Switching

last person joined: yesterday 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
Back to discussions
Expand all | Collapse all

VLAN-CCC on EX4550

  • 1.  VLAN-CCC on EX4550

    Posted 03-30-2015 10:43

    Hello.
    Does anyone have an experience of configuring l2circuit on ex4550?
    I'm trying to deploy an eompls (VLANID:600) between ex4550[12.3R9.4] and cisco 6504. But I didn't see any eompls outgoing packets from ex4550. NOTHING.

    PE interface:

    Spoiler
    ge-0/0/24 {
        vlan-tagging;
        encapsulation vlan-ccc;
        unit 600 {
            encapsulation vlan-ccc;
            vlan-id 600;
            family ccc;
        }
    }

     ex4550 and cisco6504 are directly-connected mpls/ldp-neighbors:

     

    Spoiler

    run show ldp neighbor
    Address            Interface          Label space ID         Hold time
    192.168.120.211    lo0.0              192.168.120.211:0        42
    192.168.128.101    ge-0/0/0.967       192.168.120.211:0        13

    l2c is UP and labels are right at both ends

    Spoiler
    show l2circuit connections
    Neighbor: 192.168.120.211
        Interface                 Type  St     Time last up          # Up trans
        ge-0/0/24.600(vc 600)     rmt   Up     Mar 30 10:50:05 2015           1
          Remote PE: 192.168.120.211, Negotiated control-word: Yes (Null)
          Incoming label: 299776, Outgoing label: 332
          Negotiated PW status TLV: No
          Local interface: ge-0/0/24.600, Status: Up, Encapsulation: VLAN

     

     

     labels push-pop behavior is corect:

    Spoiler

    run show route table mpls.0   

    mpls.0: 520 destinations, 520 routes (520 active, 0 holddown, 0 hidden)

    299776             *[L2CKT/7] 06:31:11
                        > via ge-0/0/24.600, Pop       Offset: 4

    ...

    ...

    ...

    ge-0/0/24.600      *[L2CKT/7] 06:30:27, metric2 1
                        > to 192.168.128.101 via ge-0/0/0.967, Push 332 Offset: 252

     

    Where could I go wrong?
    P.S. MPLS/MPLS L3 VPN works fine.



  • 2.  RE: VLAN-CCC on EX4550

     
    Posted 03-30-2015 11:27

    Did you enable family l2 vpn signaling under protocols bgp ?

     

     

     

    family l2vpn {
                    signaling;
                }



  • 3.  RE: VLAN-CCC on EX4550

    Posted 03-30-2015 11:48

    That's unnecessary, I guess.
    This l2c is only ldp-based



  • 4.  RE: VLAN-CCC on EX4550

     
    Posted 03-30-2015 13:59
    Can you attach your Cisco and Juniper config ? So we van have à look and try to figure out why it is not working


  • 5.  RE: VLAN-CCC on EX4550

    Posted 03-30-2015 19:56

    OK. What have we got here...

     

    EX4550:

    Spoiler
    interfaces {
        ge-0/0/0 {
            description UPLINK;
            vlan-tagging;
            mtu 9216;
            unit 967 {
                vlan-id 967;
                family inet {
                    address 192.168.128.102/30;
                }
                family iso {
                    mtu 1497;
                }
                family mpls {
                    mtu 1546;
                }
            }
        }
        ge-0/0/24 {
            vlan-tagging;
            encapsulation vlan-ccc;
            unit 600 {
                encapsulation vlan-ccc;
                vlan-id 600;
                family ccc;
            }
        }
        lo0 {
            unit 0 {
                family inet {
                    address 192.168.120.223/32 {
                        primary;
                    }
                }
                family iso {
                    address 49.0001.1921.6812.0223.00;
                }
                family mpls;
            }
        }
    }
    protocols {
        mpls {
            interface ge-0/0/0.967;
        }
        bgp {
            local-address 192.168.120.223;
            local-as 65000 private;
            group ZTU-C7606 {
                type internal;
                local-address 192.168.120.223;
                family inet-vpn {
                    unicast;
                }
                neighbor 192.168.120.20;
            }
        }                                  
        isis {
            level 1 disable;
            level 2 {
                authentication-key "$9$sk4oZmPQn9poJQ3"; ## SECRET-DATA
                authentication-type md5;
                no-hello-authentication;
            }
            interface ge-0/0/0.967 {
                hello-padding disable;
                point-to-point;
                level 1 disable;
            }
            interface lo0.0 {
                hello-padding disable;
                level 1 disable;
            }
        }
        ldp {
            transport-address router-id;
            interface ge-0/0/0.967;
            interface lo0.0;
        }
        l2circuit {
            neighbor 192.168.120.211 {
                interface ge-0/0/24.600 {
                    virtual-circuit-id 600;
                    mtu 1546;
                    encapsulation-type ethernet-vlan;
                }
            }
        }
    }
    ethernet-switching-options {
        analyzer TEST {
            input {
                ingress {
                    interface ge-0/0/0.0;
                }
                egress {
                    interface ge-0/0/0.0;
                }
            }
            output {
                interface {                
                    ge-0/0/30.0;
                }
            }
        }
        dot1q-tunneling {
            ether-type 0x8100;
        }
        storm-control {
            interface all;
        }
    }

      

    CISCO-6504: 

    Spoiler

    vlan 997,1310
    mpls label protocol ldp
    mpls traffic-eng tunnels
    mpls ldp router-id Loopback0

    interface Loopback0
     ip address 192.168.120.211 255.255.255.255
     ip pim sparse-mode
     
    interface GigabitEthernet4/1
     description TESTING-CLUSTER
     switchport
     switchport trunk encapsulation dot1q
     switchport trunk allowed vlan 967
     switchport mode trunk
     switchport nonegotiate
     mtu 1546

    interface GigabitEthernet4/11
     description MX40 nkz-bsr3 (ge-1/0/2)
     switchport
     switchport trunk encapsulation dot1q
     switchport trunk allowed vlan 1301
     switchport mode trunk
     mtu 1546
     no cdp enable

    interface GigabitEthernet4/11.600
     encapsulation dot1Q 600
     xconnect 192.168.120.223 600 encapsulation mpls
     
    interface Vlan967
     mtu 1546
     ip address 192.168.128.101 255.255.255.252
     ip pim sparse-mode
     ip router isis
     mpls ip
     clns mtu 1497
     isis network point-to-point
     no isis hello padding
     ip rsvp bandwidth
     
    router isis
     net 49.0001.1921.6812.0211.00
     is-type level-2-only
     authentication mode md5 level-2
     authentication key-chain ISIS level-2
     metric-style wide
     redistribute static ip route-map STATIC-TO-ISIS
     passive-interface Loopback0
     passive-interface Vlan4

    router bgp 65000
     bgp router-id 192.168.120.211
     bgp log-neighbor-changes
     neighbor PE peer-group
     neighbor PE remote-as 65000
     neighbor PE update-source Loopback0
     neighbor 192.168.120.20 remote-as 65000
     neighbor 192.168.120.20 peer-group PE
     neighbor 192.168.120.30 remote-as 65000
     neighbor 192.168.120.30 peer-group PE
     
     address-family ipv4
      neighbor PE send-community extended
      neighbor PE next-hop-self
      neighbor 192.168.120.20 activate
      no neighbor 192.168.120.30 activate
      no auto-summary
      no synchronization
     exit-address-family
      !
     address-family vpnv4
      neighbor PE send-community extended
      neighbor 192.168.120.20 activate
     exit-address-family

     



  • 6.  RE: VLAN-CCC on EX4550

    Posted 03-30-2015 20:04

    And xconnect vc on C6504:

     

