Networking Requirements
The integrated L2VPN access to L3VPN solution allows Ethernet NodeBs to communicate with Radio Network Controllers (RNCs). It terminates the L2VPN and connects the L3VPN on a SR by creating a Virtual Ethernet group (VE-group). PW redundancy is configured to protect PWs on the L2VPN and VPN FRR is configured to protect links on the L3VPN, providing reliable connections for services. H-VPLS or PWE3 can be used to construct the L2VPN. This example uses PWE3. This scheme has the following characteristics.
L2VPN Type | PWE3 |
PW Redundancy Mode | Independent mode |
Type of the PW Between SR1 and SR2 | Bypass PW |
Tunnel Type and Tunnel Protection | TE tunnel with tunnel protection |
Implementation Characteristics | Two-level protection (tunnel protection and PW protection) is provided, improving reliability. |
PW redundancy in independent mode allows a public network fault to trigger only the public network link switchover. | |
MAC address learning is not required. IP-interworking is supported. |
Figure 1 Networking diagram for configuring an integrated IP RAN (PWE3 + L3VPN) with Ethernet NodeBs
Device | Interface | Peer Device | IP Address |
CSG | GE1/0/1 | SR1 | 172.0.1.1/24 |
GE1/0/2 | SR2 | 172.0.4.1/24 | |
GE1/0/3 | NodeB | – | |
SR1 | GE1/0/0 | SR2 | 172.0.2.2/24 |
GE1/0/1 | CSG | 172.0.1.2/24 | |
GE1/0/3 | RSG1 | 172.0.3.1/24 | |
GE1/0/4 | RSG2 | 172.0.8.0/24 | |
SR2 | GE1/0/0 | SR1 | 172.0.2.1/24 |
GE1/0/2 | CSG | 172.0.4.2/24 | |
GE1/0/3 | RSG2 | 172.0.6.1/24 | |
GE1/0/4 | RSG1 | 172.0.7.1/24 | |
RSG1 | GE1/0/0 | RSG2 | – |
GE1/0/1 | SR1 | 172.0.3.2/24 | |
GE1/0/2 | SR2 | 172.0.7.2/24 | |
GE1/0/3 | RNC | – | |
RSG2 | GE1/0/0 | RSG1 | – |
GE1/0/1 | SR2 | 172.0.6.2/24 | |
GE1/0/2 | SR1 | 172.0.8.2/24/24 | |
GE1/0/3 | RNC | – |
Configuration Roadmap
The configuration roadmap is as follows:
-
Configure IP addresses and routes.
-
Configure MPLS and public network tunnels:
- Configure a TE tunnel protection group on the CSG and SRs.
- Configure LSPs between SRs and RSGs.
-
Configure PW redundancy in independent mode:
- Configure MPLS LDP remote sessions between the CSG and SRs.
- Configure service PWs.
- Configure an mPW and associate the bypass PW with the mPW.
- Configure BFD to monitor the mPW.
- Configure VRRP to determine the primary PW.
-
Configure an L3VPN.
- Configure VPN instances on SR1 and RSGs.
- Configure a VE group on SRs and bind the VPN instance to the L3VE sub-interfaces.
- Establish MP-IBGP peer relationships between SRs and RSGs.
- Import direct VPN routes to SRs and RSGs.
- Configure VPN FRR.
-
Configure BFD to detect faults on public network links.
-
Configure VRRP on RSGs to determine their roles in the VRRP backup group.
Data Preparation
To complete the configuration, you need the following data:
-
Interface number, interface IP address, and OSPF process ID
-
LSR ID
-
L2VC destination address, VC ID, and VC type
-
BFD session name, local discriminator, and remote discriminator
-
VE group number
-
VRRP backup group number and priority
Procedure
- Assign an IP address to and configure a routing protocol on each interface.
- Assign an IP address to each interface.
- Configure a routing protocol on the CSG, SR1, SR2, RSG1, and RSG2 to make them routable. In this example, OSPF is used.
