Configuring VPLS. VPLS overview. Operation of VPLS. Basic VPLS concepts

Similar documents
Configuring MPLS L2VPN

Configuring MPLS L2VPN

VPLS configuration commands

Configuring MPLS L2VPN

VPLS configuration commands

VPLS configuration commands

Operation Manual MPLS VLL. Table of Contents

Configuring Virtual Private LAN Services

Contents. EVPN overview 1

HP A5820X & A5800 Switch Series MPLS. Configuration Guide. Abstract

L2 MPLS VPN (VPLS) Technology White Paper

LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF

Configuring Virtual Private LAN Service (VPLS) and VPLS BGP-Based Autodiscovery

Configure Multipoint Layer 2 Services

Module 11b MPLS VPLS Configuration Lab (LDP Manual)

Deploy VPLS. APNIC Technical Workshop October 23 to 25, Selangor, Malaysia Hosted by:

HPE FlexFabric 7900 Switch Series

Implementing Virtual Private LAN Services

H3C S10500 Switch Series

HP Routing Switch Series

Network Configuration Example

H3C S10500 Switch Series

HP FlexFabric Switch Series

HP 5920 & 5900 Switch Series

HP Routing Switch Series

Configuring MPLS and EoMPLS

Table of Contents Chapter 1 MPLS L3VPN Configuration

MPLS design. Massimiliano Sbaraglia

Configuring Routed Pseudowire and VPLS

Module 11a MPLS VPWS Configuration Lab (LDP)

Configuring multicast VPN

Configuring MPLS L3VPN

HPE FlexFabric 5940 Switch Series

Configuring MPLS L3VPN

Practice exam questions for the Nokia NRS II Composite Exam

Table of Contents 1 Multicast VPN Configuration 1-1

HP 5920 & 5900 Switch Series

Operation Manual MCE H3C S3610&S5510 Series Ethernet Switches. Table of Contents

AToM (Any Transport over MPLS)

HP 6125G & 6125G/XG Blade Switches

Contents. Configuring EVI 1

Implementing IEEE 802.1ah Provider Backbone Bridge

Quidway S5700 Series Ethernet Switches V100R006C01. Configuration Guide - VPN. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

Table of Contents 1 QinQ Configuration BPDU Tunneling Configuration 2-1

Configure L2VPN Autodiscovery and Signaling

Table of Contents Chapter 1 MPLS Basics Configuration

Configuring MSDP. Overview. How MSDP operates. MSDP peers

L3VPN Configuration. L3VPN Overview. Introduction to L3VPN

HP A-MSR Router Series MPLS. Configuration Guide. Abstract

Network Configuration Example

VPLS Autodiscovery: BGP Based

Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS

Implementing MPLS VPNs over IP Tunnels

L2VPN Protocol-Based CLIs

Implementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN

HP FlexFabric 7900 Switch Series

MPLS VPN Carrier Supporting Carrier Using LDP and an IGP

H3C S7500E-X Switch Series

HP FlexFabric 5930 Switch Series

HP MSR Router Series. MPLS Configuration Guide(V5) Part number: Software version: CMW520-R2513 Document version: 6PW

HP MSR Router Series. EVI Configuration Guide(V7) Part number: b Software version: CMW710-R0304 Document version: 6PW

H3C S6520XE-HI Switch Series

BGP Support for the L2VPN Address Family

MPLS VPN. 5 ian 2010

Real4Test. Real IT Certification Exam Study materials/braindumps

Network Configuration Example

IP Routing Volume Organization

Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN

MPLS VPN Carrier Supporting Carrier Using LDP and an IGP

Vendor: HP. Exam Code: HP0-Y36. Exam Name: Deploying HP Enterprise Networks. Version: Demo

InterAS Option B. Information About InterAS. InterAS and ASBR

MPLS VPN--Inter-AS Option AB

Configuring MSDP. MSDP overview. How MSDP works. MSDP peers

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS

Contents. Configuring MSDP 1

H-VPLS N-PE Redundancy for MPLS Access

MPLS L3VPN. The MPLS L3VPN model consists of three kinds of devices: PE CE Site 2. Figure 1 Network diagram for MPLS L3VPN model

Pass4Sure.4A0-104,288.Questions

Ethernet VPN (EVPN) and Provider Backbone Bridging-EVPN: Next Generation Solutions for MPLS-based Ethernet Services. Introduction and Application Note

H3C S12500-X Switch Series

HP MSR Router Series. Layer 2 LAN Switching Command Reference(V7)

MC-LAG to VPLS Technology and Solution Overview

Table of Contents Chapter 1 Tunneling Configuration

HP MSR Router Series. MPLS Configuration Guide(V7) Part number: Software version: CMW710-R0106 Document version: 6PW

L2VPN Interworking. Finding Feature Information

TRILL Transparent Transport over MPLS

Multipoint Bridged Ethernet Using MPLS Virtual Private LAN Services

Lab 1: Static MPLS LSP-RTX4-RTX1 LSP-RTX1-RTX4 LSP-RTX3-RTX2 LSP-RTX2-RTX3

MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution

Configure Virtual LANs in Layer 2 VPNs

MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution

MPLS VPN Inter-AS Option AB

Operation Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Basic MPLS commands. display mpls forwarding ilm. Syntax. Views. Predefined user roles. Parameters. Usage guidelines. Examples

Question: 1 Which three parameters must match to establish OSPF neighbor adjacency? (Choose three.)

Deploying MPLS L2VPN

Free4Torrent. Free and valid exam torrent helps you to pass the exam with high score

Cisco. Maintaining Cisco Service Provider VPNs and MPLS Networks (MSPVM)

H3C S6520XE-HI Switch Series

Operation Manual Routing Protocol. Table of Contents

Transcription:

Contents Configuring VPLS 1 VPLS overview 1 Operation of VPLS 1 VPLS packet encapsulation 4 H-VPLS implementation 5 Hub-spoke VPLS implementation 7 Multi-hop PW 8 VPLS configuration task list 9 Enabling L2VPN and MPLS L2VPN 9 Configuring LDP VPLS 10 Configuration prerequisites 10 Configuring an LDP VPLS instance 10 Configuring BGP VPLS 11 Configuration prerequisites 11 Configuring the BGP extension 12 Configuring a BGP VPLS instance 12 Resetting VPLS BGP connections 12 Binding a VPLS instance 13 Binding a Layer 3 interface with a VPLS instance 13 Binding a service instance with a VPLS instance 14 Configuring VPLS and MAC-in-MAC dual-stack support 15 Configuring MAC address learning 15 Configuring VPLS instance attributes 16 Configuring traffic policing for an AC 17 Inspecting PWs 18 Displaying and maintaining VPLS 18 VPLS configuration examples 20 Configuring VPLS instances 20 Configuring H-VPLS with LSP access 23 Configuring hub-spoke VPLS 26 Configuring PW redundancy for H-VPLS access 30 Configuring BFD for the main link in an H-VPLS network 34 Implementing multi-as VPN through multi-hop PW 39 VPLS and MAC-in-MAC dual-stack support configuration example 44 Troubleshooting VPLS 48 i

Configuring VPLS NOTE: The switch operates in IRF or standalone (the default) mode. For more information about IRF mode, see IRF Configuration Guide. The switch does not support VPLS when the system works in normal mode. For more information about system working modes, see Fundamentals Configuration Guide. VPLS overview Virtual Private LAN Service (VPLS), also called Transparent LAN Service (TLS) or virtual private switched network service, can deliver a point-to-multipoint L2VPN service over public networks. With VPLS, geographically-dispersed sites can interconnect and communicate over MAN or WAN as if they were on the same LAN. VPLS provides Layer 2 VPN services. However, it supports multipoint services, rather than the point-to-point services that traditional VPN supports. With VPLS, service providers can create on the PEs a series of virtual switches for customers, allowing customers to build their LANs across the Metropolitan Area Network (MAN) or Wide Area Network (WAN). Operation of VPLS Basic VPLS concepts CE Customer edge device that is directly connected to the service provider network. PE Provider edge device that connects one or more CEs to the service provider network. A PE maps and forwards packets between private networks and public network tunnels. A PE can be a UPE or NPE. UPE User facing provider edge device that functions as the user access convergence device. NPE Network provider edge device that functions as the network core PE. An NPE resides at the edge of a VPLS network core domain and provides transparent VPLS transport services between core networks. VSI Virtual switch instance that maps actual access links to virtual links. PW Pseudo wire, a bidirectional virtual connection between VSIs. A PW consists of two unidirectional MPLS virtual circuits (VCs). AC Attachment circuit that connects the CE to the PE. It can use physical interfaces or virtual interfaces. Usually, all user packets on an AC, including Layer 2 and Layer 3 protocol messages, must be forwarded to the peer site without being changed. QinQ 802.1Q in 802.1Q, a tunneling protocol based on 802.1Q. It offers a point-to-multipoint L2VPN service mechanism. With QinQ, the private network VLAN tags of packets are encapsulated into the public network VLAN tags, allowing packets to be transmitted with two layers of tags across the service provider network. This provides a simpler Layer 2 VPN tunneling service. Forwarders A forwarder functions as the VPLS forwarding table. Once a PE receives a packet from an AC, the forwarder selects a PW for forwarding the packet. 1

Tunnel A tunnel, usually an MPLS tunnel, is a direct channel between a local PE and the peer PE for transparent data transmission in-between. It is used to carry PWs. A tunnel can carry multiple PWs. Encapsulation Packets transmitted over a PW use the standard PW encapsulation formats and technologies: Ethernet and VLAN. PW signaling The PW signaling protocol is the fundament of VPLS. It is used for creating and maintaining PWs and automatically discovering VSI peer PEs. Two PW signaling protocols are available: LDP and BGP. QoS Quality of Service (QoS) is implemented by mapping the preference information in the packet header to the QoS preference information transferred on the public network. Figure 1 shows a typical VPLS networking scenario. Figure 1 Network diagram for VPLS Tunnel PW AC CE 1 VPN 1 Site 1 VPN 2 Site 2 Forwarder MPLS backbone P CE 2 CE 3 VPN 1 PE 1 PE 2 CE 4 PWSignaling VPN 2 Site 3 CAUTION: Do not enable STP or configure RRPP at the private network side of the PEs. Otherwise, a broadcast storm will occur, crashing down the network. For more information about STP, see Layer 2 LAN Switching Configuration Guide. For more information about RRPP, see High Availability Configuration Guide. MAC address learning and flooding VPLS provides reachability by MAC address learning. Each PE maintains a MAC address table. Source MAC address learning MAC address learning includes the following parts: Remote MAC address learning associated with PWs A PW consists of two unidirectional VC LSPs. A PW is up only when both of the VC LSPs are up. When the inbound VC LSP learns a new MAC address, the PW needs to map the MAC address to the outbound VC LSP. Local MAC address learning of interfaces directly connected to users This refers to learning source MAC addresses from Layer 2 packets originated by CEs. This occurs on the corresponding VSI interfaces. 2

Figure 2 shows the procedure of MAC address learning and flooding on PEs. Figure 2 MAC learning and flooding on PEs MAC address reclaim Dynamic address learning must support refreshing and relearning. The VPLS draft defines a dynamic address learning method that uses the address reclaim message, which carries MAC TLV. Upon receiving such a message, a device removes MAC addresses or relearns them according to the specified parameters in the TLV. If NULL is specified, the device removes all MAC addresses of the VSI except for those learned from the PW that received the address reclaim message. The address reclaim message is very useful when the network topology changes and you must remove the learned MAC addresses quickly. There are two types of address reclaim messages: those with MAC address lists and those without MAC address lists. After a backup link becomes active and a message with the instruction of relearning MAC entries arrives, a PE updates the corresponding MAC entries in the FIB table of the VPLS instance and sends the message to other PEs that are directly connected through LDP sessions. If the message contains a null MAC address TLV list, these PEs remove all MAC addresses from the specified VSI, except for those learned from the PW that sent the message. MAC address aging Remote MAC addresses learned by a PE that are related to VC labels but no more in use need to be aged out by an aging mechanism. The aging mechanism used here is the aging timer corresponding to the MAC address. When receiving a packet whose source MAC address has an aging timer started, the PE resets the aging timer. VPLS loop avoidance To avoid loops in a VPLS network, full mesh and split horizon forwarding are used instead of STP at the private network side. Full mesh PEs are logically fully meshed (so are PWs). Each PE must create for each VPLS forwarding instance a tree to all the other PEs of the instance. 3

Split horizon forwarding Each PE must support horizontal split to avoid loops. A PE cannot forward packets through PWs of the same VSI, because all the PEs of a VSI are directly connected. Packets from PWs on the public network side cannot be forwarded to other PWs; they can only be forwarded to the private network side. Peer PE discovery and PW signaling protocol For PEs in the same VSI, you can configure the peer PE addresses or use an automatic discovery mechanism. LDP and BGP are used to automatically discover VSI peer PEs. For a PW to be created, a PW signaling protocol is needed to assign a multiplex distinguishing flag (or, VC label) and advertise the assigned VC flag to the peer. In addition, the PW signaling protocol advertises VPLS system parameters such as PW ID, control word, and interface parameters. With the PW signaling protocol, PWs can be established between PEs to form a fully meshed network to provide VPLS services. LDP and BGP can be used as PW signaling protocols. VPLS can be one of the following based on the PW signaling protocol used: LDP VPLS Uses LDP as the signaling protocol. This mode is also called the Martini mode. BGP VPLS Uses BGP extension as the signaling protocol. This mode is also called the Kompella mode. NOTE: For more information about the Martini mode, see the chapter Configuring MPLS L2VPN. VPLS packet encapsulation Packet encapsulation on an AC The packet encapsulation type of an AC depends on the user VSI access mode, which can be VLAN or Ethernet. VLAN access The Ethernet header of a packet sent by a CE to a PE or sent by a PE to a CE includes a VLAN tag that is added in the header as a service delimiter for the service provider network to identify the user. The tag is called a P-Tag. Ethernet access The Ethernet header of a packet upstream from the CE or downstream from the PE does not contain any service delimiter. If a header contains a VLAN tag, it is the internal VLAN tag of the user and means nothing to the PE. This kind of internal VLAN tag of the user is called a U-Tag. You can specify the VSI access mode to be used. Packet encapsulation on a PW The packet encapsulation type of a PW, also called the PW transport mode, can be either Ethernet or VLAN. In Ethernet mode, P-Tag is not transferred on the PW. For a packet from a CE, if it contains the service delimiter, the PE removes the service delimiter and adds a PW label and a tunnel label into the packet before forwarding the packet. Otherwise, the PE adds a PW label and a tunnel label into the packet and then forwards the packet. For a packet to be sent downstream, whether the PE adds the service delimiter into the packet depends on your configuration. However, rewriting and removing of existing tags are not allowed. In VLAN mode, packets transmitted over the PW must carry a P-Tag. For a packet from a CE, if it contains the service delimiter, the PE keeps the P-Tag unchanged or changes the P-Tag to the VLAN tag expected by the peer PE or to a null tag (the tag value is 0), and then adds a PW label and a 4

