VPLS Topology-Single PE or Direct Attachment

The single PE or direct attachment architecture uses a flat architecture and supports Ethernet port, 802.1Q VLAN, and dot1q tunnel modes. The CEs are directly connected to the PE routers, and this architecture involves the creation of a separate VSI for each customer. Customer traffic originating from the CE in native Ethernet or VLAN tagged frames are MPLS encapsulated with an AToM stack. Direct attachment VPLS also uses a full mesh of directed LDP and tunnel LSPs between all the PE routers. Although this creates signaling overhead, the real detriment to large-scale deployment is the packet replication requirements for each provisioned VC on a PE router. Due to scalability constraints, this solution is suitable only for simple implementations. Figure 12-6 shows a direct attachment VPLS architecture providing VPLS services to Customers A and B.

Figure 12-6. Direct Attachment VPLS Network

Customer A's network has CE routers CE1-A, CE2-A, and CE3-A connected to PEs PE1, PE2, and PE3, respectively. Links to CE1-A, CE2-A, and CE3-A are configured as switch access ports on PE1, PE2, and PE3. Customer B's CE devices, CE1-B, CE2-B, and CE3-B, are configured as 802.1Q trunk ports to PE1, PE2, and PE3, respectively. Figure 12-7 shows the data forwarding that takes place in a direct attachment VPLS architecture using port and 802.1Q modes.

Figure 12-7. VPLS Data Forwarding in Port and 802.1Q Mode

 

Configuration Flowchart for Direct Attachment VPLS

To achieve a functional VPLS network, there are two important steps. The first step is to ensure that the SP's network comprising PE1, PE2, and PE3 is enabled for MPLS forwarding. Example 12-1 shows the provider network configurations for PE1, PE2, and PE3. Throughout this chapter, you will use these as provider network configurations.

Example 12-1. Provider Network Configuration for MPLS Forwarding

!PE1 hostname PE1 ! mpls label protocol ldp mpls ldp discovery targeted-hello accept mpls ldp router-id Loopback0 force ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface GE-WAN3/1 description connected to PE2 ip address 10.10.10.1 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE3 ip address 10.10.10.5 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0 ______________________________________________________________________ !PE2 hostname PE2 ! mpls label protocol ldp mpls ldp discovery targeted-hello accept mpls ldp router-id Loopback0 force ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface GE-WAN3/1 description connected to PE1 ip address 10.10.10.2 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE3 ip address 10.10.10.9 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0 ______________________________________________________________________ !PE3 hostname PE3 ! mpls label protocol ldp mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.103 255.255.255.255 ! interface GE-WAN3/1 description connected to PE2 ip address 10.10.10.10 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! interface GE-WAN3/2 description connected to PE1 ip address 10.10.10.6 255.255.255.252 negotiation auto mpls ip mls qos trust dscp ! router ospf 1 network 10.0.0.0 0.255.255.255 area 0

The second step is to configure the VPLS service, and Figure 12-8 illustrates the configuration flowchart on the PE router to provision Ethernet port mode, Ethernet 802.1Q VLAN, and Ethernet dot1Q tunnel mode.

Figure 12-8. VPLS Service Configuration Flowchart on PE Router

 

Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes

The objective of this configuration scenario is to demonstrate VPLS network using port and 802.1Q VLAN mode. As shown in Figure 12-7, Customer A VPLS network uses port mode and Customer B VPLS network uses 802.1Q VLAN mode.

Table 12-1 shows the MAC address associated with CE routers.

Table 12-1. MAC Address for CE Routers

Router

MAC Address

Customer A

CE1-A

0012.d9bd.b600

CE2-A

0012.8034.6980

CE3-A

0012.d9e7.ace0

Customer B

CE1-B

0012.80f3.2ce0

CE2-B

0012.d9e7.b520

CE3-B

0012.d9bd.b640

The steps to configure the topology shown in Figure 12-6 are as follows:

Step 1.

