07-21-2020 05:42 PM - edited 07-21-2020 05:46 PM
Hi Team,
I'm having a problem for a few days now which is giving me a headache at this point.
We have a scenario where a customer is going to have an Inet access + l2vpn all delivered via CPE asr920.
PE is ncs540 which will build a connection to other PE in the network.
Customer handoff will be over two ports on the asr - one will be tagged Inet access and the second one (for l2vpn) will be untagged (from their perspective) - so plain ethernet service where they will manage vlan's to other ends of the l2vpn
The thing that we had in mind is to do qinq between ncs and asr where one vlan will carry inet and the second will carry out VPN traffic
ASR setup
! interface TenGigabitEthernet0/0/2 description CUSTOMER_INET-ACCESS mtu 9216 service instance 1 ethernet encapsulation dot1q 555 bridge-domain 555 ! interface TenGigabitEthernet0/0/3 description CUSTOMER_VPN-ACCESS mtu 9216 service instance 2 ethernet encapsulation dot1q any bridge-domain 556 ! interface TenGigabitEthernet0/0/5 description UPLINK mtu 9216 service instance 3 ethernet encapsulation dot1q 555 rewrite ingress tag pop 1 symmetric bridge-domain 555 ! service instance 4 ethernet encapsulation dot1q 556 rewrite ingress tag pop 1 symmetric bridge-domain 556 !
On the other side, NCS side, this is the setup
! interface Te0/0/0/10.556 l2transport encapsulation dot1q 556 second-dot1q any mtu 2014 ! l2vpn ! bridge group BG_PW_TEST bridge-domain BD556 interface Te0/0/0/10.556 ! neighbor 10.32.0.2 pw-id 556 ! !
RP/0/RP0/CPU0#sho l2vpn bridge-domain bd-name BD556 pw-id 556 detail Tue Jul 21 17:37:38.015 PDT Legend: pp = Partially Programmed. Bridge group: BG_PW_TEST, bridge-domain: BD556, id: 1, state: up, ShgId: 0, MSTi: 0 Coupled state: disabled VINE state: Default MAC learning: enabled MAC withdraw: disabled Flooding: Broadcast & Multicast: enabled Unknown unicast: enabled MAC aging time: 300 s, Type: inactivity MAC limit: 32000, Action: none, Notification: syslog MAC limit reached: no, threshold: 75% MAC port down flush: enabled MAC Secure: disabled, Logging: disabled Split Horizon Group: none Dynamic ARP Inspection: disabled, Logging: disabled IP Source Guard: disabled, Logging: disabled DHCPv4 Snooping: disabled DHCPv4 Snooping profile: none IGMP Snooping: disabled IGMP Snooping profile: none MLD Snooping profile: none Storm Control: disabled Bridge MTU: 2000 MIB cvplsConfigIndex: 2 Filter MAC addresses: P2MP PW: disabled Create time: 21/07/2020 16:29:22 (01:08:15 ago) No status change since creation ACs: 1 (1 up), VFIs: 0, PWs: 1 (1 up), PBBs: 0 (0 up), VNIs: 0 (0 up) List of Access PWs: PW: neighbor 10.10.10.2, PW ID 556, state is up ( established ) PW class not set, XC ID 0xc0000003 Encapsulation MPLS, protocol LDP Source address 10.10.202.12 PW type Ethernet, control word disabled, interworking none PW backup disable delay 0 sec Sequencing not set LSP : Up MPLS Local Remote ------------ ------------------------------ --------------------------- Label 64090 26137 Group ID 0x1 0x0 Interface Access PW unknown MTU 2000 2000 Control word disabled disabled PW type Ethernet Ethernet VCCV CV type 0x2 0x0 (none) (LSP ping verification) VCCV CC type 0x6 0x0 (none) (router alert label) (TTL expiry) ------------ ------------------------------ --------------------------- MIB cpwVcIndex: 3221225475 Create time: 21/07/2020 16:50:22 (00:47:16 ago) Last time status changed: 21/07/2020 16:50:24 (00:47:14 ago) MAC withdraw messages: sent 0, received 0 Forward-class: 0 Static MAC addresses: Statistics: packets: received 0 (unicast 0), sent 0 bytes: received 0 (unicast 0), sent 0 MAC move: 0 Storm control drop counters: packets: broadcast 0, multicast 0, unknown unicast 0 bytes: broadcast 0, multicast 0, unknown unicast 0 MAC learning: enabled Flooding: Broadcast & Multicast: enabled Unknown unicast: enabled MAC aging time: 300 s, Type: inactivity MAC limit: 32000, Action: none, Notification: syslog MAC limit reached: no, threshold: 75% MAC port down flush: enabled MAC Secure: disabled, Logging: disabled Split Horizon Group: none DHCPv4 Snooping: disabled DHCPv4 Snooping profile: none IGMP Snooping: disabled IGMP Snooping profile: none MLD Snooping profile: none Storm Control: bridge-domain policer List of VFIs: List of Access VFIs:
Maybe this is just sanity check - but I'd to ask.
Appreciate all your comments!
Cheers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide