Archive

Archive for July, 2008

AToM Tunnel Selection Using MPLS Traffic-Engineering

July 28, 2008 3 comments

By default, AToM will use IGP to select what path that will used to send the pseudowire packets. In this scenario we will use MPLS Traffic-Engineering to select the pseudowire path.

Below is the diagram for our scenario:

We will build an AToM VC (Virtual Circuit) for CE-1 and CE-2 Ethernet connection. The VC will use Pseudowire Tunnel-Selection with MPLS Traffic-Engineering. We will select path (PE-1) – (P1) – (PE-2).

So, let we configure our routers (note that IGP and LDP is already configured and working properly).

Configure EoMPLS VC on PE-1 and PE-2

Configure RSVP for MPLS Traffic-Engineering support on the relevant interfaces at the Service Provider routers, that are PE-1 (F1/1,F0/0), PE-2 (F1/1, F0/0), P1 (F0/0, F1/0, F1/1) and P2 (F0/0, F1/0, F1/1):

mpls label protocol ldp
mpls traffic-eng tunnels
mpls ip
ip rsvp bandwidth 8000

The RSVP bandwidth for path (PE-1)-(P1)-(PE-2) is 80000, and for path (PE-1)-(P2)-(PE-2) is 70000 Mbps.

The configuration below is implemented only at router PE-1. Remember that MPLS Traffic-Engineering is for unidirectional traffic flow. So if we want to use Traffic-Engineering for the reserve flow, then we must implement it at router PE-2 too.

Configure IP Explicit-Path to use (PE-1)-(P1)-(PE-2) path:

ip explicit-path name P1-PE2 enable
next-address 10.0.0.2
next-address 10.1.1.1

Configure Interface Tunnel1 that used by EoMPLS VC 301 for preferred path. Don’t forget to apply the IP Explicit-Path P1-PE2 to this interface

interface Tunnel1
ip unnumbered Loopback0
no ip directed-broadcast
mpls traffic-eng tunnels
tunnel destination 10.10.10.3
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 7500
tunnel mpls traffic-eng path-option 1 explicit name P1-PE2
end

Configure pseudowire-class with MPLS encapsulation and using Tunnel1 as preferred-path:

pseudowire-class VIA_P1
encapsulation mpls
preferred-path interface Tunnel1

On router PE-1, configure subinterface that facing to the CE-1 (note that IP interface loopback0 on PE-2 is 10.10.10.3). In this scenario, we use VLAN 30 EoMPLS:

interface FastEthernet1/0.30
encapsulation dot1Q 30
no ip directed-broadcast
xconnect 10.10.10.3 301 pw-class VIA_P1
end

Because we just want to use Traffic-Engineering for one direction only (that is for flow from PE-1 to PE-2), then we configure the standard configuration for AToM application at the interface that facing to router CE-2 (note that IP interface loopback0 on PE-2 is 10.10.10.1):

interface FastEthernet1/0.30
encapsulation dot1Q 30
no ip directed-broadcast
xconnect 10.10.10.1 301 encapsulation mpls
end

Verifying EoMPLS VC on PE-1

So, let we verify our configuration:

PE-1#sh mpls l2 vc
Local intf Local circuit Dest address VC ID Status
————- ————————– ————— ———- ———-
Fa1/0.30 Eth VLAN 30 10.10.10.3 301 UP

PE-1#sh mpls l2 vc 301 det
Local interface: Fa1/0.30 up, line protocol up, Eth VLAN 30 up
Destination address: 10.10.10.3, VC ID: 301, VC status: up
Preferred path: Tunnel1, active
Default path: ready
Next hop: point2point
Output interface: Tu1, imposed label stack {39 33}
Create time: 00:42:44, last status change time: 00:40:36
Signaling protocol: LDP, peer 10.10.10.3:0 up
Targeted Hello: 10.10.10.1(LDP Id) -> 10.10.10.3
MPLS VC labels: local 34, remote 33
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 0, send 0
byte totals: receive 0, send 0
packet drops: receive 0, seq error 0, send 0

Note that for VC 301, we will use Tunnel1 as a preferred-path.

