Configuring L2TPv3 Dynamic Tunnels
In this section, you will be provided with the configuration process to configure dynamic L2TPv3 tunnels in the network topology shown earlier in Figure 10-6. The same endpoints are used for implementing the dynamic L2TPv3 tunnels. The only differences are in the configuration of the pseudowire class or template as well as the attachment circuit configuration. The following steps outline the configuration process to implement the dynamic L2TPv3 tunnel. The initial interface configurations and the configuration of the L2TP class/template are not repeated for conciseness:
Step 1. |
Configure the pseudowire class/template with the protocol to be used for control channel information exchange to be L2TPv3. The only configuration change in comparison to implementation of static/manual L2TPv3 tunnel configuration is the configuration of a protocol for signaling the control channel parameters as shown in Example 10-7.
Example 10-7. Configuring Pseudowire Class for Dynamic L2TPv3 Tunnels PE1-AS1(config)#pseudowire-class dynamic PE1-AS1(config-pw-class)# encapsulation l2tpv3 PE1-AS1(config-pw-class)# ip local interface Loopback0 ________________________________________________________________ PE2-AS1(config)#pseudowire-class dynamic PE2-AS1(config-pw-class)# encapsulation l2tpv3 PE2-AS1(config-pw-class)# ip local interface Loopback0 |
Step 2. |
The next step is the association of an attachment circuit by the use of xconnect commands under the interface configuration to associate the pseudowire class with the physical or logical interface that is part of the tunnel. To differentiate between the manual VC and the new dynamic configuration VC, configure the xconnect commands with a VC ID of 2 and a mapping to the pseudowire template configured in Step 1, as shown in Example 10-8.
Example 10-8. Configuration of Attachment Circuit PE1-AS1(config)#int pos 0/0 PE1-AS1(config-if)# xconnect 10.10.10.102 2 pw-class dynamic ________________________________________________________________ PE2-AS1(config)#int pos 0/0 PE2-AS1(config-if)# xconnect 10.10.10.101 2 pw-class dynamic |
Step 3. |
In addition to the previous steps, you need to configure a tunnel server card on the PE routers that are GSR series chassis, as depicted in Example 10-9.
Example 10-9. Configuring the Tunnel Server Card for the PE Routers (GSR) PE1-AS1(config)#interface POS3/0 PE1-AS1(config-if)# ip unnumbered Loopback0 PE1-AS1(config-if)# loopback internal PE1-AS1(config)#hw-module slot 3 mode server ________________________________________________________________ PE2-AS1(config)#interface POS3/0 PE2-AS1(config-if)# ip unnumbered Loopback0 PE2-AS1(config-if)# loopback internal PE2-AS1(config)#hw-module slot 3 mode server |
Verification of Dynamic L2TPv3 Tunnel Operation
The following verification steps are performed on the PE routers to validate L2TPv3 tunnel and Layer 2 VPN operation:
Step 1. |
Verify if the state of the tunnel is established, as shown in Example 10-10 in the output of the show l2tun tunnel all and show l2tun session all commands.
Example 10-10. Verification of L2TPv3 Dynamic Tunnel Status PE1-AS1#show l2tun tunnel all Tunnel Information Total tunnels 1 sessions 1 Tunnel id 50899 is up, remote id is 54048, 1 active sessions Tunnel state is established, time since change 5d21h Tunnel transport is IP (115) Remote tunnel name is PE2-AS1 Internet Address 10.10.10.102, port 0 Local tunnel name is PE1-AS1 Internet Address 10.10.10.101, port 0 Tunnel domain is VPDN group for tunnel is - L2TP class for tunnel is l2tp_default_class 0 packets sent, 0 received 0 bytes sent, 0 received Control Ns 8483, Nr 8486 Local RWS 8192 (default), Remote RWS 8192 (max) Tunnel PMTU checking disabled Retransmission time 1, max 1 seconds Unsent queuesize 0, max 0 Resend queuesize 0, max 1 Total resends 0, ZLB ACKs sent 8484 Current nosession queue check 0 of 5 Retransmit time distribution: 0 0 0 0 0 0 0 0 0 Sessions disconnected due to lack of resources 0 ________________________________________________________________ PE1-AS1#show l2tun session all Session Information Total tunnels 1 sessions 1 Session id 3544 is up, tunnel id 50899 Call serial number is 2130200000 Remote tunnel name is PE2 Internet address is 10.10.10.102 Session is L2TP signalled Session state is established, time since change 5d21h 67894 Packets sent, 59399 received 6263779 Bytes sent, 3565000 received Receive packets dropped: out-of-order: 0 total: 0 Send packets dropped: exceeded session MTU: 0 total: 0 Session vcid is 2 Session Layer 2 circuit, type is HDLC, name is POS0/0 Circuit state is UP Remote session id is 10589, remote tunnel id 54048 DF bit off, ToS reflect disabled, ToS value 0, TTL value 255 No session cookie information available SSS switching enabled Sequencing is off ________________________________________________________________ PE2-AS1#show l2tun tunnel all Tunnel Information Total tunnels 1 sessions 1 Tunnel id 54048 is up, remote id is 50899, 1 active sessions Tunnel state is established, time since change 5d21h Tunnel transport is IP (115) Remote tunnel name is PE1 Internet Address 10.10.10.101, port 0 Local tunnel name is PE2 Internet Address 10.10.10.102, port 0 Tunnel domain is VPDN group for tunnel is - L2TP class for tunnel is 0 packets sent, 0 received 0 bytes sent, 0 received Control Ns 8487, Nr 8484 Local RWS 8192 (default), Remote RWS 8192 (max) Tunnel PMTU checking disabled Retransmission time 1, max 1 seconds Unsent queuesize 0, max 0 Resend queuesize 0, max 2 Total resends 0, ZLB ACKs sent 8482 Current nosession queue check 0 of 5 Retransmit time distribution: 0 0 0 0 0 0 0 0 0 Sessions disconnected due to lack of resources 0 ________________________________________________________________ PE2-AS1#show l2tun session all Session Information Total tunnels 1 sessions 1 Session id 10589 is up, tunnel id 54048 Call serial number is 2130200000 Remote tunnel name is PE1-AS1 Internet address is 10.10.10.101 Session is L2TP signalled Session state is established, time since change 5d21h 59409 Packets sent, 67908 received 4278376 Bytes sent, 5450303 received Receive packets dropped: out-of-order: 0 total: 0 Send packets dropped: exceeded session MTU: 0 total: 0 Session vcid is 2 Session Layer 2 circuit, type is HDLC, name is POS0/0 Circuit state is UP Remote session id is 3544, remote tunnel id 50899 DF bit off, ToS reflect disabled, ToS value 0, TTL value 255 No session cookie information available SSS switching enabled Sequencing is off |
Step 2. |
Perform a ping from one CE router interface to the other CE router interface across the L2VPN tunnel. If all configurations have been performed correctly, connectivity is established between the CE routers and the customer sites. (See Example 10-11.)
Example 10-11. Verify IP Connectivity Between CE Routers CE1-A#ping 172.16.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms |
Final Device Configurations for L2TPv3 Dynamic Tunnels
Figure 10-8 depicts the final configuration for the PE Routers PE1-AS1 and PE2-AS1 to implement dynamic L2TPv3 tunnel configuration.
Figure 10-8. Final Device Configuration for Implementation of L2TPv3 Dynamic Tunnels