Click here to request your free 14-day trial of Cisco Umbrella through NetCraftsmen today!

A previous article took a look at Port-Based EoMPLS on a 6500. In particular, the MTU and LDP (MPLS label protocol) setup is discussed there. It is not repeated with the configlets below.

In that blog, we discovered that setting up port-based EoMPLS is darn easy. So easy that the danger is creating mounds of L2 spaghetti on top of your robust L3 routed network. (Yes I’ve had dinner, there’s no food craving at work here!)

This blog is a quick follow-up to that blog. It posts tested configlets for VLAN-based EoMPLS. I recently did some VLAN-based EoMPLS in the lab using dot1q subinterfaces on a 7200 router using GNS3 / Dynamips. The configuration is nearly identical.

Sidetrack note: I’ve been looking at CEF and GLBP based load balancing routing configurations for a situation where a company may have dual L3 or L2 MPLS VPN carriers. I had a little fun while doing that with GNS3 and Dynamips, by putting in a small EoMPLS or L3 MPLS VPN for each of the two carriers. The carriers had to be rather minimal ones: two PE routers and one P router for each carrier. That’s because running 10 routers doing MPLS and MBGP stresses  my 3 year old laptop to the limit. (Yes, it’s coming up on time for a new one — waiting to see if Apple announces a tablet, and if so what its capabilities are.)

(Tip: using GNS3, it is easy to stop half the routers, and configure and test each provider side at a time, before testing how it all works together.)

VLAN-Based EoMPLS on a 6500

Update, 1/5/2010: It’s been suggested that I provide a picture. Indeed, I’d have liked to, but time has been a bit tight.

The picture is darn simple: swA, links/cloud, swC.

I’ve also been asked for the configs for what’s in between. However, that would just obscure the simplicity — the links in between need IP routing and “mpls ip” enabled on them (and preferably on alternate paths as well). And the interface MTU cranked up / jumbos, I’ve been using the biggest number allowed.

Here are representative configurations for two 6500’s running EoMPLS using OSPF routing and LDP on the paths between the endpoint switches. Really, only routes between the loopback addresses (1.1.1.1 and 2.2.2.2 below) are needed.

Switch swA config:
interface GigabitEthernet4/1
 switchport
 switchport access vlan 108
 switchport trunk encapsulation dot1q
 switchport mode trunk
 mtu 9216
 spanning-tree portfast trunk
!
interface GigabitEthernet4/1.200
 encapsulation dot1Q 200
 xconnect 1.1.1.1 200 encapsulation mpls
end
Switch swC config:
interface GigabitEthernet2/2
 switchport
 switchport access vlan 108
 switchport trunk encapsulation dot1q
 switchport mode trunk
 mtu 9216
 spanning-tree portfast trunk
! 
interface GigabitEthernet2/2.200
 encapsulation dot1Q 200
 xconnect 2.2.2.2 200 encapsulation mpls
end

Once the overall port MTU was correct, the VLAN-based xconnect came up. (That’s why I show it in the above configlets.)

Note that this does NOT locally switch VLAN 200 into the xconnect when configured on a switch. It takes incoming frames tagged with VLAN 200 dot1q tagging and forwards them to the port at the other end, with relevant VLAN tagging. Connecting the physical port back to the switch, with trunking and appropriate VLAN tagging, is required to obtain local switching. This is similar to what was observed for port-based xconnect, but requires more configuration.

Not tried

I haven’t tried port-based EoMPLS on a 7200 router. Or rather, I tried hastily in GNS3, didn’t see the command options I expected, and shifted to VLAN-based since that worked for what I needed to do. I did a quick Google search for configuration for port-based EoMPLS in router IOS, and I’m not seeing anything obvious as an example, so I’m kind of curious to see if it can be done. Of course, one can use QinQ on a switch to feed tagged frames into a VLAN-based EoMPLS pseudo-wire, but that’s not a very direct way to get the job done.

Update, 1/5/2010: Per CNC’s Luan Nguyen (and his CCIE SP prep), port-based EoMPLS on 7200 is easy: just put the xconnect on the main interface. I had tried that, but it was apparently not supported in the images I tried. (“xconnect … encaps mpls” was not an option). I tried again with a 15.0 image for the 7200 and it worked. I still claim that this is not documented, or at least I sure didn’t find it explicitly shown in the IOS docs, nor in the examples Google found for me. (Or I was having prolonged blindness to what was in front of me?) So that’s darn easy, and thanks to Luan.

I also haven’t lab-tested doing port-based EoMPLS with different VLAN-based pseudo-wires going to different destinations. On the other hand, it’s clear how to configure that, and I have no reason to expect it to not work.

Recommendations

When in doubt, consider using port-based xconnect, it requires less configuration on the endpoints.

Use VLAN-based EoMPLS if you want the VLANs to act sort of like Frame Relay DLCI’s, with different VLANs going to different other endpoints.

Peter Welcher

Peter Welcher

Architect, Operations Technical Advisor

A principal consultant with broad knowledge and experience in high-end routing and network design, as well as data centers, Pete has provided design advice and done assessments of a wide variety of networks. CCIE #1773, CCDP, CCSI (#94014)

View more Posts

 

Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.

 

Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.

 

John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.