PE-1#sh mpls traffic-eng tunnels Tunnel 1
Name: PE-1_t1 (Tunnel1) Destination: 10.10.10.3
Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type explicit P1-PE2 (Basis for Setup, path weight 2)
Config Parameters:
Bandwidth: 7500 kbps (Global) Priority: 1 1 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: disabled LockDown: disabled Loadshare: 7500 bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : –
OutLabel : FastEthernet1/1, 39
RSVP Signalling Info:
Src 10.10.10.1, Dst 10.10.10.3, Tun_Id 1, Tun_Instance 15
RSVP Path Info:
My Address: 10.0.0.1
Explicit Route: 10.0.0.2 10.1.1.2 10.1.1.1 10.10.10.3
Record Route: NONE
Tspec: ave rate=7500 kbits, burst=1000 bytes, peak rate=7500 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=7500 kbits, burst=1000 bytes, peak rate=7500 kbits
Shortest Unconstrained Path Info:
Path Weight: 2 (TE)
Explicit Route: 10.0.0.1 10.0.0.2 10.1.1.2 10.1.1.1 10.10.10.3
History:
Tunnel:
Time since created: 45 minutes, 36 seconds
Time since path change: 16 minutes, 35 seconds
Number of LSP IDs (Tun_Instances) used: 15
Current LSP:
Uptime: 16 minutes, 35 seconds
Prior LSP:
ID: path option 1 [14]
Removal Trigger: configuration changed
PE-1#

We can see that the path that used by interface Tunnel-1 is equivalent with our ip explicit-path configuration (P1-PE2).

The outgoing (outer) label that used by Tunnel1 is 39 via interface FastEthernet 1/1. We can see the corellation at router P1:

P1#sh mpls traffic-eng tunnels
LSP Tunnel PE-1_t1 is signalled, connection is up
InLabel : FastEthernet1/0, 39
OutLabel : FastEthernet1/1, implicit-null
RSVP Signalling Info:
Src 10.10.10.1, Dst 10.10.10.3, Tun_Id 1, Tun_Instance 15
RSVP Path Info:
My Address: 10.1.1.2
Explicit Route: 10.1.1.1 10.10.10.3
Record Route: NONE
Tspec: ave rate=7500 kbits, burst=1000 bytes, peak rate=7500 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=7500 kbits, burst=1000 bytes, peak rate=7500 kbits
P1#

And for the inner label (VC label), VC 301 use label 33. We can see this in the FIB table at router PE-2:

PE-2#sh mpls for
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
33 Untagged l2ckt(301) 0 none point2point
35 Pop tag 10.12.12.0/24 0 Fa0/0 10.3.3.2
Pop tag 10.12.12.0/24 0 Fa1/1 10.1.1.2
36 Pop tag 10.0.0.0/24 0 Fa1/1 10.1.1.2
37 Pop tag 10.2.2.0/24 0 Fa0/0 10.3.3.2
38 33 10.10.10.1/32 0 Fa1/1 10.1.1.2
42 10.10.10.1/32 0 Fa0/0 10.3.3.2
39 Pop tag 10.10.10.2/32 0 Fa1/1 10.1.1.2
64 Pop tag 10.10.10.4/32 0 Fa0/0 10.3.3.2

So, let we verify EoMPLS connectivity between CE-1 and CE-2:

CE-1#sh run int f1/0.30
interface FastEthernet1/0.30
encapsulation dot1Q 30
ip address 30.1.1.1 255.255.255.0
end
CE-1#ping 30.1.1.2
Sending 5, 100-byte ICMP Echos to 30.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 680/836/988 ms
CE-1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 30.1.1.2 0 cc05.1628.0010 ARPA FastEthernet1/0.30
Internet 30.1.1.1 – cc00.1628.0010 ARPA FastEthernet1/0.30
CE-1#

CE-2#sh run int f1/0.30
interface FastEthernet1/0.30
encapsulation dot1Q 30
ip address 30.1.1.2 255.255.255.0
end
CE-2#ping 30.1.1.1
Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 628/892/1580 ms
CE-2#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 30.1.1.2 – cc05.1628.0010 ARPA FastEthernet1/0.30
Internet 30.1.1.1 2 cc00.1628.0010 ARPA FastEthernet1/0.30
CE-2#

Done …

Revealing AToM (Any Transport over MPLS) Packets

July 19, 2008 Leave a comment

AToM is used to transport any layer 2 packet via MPLS cloud. This MPLS application is used two MPLS Label, one for tunnel label (per hop LSR label) and one for VC (virtual circuit) label.