After the configuration is complete, run the display ip routing-table command on the CSG, SRs, and RSGs. You can view the routes learned from each other. Note that when configuring OSPF, you need to advertise 32-bit loopback interface addresses (LSR IDs) of the CSG, SRs, and RSGs.The detailed configuration is not mentioned here. - Configure basic MPLS functions and public network tunnels.
NOTE:
- Configure explicit paths between the CSG and SR1 and between the CSG and SR2.
- Configure LSPs between SRs and between SRs and RSGs.
- Enable RSVP GR, LDP GR, and OSPF GR to enhance the switching performance.
- Configure PW redundancy.
- Configure an L3VPN.
- Configure VRRP on SR1 and SR2 to determine a gateway for Ethernet NodeBs.
# Configure SR1.
[SR1] interface virtual-ethernet 1/0/1.1
[SR1-Virtual-Ethernet1/0/1.1] vrrp vrid 10 virtual-ip 120.0.0.3
[SR1-Virtual-Ethernet1/0/1.1] vrrp vrid 10 track admin-vrrp interface gigabitethernet1/0/0 vrid 20
[SR1-Virtual-Ethernet1/0/1.1] quit
# Configure SR2.[SR2] interface virtual-ethernet 1/0/1.1
[SR1-Virtual-Ethernet1/0/1.1] vrrp vrid 10 virtual-ip 120.0.0.3
[SR2-Virtual-Ethernet1/0/1.1] vrrp vrid 10 track admin-vrrp interface gigabitethernet1/0/0 vrid 20
[SR2-Virtual-Ethernet1/0/1.1] quit
- Configure VRRP on RSGs to determine their roles in the VRRP backup group.
# Configure RSG1.
[RSG1] interface Vlanif 10
[RSG1-Vlanif10] vrrp vrid 1 virtual-ip 120.0.1.3
[RSG1-Vlanif10] vrrp vrid 1 priority 150
[RSG1-Vlanif10] quit
# Configure RSG2.[RSG2] interface Vlanif 10
[RSG2-Vlanif10] vrrp vrid 1 virtual-ip 120.0.1.3
[RSG2-Vlanif10] quit
NOTE:Configure the RNC as follows:- Configure an Eth-Trunk link to determine the active and standby links.
- Configure a VLANIF interface and assign an IP address to the VLANIF interface. Ensure that the IP address is in the same network segment with the virtual IP addresses configured on RSGs.
On an Ethernet NodeB, you need to create a sub-interface on an Ethernet interface, encapsulate 802.1Q on the sub-interface, and associate a VLAN ID with the sub-interface.
Configuration Files
-
Configuration file of the CSG
#
sysname CSG
#
mpls lsr-id 1.1.1.1
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
mpls rsvp-te hello full-gr
mpls te cspf
#
mpls l2vpn
#
#
explicit-path to_sr1
next hop 172.0.1.2
next hop 2.2.2.2
#
explicit-path to_sr2
next hop 172.0.4.2
next hop 3.3.3.3
#
mpls ldp
graceful-restart
#
#
mpls ldp remote-peer 2.2.2.2
remote-ip 2.2.2.2
#
mpls ldp remote-peer 3.3.3.3
remote-ip 3.3.3.3
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.0.1.1 255.255.255.0
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.0.4.1 255.255.255.0
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
#
interface GigabitEthernet1/0/3
undo shutdown
#
interface GigabitEthernet1/0/3.10
vlan-type dot1q 10
mpls l2vc 2.2.2.2 100 tunnel-policy policy1
mpls l2vc 3.3.3.3 200 tunnel-policy policy1 secondary
mpls l2vpn redundancy independent
mpls l2vpn stream-dual-receiving
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Tunnel1/0/1
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 100
mpls te record-route
mpls te signal-protocol rsvp-te
mpls te path explicit-path to_sr1
mpls te backup hot-standby wtr 15
mpls te reserved-for-binding
mpls te commit
#
interface Tunnel1/0/2
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 3.3.3.3
mpls te tunnel-id 200
mpls te record-route
mpls te signal-protocol rsvp-te
mpls te path explicit-path to_sr2
mpls te backup hot-standby wtr 15
mpls te reserved-for-binding
mpls te commit
#
ospf 100
opaque-capability enable
graceful-restart
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 172.0.1.0 0.0.0.255
network 172.0.4.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 2.2.2.2 te Tunnel1/0/1
tunnel binding destination 3.3.3.3 te Tunnel1/0/2
