L2VPN Over GRE

jm-barreto · ‎04-15-2024

Hi

I'm trying to extended a L2 segment using MPLS L2vpn over GRE. I am able to establish the tunnel and get ospf and mpls adjacency also the xconnect between the peer is up but my 2 test pc cant reach each other.

This is my PE3 config.

interface GigabitEthernet0/0/0/0
mtu 1560
!
interface GigabitEthernet0/0/0/0.101 l2transport
encapsulation untagged
!
interface tunnel-ip10
ipv4 address 10.2.3.2 255.255.255.252
tunnel source GigabitEthernet0/0/0/1
tunnel destination 172.16.50.2
!
router static
address-family ipv4 unicast
172.16.50.0/30 GigabitEthernet0/0/0/1 172.16.51.1
!
!
router ospf 1
nsr
router-id 3.3.3.3
mpls ldp auto-config
nsf cisco
area 1
network point-to-point
mpls traffic-eng
interface Loopback0
!
interface tunnel-ip10
!
!
mpls traffic-eng router-id Loopback0
!
mpls traffic-eng
!
mpls ldp
log
hello-adjacency
neighbor
nsr
graceful-restart
!
discovery
hello holdtime 5
hello interval 1
!
router-id 3.3.3.3
!
mpls oam
!
l2vpn
router-id 3.3.3.3
xconnect group test
p2p test
interface GigabitEthernet0/0/0/0.101
neighbor ipv4 1.1.1.1 pw-id 55555

RP/0/RP0/CPU0:PE3#sh cef tunnel-ip10
Mon Apr 15 17:21:14.820 UTC

Prefix Next Hop Interface
------------------- ------------------- ------------------
1.1.1.1/32 10.2.3.1/32 tunnel-ip10
2.2.2.2/32 10.2.3.1/32 tunnel-ip10
10.1.2.0/30 10.2.3.1/32 tunnel-ip10
10.2.3.0/30 attached tunnel-ip10
10.2.3.0/32 broadcast tunnel-ip10
10.2.3.2/32 receive tunnel-ip10
10.2.3.3/32 broadcast tunnel-ip10

RP/0/RP0/CPU0:PE3#sh ospf neighbor
Mon Apr 15 17:21:42.745 UTC

* Indicates MADJ interface
# Indicates Neighbor awaiting BFD session up

Neighbors for OSPF 1

Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/ - 00:00:39 10.2.3.1 tunnel-ip10
Neighbor is up for 00:07:56

Total neighbor count: 1

RP/0/RP0/CPU0:PE3#sh mpls ldp neighbor
Mon Apr 15 17:21:50.007 UTC

Peer LDP Identifier: 1.1.1.1:0
TCP connection: 1.1.1.1:646 - 3.3.3.3:21530
Graceful Restart: No
Session Holdtime: 180 sec
State: Oper; Msgs sent/rcvd: 26/19; Downstream-Unsolicited
Up time: 00:07:55
LDP Discovery Sources:
IPv4: (1)
Targeted Hello (3.3.3.3 -> 1.1.1.1, active)
IPv6: (0)
Addresses bound to this peer:
IPv4: (2)
1.1.1.1 10.1.2.1
IPv6: (0)

Peer LDP Identifier: 2.2.2.2:0
TCP connection: 2.2.2.2:646 - 3.3.3.3:23252
Graceful Restart: No
Session Holdtime: 180 sec
State: Oper; Msgs sent/rcvd: 12/11; Downstream-Unsolicited
Up time: 00:01:59
LDP Discovery Sources:
IPv4: (1)
tunnel-ip10
IPv6: (0)
Addresses bound to this peer:
IPv4: (4)
2.2.2.2 10.1.2.2 10.2.3.1 172.16.50.2
IPv6: (0)

RP/0/RP0/CPU0:PE3#sh ip route
Mon Apr 15 17:21:55.506 UTC

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR, l - LISP
A - access/subscriber, a - Application route
M - mobile route, r - RPL, t - Traffic Engineering, (!) - FRR Backup path

Gateway of last resort is not set

O 1.1.1.1/32 [110/1002] via 10.2.3.1, 00:08:09, tunnel-ip10
O 2.2.2.2/32 [110/1001] via 10.2.3.1, 00:08:09, tunnel-ip10
L 3.3.3.3/32 is directly connected, 02:11:35, Loopback0
O 10.1.2.0/30 [110/1001] via 10.2.3.1, 00:08:09, tunnel-ip10
C 10.2.3.0/30 is directly connected, 01:52:52, tunnel-ip10
L 10.2.3.2/32 is directly connected, 01:52:52, tunnel-ip10
L 127.0.0.0/8 [0/0] via 0.0.0.0, 02:11:38
S 172.16.50.0/30 [1/0] via 172.16.51.1, 02:11:35, GigabitEthernet0/0/0/1
C 172.16.51.0/30 is directly connected, 02:11:35, GigabitEthernet0/0/0/1
L 172.16.51.2/32 is directly connected, 02:11:35, GigabitEthernet0/0/0/1

RP/0/RP0/CPU0:PE3#sh l2vpn xc
Mon Apr 15 17:22:15.036 UTC
Legend: ST = State, UP = Up, DN = Down, AD = Admin Down, UR = Unresolved,
SB = Standby, SR = Standby Ready, (PP) = Partially Programmed,
LU = Local Up, RU = Remote Up, CO = Connected, (SI) = Seamless Inactive

XConnect Segment 1 Segment 2
Group Name ST Description ST Description ST
------------------------ ----------------------------- -----------------------------
test test UP Gi0/0/0/0.101 UP 1.1.1.1 55555 UP
----------------------------------------------------------------------------------------

Georg Pauwen · ‎04-15-2024

Hello,

can you post the full running configs of the other PEs as well ?

jm-barreto · ‎04-15-2024

Will do in a moment.