tunnel label into the packet before sending the packet out. If the packet contains no service delimiter, the PE adds the VLAN tag expected by the peer PE or a null tag, and then a PW label and a tunnel label into the packet before sending the packet out. For a packet to be sent downstream, the PE rewrites, removes, or retains the service delimiter depending on your configuration. According to the protocol, the packet encapsulation type of a PW is VLAN by default. H-VPLS implementation Hierarchy of VPLS (H-VPLS) can extend the VPLS access range of a service provider and reduce costs. H-VPLS access has the following advantages: H-VPLS has lower requirements on the multi-tenant unit switch (MTU-s). It has distinct hierarchies which fulfill definite tasks. H-VPLS reduces the logical complexity of the fully meshed network consisting of PEs and the configuration complexity. The H-VPLS access modes include LSP access and QinQ access. H-VPLS with LSP access Figure 3 H-VPLS with LSP access As shown in Figure 3, UPE functions as the convergence device MTU-s and establishes only a virtual link U-PW with NPE 1. It does not establish virtual links with any other peers. Data forwarding in H-VPLS with LSP access is as follows: Upon receiving a packet from a CE, UPE tags the packet with the MPLS label for the U-PW, namely the multiplex distinguishing flag, and then sends the packet to NPE 1. When receiving the packet, NPE 1 determines which VSI the packet belongs to by the label and, based on the destination MAC address of the packet, tags the packet with the multiplex distinguishing flag for the N-PW, and forwards the packet. Upon receiving the packet from the N-PW, NPE 1 tags the packet with the multiplex distinguishing flag for the U-PW and sends the packet to UPE, which forwards the packet to the CE. For packets to be exchanged between CE 1 and CE 2, UPE can forward them directly without NPE 1 because it holds the bridging function by itself. For the first packet with an unknown destination MAC address or a broadcast packet, UPE broadcasts the packet to CE 2 through the bridging function and, at the same time, forwards it through U-PW to NPE 1, which replicates the packet and sends a copy to each peer CE. 5

H-VPLS with QinQ access Figure 4 H-VPLS with QinQ access PW switchover As shown in Figure 4, MTU is a standard bridging device and QinQ is enabled on its interfaces connected to CEs. Data forwarding in H-VPLS with QinQ access is as follows: Upon receiving a packet from a CE, MTU labels the packet with a VLAN tag as the multiplex distinguishing flag, and transparently sends the packet to PE 1 through the QinQ tunnel. When receiving the packet, PE 1 determines which VSI the packet belongs to by the VLAN tag and, based on the destination MAC address of the packet, tags the packet with the multiplex distinguishing flag (MPLS label) for the PW. Then, it forwards the packet. Upon receiving the packet from the PW, PE 1 determines to which VSI the packet belongs by the multiplex distinguishing flag (MPLS label) and, based on the destination MAC address of the packet, labels the packet with the VLAN tag. Then, it forwards the packet through the QinQ tunnel to MTU, which in turn forwards the packet to the CE. For packets to be exchanged between CE 1 and CE 2, MTU can forward them directly without PE 1 because it holds the bridging function by itself. For the first data packet with an unknown destination MAC address or a broadcast packet, MTU broadcasts the packet to CE 2 through the bridging function and, at the same time, forwards it through the QinQ tunnel to PE 1, which replicates the packet and sends a copy to each peer CE. The network design with a single PW between a UPE and an NPE has a distinct drawback: once the PW experiences a failure, all VPNs connected to the aggregate device will lose connectivity. The H-VPLS with LSP access provides redundant links for PW backup. Normally, only the primary PW link is used. When the main link fails, the backup link will take over the VPN services, as shown in Figure 5. 6

Figure 5 Backup link for H-VPLS with LSP access CE 1 NPE 1 U-PW UPE N-PW N-PW NPE 3 CE 3 CE 2 U-PW (Backup link) N-PW NPE 2 The H-VPLS with LSP access activates the backup link when: The tunnel over which the primary PW is established is deleted, causing the PW to go down. BFD detects a main link failure. The LDP session between the peers of the primary PW goes down, and the PW is deleted as a result. Hub-spoke VPLS implementation In hub-spoke networking, one of the VPLS networking modes, there is one hub site and multiple spoke sites. The spoke sites (the spoke-ces) are not permitted to communicate with each other directly; data transmission between them depends on the hub site (the hub-ce). The PE connecting the hub site is called the hub-pe. PEs connecting the spoke sites are called spoke-pes. Advantages of hub-spoke networking In hub-spoke networking, all traffic between spoke sites must go through the hub site, facilitating centralized management of traffic. Hub-Spoke networking Figure 6 Hub-spoke networking 7

Figure 6 shows a typical hub-spoke networking application. As the MAC address learning in a hub-spoke network is the same as that in a common network, the following describes only the data forwarding procedure: 1. Upon receiving a packet from Spoke-CE 1, Spoke-PE 1 inserts an MPLS label into the packet according to the VSI to which Spoke-CE 1 belongs and then forwards the packet to Hub-PE. 2. Receiving the packet from the PW, Hub-PE determines by the MPLS label the VSI that the packet is for and forwards the packet to Hub-CE directly. 3. Hub-CE has Layer 2 forwarding function. It processes the packet and then forwards the packet back to Hub-PE. 4. Receiving the packet from the AC, Hub-PE determines by the VLAN tag the VSI that the packet is for, inserts an MPLS label to which the PW corresponds based on the destination MAC address, and forwards the packet to Spoke-PE 2. 5. When Spoke-PE 2 receives the packet from the PW, it determines by the MPLS label the VSI that the packet is for, and then forwards the packet to Spoke-CE 2. NOTE: In a hub-spoke network, you can configure only one hub-ce node. Multi-hop PW A PW cannot be setup directly between two PEs when: The two PEs are in different Autonomous Systems (ASs), where they cannot establish a singling connection. The two PEs use different PW signaling protocols. In such cases, you can establish multiple continuous PW segments that function as a single PW, called a multi-hop PW, a virtual connection between the two PEs. Figure 7 Diagram for multi-hop PW As shown in Figure 7, PE 1 and PE 2 are in different ASs. To set up a multi-hop PW between PE 1 and PE 2, you need to: Establish three PWs: PW 1 between PE 1 and ASBR 1, PW 2 between ASBR 1 and ASBR 2, and PW 3 between ASBR 2 between PE 2. 8

