All_about_network

L2 MPLS VPNs on H3C MSR devices

by on Apr.28, 2010, under H3C, Networking

It has been a long time since the last post and even longer since I promised that I will write some stuff about MPLS so I am trying to deliver what I promised. This time the whole article is about L2 MPLS this time the configuration was done on MSR routers from H3C (now part of 3Com and in about a month it will be part of HP). This time I will not bother you with theory as it can be found on Wikipedia, Cisco‘s or Juniper‘s web pages. The only thing I will describe are the steps necessary to create L2 MPLS VPN  and the theory behind this particular configuration. There are three decisions we need to make in order to decide what configuration will we need.

The first thing is to distribute the routing information properly – in our case we’ll use OSPF for that. Just remember that MPLS is depending on routing even though it operates on L2 (or layer 2,5 as some say).

The second thing is to decide what mode we will actually use as even for L2 MPLS VPNs there are some choices which would ft different requirements. The basic options are CCC, SVC-Martini and Kompella.

Just as a quick overview I’ll describe some basic characteristics of these modes.

CCC – Circuit Cross Connect : this mode is based on manual creation of all tunnels (the tunnels are uni-directional) , and have just one static entry in LSP part of the header (uses one label), can provide local PE connections

Martini :  uses LDP for label distribution, only PEs keep information about labels, P routers do not need to keep VC labels (= very scalable), uses two labels (one configured and one determined by LDP) , cannot provide local connections (within one PE)

SVC  Static Virtual Circuit : does not use signaling protocol, – it is (basically) static implementation of Martini draft

Kompella : uses MP-BGP as a signaling protocol, PEs calculate peers VC labels automatically (from selected range), supports local connections

As you can see all of the above mentioned modes have some advantages and of course disadvantages and thus are fit for different scenarios.  In our scenario we will stick to simple Martini draft.

The official documents say that the procedure should be done in the following order:

  1. Enable MPLS
  2. Enable MPLS LDP
  3. Configure remote peer
  4. Configure l2 VC

our topology will look something like this:

So now we have topology and all the addressing so we can goto the configuration on R1-PE.

Step #0 interfaces, vlans and OSPF configuration R1-PE

#

vlan 2

#

#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#

#
ospf 1 router-id 1.1.1.1
opaque-capability enable
import-route direct
area 0.0.0.0
network 172.16.0.0 0.0.0.3
#

#
interface Ethernet0/1
port link-mode route
description R2 MPLS
ip address 172.16.0.1 255.255.255.252
ospf timer hello 1
ospf timer dead 4
#

#
interface Ethernet0/2
port link-mode bridge
port access vlan 2
#

Step #1 : Enabling mpls Martini mode:

#
mpls l2vpn
#

#
mpls lsr-id 1.1.1.1
#

Step #1 enabling MPLS

#
mpls l2vpn
#

#
mpls lsr-id 1.1.1.1
#

#
mpls
statistics interval 60
#

Step #2 enabling MPLS LDP

#
mpls ldp
graceful-restart
md5-password plain 2.2.2.2 test
du-readvertise timer 2
#

Step #3 Configuring remote peer(s)

#
mpls ldp remote-peer r2
mpls ldp timer hello-hold 2
mpls ldp timer keepalive-hold 5
remote-ip 2.2.2.2
#

#
mpls ldp remote-peer r3
remote-ip 3.3.3.3
#

Step #4 Configuring l2 VC

#
interface Vlan-interface2
mpls l2vc 3.3.3.3 100
#

Step #5 Configuring the interface towards the P router

#
interface Ethernet0/1
ospf timer hello 1
ospf timer dead 4
mpls
mpls ldp
mpls ldp timer hello-hold 2
mpls ldp timer keepalive-hold 5
#

Surprisingly enough this is the whole configuration – moving on we need to configure the P router. if you remember at the beginning there was a mention that the P router config with martini will be easy as we need just enable the mpls and define peers.

Step #0 interface and OSPF configuration R2-P

#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
#
interface Ethernet0/0
port link-mode route
ip address 172.16.0.2 255.255.255.252
ospf timer hello 1
ospf timer dead 4
#
#
interface Ethernet0/1
port link-mode route
ip address 172.16.0.5 255.255.255.252
#
#
ospf 1 router-id 2.2.2.2
opaque-capability enable
import-route direct
area 0.0.0.0
network 172.16.0.0 0.0.0.3
network 172.16.0.4 0.0.0.3
mpls-te enable
#