You can learn AToM more in the CiscoPress books from Wei Luo (CCIE #13291), Carlos Pignataro (CCIE #4619), Dmitry Bokotey (CCIE #4460) and Anthony Chan (CCIE #10266), “Layer 2 VPN Architectures”.

We will reveal the AToM Packets, that used for EoMPLS (Ethernet over MPLS) with the scenario below:

PE-1, P and PE-2 are use LDP (Label Distribution Protocol) to distribute labels for networks PE1-P, P-P2, PE1 and PE2 loopback interfaces. The PE1 and PE2 loopback networks must be a host network, or /32 IP Address.

These is the relevant configuration for scenario above:

I. Enabling MPLS and LDP

PE-1
interface FastEthernet1/1
ip address 10.0.0.1 255.255.255.0
no ip directed-broadcast
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
no clns route-cache
end

P
interface FastEthernet1/0
ip address 10.0.0.2 255.255.255.0
no ip directed-broadcast
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
no clns route-cache
end
interface FastEthernet1/1
ip address 10.1.1.2 255.255.255.0
no ip directed-broadcast
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
no clns route-cache
end

PE-2
interface FastEthernet1/1
ip address 10.1.1.1 255.255.255.0
no ip directed-broadcast
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
no clns route-cache
end
II. Enabling L2Transport over MPLS (AToM)
In this example, we use EoMPLS, using VLAN 30.

PE-1
interface FastEthernet1/0
no ip address
no ip directed-broadcast
duplex auto
speed auto
no cdp enable
no clns route-cache
end
interface FastEthernet1/0.30
encapsulation dot1Q 30
no ip directed-broadcast
xconnect 10.10.10.3 301 encapsulation mpls
end

PE-2
interface FastEthernet1/0
no ip address
no ip directed-broadcast
duplex auto
speed auto
no clns route-cache
end
interface FastEthernet1/0.30
encapsulation dot1Q 30
no ip directed-broadcast
xconnect 10.10.10.1 301 encapsulation mpls
end

III. Verifying AToM Connectivity

PE-1#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
————- ————————– ————— ———- ———
Fa1/0.200 Eth VLAN 200 10.10.10.3 200 UP
Se2/0 HDLC 10.10.10.3 222 UP
Fa1/0.30 Eth VLAN 30 10.10.10.3 301 UP
PE-1#
PE-1#sh mpls l2transport vc 301 det
Local interface: Fa1/0.30 up, line protocol up, Eth VLAN 30 up
Destination address: 10.10.10.3, VC ID: 301, VC status: up
Preferred path: not configured
Default path: active
Next hop: 10.0.0.2
Output interface: Fa1/1, imposed label stack {41 17}
Create time: 00:33:26, last status change time: 00:32:24
Signaling protocol: LDP, peer 10.10.10.3:0 up
Targeted Hello: 10.10.10.1(LDP Id) -> 10.10.10.3
MPLS VC labels: local 25, remote 17
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 12, send 12
byte totals: receive 1350, send 1350
packet drops: receive 0, seq error 0, send 0
PE-1#
PE-1#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
24 Untagged l2ckt(200) 144 none point2point
25 Untagged l2ckt(301) 1350 none point2point
26 Untagged l2ckt(222) 2728 none point2point
27 Pop tag 10.1.1.0/24 0 Fa1/1 10.0.0.2
28 40 10.3.3.0/24 0 Fa1/1 10.0.0.2
29 Pop tag 10.10.10.2/32 0 Fa1/1 10.0.0.2
30 41 10.10.10.3/32 0 Fa1/1 10.0.0.2
PE-1#