Associate PW 1 and PW 2 on ASBR 1. Then, when receiving a packet from PW 1 (or PW 2), ASBR 1 removes the existing inner and outer labels of the packet and adds the inner and outer labels of PW 2 (or PW 1) to the packet. Associate PW 2 and PW 3 on ASBR 2. Then, upon receiving a packet from PW 2 (or PW 3), ASBR 2 removes the existing inner and outer labels of the packet and then adds the inner and outer labels of PW 3 (or PW 2) to the packet. Thus, PW 1, PW 2, and PW 3 are put end to end and a multi-hop PW is formed across the ASs. NOTE: Only LDP VPLS connections can form a multi-hop PW. VPLS configuration task list Complete the following tasks to configure VPLS: Task Configuring LDP VPLS Configuring BGP VPLS Binding a VPLS instance Configuring VPLS and MAC-in-MAC dual-stack support Configuring MAC address learning Configuring VPLS instance attributes Configuring traffic policing for an AC Inspecting PWs Remarks Configure either type of VPLS as needed Required Optional Optional Required Optional Required NOTE: When STP is enabled globally, the switch cannot transmit STP s Bridge Protocol Data Units (BPDUs) on a VPLS PW. Enabling L2VPN and MPLS L2VPN Enable L2VPN and MPLS L2VPN before you perform VPLS related configurations. To enable L2VPN and MPLS L2VPN: Step Command 1. Enter system view. system-view 2. Enable L2VPN and enter L2VPN view. l2vpn 3. Enable MPLS L2VPN. mpls l2vpn NOTE: For detailed information about the l2vpn command and the mpls l2vpn command, see MPLS Command Reference. 9

Configuring LDP VPLS Configuration prerequisites Before you configure LDP VPLS, complete the following tasks: Configure an IGP on the MPLS backbone devices (PEs and P devices) to guarantee the IP connectivity of the MPLS backbone. For configuration information, see Layer 3 IP Routing Configuration Guide. Configure basic MPLS on the MPLS backbone devices (PEs and P devices) to establish LSP tunnels on the backbone network. For configuration information, see the chapter Configuring basic MPLS. Configure LDP remote peers on PEs to establish remote LDP sessions. For configuration information, see the chapter Configuring basic MPLS. Configuring an LDP VPLS instance When creating an LDP VPLS instance, perform the following configurations: 1. Specify a globally unique name for the VPLS instance and set the peer discovery mechanism to manual configuration. 2. Configure LDP as the signaling protocol to be used. 3. Specify the ID of the VPLS instance. 4. Use the peer command to create the VPLS peer PE for the instance, specifying the following: IP address of the peer PE. ID of the PW to the peer PE, which must be consistent with that specified on the peer PE. Type of the peer PE. If you specify a peer as a UPE, the peer is a user access convergence device in the H-VPLS model. If you specify the backup-peer keyword when creating the peer, the local PE is a UPE and you create a primary NPE and a secondary NPE on it. On a UPE, you can configure only one pair of primary and secondary NPEs. The specified remote NPE peers must be fully meshed, but it is not necessary for a UPE to connect with all the NPEs. PW class template to be referenced. A PW class template defines the PW transport mode and tunneling policy to be used. To configure an LDP VPLS instance: Step Command Remarks 1. Enter system view. system-view N/A 2. Create a PW class template and enter its view. 3. Configure the PW transport mode. pw-class pw-class-name trans-mode { ethernet vlan } Optional. By default, no PW class template is created. Optional. VLAN by default. 10

Step Command Remarks 4. Specify a tunneling policy. pw-tunnel-policy policy-name Optional. By default, the tunneling policy specified through the tnl-policy command in VSI view is used. For how to configure a tunneling policy, see the chapter Configuring MPLS L3VPN. 5. Return to system view. quit N/A 6. Create an LDP VPLS instance and enter VSI view. 7. Specify LDP as the PW signaling protocol and enter VSI LDP view. 8. Specify an ID for the VPLS instance. 9. Create a peer PE for the VPLS instance. 10. Enable the PW switchover function and set the switchover delay time. vsi vsi-name static [ hub-spoke p2p ] pwsignal ldp vsi-id vsi-id peer ip-address [ { hub spoke } pw-class class-name [ pw-id pw-id ] [ upe backup-peer ip-address [ backup-pw-id pw-id ] ] ] * dual-npe revertive [ wtr-time wtr-time ] N/A N/A N/A N/A Optional. Disabled by default. NOTE: A PW to PW (P2P) mode VSI is applicable only to point to point MPLS L2VPN. To configure a multi-hop PW, specify the p2p keyword when you create a VPLS instance to enable the P2P capability, and specify the two peer PEs by using the peer command in the VPLS instance view to associate two PWs. Up to two peer PEs can be specified for a P2P enabled VPLS instance, and one of them must be specified as a UPE. Configuring BGP VPLS Configuration prerequisites Before you configure BGP VPLS, complete the following tasks: Configure an IGP on the MPLS backbone devices (PEs and P devices) to guarantee the IP connectivity of the MPLS backbone. For configuration information, see Layer 3 IP Routing Configuration Guide. Configure basic MPLS on the MPLS backbone devices (PEs and P devices) to establish LSP tunnels on the backbone network. For configuration information, see the chapter Configuring basic MPLS. 11

Configuring the BGP extension Before configuring BGP VPLS, you need to configure BGP parameters on the PEs. For configuration details, see Layer 3 IP Routing Configuration Guide. To configure BGP extension: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter VPLS address family view. vpls-family 4. Activate a peer. peer peer-address enable No peer is activated by default. N/A NOTE: For configurations in VPLS address family view, see the chapter Configuring MPLS L3VPN. Configuring a BGP VPLS instance When creating a BGP VPLS instance, you must specify a globally unique name for the VPLS instance and set the peer discovery mechanism to automatic configuration. When configuring a BGP VPLS instance, you must configure BGP as the signaling protocol to be used. To configure a BGP VPLS instance: Step Command 1. Enter system view. system-view 2. Create a BGP VPLS instance and enter VSI view. vsi vsi-name auto 3. Specify BGP as the PW signaling protocol and pwsignal bgp enter VSI BGP view. 4. Configure an RD for the VPLS instance. route-distinguisher route-distinguisher 5. Configure VPN targets for the VPLS instance. vpn-target vpn-target&<1-16> [ both import-extcommunity export-extcommunity ] 6. Create a site for the VPLS instance. site site-id [ range site-range ] [ default-offset { 0 1 } ] Resetting VPLS BGP connections When the BGP routing policy or protocol is changed, you must reset the BGP connections in a VPLS to make the new configurations take effect to all connections. To reset VPLS BGP connections: Task Command Remarks Reset a specific or all VPLS BGP connections. reset bgp vpls { as-number ip-address all external internal } Available in user view 12