MHM Cisco World · ‎04-15-2024

The config is confuse me

You use mpls te, So please confirm that mpls te not use for l2vpn over gre.

Second

You need to use mpls ip in tunnel you use between two peer.

And config static route for IP of peer reach via tunnel.

And config mpls router ID loop back

Hope this solve your issue

MHM

jm-barreto · ‎04-15-2024

Hi @MHM Cisco World No, im not using TE. It is there but it not use. MPLS is configure and with router id.

mpls ldp
log
hello-adjacency
neighbor
nsr
graceful-restart
!
discovery
hello holdtime 5
hello interval 1
!
router-id 3.3.3.3
!

The interface is enable fo MPLS

router ospf 1
nsr
router-id 3.3.3.3
mpls ldp auto-config

And i got static route

router static
address-family ipv4 unicast
172.16.50.0/30 GigabitEthernet0/0/0/1 172.16.51.1

The mpls is up even the l2vpn xconnect is up

RP/0/RP0/CPU0:PE3#sh mpls ldp neighbor
Mon Apr 15 17:21:50.007 UTC

Peer LDP Identifier: 1.1.1.1:0
TCP connection: 1.1.1.1:646 - 3.3.3.3:21530
Graceful Restart: No
Session Holdtime: 180 sec
State: Oper; Msgs sent/rcvd: 26/19; Downstream-Unsolicited
Up time: 00:07:55
LDP Discovery Sources:
IPv4: (1)
Targeted Hello (3.3.3.3 -> 1.1.1.1, active)
IPv6: (0)
Addresses bound to this peer:
IPv4: (2)
1.1.1.1 10.1.2.1
IPv6: (0)

Peer LDP Identifier: 2.2.2.2:0
TCP connection: 2.2.2.2:646 - 3.3.3.3:23252
Graceful Restart: No
Session Holdtime: 180 sec
State: Oper; Msgs sent/rcvd: 12/11; Downstream-Unsolicited
Up time: 00:01:59
LDP Discovery Sources:
IPv4: (1)
tunnel-ip10
IPv6: (0)
Addresses bound to this peer:
IPv4: (4)
2.2.2.2 10.1.2.2 10.2.3.1 172.16.50.2
IPv6: (0)

RP/0/RP0/CPU0:PE3#sh l2vpn xc
Mon Apr 15 17:22:15.036 UTC
Legend: ST = State, UP = Up, DN = Down, AD = Admin Down, UR = Unresolved,
SB = Standby, SR = Standby Ready, (PP) = Partially Programmed,
LU = Local Up, RU = Remote Up, CO = Connected, (SI) = Seamless Inactive

XConnect Segment 1 Segment 2
Group Name ST Description ST Description ST
------------------------ ----------------------------- -----------------------------
test test UP Gi0/0/0/0.101 UP 1.1.1.1 55555 UP
----------------------------------------------------------------------------------------

Everything seems to be up (OSPF,MPLS,L2VPN) but my test pc cant reach.

If i use a direct connection it work but no via the GRE tunnel

MHM Cisco World · ‎04-15-2024

The mpls exchange label via tunnel, you don't config mpls under tunnel?

Do show mpls forwarding label

Check if the label is assign to VC 55555

jm-barreto · ‎04-15-2024

Yes it is enable

RP/0/RP0/CPU0:PE3#sh mpls forwarding
Mon Apr 15 19:09:30.554 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Unlabelled 172.16.50.0/30 Gi0/0/0/1 172.16.51.1 1965134
24001 24001 1.1.1.1/32 ti10 10.2.3.1 576
24002 Pop 2.2.2.2/32 ti10 10.2.3.1 142
24003 Pop 10.1.2.0/30 ti10 10.2.3.1 0
24004 Pop PW(1.1.1.1:55555) Gi0/0/0/0.101 point2point 0

the command mpls auto-config in router ospf, enable mpls ip in all the interface that is under ospf

jm-barreto · ‎04-15-2024

@Georg Pauwen @MHM Cisco World

Here the full configuration

Thanks in advance

MHM Cisco World · ‎04-16-2024

Did you force mpls to use loopback ad router ID as I mention before ?

jm-barreto · ‎04-16-2024

Yes. I use the Loopback interface as router-id for mpls and is explicit configured under the mpls section.

Ej:
mpls ldp
log
hello-adjacency
neighbor
nsr
graceful-restart
!
discovery
hello holdtime 5
hello interval 1
!
router-id 3.3.3.3
!
mpls oam
!

Harold Ritter · ‎04-15-2024

Hi @jm-barreto ,

At first sight, I would say your configurations look good. Can you provide the "show l2vpn xconnect detail" from both PE1 and PE3.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

jm-barreto · ‎04-16-2024

PE1

jm-barreto · ‎04-16-2024

PE3

Harold Ritter · ‎04-16-2024

Hi @jm-barreto ,

The output provided shows that the PW is down.

Can you provide the following:

from PE1:

show cef 3.3.3.3/32 det

ping mpls ipv4 3.3.3.3/32 source 1.1.1.1

from PE3:

show cef 1.1.1.1/32 det

ping mpls ipv4 1.1.1.1/32 source 3.3.3.3

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

jm-barreto · ‎04-16-2024

Hi @Harold Ritter here the requested output