Routing VE over VPLS

Virtual Private LAN Services (VPLS) enables you to connect remote sites over Multiprotocol Label Switching (MPLS) domain as if these sites were connected by a Layer 2 switch. It enables Virtual Circuits (VCs) to provide point-to-multipoint connection across the MPLS domain allowing traffic to flow between these remote sites on your Virtual Private Network (VPN).

Provider Edge equipments try to learn the MAC address of locally connected devices by flooding the broadcast and unknown unicast frames to other Provider Edge devices within the VPN. Associations are made between the remote MAC addresses and the VC Lable Switched Paths (LSPs) used to reach these remote PE devices. Traffic is then routed over these learned LSPs for any frame for the destination PE devices.

Note

Note

For SLX 9640, SLX 9740, and Extreme 8820 devices, enabling routing over BD for VE over VPLS is not supported when the pseudo wire profile on the bridge domain is in Tag mode. Due to this, the following will not be allowed on the CLI:

  • Enabling routing on bridge domain which has pseudo wire profile mode set as Tag.

  • Changing pseudo wire profile to Tag mode in case the pseudo wire profile is associated with any bridge domain that has routing enabled on it.

VE over VPLS will route packets between VPLS VE interface and all other IP interfaces outside of VPLS domain which reside on the PE devices. These include:

  • Physical Interfaces.

  • Other VLAN based VE interfaces for both tagged and un-tagged ports.

  • VE interfaces which reside on other VPLS instances.

The following is an example of a complete configuration for VE over VPLS:

 
 ip proxy-arp
 ip address 15.15.15.15/24
 no shutdown
!
interface Ethernet 1/1
 switchport
 switchport mode trunk
 switchport trunk allowed vlan add 100
 switchport trunk tag native-vlan
 no shutdown
 logical-interface ethernet 1/1.15
  vlan 15
 !
 bridge-domain 15 p2mp
 vc-id 15
 router-interface ve 15
 logical-interface ethernet 1/1.15
 pw-profile vplsPWprofile 
 bpdu-drop-enable
 local-switching
!
pw-profile vplsPWprofile 
 vc-mode tag
!
            
  1. From privileged EXEC mode, enter global configuration mode.
     
    device# configure terminal
                        
  2. Create a broadcast bridge domain using the bridge-domain <id> <type> command with the <type> value set to p2mp.
    device (config)# bridge-domain 15 p2mp
                        
  3. Configure a Virtual Connection Identifier (VC ID) for the bridge domain.
    device (config-bridge-domain-15)# vc-id 15
                        
  4. Create a logical interface ID for them to be configured as Attachment Circuit (AC) endpoints.
    device (config-bridge-domain-15)# interface ethernet 1/1/6.400
    device (config-bridge-domain-15)# interface port-channel 2.200 
                        
  5. Create the pseudo wire interface under the bridge domain.
     
    device (config-bridge-domain-15)# peer 15.15.15.15 load-balance
    device (config-bridge-domain-15)# peer 12.12.12.12 lsp lsp1 lsp2 
                        
  6. From the global configuration mode, create a new pseudo wire profile. The pseudo wire profile is then applied to the VPLS instance.
    device (config)# pw-profile vplsPWprofile 
    device (config-pw-profile-vplsPWprofile)#  
                        
  7. Within the pseudo wire profile, set its Virtual connection (VC) mode to Tagged.
    device (config-pw-profile-vplsPWprofile)# vc-mode tag
                        
  8. From withing the bridge domain context, apply the newly created pseudo wire profile to it.
    device (config-bridge-domain-15)# pw-profile vplsPWprofile 
                        
  9. Enable routing on the bridge domain by binding a router interface to the bridge domain.
    device (config-bridge-domain-15)# router-interface ve 15