Binding a VPLS instance You can establish the association between packets and a VPLS instance in either of the following methods: Binding a Layer 3 interface with the VPLS instance. After you configure such a binding, all packets arriving at the Layer 3 interface will be forwarded by the VPLS instance. Binding a service instance with the VPLS instance. After you configure such a binding, the switch matches packets received on the Layer 2 Ethernet port according to the service instance. Packets that match the service instance will be forwarded by the VPLS instance bound with the service instance. A service instance can be used to match all packets received on the port, packets carrying the specified VLAN tags, all tagged packets, or all packets with no VLAN tags, providing a more flexible VPLS instance access control. NOTE: The interface bound with a VPLS instance does not support the redirection function (the redirect command). For more information about the redirect command, see ACL and QoS Command Reference. Binding a Layer 3 interface with a VPLS instance To bind a Layer 3 interface with a VPLS instance: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. 3. Configure the interface to work in Layer 3 mode. 4. Bind the interface with a VPLS instance. interface interface-type interface-number port link-mode route l2 binding vsi vsi-name [ access-mode { ethernet vlan } { hub spoke } ] * N/A You must perform this configuration if the interface is an Ethernet interface. Other types of interfaces do not require this configuration. By default, an interface is not bound with any VPLS instance. NOTE: Layer 3 interface in this configuration task does not include VLAN interfaces. You cannot bind a VPLS instance directly with a VLAN interface. Instead, you can bind a Layer 2 Ethernet interface in the VLAN with the VPLS instance. For more information, see Binding a service instance with a VPLS instance. On the interface that is bound with a VPLS instance, do not configure other Layer 3 applications. A P2P enabled VPLS instance cannot be bound with a Layer 3 interface. If you bind a Layer 3 interface with a VPLS instance, IP related functions on the sub-interfaces of the Layer 3 interface will fail. For example, the sub-interfaces cannot receive ARP or IGMP packets; they cannot forward unicast or multicast packets. After you remove the binding, the IP related functions on the sub-interfaces recover. 13

Binding a service instance with a VPLS instance To bind a service instance with a VPLS instance, you need to: Create the service instance on a Layer 2 Ethernet interface Configure a packet matching rule for the service instance Bind the service instance with the VPLS instance. After these configurations, packets that arrive at the Layer 2 Ethernet interface and match the packet matching rule will be forwarded by the bound VPLS instance. To bind a service instance with a VPLS instance: Step Command Remarks 1. Enter system view. system-view N/A 2. Create a VLAN for packet matching. vlan vlan-id N/A 3. Add the interface connecting the CE to the VLAN. port interface N/A 4. Return to system view. quit N/A 5. Enter the view of the interface connecting the CE. 6. Create a service instance and enter its view. interface interface-type interface-number service-instance service-instance-id N/A By default, no service instance is created. By default, no packet matching rule is configured for a service instance. 7. Configure a packet matching rule for the service instance. 8. Bind the service instance with a VPLS instance. encapsulation { s-vid vlan-id [ only-tagged ] port-based tagged untagged } xconnect vsi vsi-name [ access-mode { ethernet vlan } { hub spoke } ] * IMPORTANT: For this configuration task, do not configure the only-tagged, tagged, or untagged keyword. Otherwise, the packet matching rule does not take effect. By default, a service instance is not bound with any VPLS instance. CAUTION: Do not bind the control VLAN of an RRPP domain with a VPLS instance. Otherwise, a broadcast storm will occur, crashing down the network. For more information about RRPP, see High Availability Configuration Guide. NOTE: Only when the VPLS instance is enabled with the hub-spoke capability (the hub-spoke keyword included in the vsi static command), can you further specify the access mode as hub or spoke. The default is spoke. A P2P enabled VPLS instance cannot be bound with a service instance. The xconnect vsi command is available for service instances with the ID in the range of 1 to 4094. 14

Configuring VPLS and MAC-in-MAC dual-stack support A device that supports VPLS and MAC-in-MAC dual-stack can serve as a PE on the VPLS network and a backbone edge bridge (BEB) on the Provider Backbone Bridge Network (PBBN) at the same time to connect the VPLS network and the PBBN together. Such a device is called a BEB-PE, as shown in Figure 8. For more information about MAC-in-MAC, see Layer 2 LAN Switching Configuration Guide. Figure 8 Network diagram To configure the switch to support VPLS and MAC-in-MAC dual-stack, you need to create a VSI that supports VPLS and MAC-in-MAC dual-stack. To create such a VSI, specify the peer discovery mechanism, enable the MAC-in-MAC function, and specify the Backbone Service Instance Identifier (I-SID) for MAC-in-MAC when creating the VSI. To configure the switch to support VPLS and MAC-in-MAC dual-stack: Step Command 1. Enter system view. system-view 2. Create a VSI that supports both VPLS and MAC-in-MAC, and enter VSI view. vsi vsi-name { { auto static } minm i-sid i-sid minm i-sid i-sid { auto static } } NOTE: A VSI enabled with the hub-spoke capability (the hub-spoke keyword included in the vsi static command) does not support cooperation with the MAC-in-MAC feature. Configuring MAC address learning To configure the MAC address learning function: Step Command Remarks 1. Enter system view. system-view N/A 15

Step Command Remarks 2. Enter VSI view. vsi vsi-name N/A 3. Enable/disable MAC address learning for the VPLS instance. 4. Specify a MAC address learning mode for the VPLS instance. 5. Set the maximum number of MAC addresses that the switch can learn for the VPLS instance. 6. Enable the MAC address move function, so when the incoming interfaces of packets change, the device changes the interfaces in the corresponding MAC address entries accordingly. mac-learning { enable disable } mac-learn-style { qualify unqualify } mac-table limit mac-limit-number mac-move enable Optional. Enabled by default. Optional. unqualify by default. Optional. 65536 by default.. Optional. Disabled by default. Configuring VPLS instance attributes To configure VPLS instance attributes: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter VSI view. vsi vsi-name N/A 3. Specify the encapsulation type of the VPLS instance. 4. Set the MTU of the VPLS instance. 5. Set the description of the VPLS instance. 6. Shut down the VPLS service of the VPLS instance. encapsulation { bgp-vpls ethernet vlan } mtu mtu description text shutdown Optional. vlan by default, which corresponds to the VSI PW encapsulation type of tagged. Optional. 1,500 bytes by default. If a base card is inserted into the switch, set the MTU to 8192 bytes; otherwise, forwarded packets may get lost. For information about base card and subcard models, see the appendix in the switch installation guide Optional. No description set by default Optional. By default, the VPLS service of a VPLS instance is enabled. 16