Configure the interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A as an access port (untagged)and Customer B as an 802.1Q trunk port (tagged). See Example 12-2.

 

Example 12-2. Configure the Two Interfaces Connected to CE Device

PE1(config)#vlan 100 PE1(config-vlan)#state active PE1(config-vlan)#vlan 200 PE1(config-vlan)#state active PE1(config)#interface fastEthernet 4/1 PE1(config-if)#description VPLS Customer A (CE1-A) PE1(config-if)#switchport PE1(config-if)#switchport access vlan 100 PE1(config-if)#switchport mode access PE1(config-if)#interface FastEthernet4/2 PE1(config-if)#description VPLS Customer B (CE1-B) PE1(config-if)#switchport PE1(config-if)#switchport trunk encapsulation dot1q PE1(config-if)#switchport trunk allowed vlan 200 PE1(config-if)#switchport mode trunk  

Step 2.

Define the VFI and bind it to the interface connected to the CE – In this step, the VFI is configured. After defining the VFI, it is associated to one or more attachment circuits (interfaces, subinterfaces, or virtual circuits). The VFI specifies the VPN ID of a VPLS domain, the addresses of other PE routers in this domain, and the type of tunnel signaling and encapsulation (currently only MPLS is supported) mechanism for each peer.

 

An MPLS VPN ID is used to identify VPNs by a VPN identification number, as described in RFC 2685. This MPLS VPN ID is implemented to identify a VPN. The MPLS VPN ID feature does not control the distribution of routing information or associate IP addresses with MPLS VPN ID numbers in routing updates. Multiple VPNs can be configured in a router. You can use a VPN name (a unique ASCII string) to reference a specific VPN configured in the router. Alternately, you can use a VPN ID to identify a particular VPN in the router. The VPN ID follows a standard specification (RFC 2685). To ensure that the VPN has a consistent VPN ID, assign the same VPN ID to all the routers in the SP network that services that VPN. Each VPN ID defined by RFC 2685 consists of the following two elements:

Example 12-3 shows the steps to configure VFI and associate it to the attachment circuit.

Example 12-3. Step 3: Define the VFI and Associate It to the Attachment Circuit

PE1(config)#l2 vfi Cust_A manual PE1(config-vfi)# vpn id 100 PE1(config-vfi)# neighbor 10.10.10.102 encapsulation mpls PE1(config-vfi)# neighbor 10.10.10.103 encapsulation mpls PE1(config-vfi)#l2 vfi Cust_B manual PE1(config-vfi)#vpn id 200 PE1(config-vfi)#neighbor 10.10.10.102 encapsulation mpls PE1(config-vfi)#neighbor 10.10.10.103 encapsulation mpls PE1(config)#interface vlan 100 PE1(config-if)#xconnect vfi Cust_A PE1(config-if)#interface vlan 200 PE1(config-if)#xconnect vfi Cust_B

 

Verification of VPLS Connectivity

To verify VPLS connectivity, follow these steps:

Step 1.

Ensure that directed LDP session is operational – Example 12-4 shows the output of the show mpls l2transport vc command. The output indicates the pseudo wire is functional for transporting Layer 2 packets across the MPLS backbone.

 

Example 12-4. Output of show mpls l2transport vc on PE1

PE1#show mpls l2transport vc Local intf Local circuit Dest address VC ID Status ------------- -------------------- --------------- ---------- ---------- VFI Cust_A VFI 10.10.10.102 100 UP VFI Cust_B VFI 10.10.10.102 200 UP VFI Cust_A VFI 10.10.10.103 100 UP VFI Cust_B VFI 10.10.10.103 200 UP  

Step 2.