#
bfd master bind pw interface GigabitEthernet1/0/3.10 remote-peer 2.2.2.2 pw-ttl auto-calculate
discriminator local 2
discriminator remote 2
commit
#
return -
Configuration file of SR1
#
sysname SR1
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1:1
vpn frr route-policy vpna
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
bfd
#
mpls lsr-id 2.2.2.2
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
mpls rsvp-te hello full-gr
mpls te cspf
#
mpls l2vpn
#
explicit-path to_csg
next hop 172.0.1.1
next hop 1.1.1.1
#
mpls ldp
graceful-restart
#
#
mpls ldp remote-peer 1.1.1.1
remote-ip 1.1.1.1
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 172.0.2.2 255.255.255.0
vrrp vrid 20 virtual-ip 172.0.2.3
admin-vrrp vrid 20 ignore-if-down
vrrp vrid 20 priority 150
mpls
mpls ldp
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.0.1.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
#
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.0.3.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/4
undo shutdown
ip address 172.0.8.1 255.255.255.0
mpls
mpls ldp
#
interface Virtual-Ethernet1/0/0
ve-group 1 l2-terminate
#
interface Virtual-Ethernet1/0/0.1
mpls l2vc 1.1.1.1 100 tunnel-policy policy1
mpls l2vc track admin-vrrp interface GigabitEthernet1/0/0 vrid 20 pw-redundancy
mpls l2vc 3.3.3.3 300 bypass
mpls l2vc bypass track admin-vc interface LoopBack1
#
interface Virtual-Ethernet1/0/1
ve-group 1 l3-access
#
interface Virtual-Ethernet1/0/1.1
vlan-type dot1q 10
ip binding vpn-instance vpna
ip address 120.0.0.2 255.255.255.0
vrrp vrid 10 virtual-ip 120.0.0.3
vrrp vrid 10 track admin-vrrp interface GigabitEthernet1/0/0 vrid 20
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface LoopBack1
mpls l2vc 3.3.3.3 400 control-word admin
#
interface Tunnel1/0/1
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 100
mpls te record-route
mpls te signal-protocol rsvp-te
mpls te path explicit-path to_csg
mpls te backup hot-standby wtr 15
mpls te reserved-for-binding
mpls te commit
#
bgp 100
graceful-restart
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 5.5.5.5 enable
#
ipv4-family vpnv4
policy vpn-target
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 5.5.5.5 enable
#
ipv4-family vpn-instance vpna
import-route direct
#
ospf 100
opaque-capability enable
graceful-restart
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.0.1.0 0.0.0.255
network 172.0.3.0 0.0.0.255
network 172.0.2.0 0.0.0.255
network 172.0.8.0 0.0.0.255
mpls-te enable
#
route-policy vpna permit node 5
apply backup-nexthop auto
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel1/0/1
#
bfd bypass bind pw interface LoopBack1
discriminator local 2
discriminator remote 2
commit
#
return -
Configuration file of SR2
#
sysname SR2
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1:1
vpn frr route-policy vpna
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
bfd
#
mpls lsr-id 3.3.3.3
mpls
mpls te
mpls rsvp-te
mpls rsvp-te hello
mpls rsvp-te hello full-gr
mpls te cspf
#
mpls l2vpn
#
explicit-path to_csg
next hop 172.0.4.1
next hop 1.1.1.1
#
mpls ldp
graceful-restart
#
#
mpls ldp remote-peer 1.1.1.1
remote-ip 1.1.1.1
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 172.0.2.1 255.255.255.0
vrrp vrid 20 virtual-ip 172.0.2.3
admin-vrrp vrid 20 ignore-if-down
mpls
mpls ldp
#
interface GigabitEthernet1/0/1
undo shutdown
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.0.4.2 255.255.255.0
mpls
mpls te
mpls rsvp-te
#
interface GigabitEthernet1/0/3
undo shutdown
ip address 172.0.6.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/4
undo shutdown
ip address 172.0.7.1 255.255.255.0
mpls
mpls ldp
#
interface Virtual-Ethernet1/0/0
ve-group 1 l2-terminate
#
interface Virtual-Ethernet1/0/0.1
mpls l2vc 1.1.1.1 200 tunnel-policy policy1