Step Command Remarks 7. Specify a tunneling policy for the VPLS instance. tnl-policy tunnel-policy-name Optional. By default, no tunneling policy is specified for a VPLS instance and a VPLS instance uses the default tunneling policy. The default tunneling policy selects only one tunnel (on load balancing) in this order: LSP tunnel, CR-LSP tunnel. For how to configure a tunneling policy, see the chapter Configuring MPLS L3VPN. Configuring traffic policing for an AC Traffic policing controls packet transmission to avoid network congestion. Use one of the following methods to perform traffic policing for an AC: If you want to bind the VPLS instance to a Layer 3 interface, you can configure QoS on the Layer 3 interface for traffic policing of the AC. If you want to bind the VPLS instance to a service instance, you need to apply global CAR actions for the service instance for traffic policing of the AC. After you apply an inbound or outbound global CAR action for a service instance, the device polices the inbound or outbound traffic matching the service instance according to the applied global CAR action. This configuration task describes how to apply a CAR action for a service instance. Configuration prerequisites Use the qos car command in system view to configure a global CAR action. For more information about CAR, see ACL and QoS Configuration Guide. Configuration procedure To apply a global CAR action for a service instance: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter the view of the Layer 2 Ethernet interface connected to the CE. interface interface-type interface-number N/A 3. Enter service instance view. service-instance instance-id N/A 4. Apply a global CAR action to the inbound or outbound traffic on the AC. car { inbound outbound } name car-name By default, no global CAR is applied to an AC. NOTE: To configure traffic policing for an AC, you must first configure this task before you bind the service instance to the VPLS instance. 17

Inspecting PWs On a VPLS network, you can use the MPLS LSP ping function to check PW connectivity and get necessary information for troubleshooting PW failures. On the local PE, the MPLS LSP ping function adds the label of the PW to be tested into MPLS Echo Request messages so that the messages travel along the PW. The local PE determines whether the PW is valid and reachable according to the replies received from the peer PE. To check the connectivity of a PW: Task Command Remarks Use MPLS LSP ping to check the connectivity of a PW. ping lsp [ -a source-ip -c count -exp exp-value -h ttl-value -m wait-time -r reply-mode -s packet-size -t time-out -v ] * pw ip-address pw-id pw-id Available in any view NOTE: MPLS LSP ping can be used to inspect only an LDP PW. To use an S9500E switch to check the reachability of the VC to a peer PE, make sure that the peer PE supports VC inspection. The peer PE, however, cannot use this function to check the reachability of the VC to the S9500E switch. Displaying and maintaining VPLS Task Command Remarks Display the VPLS information in the BGP routing table. Display the MAC address table information of one or all VPLS instances. Display information about VPLS connections. display bgp vpls { all group [ group-name ] peer [ [ ip-address ] verbose ] route-distinguisher route-distinguisher [ site-id site-id [ label-offset label-offset ] ] } [ { begin exclude include } regular-expression ] display mac-address vsi [ vsi-name ] [ blackhole dynamic static ] [ count ] [ { begin exclude include } regular-expression ] display vpls connection [ bgp ldp vsi vsi-name ] [ block down up ] [ verbose ] [ { begin exclude include } regular-expression ] Available in any view Available in any view Available in any view 18

Task Command Remarks Display information about VPLS AC entries on a switch running in standalone mode. Display information about VPLS AC entries on a switch running in IRF mode. Display information about VPLS PW entries on a switch running in standalone mode. Display information about VPLS PW entries on a switch running in IRF mode. Display information about one or all VPLS instances. Display information about remote VPLS connections. Display information about service instances on an interface. Display information about one or all PW class templates. Display information about one or all fast switching groups. Clear the MAC address table of one or all VPLS instances. Clear the traffic statistics for a service instance on an interface. display mpls l2vpn fib ac vpls [ vsi vsi-name interface interface-type interface-number [ service-instance service-instanceid ] ] [ slot slot-number ] [ verbose ] [ { begin exclude include } regular-expression ] display mpls l2vpn fib ac vpls [ vsi vsi-name interface interface-type interface-number [ service-instance service-instanceid ] ] [ chassis chassis-number slot slot-number ] [ verbose ] [ { begin exclude include } regular-expression ] display mpls l2vpn fib pw vpls [ vsi vsi-name [ link link-id ] ] [ slot slot-number ] [ verbose ] [ { begin exclude include } regular-expression ] display mpls l2vpn fib pw vpls [ vsi vsi-name [ link link-id ] ] [ chassis chassis-number slot slot-number ] [ verbose ] [ { begin exclude include } regular-expression ] display vsi [ vsi-name ] [ verbose ] [ { begin exclude include } regular-expression ] display vsi remote { bgp ldp } [ { begin exclude include } regular-expression ] display service-instance interface interface-type interface-number [ service-instance service-instance-id ] [ { begin exclude include } regular-expression ] display pw-class [ pw-class-name ] [ { begin exclude include } regular-expression ] display l2vpn fast-switch-group [ group-index ] [ { begin exclude include } regular-expression ] reset mac-address vsi [ vsi-name ] reset service-instance statistics [ interface interface-type interface-number [ service-instance instance-id [ inbound outbound ] ] ] Available in any view Available in any view Available in any view Available in any view Available in any view Available in any view Available in any view Available in any view Available in any view Available in user view Available in user view 19

VPLS configuration examples NOTE: By default, Ethernet interfaces, VLAN interfaces, and aggregate interfaces are in DOWN state. To configure such an interface, first use the undo shutdown command to bring the interface up. Configuring VPLS instances Network requirements CE 1 and CE 2 reside in different sites but both belong to VPN 1. The PEs are connected to each other through interface VLAN-interface 10. On each PE, configure an LDP VPLS instance aaa (the Martini mode) and a BGP VPLS instance bbb (the Kompella mode). The AS number is 100. On each PE, configure service instances and bind the VPLS instances to forward specific packets. Service instance 1000 matches the received packets that carry VLAN tag 100 on GigabitEthernet 3/0/1. The matched packets are forwarded by VPLS instance aaa. Service instance 2000 matches the received packets that carry VLAN tag 200 on GigabitEthernet 3/0/1. The matched packets are forwarded by VPLS instance bbb. Figure 9 Network diagram Configuration procedure 1. Configure PE 1. # Configure the IGP protocol, which is OSPF in this example. (Details not shown) # Configure basic MPLS. <Sysname> system-view [Sysname] sysname PE1 [PE1] interface loopback 0 [PE1-LoopBack0] ip address 1.1.1.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit # Configure interface VLAN-interface 10. 20