PE-2#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
————- ————————– ————— ———- ———
Fa1/0.200 Eth VLAN 300 10.10.10.1 200 UP
Se2/0 HDLC 10.10.10.1 222 UP
Fa1/0.30 Eth VLAN 30 10.10.10.1 301 UP
PE-2#
PE-2#sh mpls l2transport vc 301 detail
Local interface: Fa1/0.30 up, line protocol up, Eth VLAN 30 up
Destination address: 10.10.10.1, VC ID: 301, VC status: up
Preferred path: not configured
Default path: active
Next hop: 10.1.1.2
Output interface: Fa1/1, imposed label stack {43 25}
Create time: 00:37:56, last status change time: 00:36:49
Signaling protocol: LDP, peer 10.10.10.1:0 up
Targeted Hello: 10.10.10.3(LDP Id) -> 10.10.10.1
MPLS VC labels: local 17, remote 25
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 12, send 12
byte totals: receive 1350, send 1350
packet drops: receive 0, seq error 0, send 0
PE-2#
PE-2#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Untagged l2ckt(200) 144 none point2point
17 Untagged l2ckt(301) 1350 none point2point
18 Untagged l2ckt(222) 5319 none point2point
19 Pop tag 10.0.0.0/24 0 Fa1/1 10.1.1.2
20 Pop tag 10.10.10.2/32 0 Fa1/1 10.1.1.2
21 42 10.2.2.0/24 0 Fa1/1 10.1.1.2
22 43 10.10.10.1/32 0 Fa1/1 10.1.1.2
PE-2#

So, it is confirmed that the VC with ID 301 for VLAN 30, from interface F1/0.30 of router PE-1 (facing to CE-1) and to interface F1/0.30 of router PE-2 (facing to CE-2), is up. Next we verify with ICMP echo from CE-1 to CE-2 traversing the VC 301.

Note that in this process, we will capture five ICMP-Echo and ICMP-Reply packet with Ethereal:

CE-1
interface FastEthernet1/0
no ip address
duplex auto
speed auto
end
interface FastEthernet1/0.30
encapsulation dot1Q 30
ip address 30.1.1.1 255.255.255.0
end

CE-2
interface FastEthernet1/0
no ip address
duplex auto
speed auto
end
interface FastEthernet1/0.30
encapsulation dot1Q 30
ip address 30.1.1.2 255.255.255.0
end

CE-1#ping 30.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 272/371/492 ms
CE-1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 30.1.1.2 17 cc05.1628.0010 ARPA FastEthernet1/0.30
Internet 30.1.1.1 – cc00.1628.0010 ARPA FastEthernet1/0.30
Internet 192.168.1.1 – cc00.1628.0010 ARPA FastEthernet1/0.200
CE-1#

CE-2#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 30.1.1.2 – cc05.1628.0010 ARPA FastEthernet1/0.30
Internet 30.1.1.1 20 cc00.1628.0010 ARPA FastEthernet1/0.30
Internet 192.168.1.2 – cc05.1628.0010 ARPA FastEthernet1/0.100
CE-2#

IV. Capturing ICMP-Echo/Reply Packets at Ingress and MPLS Interface of PE-1

We use Ethereal to capture ICMP-Echo/Reply packets between CE-1 and CE-2, at Ingress interface (F1/0) and MPLS interface (F1/1) of router PE-1.

– Packets Capture from interface F1/0 at router PE-1

The source MAC Address is from interface FastEthernet1/0 at router CE-1. And the destination MAC Address is from interface FastEthernet1/0 at router CE-2. See, both interface are in the same broadcast domain.

CE-1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 30.1.1.2 17 cc05.1628.0010 ARPA FastEthernet1/0.30
Internet 30.1.1.1 – cc00.1628.0010 ARPA FastEthernet1/0.30
<deleted>

In this captured flow, we look that the ten packet are in the normal IPv4 ICMP packet format.

– Packets Capture from interface F1/1 at router PE-1

In the captured packets flow above, we see that the source MAC-Address is from interface FastEthernet1/1 at router PE-1, and the destination MAC-Address is from interface FastEthernet1/0 at router P.

PE-1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.2 71 ca02.1628.001c ARPA FastEthernet1/1
Internet 10.0.0.1 – ca01.1628.001d ARPA FastEthernet1/1

P#sh arp | i 1/0
Internet 10.0.0.2 – ca02.1628.001c ARPA FastEthernet1/0
Internet 10.0.0.1 75 ca01.1628.001d ARPA FastEthernet1/0

We see that the protocol in frame is eth:mpls:eth:data. There are two MPLS label. The outer label is 19, that is the tunnel label. And the inner label is 16 that is the VC label. The tunnel label has TTL 255, and the VC label has TTL 2, because just used in the edge to edge LSR.

The real ICMP packet is placed after the two MPLS Label Header. In the egress PE router, the outer ethernet header and the double MPLS header is stripped from the packet. The inner packet then forwarded to the CE-2 router.