    Spoiler
    C6504-10G-AMTS#sh mp l2 vc 600 detail
    Local interface: Gi4/11.600 up, line protocol up, Eth VLAN 600 up
      Destination address: 192.168.120.223, VC ID: 600, VC status: up
        Output interface: Vl967, imposed label stack {299776}
        Preferred path: not configured 
        Default path: active
        Next hop: 192.168.128.102
      Create time: 1w1d, last status change time: 00:00:26
      Signaling protocol: LDP, peer 192.168.120.223:0 up
        MPLS VC labels: local 332, remote 299776
        Group ID: local 0, remote 0
        MTU: local 1546, remote 1546
        Remote interface description:
      Sequencing: receive disabled, send disabled
      VC statistics:
        packet totals: receive 0, send 82990
        byte totals:   receive 0, send 5311504
        packet drops:  receive 0, send 0

     



  • 7.  RE: VLAN-CCC on EX4550

     
    Posted 03-30-2015 21:43

     

    let me see If i can make any attempt in my lab today. for building your setup

     

    Some info :

     

    http://www.juniper.net/documentation/en_US/junos14.1/topics/task/configuration/mpls-ex-series-provider-edge-switches-ccc-cli.html



  • 8.  RE: VLAN-CCC on EX4550

    Posted 03-30-2015 23:14

    Forgot to say: In Wireshark I can see incoming mpls packets on ge-0/0/0 from the side of C6504 (label:299776), but I have no any outgoing packets on ge-0/0/0 toward C6504.



  • 9.  RE: VLAN-CCC on EX4550

     
    Posted 03-30-2015 23:39

     

    I just tought of something, It can be that Cisco and Juniper do not understand each others TPIDs for vlan-ccc

     

    you can change the encapsulation on your juniper to extended-vlan-ccc instead of vlan-ccc see the note below

     

    Note: Some vendors use the proprietary TPIDs 0x9100 and 0x9901 to encapsulate a VLAN-tagged packet into a VLAN-CCC tunnel to interconnect a geographically separated metro Ethernet network. By configuring the extended-vlan-ccc encapsulation type, a Juniper Networks router can accept all three TPIDs (0x8100, 0x9100, and 0x9901).

     

    You can give this a try



  • 10.  RE: VLAN-CCC on EX4550

     
    Posted 03-31-2015 00:26

    Can you please use RVIs on the uplink interface instead of vlan-tagging?

     

    You might be running into this:

     

    https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR823566




    =====

    If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.



  • 11.  RE: VLAN-CCC on EX4550

    Posted 03-31-2015 03:15

    can't assign a mpls family on RVI....

     

    interfaces vlan unit 967                        
family inet {
    address 192.168.128.102/30;
}
family iso {
    mtu 1497;
}
family mpls {
    mtu 1546;
}

    commit and...

    [edit interfaces vlan unit 967]
  'family'
     family mpls not valid on VLAN interface
error: configuration check-out failed

     Without this family I have very tiny mpls routing table:

    cisco@JUN-EX4550-ATS-54# run show route table mpls.0 

mpls.0: 10 destinations, 10 routes (9 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both

0                  *[MPLS/0] 14:58:59, metric 1
                      Receive
1                  *[MPLS/0] 14:58:59, metric 1
                      Receive
2                  *[MPLS/0] 14:58:59, metric 1
                      Receive
13                 *[MPLS/0] 14:58:59, metric 1
                      Receive
16                 *[VPN/0] 14:58:57
                      to table ETTH-MGMT.inet.0, Pop      
17                 *[VPN/0] 14:58:57
                      to table IPDSLAM.inet.0, Pop      
18                 *[VPN/0] 14:58:57
                      to table IPTV.inet.0, Pop      
19                 *[VPN/0] 14:58:57
                      to table SIP-KMR.inet.0, Pop      
299776             *[L2CKT/7] 00:05:46
                    > via ge-0/0/24.600, Pop       Offset: 4

     That's why I've used sub-interface for mpls/ldp neighbor.

     



  • 12.  RE: VLAN-CCC on EX4550

    Posted 03-31-2015 03:37

    About PR823566. Result of this problem - untagged encapsulated ethernet frames. Right? In my case even this didn't happens.



  • 13.  RE: VLAN-CCC on EX4550

     
    Posted 03-31-2015 07:48

     

    Please read the url below,  half way down the page I have pasted the Noted mentioned on the page:

     

    Routing Protocol

    MPLS works in coordination with the interior gateway protocol (IGP). Therefore, you must configure OSPF or IS-IS as the routing protocol on the loopback interface and core interfaces of both the PE switches and the provider switches.

    The core interfaces can be either Gigabit Ethernet or 10-Gigabit Ethernet interfaces, and they can be configured as either individual interfaces or as aggregated Ethernet interfaces.

    Note: The core interfaces cannot be configured with VLAN tagging or a VLAN ID. When you configure them to belong to family mpls, they are removed from the default VLAN if they were members of that VLAN. They operate as an exclusive tunnel for MPLS traffic.

     

     

    http://www.juniper.net/techpubs/en_US/junos13.3/topics/concept/mpls-ex-series-components.html



  • 14.  RE: VLAN-CCC on EX4550

    Posted 03-31-2015 22:21

    Useless 😞
    http://www.juniper.net/techpubs/en_US/junos13.3/to​pics/concept/mpls-ex-series-components.html - this document was published 2011-08-16 and maybe obsoleted.

     

    http://www.juniper.net/techpubs/en_US/junos12.3/topics/task/configuration/mpls-ex-series-provider-edge-switches-ip-cli.html

     

    Note: If you want to use routed VLAN interfaces (RVIs) or Layer 3 subinterfaces as the core interfaces, replace ge-0/0/5.0 and ge-0/0/6 each with an RVI name (for example, vlan.logical-interface-number) or a subinterface name (for example, interface-name.logical-unit-number).

    RVIs function as logical routers, eliminating the need to have both a switch and a router. Layer 3 subinterfaces allow you to route traffic among multiple VLANs along a single trunk line that connects an EX Series switch to a Layer 2 switch.

     



  • 15.  RE: VLAN-CCC on EX4550

     
    Posted 03-31-2015 22:35

    Let me have a look today to start building your setup in the lab, so I can fidle a bit around and see how we can work around it.

     

     



  • 16.  RE: VLAN-CCC on EX4550

    Posted 04-01-2015 07:13

    UPDATE: captured incoming (EX4550 ge-0/0/0) ARP-packet:

    wireshark.jpg



  • 17.  RE: VLAN-CCC on EX4550

    Posted 06-18-2015 06:17

    EssentialRoot

    Can you dump traffic incoming to Cisco port.

    I have 2 EX4500 with to links between them. One link is a fiber, another via l2 switching network. When mpls traffic flows via fiber - works fine, when mpls traffic flows via l2 switching network - l2vpn, l2circuit, l3vpn not work (ospf - ok, rsvp - ok, ldp - ok). When I see dump - random tag 4093 insert before mpls (555 vlan id of service). 

    random vlan tag 



  • 18.  RE: VLAN-CCC on EX4550

    Posted 07-24-2015 10:50

    Could you show both EX configs?



  • 19.  RE: VLAN-CCC on EX4550
    Best Answer

    Posted 07-24-2015 21:22

     

    We do not have flat switching network. All of our nodes are L3 IP/MPLS P/PE devices (it may be switches or routers), but all links between them are P-to-P IP/MPLS/ISIS (over vlans).

    I haven't solved this problem yet and I'm really tired. CCC on EX8208 works great even through CISCO P-routers.

    But EX4550... Bummer dude 😞

    Read this document carefully.

    http://www.juniper.net/techpubs/en_US/junos15.1/topics/concept/mpls-ex-series-components.html

    With any junos you MUST forget about VLANs on mpls-core interfaces. They MUST have only unit 0 subinterface and no vlan-tagging anymore. It's true.
    But wait a minute, what have we got here:
    1. Say goodbye to switching .
    2. Say goodbye to other vendors.
    3. CCC is very unstable.

    I have no AFL for EX4550 and JTAC adviced me to buy AFL as solution for my issue.