[PE1] interface vlan-interface 10 [PE1-Vlan-interface10] ip address 10.10.10.10 24 # Configure basic MPLS on the VLAN interface. [PE1-Vlan-interface10] mpls [PE1-Vlan-interface10] mpls ldp [PE1-Vlan-interface10] quit # Configure the remote LDP session. [PE1] mpls ldp remote-peer 1 [PE1-mpls-remote-1] remote-ip 2.2.2.9 [PE1-mpls-remote-1] quit # Configure BGP extension. [PE1] bgp 100 [PE1-bgp] peer 2.2.2.9 as-number 100 [PE1-bgp] peer 2.2.2.9 connection-interface loopback 0 [PE1-bgp] vpls-family [PE1-bgp-af-vpls] peer 2.2.2.9 enable [PE1-bgp-af-vpls] quit [PE1-bgp] quit # Enable L2VPN and MPLS L2VPN. [PE1] l2vpn [PE1-l2vpn] mpls l2vpn [PE1-l2vpn] quit # Configure the basic attributes of VPLS instance aaa, which uses LDP. [PE1] vsi aaa static [PE1-vsi-aaa] pwsignal ldp [PE1-vsi-aaa-ldp] vsi-id 500 [PE1-vsi-aaa-ldp] peer 2.2.2.9 [PE1-vsi-aaa-ldp] quit [PE1-vsi-aaa] quit # Configure the basic attributes of VPLS instance bbb, which uses BGP. [PE1] vsi bbb auto [PE1-vsi-bbb] pwsignal bgp [PE1-vsi-bbb-bgp] route-distinguisher 100:1 [PE1-vsi-bbb-bgp] vpn-target 111:1 [PE1-vsi-bbb-bgp] site 1 range 10 [PE1-vsi-bbb-bgp] quit [PE1-vsi-bbb] quit # On interface GigabitEthernet 3/0/1 connected to CE 1, create service instances and bind the VPLS instances. [PE1] interface GigabitEthernet 3/0/1 [PE1-GigabitEthernet3/0/1] service-instance 1000 [PE1-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 100 [PE1-GigabitEthernet3/0/1-srv1000] xconnect vsi aaa [PE1-GigabitEthernet3/0/1-srv1000] quit [PE1-GigabitEthernet3/0/1] service-instance 2000 [PE1-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 200 [PE1-GigabitEthernet3/0/1-srv1000] xconnect vsi bbb 21

[PE1-GigabitEthernet3/0/1-srv1000] quit 2. Configure PE 2. # Configure the IGP protocol, which is OSPF in this example. (Details not shown) # Configure basic MPLS. <Sysname> system-view [Sysname] sysname PE2 [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls [PE1-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit # Configure interface VLAN-interface 10. [PE2] interface vlan-interface 10 [PE2-Vlan-interface10] ip address 10.10.10.11 24 # Configure basic MPLS on the VLAN interface. [PE2-Vlan-interface10] mpls [PE2-Vlan-interface10] mpls ldp [PE2-Vlan-interface10] quit # Configure the remote LDP session. [PE2] mpls ldp remote-peer 2 [PE2-mpls-remote-2] remote-ip 1.1.1.9 [PE2-mpls-remote-2] quit # Configure BGP extensions. [PE2] bgp 100 [PE2-bgp] peer 1.1.1.9 as-number 100 [PE2-bgp] peer 1.1.1.9 connection-interface loopback 0 [PE2-bgp] vpls-family [PE2-bgp-af-vpls] peer 1.1.1.9 enable [PE2-bgp-af-vpls] quit [PE2-bgp] quit # Enable L2VPN and MPLS L2VPN. [PE2] l2vpn [PE2-l2vpn] mpls l2vpn [PE2-l2vpn] quit # Configure the basic attributes of VPLS instance aaa, which uses LDP. [PE2] vsi aaa static [PE2-vsi-aaa] pwsignal ldp [PE2-vsi-aaa-ldp] vsi-id 500 [PE2-vsi-aaa-ldp] peer 1.1.1.9 [PE2-vsi-aaa-ldp] quit [PE2-vsi-aaa] quit # Configure the basic attributes of VPLS instance bbb, which uses BGP. [PE2] vsi bbb auto 22

[PE2-vsi-bbb] pwsignal bgp [PE2-vsi-bbb-bgp] route-distinguisher 100:1 [PE2-vsi-bbb-bgp] vpn-target 111:1 [PE2-vsi-bbb-bgp] site 2 range 10 [PE2-vsi-bbb-bgp] quit [PE2-vsi-bbb] quit # On interface GigabitEthernet 3/0/1 connected to CE 2, create service instances and bind the VPLS instances. [PE2] interface GigabitEthernet 3/0/1 [PE2-GigabitEthernet3/0/1] service-instance 1000 [PE2-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 100 [PE2-GigabitEthernet3/0/1-srv1000] xconnect vsi aaa [PE2-GigabitEthernet3/0/1-srv1000] quit [PE2-GigabitEthernet3/0/1] service-instance 2000 [PE2-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 200 [PE2-GigabitEthernet3/0/1-srv1000] xconnect vsi bbb [PE2-GigabitEthernet3/0/1-srv1000] quit 3. Verify the configuration. After you complete the configuration, issue the display vpls connection command on the PEs. You will see that PW connections in up state have been established. Configuring H-VPLS with LSP access Network requirements UPE and NPE 1 are connected through interfaces named VLAN-interface 10. NPE 1 and NPE 3 are connected to each other through interfaces named VLAN-interface 20. Create a U-PW connection between UPE and NPE 1 and an N-PW connection between NPE 1 and NPE 3. Create a VPLS instance aaa using LDP, the Martini mode. On UPE and NPE 3, configure a service instance and bind it to the VPLS instance aaa. The service instance matches the received packets that carry VLAN tag 100 on GigabitEthernet 3/0/1. The matched packets are forwarded by VPLS instance aaa. Figure 10 Network diagram Configuration procedure 1. Configure the IGP protocol on the MPLS backbone, which is OSPF in this example. (Details not shown) 2. Configure UPE. 23

# Configure basic MPLS. <Sysname> system-view [Sysname] sysname UPE [UPE] interface loopback 0 [UPE-LoopBack0] ip address 1.1.1.9 32 [UPE-LoopBack0] quit [UPE] mpls lsr-id 1.1.1.9 [UPE] mpls [UPE-mpls] quit [UPE] mpls ldp [UPE-mpls-ldp] quit # Configure basic MPLS on the interface connected to NPE 1. [UPE] interface vlan-interface 10 [UPE-Vlan-interface10] ip address 10.1.1.1 24 [UPE-Vlan-interface10] mpls [UPE-Vlan-interface10] mpls ldp [UPE-Vlan-interface10] quit # Configure the remote LDP session. [UPE] mpls ldp remote-peer 1 [UPE-mpls-remote-1] remote-ip 2.2.2.9 [UPE-mpls-remote-1] quit # Enable L2VPN and MPLS L2VPN. [UPE] l2vpn [UPE-l2vpn] mpls l2vpn [UPE-l2vpn] quit # Configure the basic attributes of VPLS instance aaa, which uses LDP. [UPE] vsi aaa static [UPE-vsi-aaa] pwsignal ldp [UPE-vsi-aaa-ldp] vsi-id 500 [UPE-vsi-aaa-ldp] peer 2.2.2.9 [UPE-vsi-aaa-ldp] quit [UPE-vsi-aaa] quit # On interface GigabitEthernet 3/0/1 connected to CE 1, create a service instance and bind VPLS instance aaa to the service instance. [UPE] interface GigabitEthernet 3/0/1 [UPE-GigabitEthernet3/0/1] service-instance 1000 [UPE-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 100 [UPE-GigabitEthernet3/0/1-srv1000] xconnect vsi aaa [UPE-GigabitEthernet3/0/1-srv1000] quit [UPE-GigabitEthernet3/0/1] quit 3. Configure NPE 1. # Configure basic MPLS. <Sysname> system-view [Sysname] sysname NPE1 [NPE1] interface loopback 0 [NPE1-LoopBack0] ip address 2.2.2.9 32 [NPE1-LoopBack0] quit 24