mpls l2vc track admin-vrrp interface GigabitEthernet1/0/0 vrid 20 pw-redundancy
mpls l2vc 2.2.2.2 300 bypass
mpls l2vc bypass track admin-vc interface LoopBack1
#
interface Virtual-Ethernet1/0/1
ve-group 1 l3-access
#
interface Virtual-Ethernet1/0/1.1
vlan-type dot1q 10
ip binding vpn-instance vpna
ip address 120.0.0.4 255.255.255.0
vrrp vrid 10 virtual-ip 120.0.0.3
vrrp vrid 10 track admin-vrrp interface GigabitEthernet1/0/0 vrid 20
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface LoopBack1
mpls l2vc 2.2.2.2 400 control-word admin
#
interface Tunnel1/0/2
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 200
mpls te record-route
mpls te signal-protocol rsvp-te
mpls te path explicit-path to_csg
mpls te backup hot-standby wtr 15
mpls te reserved-for-binding
mpls te commit
#
bgp 100
graceful-restart
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 5.5.5.5 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 4.4.4.4 enable
peer 5.5.5.5 enable
#
ipv4-family vpn-instance vpna
import-route direct
#
ospf 100
opaque-capability enable
graceful-restart
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.0.2.0 0.0.0.255
network 172.0.7.0 0.0.0.255
network 172.0.4.0 0.0.0.255
network 172.0.6.0 0.0.0.255
mpls-te enable
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel1/0/2
#
route-policy vpna permit node 5
apply backup-nexthop auto
#
tunnel-policy policy1
tunnel binding destination 1.1.1.1 te Tunnel1/0/2
#
bfd bypass bind pw interface LoopBack1
discriminator local 2
discriminator remote 2
commit
#
return -
Configuration file of RSG1
#
sysname RSG1
#
vlan batch 10
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1:1
vpn frr route-policy vpna
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 4.4.4.4
#
mpls l2vpn
#
mpls ldp
graceful-restart
#
interface Vlanif10
ip binding vpn-instance vpna
ip address 120.0.1.1 255.255.255.0
vrrp vrid 1 virtual-ip 120.0.1.3
vrrp vrid 1 priority 150
#
interface GigabitEthernet1/0/0
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.0.3.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.0.7.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/3
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 100
graceful-restart
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 5.5.5.5 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 5.5.5.5 enable
#
ipv4-family vpn-instance vpna
import-route direct
#
ospf 100
opaque-capability enable
graceful-restart
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.0.3.0 0.0.0.255
network 172.0.7.0 0.0.0.255
mpls-te enable
#
route-policy vpna permit node 5
apply backup-nexthop auto
#
return -
Configuration file of RSG2
#
sysname RSG2
#
vlan batch 10
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 11
vpn frr route-policy vpna
vpn-target 11 export-extcommunity
vpn-target 11 import-extcommunity
#
mpls lsr-id 5.5.5.5
#
mpls l2vpn
#
mpls ldp
graceful-restart
#
interface Vlanif10
ip binding vpn-instance vpna
ip address 120.0.1.2 255.255.255.0
vrrp vrid 1 virtual-ip 120.0.1.3
#
interface GigabitEthernet1/0/0
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 172.0.6.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/2
undo shutdown
ip address 172.0.8.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet1/0/3
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 100
graceful-restart
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
ipv4-family vpn-instance vpna
import-route direct
#
ospf 100
opaque-capability enable
graceful-restart
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 172.0.8.0 0.0.0.255
network 172.0.6.0 0.0.0.255
mpls-te enable
#
route-policy vpna permit node 5
apply backup-nexthop auto
#
return
from the best of networking http://ift.tt/1IJm5uv
(Visited 1,276 times, 1 visits today)