Verify MPLS and VC label – Example 12-5 shows the output of show mpls l2transport vc vc-number detail where the VC ID is 100, and the directed LDP peer is 10.10.10.102 and 10.10.10.103. The VC label on PE1 for the outgoing interface on PE2 connected to CE2-A is 21, and it allocates VC Label 21 for the interface connected to CE1-A. With the directed LDP peer 10.10.10.103, the VC label on PE1 for the outgoing interface on PE2 connected to CE3-A is 17, and it allocates VC Label 22 for the interface connected to CE1-A.

 

Example 12-5. show mpls l2transport vc on PE1

PE1#show mpls l2transport vc 100 detail Local interface: VFI Cust_A up Destination address: 10.10.10.102, VC ID: 100, VC status: up Tunnel label: imp-null, next hop 10.10.10.2 Output interface: GE3/1, imposed label stack {21} Create time: 10:13:08, last status change time: 10:06:25 Signaling protocol: LDP, peer 10.10.10.102:0 up MPLS VC labels: local 21, remote 21 Group ID: local 0, remote 0 MTU: local 1500, remote 1500 Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 973, send 971 byte totals: receive 77383, send 77244 packet drops: receive 0, send 0 Local interface: VFI Cust_A up Destination address: 10.10.10.103, VC ID: 100, VC status: up Tunnel label: imp-null, next hop 10.10.10.6 Output interface: GE3/2, imposed label stack {17} Create time: 10:13:09, last status change time: 10:06:45 Signaling protocol: LDP, peer 10.10.10.103:0 up MPLS VC labels: local 22, remote 17 Group ID: local 0, remote 0 MTU: local 1500, remote 1500 Remote interface description: Sequencing: receive disabled, send disabled VC statistics: packet totals: receive 90, send 977 byte totals: receive 8560, send 77712 packet drops: receive 0, send 0  

In Example 12-6, show mpls l2transport summary shows the total number of the VCs that are active.

Example 12-6. Output of show mpls l2 summary on PE3

PE1#show mpls l2transport summary Destination address: 10.10.10.102, total number of vc: 2 0 unknown, 2 up, 0 down, 0 admin down 2 active vc on MPLS interface GE3/1 Destination address: 10.10.10.103, total number of vc: 2 0 unknown, 2 up, 0 down, 0 admin down 2 active vc on MPLS interface GE3/2

In Example 12-7, show vfi shows the remote PE neighbors to which the pseudo wires are configured. The command will show the neighbors even if the pseudo wire is down.

Example 12-7. Output of show vfi on PE1

PE1#show vfi Cust_A VFI name: Cust_A, state: up Local attachment circuits: Vlan100 Neighbors connected via pseudowires: 10.10.10.102 10.10.10.103

Example 12-8 shows the MAC addresses learned by PE Router PE1.

Example 12-8. Output of show mac-address-table vlan on PE1

PE1#show mac-address-table vlan 100 Legend: * - primary entry vlan mac address type learn ports ------+----------------+--------+-----+-------------------------- * 100 0012.d9e7.ace0 dynamic Yes * 100 0012.8034.6980 dynamic Yes * 100 0012.d9bd.b600 dynamic Yes Fa4/1 PE1#show mac-address-table vlan 200 Legend: * - primary entry vlan mac address type learn ports ------+----------------+--------+-----+-------------------------- * 200 0012.d9e7.b520 dynamic Yes * 200 0012.80f3.2ce0 dynamic Yes Fa4/2 * 200 0012.d9bd.b640 dynamic Yes

 

VPLS Configurations on PE Router

Example 12-9 shows the relevant VPLS configurations on PE Routers PE1, PE2, and PE3.

Example 12-9. VPLS Configurations on PE1, PE2, and PE3

!PE1 hostname PE1 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A - CE1-A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet4/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !PE2 hostname PE2 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet4/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !PE3 hostname PE3 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! interface FastEthernet2/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode access ! interface FastEthernet2/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B

 

CE Router Configurations for Customer A and Customer B

Example 12-10 shows the configurations for Customer A's and Customer B's CE devices.