[NPE1] mpls lsr-id 2.2.2.9 [NPE1] mpls [NPE1 mpls] quit [NPE1] mpls ldp [NPE1 mpls-ldp] quit # Configure basic MPLS on the interface connected to UPE. [NPE1] interface vlan-interface 10 [NPE1-Vlan-interface10] ip address 10.1.1.2 24 [NPE1-Vlan-interface10] mpls [NPE1-Vlan-interface10] mpls ldp [NPE1-Vlan-interface10] quit # Configure basic MPLS on the interface connected to NPE 3. [NPE1] interface vlan-interface 20 [NPE1-Vlan-interface20] ip address 11.1.1.1 24 [NPE1-Vlan-interface20] mpls [NPE1-Vlan-interface20] mpls ldp [NPE1-Vlan-interface20] quit # Configure the remote LDP peer UPE. [NPE1] mpls ldp remote-peer 2 [NPE1-mpls-remote-2] remote-ip 1.1.1.9 [NPE1-mpls-remote-2] quit # Configure the remote LDP peer NPE 3. [NPE1] mpls ldp remote-peer 3 [NPE1-mpls-remote-3] remote-ip 3.3.3.9 [NPE1-mpls-remote-3] quit # Enable L2VPN and MPLS L2VPN. [NPE1] l2vpn [NPE1-l2vpn] mpls l2vpn [NPE1-l2vpn] quit # Configure the basic attributes of VPLS instance aaa, which uses LDP. [NPE1] vsi aaa static [NPE1-vsi-aaa] pwsignal ldp [NPE1-vsi-aaa-ldp] vsi-id 500 [NPE1-vsi-aaa-ldp] peer 1.1.1.9 upe [NPE1-vsi-aaa-ldp] peer 3.3.3.9 [NPE1-vsi-aaa-ldp] quit [NPE1-vsi-aaa] quit 4. Configure NPE 3. # Configure basic MPLS. <Sysname> system-view [Sysname] sysname NPE3 [NPE3] interface loopback 0 [NPE3-LoopBack0] ip address 3.3.3.9 32 [NPE3-LoopBack0] quit [NPE3] mpls lsr-id 3.3.3.9 [NPE3] mpls [NPE3 mpls] quit 25

[NPE3] mpls ldp [NPE3 mpls-ldp] quit # Configure basic MPLS on the interface connected to NPE 1. [NPE3] interface vlan-interface 20 [NPE3-Vlan-interface20] ip address 11.1.1.2 24 [NPE3-Vlan-interface20] mpls [NPE3-Vlan-interface20] mpls ldp [NPE3-Vlan-interface20] quit # Configure the remote LDP session. [NPE3] mpls ldp remote-peer 1 [NPE3-mpls-remote-1] remote-ip 2.2.2.9 [NPE3-mpls-remote-1] quit # Enable L2VPN and MPLS L2VPN. [NPE3] l2vpn [NPE3-l2vpn] mpls l2vpn [NPE3-l2vpn] quit # Configure the basic attributes of VPLS instance aaa, which uses LDP. [NPE3] vsi aaa static [NPE3-vsi-aaa] pwsignal ldp [NPE3-vsi-aaa-ldp] vsi-id 500 [NPE3-vsi-aaa-ldp] peer 2.2.2.9 [NPE3-vsi-aaa-ldp] quit [NPE3-vsi-aaa] quit # On interface GigabitEthernet 3/0/1 connected to CE 2, create a service instance and bind VPLS instance aaa to the service instance. [NPE3] interface GigabitEthernet 3/0/1 [NPE3-GigabitEthernet3/0/1] service-instance 1000 [NPE3-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 100 [NPE3-GigabitEthernet3/0/1-srv1000] xconnect vsi aaa [NPE3-GigabitEthernet3/0/1-srv1000] quit [NPE3-GigabitEthernet3/0/1] quit 5. Verify the configuration. After you complete previous configurations, issue the display vpls connection command on the PEs. You will see that a PW connection in up state has been established. Configuring hub-spoke VPLS Network requirements Set up a PW between Spoke-PE 1 and Hub-PE and a PW between Spoke-PE 2 and Hub-PE. Configure VPLS instance aaa to support hub-spoke networking. On Spoke-PE 1, Hub-PE, and Spoke-PE 2, configure a service instance and bind it to the VPLS instance aaa. The service instance matches the received packets that carry VLAN tag 100 on GigabitEthernet 3/0/1. The matched packets are forwarded by VPLS instance aaa. 26

Figure 11 Network diagram Hub-CE Hub-PE GE3/0/1 Vlan-int10 10.1.1.2/24 Vlan-int20 20.1.1.1/24 Vlan-int10 Vlan-int20 Loop0 10.1.1.1/24 20.1.1.2/24 3.3.3.9/32 Spoke-PE 1 Spoke-PE 2 GE3/0/1 GE3/0/1 Loop0 1.1.1.9/32 Loop0 2.2.2.9/32 Spoke-CE 1 Spoke-CE 2 Configuration procedure 1. Configure the IGP protocol on the MPLS backbone, which is OSPF in this example. (Details not shown) 2. Configure Spoke-PE 1. # Configure basic MPLS. <Sysname> system-view [Sysname] sysname Spoke-PE1 [Spoke-PE1] interface loopback 0 [Spoke-PE1-LoopBack0] ip address 1.1.1.9 32 [Spoke-PE1-LoopBack0] quit [Spoke-PE1] mpls lsr-id 1.1.1.9 [Spoke-PE1] mpls [Spoke-PE1 mpls] quit [Spoke-PE1] mpls ldp [Spoke-PE1-mpls-ldp] quit # Configure basic MPLS on the interface connected to Hub-PE. [Spoke-PE1] interface vlan-interface 10 [Spoke-PE1-Vlan-interface10] ip address 10.1.1.1 24 [Spoke-PE1-Vlan-interface10] mpls [Spoke-PE1-Vlan-interface10] mpls ldp [Spoke-PE1-Vlan-interface10] quit # Configure the remote LDP peer Hub-PE. [Spoke-PE1] mpls ldp remote-peer 1 [Spoke-PE1-mpls-remote-1] remote-ip 3.3.3.9 [Spoke-PE1-mpls-remote-1] quit # Enable L2VPN and MPLS L2VPN. [Spoke-PE1] l2vpn [Spoke-PE1-l2vpn] mpls l2vpn [Spoke-PE1-l2vpn] quit 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback