[Insider Sharing] CE dual homed scenario - Which is the best VPLS access method?

Latest reply: Mar 25, 2014 10:06:48 4795 1 0 0

Hi Guys,

I would like to start a discussion about how to access VPLS circuit from CE side. As you may know reliability is very important nowadays, however VPLS technology is quite hard to implement, especially when you add a lot of redundant links trying to achieve dual-CE scenario.

The most common VPLS access scenario is like below. For CE we can adopt a dual home scenario and achieve PE redundancy. Additionally each PE-CE circuit consist on 2 redundant links. 

[Insider Sharing] CE dual homed scenario - Which is the best VPLS access method?-1340967-1

In order to support CE dual homed scenario, PEs VPLS configuration need to be adjusted accordingly. Firstly you need to use Kompella signaling mode, Martini is not supported.  Then configure two VSIs with the same attribute on two dual-homed PEs.

If the VSIs of two PEs to which a CE is dual homed are Up, the PE with the higher priority functions as the master PE, whereas the PE with the lower priority functions as the backup PE.

On access side, for sure we will have some problems with spanning tree. Since there are so many redundant links it will block some ports making VPLS access not available. You will need to tweak STP configuration. Anyway some links will end being unavailable. We cannot use all bandwidth available. Convergence time is not good enough, it’s based on STP.

We can overcome STP limitation by using eth-trunks.

On PE side we will add the 2 redundant interfaces that connects CE. On CE side we will add all links going to CE in one eth-trunk. Check bellow:

[Insider Sharing] CE dual homed scenario - Which is the best VPLS access method?-1340967-2

But here, if you don’t have Kompella signaling implemented VPLS dual homing, you will have a problem. For example, CE communicates with another CE on the VPLS network through PE1. If PE1 or the Eth-Trunk link between CE1 and PE1 fails, CE1 cannot communicate with CE2. We can prevent service interruption and configure an E-Trunk on PE1 and PE2. When communication between CE1 and PE1 fails, traffic is switched to PE2 so that CE1 can communicate with CE2 through PE2. When PE1 or the Eth-Trunk link between CE1 and PE1 recovers, traffic is switched back to PE1. The E-Trunk implements backup of link aggregation groups between PE1 and PE2 and improves network reliability. Additionally we can install BFD to track link aggregation group status and enable milliseconds convergence time. Check below the topology and related configuration. 

[Insider Sharing] CE dual homed scenario - Which is the best VPLS access method?-1340967-3
-------------

#

 sysname CE

#

 vlan batch 10

#

interface Eth-Trunk0

 port link-type trunk

 port trunk allow-pass vlan 10

 mode lacp

#

interface GigabitEthernet0/0/1

 eth-trunk 0

#

interface GigabitEthernet0/0/2

 eth-trunk 0

#

interface GigabitEthernet0/0/3

 eth-trunk 0

#

interface GigabitEthernet0/0/4

 eth-trunk 0

#

return 

---------------

#

 sysname PE1

#

 vlan batch 100

#

 lacp e-trunk system-id 00e0-fc00-0000

 lacp e-trunk priority 1

#

e-trunk 1

 priority 10

 peer-address 2.2.2.9 source-address 1.1.1.9

 timer hello 9

 timer hold-on-failure multiplier 3

 e-trunk track bfd-session session-name hello1

#

 bfd

#

 mpls lsr-id 1.1.1.9

 mpls

#

 mpls l2vpn

#

vsi vpls_lan static

 pwsignal ldp

  vsi-id 2

  peer 3.3.3.9

#

mpls ldp

#

interface Vlanif 100

 ip address 10.1.1.1 255.255.255.0

 mpls

 mpls ldp

#

interface Eth-Trunk1

 mode lacp

 e-trunk 1

#

interface Eth-Trunk10.1

 dot1q termination vid 10

 l2 binding vsi vpls_lan

#

interface GigabitEthernet0/0/3

 port link-type trunk

 port trunk allow-pass vlan 100

#

interface GigabitEthernet0/0/1

 eth-trunk 1

#

interface GigabitEthernet0/0/2

 eth-trunk 1

#

interface LoopBack1

 ip address 1.1.1.9 255.255.255.255

#

bfd hello1 bind peer-ip 2.2.2.9 source-ip 1.1.1.9

 discriminator local 1

 discriminator remote 2

 commit

#

ospf 1

 area 0.0.0.0

  network 1.1.1.9 0.0.0.0

  network 10.1.1.0 0.0.0.255

#

return    

---------------

#

 sysname PE2

#

 vlan batch 200

#

 lacp e-trunk system-id 00e0-fc00-0000

 lacp e-trunk priority 1

#

e-trunk 1

 priority 20

 peer-address 1.1.1.9 source-address 2.2.2.9

 e-trunk track bfd-session session-name hello2

#

 bfd

#

 mpls lsr-id 2.2.2.9

 mpls

#

 mpls l2vpn

#

vsi vpls_lan static

 pwsignal ldp

  vsi-id 2

  peer 3.3.3.9

#

mpls ldp

#

interface Vlanif 200

 ip address 10.1.2.1 255.255.255.0

 mpls

 mpls ldp

#

interface Eth-Trunk 1

 mode lacp

 e-trunk 1

#

interface Eth-Trunk10.1

 dot1q termination vid 10

 l2 binding vsi vpls_lan

#

interface GigabitEthernet0/0/3

 port link-type trunk

 port trunk allow-pass vlan 200

#

interface GigabitEthernet0/0/1

 eth-trunk 1

#

interface GigabitEthernet0/0/2

 eth-trunk 1

#

interface LoopBack1

 ip address 2.2.2.9 255.255.255.255

#

bfd hello2 bind peer-ip 1.1.1.9 source-ip 2.2.2.9

 discriminator local 2

 discriminator remote 1

 commit

#

ospf 1

 area 0.0.0.0

  network 2.2.2.9 0.0.0.0

  network 10.1.2.0 0.0.0.255

#

return

------------------

About the discussion that I’ve started, I think VPLS access with Eth-Trunk and E-trunk is the best choice because:

1.      We avoid  VPLS configuration overhead for Dual Homed CE and signaling limitation, work only for Kompella.

2.      We  make full use of bandwidth.

3.      Convergence time is better based on BFD – millisecond level.  



  • x
  • convention:

Sophoni
Created Mar 25, 2014 10:06:48 Helpful(0) Helpful(0)

Thanks for your share.
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login