Categories: Service Provider Tags: , ,

The Largest Star Known…

July 15, 2008 2 comments

VY Canis Majoris is the largest star known by human. It is located approximately 5000 million light years in the constellation Canis Major. As we know, light can traverse distance 300.000 km in one second. So, 5000 light years is 5000 x 60 x 60 x 24 x 365 = 157.680.000.000 km from our earth.

According to Dr. Roberta Humprey, VY Canis Majoris size is 2100 solar radii, or 2100 times of radius of our Sun. Look at these picture, to compare our Sun and VY Canis Majoris. If we walk 8 hour per day to circle our earth, then we need 2 years and 11 months to circle the earth. Comparing with 310 years and 7 months to circle our sun, and 650.000 years to circle VY Canis Majoris.

If we put VY Canis Majoris in the sun location, then the surface of this star will extend the Saturn orbit. Hmmm, very amazing… God Almighty….

Source: http://en.wikipedia.org
Image: http://upload.wikimedia.org

Categories: Uncategorized Tags: , , ,

Connecting Customer Trunk with QinQ

July 14, 2008 5 comments

So, straight to the point, below is the diagram:

Sw-PE-1 and Sw-PE-2 is the Service Provider edge Switches. Sw-CE-1 and Sw-CE2 is the customer switches that have dot1q trunk connection . R1, R2, R5 and R6 is the customer routers.

R1 and R2 are in the VLAN 100 segment and have IP Network 100.100.1.0/24. R5 and R6 are in the VLAN 34 segment and have IP Network 10.10.10.0/24. The trunk between Sw-CE-1 and Sw-CE-2 just allowed VLAN 34 and 100 to traverse over it. Sw-PE-1 connected to Sw-CE-1 as a dot1q-tunnel, same like the connection from Sw-PE-2 to Sw-CE-2. Sw-PE-1 connected to Sw-PE-2 via Etherchannel.

The scenario is to make (R1 and R2) and (R5 and R6) are in the same broadcast domain. Beside that, the CDP and VTP information will pass the trunk between Sw-CE-1 and Sw-CE-2.

Below is the relevant configuration and verifying process to fulfil the scenario above (Just show the Layer 3 connection between R1 and R2 and Layer 2 Connection between Sw-CE-1 and Sw-CE-2):

Sw-PE-1:

Sw-PE-1#sh run int f0/15
interface FastEthernet0/15
description To-Sw-1
switchport access vlan 12
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
end

Sw-PE-1#sh int f0/15 switchport
Name: Fa0/15
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel

Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 12 (VLAN0012)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Sw-PE-1#show l2protocol-tunnel interface f0/15 summ
COS for Encapsulated Packets: 5
Port Protocol Shutdown Drop Status
Threshold Threshold
(cdp/stp/vtp) (cdp/stp/vtp)
(pagp/lacp/udld) (pagp/lacp/udld)
——- ———– —————- —————- ———-
Fa0/15 cdp — vtp —-/—-/—- —-/—-/—- up
—- —- —- —-/—-/—- —-/—-/—-

Sw-PE-2:

Sw-PE-2#sh run int f0/16
interface FastEthernet0/16
switchport access vlan 12
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
end

Sw-PE-2#sh int f0/16 switchport
Name: Fa0/16
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel

Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 12 (VLAN0012)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Sw-PE-2#sh l2protocol-tunnel summary
COS for Encapsulated Packets: 5
Drop Threshold for Encapsulated Packets: 0
Port Protocol Shutdown Drop Status
Threshold Threshold
(cdp/stp/vtp) (cdp/stp/vtp)
(pagp/lacp/udld) (pagp/lacp/udld)
——- ———– —————- —————- ———-
Fa0/16 cdpvtp —-/—-/—- —-/—-/—- up
—- —- —- —-/—-/—- —-/—-/—-

Sw-CE-1:

Sw-CE-1#sh run int f0/18
interface FastEthernet0/18
description To-Sw-3
switchport trunk encapsulation dot1
switchport trunk allowed vlan 34,10
switchport mode trunk
end
Sw-CE-1#sh run int f0/1
interface FastEthernet0/1
switchport access vlan 100
switchport mode access
end
Sw-CE-1#sh run int f0/5
interface FastEthernet0/5
switchport access vlan 34
switchport mode access
end
Sw-CE-1#

