Bridge-domain 13 Table:
  sdwan efp dpidx: 4210709(0x404015)
  Label: 1006 lbl-nhop-id: 196613 (binosId=0xf830005f)
  Bum Label: 1007 bum-lbl-nhop-id: 196614 (binosId=0xf830006f)
  Remote Site Table(2 entries in total):
    remote-site-id: 501 sla-nhop-id: 30 (binosId=0xf80001ef)
remote-site-id: 503 sla-nhop-id: 33 (binosId=0xf800021f)

View Cisco Catalyst SD-WAN Flood List Information and Packet Counters in Data Plane

To verify information related to ​ Cisco Catalyst SD-WAN flood list information, use the show platform hardware qfp active feature bridge-domain datapath bridge-domain-id sdwan-flood-list command.

This is a sample output from the show platform hardware qfp active feature bridge-domain datapath bridge-domain-id sdwan-flood-list command that displays the ​Cisco Catalyst SD-WAN flood list information.

Device#show platform software sdwan ftmd bridge-domain 
L2vpn Bridge-domain 12 Table:
  sdwan efp dpidx: 4210708(0x404014)
  Label: 1004 lbl-nhop-id: 196611 (binosId=0xf830003f)
  Bum Label: 1005 bum-lbl-nhop-id: 196612 (binosId=0xf830004f)
  Remote Site Table(1 entries in total):
    remote-site-id: 501 sla-nhop-id: 29 (binosId=0xf80001df)

L2vpn Bridge-domain 13 Table:
  sdwan efp dpidx: 4210709(0x404015)
  Label: 1006 lbl-nhop-id: 196613 (binosId=0xf830005f)
  Bum Label: 1007 bum-lbl-nhop-id: 196614 (binosId=0xf830006f)
  Remote Site Table(2 entries in total):
    remote-site-id: 501 sla-nhop-id: 30 (binosId=0xf80001ef)
remote-site-id: 503 sla-nhop-id: 33 (binosId=0xf800021f)

View packet counters in data plane

To verify information related to a QuantumFlow Processor (QFP) hardware module packet counters for a specific bridge domain within the data path, use the show platform hardware qfp active feature bridge-domain datapath bridge-id command.

This is a sample output from the show platform hardware qfp active feature bridge-domain datapath bridge-id command to display a QFP hardware module packet counters for a specific bridge domain within the data path.

Device# show platform hardware qfp active feature bridge-domain datapath 200
QFP L2BD Bridge Domain information                                                                 
                                                                                                                                                                                             
BD id                  : 200                                                                       
State enabled          : Yes                                                                       
Aging timeout (sec)    : 300                                                                       
Aging active entry     : Yes                                                                       
Max mac limit          : 65536                                                                     
Unkwn mac limit flood  : Yes                                                                       
mac_learn_enabled      : Yes                                                                       
mac_learn_controled    : No                                                                        
Unknown unicast olist  : Yes                                                                       
otv_aed_enabled : No                                                                               
otv_enabled : No                                                                                   
mcast_snooping_enabled : No                                                                        
Feature : sdwan                                                                                    
SISF snoop protocols   : None                                                                      
Sdwan instance id      : 200                                                                       
Mac learned            : 0                                                                         
BDI outer vtag         : 00000000                                                                  
BDI inner vtag         : 00000000                                                                  
                                                                                                   
Replication tree info:                                                                             
  Global replication    : depth encode 0X1000001, (head 0XE4E90000)                                
  Split-horizon-group 0 : depth encode 00000000, (head 00000000)                                   
  Split-horizon-group 1 : depth encode 00000000, (head 00000000)
Bridge Domain statistics
                                                                                                   
Total bridged                pkts : 0          bytes: 0                                            
Total unknown unicast        pkts : 0          bytes: 0                                            
Total broadcasted            pkts : 0          bytes: 0                                            
Total to BDI                 pkts : 0          bytes: 0                                            
Total injected               pkts : 0          bytes: 0                                            
Total mac-sec violation drop pkts : 0          bytes: 0                                            
Total mac-sec move drop      pkts : 0          bytes: 0                                            
Total mac-sec unknown drop   pkts : 0          bytes: 0                                            
Total source filter drop     pkts : 0          bytes: 0                                            
Total bfib policy drop       pkts : 0          bytes: 0                                            
Total replication start drop pkts : 0          bytes: 0                                            
Total recycle tail drop      pkts : 0          bytes: 0                                            
Total static MAC move drop   pkts : 0          bytes: 0                                            
Total BD disabled drop       pkts : 0          bytes: 0                                            
Total STP state drop         pkts : 0          bytes: 0                                            
Total UUF suppression drop   pkts : 0          bytes: 0                                            
Total sisf ctrl punt         pkts : 0          bytes: 0                                            
Total sisf ctrl drop         pkts : 0          bytes: 0                                            
Total p2p lan to wan         pkts : 0          bytes: 0                                            
Total p2p wan to lan         pkts : 0          bytes: 0