Example 12-10. CE Router Configurations

!CE1-A hostname CE1-A ! interface FastEthernet0/0 ip address 172.16.1.1 255.255.255.0 ______________________________________________________________________ !CE1-B hostname CE1-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.1 255.255.255.0 ______________________________________________________________________ !CE2-A hostname CE2-A ! interface FastEthernet0/0 ip address 172.16.1.2 255.255.255.0 ______________________________________________________________________ !CE2-B hostname CE2-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.2 255.255.255.0 ______________________________________________________________________ !CE3-A hostname CE3-A ! interface FastEthernet0/0 ip address 172.16.1.3 255.255.255.0 ______________________________________________________________________ !CE3-B hostname CE3-B ! interface FastEthernet0/0.200 encapsulation dot1Q 200 ip address 192.168.1.3 255.255.255.0

 

Direct Attachment VPLS Configuration Scenario 2 – Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling

Figure 12-9 shows a direct attachment VPLS network that is providing VPLS service to Customer A and B networks. The objective of this configuration scenario is to demonstrate dot1q tunnel mode configuration and the usage of Layer 2 tunnel protocol for CDP in Customer A's VPLS network. Customer B's VPLS network has Site 2 dual-homed to the SP network via user PE (u-PE23). Customer B network is used primarily to demonstrate how STP is tunneled and to prevent Layer 2 loops when a site has redundant links to the provider network. Figure 12-9 shows the VPLS topology used to demonstrate

Figure 12-9. Direct Attachment VPLS Using Dot1q Tunnel Mode and Layer 2 Protocol Tunneling

Prior to configuring this scenario, you will be introduced to the following basic concepts:

The steps to configure the topology shown in Figure 12-9 are as follows:

Step 1.

Configure the switch port interface connected to CE device – In this step, you configure the interfaces on the PE router connected to the CE routers for Customer A in dotq tunnel mode (untagged). Also, enable the interface for Layer 2 protocol tunneling. Example 12-13 shows the configuration on PE1 for interface 4/1 connected to CE1-A. Similarly, enable dot1q tunnel mode and Layer 2 protocol tunneling for CDP on 4/1 and 2/1 on PE2 and PE3, respectively.

 

Example 12-13. Configure the Layer 2 Interface Connected to CE Device

PE1(config)#interface fastEthernet 4/1 PE1(config-if)#description VPLS Customer A (CE1-A) PE1(config-if)#switchport PE1(config-if)# switchport access vlan 100 PE1(config-if)#switchport mode dot1q-tunnel PE1(config-if)#l2protocol-tunnel cdp ______________________________________________________________________ PE2(config)#vlan 20 PE2(config-vlan)#state active PE2(config-vlan)#no spanning-tree vlan 20,200 PE2(config)#interface FastEthernet4/12 PE2(config-if)# switchport PE2(config-if)# switchport trunk encapsulation dot1q PE2(config-if)# switchport trunk native vlan 20 PE2(config-if)# switchport trunk allowed vlan 20,200 ______________________________________________________________________ PE3(config)#vlan 20 PE3(config-vlan)#state active PE3(config-vlan)#no spanning-tree vlan 20,200 PE3(config)#interface FastEthernet2/12 PE3(config-if)# switchport PE3(config-if)# switchport trunk encapsulation dot1q PE3(config-if)# switchport trunk native vlan 20 PE3(config-if)# switchport trunk allowed vlan 20,200

For Customer B, the configurations for switch interface 4/2 on PE1 and PE2 are the same as shown in the earlier section. However, CE2B is connected to u-PE23, and u-PE23 is dual-homed to the provider network at PE2 (4/12) and PE3 (2/12). The configuration on u-PE23 is shown in Example 12-14.

 

Example 12-14. Configuration of u-PE23

u-PE23(config)#spanning-tree mode mst u-PE23(config)#spanning-tree mst configuration u-PE23(config-mst)# name instance1 u-PE23(config-mst)# revision 1 u-PE23(config-mst)# instance 1 vlan 200 u-PE23(config)#interface FastEthernet0/11 u-PE23(config-if)# description connected to n-PE3 u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk native vlan 20 u-PE23(config-if)# switchport trunk allowed vlan 20,200 u-PE23(config-if)# switchport mode trunk u-PE23(config-if)#interface FastEthernet0/12 u-PE23(config-if)# description connected to n-PE2 u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk native vlan 20 u-PE23(config-if)# switchport trunk allowed vlan 20,200 u-PE23(config-if)# switchport mode trunk u-PE23(config-if)#interface FastEthernet0/2 u-PE23(config-if)# description connected to CE2-B u-PE23(config-if)# switchport trunk encapsulation dot1q u-PE23(config-if)# switchport trunk allowed vlan 200 u-PE23(config-if)# switchport mode trunk  

Step 2.

Define the VFI and bind it to the interface connected to the CE – For Customer A and Customer B, the VFI configuration step is similar to section "Direct Attachment VPLS Configuration Scenario 1 – Using Port and 802.1Q VLAN Modes." Because the u-PE23 router multihomes with PE2 and PE3, spanning tree needs to be configured on the u-PE23 for pseudo wires that exist between the u-PE23 and PE2 and u-PE23 and PE3 routers, respectively. It is optional to configure spanning tree on PE Routers PE2 and PE3. In this case, PE2 and PE3 routers do not process BPDUs and only forward or relay them. Assuming spanning tree is configured on PE2 and PE3, they exchange and process BPDUs with each other and with u-PE23. To make PE2 and PE3 relay BPDUs an additional VFI, STP is configured to relay the BPDUs for MST instance configured on u-PE23. Example 12-15 shows the steps to configure VFI and associate it to the attachment circuit (in this case, native VLAN 20).

 

Example 12-15. Define the VFI and Associate It to the Attachment Circuit

PE2(config)#l2 vfi STP manual PE2(config-vfi)# vpn id 20 PE2(config-vfi)# neighbor 10.10.10.103 encapsulation mpls PE2(config)#interface vlan 20 PE2(config-if)#xconnect vfi STP ______________________________________________________________________ PE3(config)#l2 vfi STP manual PE3(config-vfi)#vpn id 20 PE3(config-vfi)#neighbor 10.10.10.102 encapsulation mpls PE3(config)#interface vlan 20 PE3(config-if)#xconnect vfi STP  

Verify Layer 2 Protocol Tunneling for CDP and MSTP

To verify Layer 2 protocol tunneling for CDP and MSTP, follow these steps:

Step 1.

Verify Layer 2 protocol tunneling – Example 12-16 provides the status of Layer 2 protocol tunneling on PE Routers PE2 and PE3. It also shows that Layer 2 protocols, CDP and STP, are being tunneled.

 

Example 12-16. Verify Layer 2 Protocol Tunneling

PE2#show l2protocol-tunnel summary COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown Drop Status Threshold Threshold (cdp/stp/vtp) (cdp/stp/vtp) ------- ----------- ---------------- ---------------- ---------- Fa4/1 cdp --- --- ----/----/---- ----/----/---- up Fa4/12 --- stp --- ----/----/---- ----/----/---- up ______________________________________________________________________ PE3#show l2protocol-tunnel summary COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 0 Port Protocol Shutdown Drop Status Threshold Threshold (cdp/stp/vtp) (cdp/stp/vtp) ------- ----------- ---------------- ---------------- ---------- Fa2/1 cdp --- --- ----/----/---- ----/----/---- up Fa2/12 --- stp --- ----/----/---- ----/----/---- up  

Step 2.

Layer 2 protocol tunneling (CDP) – Example 12-17 shows the output of the show cdp neighbors command in which CE1-A sees CE2-A and CE3-A as CDP neighbors, and CE2-A sees CE1-A and CE3-A as CDP neighbors.

 

Example 12-17. show cdp neighbor on CE1-A and CE2-A

CE1-A#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID CE2-A Fas 0/0 132 R S 2611XM Fas 0/0 CE3-A Fas 0/0 170 R S 2621XM Fas 0/0 ______________________________________________________________________ CE2-A#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID CE3-A Fas 0/0 130 R S 2621XM Fas 0/0 CE1-A Fas 0/0 158 R S 2621XM Fas 0/0  

Step 3.

Verify spanning tree – Example 12-18 shows that fas0/11 on u-PE23 is in forwarding state, and fas0/12 is in blocking state. This shows that STP is being tunneled through and that the forwarding loop no longer exists.

 

Example 12-18. show spanning-tree mst on u-PE23

u-PE23#show spanning-tree mst 1 ###### MST01 vlans mapped: 200 Bridge address 000b.fd2a.6b00 priority 32769 (32768 sysid 1) Root this switch for MST01 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/11 Desg FWD 200000 128.11 P2p Fa0/12 Back BLK 200000 128.12 P2p  

PE Configurations

Example 12-19 shows the configurations on the PE router.

Example 12-19. Configurations on PE Routers, PE1, PE2, PE3, and u-PE23

!PE1 hostname PE1 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.102 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! vlan internal allocation policy ascending vlan dot1q tag native ! ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface FastEthernet4/1 description VPLS Customer A (CE1-A) no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet4/2 description VPLS Customer B (CE1-B) no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface Vlan20 no ip address xconnect vfi STP interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address no ip igmp snooping xconnect vfi Cust_B ______________________________________________________________________ !PE2 hostname PE2 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.103 encapsulation mpls ! l2 vfi STP manual vpn id 20 neighbor 10.10.10.103 encapsulation mpls ! interface FastEthernet4/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet4/12 no ip address switchport switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 l2protocol-tunnel stp spanning-tree bpdufilter enable ! interface Vlan20 no ip address xconnect vfi STP ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address no ip igmp snooping xconnect vfi Cust_B ______________________________________________________________________ !PE3 hostname PE3 ! l2 vfi Cust_A manual vpn id 100 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi Cust_B manual vpn id 200 neighbor 10.10.10.101 encapsulation mpls neighbor 10.10.10.102 encapsulation mpls ! l2 vfi STP manual vpn id 20 neighbor 10.10.10.102 encapsulation mpls ! interface FastEthernet2/1 description VPLS Customer A no ip address switchport switchport access vlan 100 switchport mode dot1q-tunnel l2protocol-tunnel cdp no cdp enable spanning-tree bpdufilter enable ! interface FastEthernet2/2 description VPLS Customer B no ip address switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk ! interface FastEthernet2/12 no ip address switchport switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 l2protocol-tunnel stp spanning-tree bpdufilter enable ! interface Vlan20 no ip address no ip igmp snooping xconnect vfi STP ! interface Vlan100 no ip address xconnect vfi Cust_A ! interface Vlan200 no ip address xconnect vfi Cust_B ______________________________________________________________________ !u-PE2 hostname u-PE2 ! ip subnet-zero ! vtp domain Cust_B vtp mode transparent ! spanning-tree mode mst spanning-tree extend system-id ! spanning-tree mst configuration name instance1 revision 1 instance 1 vlan 200 ! interface FastEthernet0/2 description connected to CE2-B switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk spanning-tree bpdufilter enable ! interface FastEthernet0/11 description connected to n-PE3 switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 switchport mode trunk ! interface FastEthernet0/12 description connected to n-PE2 switchport trunk encapsulation dot1q switchport trunk native vlan 20 switchport trunk allowed vlan 20,200 switchport mode trunk

 

CE Configurations for Customers A and B

Refer to Example 12-10 for configurations of Customer A's and B's CE devices.

Категории