Sw-CE-1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/18 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/18 34,100
Port Vlans allowed and active in management domain
Fa0/18 34,100
Port Vlans in spanning tree forwarding state and not pruned
Fa0/18 34,100
Sw-CE-1#

Verify that CDP information can pass the trunk link

Sw-CE-1#sh cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Sw-CE-2 Fas 0/18 161 S I WS-C3560G Gig 0/19
R1 Fas 0/1 133 R S I 3825 Gig 0/0
R5 Fas 0/5 128 R S I 2811 Fas 0/0
Sw-CE-1#

Sw-CE-2:

Sw-CE-2#sh run int g0/19
interface GigabitEthernet0/19
description To-Sw-4
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 34,100
switchport mode trunk
end
Sw-CE-2#sh run int g0/6
interface GigabitEthernet0/6
switchport access vlan 34
switchport mode access
end
Sw-CE-2#sh run int g0/2
interface GigabitEthernet0/2
switchport access vlan 100
switchport mode access
end

Sw-CE-2#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/19 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/19 34,100
Port Vlans allowed and active in management domain
Gi0/19 34,100
Port Vlans in spanning tree forwarding state and not pruned
Gi0/19 34,100

Verify that CDP information can pass the trunk link

Sw-CE-2#sh cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Sw-CE-1 Gig 0/19 130 S I WS-C3560- Fas 0/18
BB2 Gig 0/24 140 R S I 2821 Gig 0/0
R2 Gig 0/2 171 R S I 3825 Gig 0/1
R6 Gig 0/6 158 R S I 2811 Fas 0/1
Sw-CE-2#

Verify that VTP (VLAN Trunking Protocol can pass the trunk link between Sw-CE-1 and Sw-CE-2 (In this scenario, Sw-CE-1 is VTP Server and Sw-CE-2 is the VTP client. The VTP domain is CISCO):

Sw-CE-1#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : CISCO
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x13 0xA1 0xBA 0x0E 0xC2 0x2A 0xC9 0xCE
Configuration last modified by 10.10.34.1 at 3-1-93 01:16:52
Local updater ID is 10.10.34.1 on interface Vl34 (lowest numbered VLAN interface
found)
Sw-CE-1#sh vlan | i 100
100 100-VLAN active Fa0/1
100 enet 100100 1500 – – – – – 0 0

Sw-CE-2#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : CISCO
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x13 0xA1 0xBA 0x0E 0xC2 0x2A 0xC9 0xCE
Configuration last modified by 10.10.34.1 at 3-1-93 01:16:52
Sw-CE-2#sh vlan | i 100
100 100-VLAN active Gi0/2
100 enet 100100 1500 – – – – – 0 0
Sw-CE-2#

R1:

R1#sh run int g0/0
interface GigabitEthernet0/0
description To-Sw-1
ip address 100.100.1.1 255.255.255.0
duplex auto
speed auto
media-type rj45
negotiation auto
end

R2:

R2#sh run int g0/1
interface GigabitEthernet0/1
ip address 100.100.1.2 255.255.255.0
duplex auto
speed auto
media-type rj45
negotiation auto
end

So, let we verify the Layer 3 connection between R1 and R2

R1#ping 100.100.1.2
Sending 5, 100-byte ICMP Echos to 100.100.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

R2#ping 100.100.1.1
Sending 5, 100-byte ICMP Echos to 100.100.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Verify that R1 G0/0 and R2 G0/1 are in the same broadcast domain

R1#ping 255.255.255.255 repeat 1
Sending 1, 100-byte ICMP Echos to 255.255.255.255, timeout is 2 seconds:
Reply to request 0 from 100.100.1.2, 1 ms

R1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 100.100.1.1 – 001b.d57e.7190 ARPA GigabitEthernet0/0
Internet 100.100.1.2 138 001b.d57e.7311 ARPA GigabitEthernet0/0

R2#ping 255.255.255.255 rep 1
Sending 1, 100-byte ICMP Echos to 255.255.255.255, timeout is 2 seconds:
Reply to request 0 from 100.100.1.1, 1 ms
R2#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 100.100.1.1 139 001b.d57e.7190 ARPA GigabitEthernet0/1
Internet 100.100.1.2 – 001b.d57e.7311 ARPA GigabitEthernet0/1

Categories: Service Provider Tags: , , ,