Step #1 enabling MPLS

#
mpls l2vpn
#

#
mpls lsr-id 2.2.2.2
#

Step #2 enabling MPLS-LDP

#
mpls ldp
graceful-restart
md5-password plain 1.1.1.1 test
md5-password plain 3.3.3.3 test
du-readvertise timer 2
#

Step #3 enabling remote peers

- this step is not necessary on P router
Step #4 Configuring l2 VC

- this step is not necessary on P router

Step #5 Configuring the interface towards the PE routers

#
interface Ethernet0/0
description R1_PE
mpls
mpls ldp
mpls ldp timer hello-hold 2
mpls ldp timer keepalive-hold 5
#

#
interface Ethernet0/1
description R3_PE
mpls
mpls ldp
#

This being done the only thing remaining is configuration of the R3 PE router. As this is being done exactly the same way as R1 PE with just different addressing I won’t bother you with details. The relevant parts of config are as follows:

#
mpls lsr-id 3.3.3.3
#

#
vlan 2
#

#
mpls
statistics interval 60
#

#
mpls l2vpn
#

#
mpls ldp
graceful-restart
md5-password plain 2.2.2.2 test
du-readvertise timer 2
#

#
mpls ldp remote-peer r1
remote-ip 1.1.1.1
#

#
mpls ldp remote-peer r2
mpls ldp timer hello-hold 2
mpls ldp timer keepalive-hold 5
remote-ip 2.2.2.2
#

#
interface Ethernet0/1
port link-mode route
description R2 MPLS
ip address 172.16.0.6 255.255.255.252
mpls
mpls ldp
#

#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#

#
interface Vlan-interface2
mpls l2vc 1.1.1.1 100
#

#
ospf 1 router-id 3.3.3.3
opaque-capability enable
import-route direct
area 0.0.0.0
network 172.16.0.4 0.0.0.3
#

Well and that is it. Now you have working MPLS network. Please note that this was done on CommWare 5.20 in lab environment and this config might need some tweaking before using in life network.

:, , , , , ,

10 Comments for this entry

  • bukmacher
    May 27th, 2010 on 15:31

    HI dude, can i post articles to your blog ? Let me know if you are interested

    Reply
    • tnk
      May 27th, 2010 on 16:53

      Hi, I am not exactly sure if this is spam or not (as akismet has evaluated it as spam). But in case it is not a spam – It depends – Originally I was thinking about more writers for this blog but then I decided against it for multiple reasons. On the other hand it is almost two years now since that decision. So you can send me your Ideas on the contact address I provide in the about page and I’ll see.

      Reply
  • Nicolas
    January 12th, 2011 on 13:50

    Hi , i’m french and i read your article, i like it good post of H3C topics.
    I did a L3VPN configuration with iBGP MPLS VPN between 2 PE but i have little problemes with the virtual interface (FE 7/1.1) or (ip address x.x.x.x netmask sub) .
    So my question is how can you put 3 consumers on the same PEs virutals interfaces?

    Reply
    • tnk
      January 12th, 2011 on 16:14

      Hi Nicolas,
      thanks for your message. I can have a look at your configuration if you send it to me, but currently I do not have any MSRs to play with. But there is always a chance that I will spot something you’ve overlooked. Anyway if you send me your configs and expected topology on the e-mail published on the “about” page I will try at least.
      TNK

      Reply
  • kuki
    February 16th, 2011 on 15:57

    Hi, I really liked your articles on H3C stuff. If you can invite more writers, or do more articles by yourself, that would be perfect as stuff concerning H3C devices in language other than chinese are hard to get.
    Thanks again,
    Peter

    Reply
    • tnk
      February 16th, 2011 on 16:14

      Hi,
      first of all – thank you for the comment and yes it would be nice to have somebody to collaborate but unfortunately I haven’t met anyone willing to devote some time to contribute. I myself am in quite difficult position as I do not have that much kit at my disposal and I am fairly limited by the amount of time I can assign to this blog. The article I would really like to write is about QinQ as it is the kind of “hot topic” everyone needs but the only thing you can find is some cisco/juniper configs.
      Well we’ll see but I still hope this blog will not die due to lack of my time.

      Reply
  • kuki
    February 17th, 2011 on 12:15

    hi,
    so far so good.. I did not notice there are more specialized documentation files on the h3c webpage… I used MSR 20 30 50 generic document while there is 20-1X specific available. thanks.

    Anyway I was able to setup interfaces, basic routing, wlan. The problem is I do not know hot to setup congestion avoidance and QoS based on application layer protocol determination.

    I tried to configure WFQ and WRED on ethernet 0/0 (wan interface) to queue and drop packets by precedence but it does not seem to work.

    The problem I have is a 2Mbps connection + 10Mbps connetion to WWW cache proxy. There are 10-12 users for that connection. It will be extended but for now we have a problem with congestion caused by p2p traffic which I would like to solve without killing it. can you help? because I have no idea how to set dynamic connection BW (2/10Mbps)

    Regards,
    Peter

    Reply
  • kuki
    February 17th, 2011 on 12:22

    Here is my email – – I am in a bad need to set these things up. Hope you can and you would like to help me a little bit ;)

    Reply

Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Blogroll

A few highly recommended websites...

Archives

All entries, chronologically...