There are some nuances that you have to take into account if you need to interoperate MPLS L2VPN Martini (LDP VPWS) between Juniper (vMX) and Cisco (CSR1000v - IOS-XE). In this interoperability case, I’m going to use
VC-type 4/tagged mode (i.e., which in a nutshell, is the mode where you can use SVLANs on the ingress PE to differentiate between your L2VPN customers). If you need further or specific information about this mode, I’d suggest you take a look at the RFC4448 1.
When it comes to the interoperability of L2VPN Martini, you have to keep in mind that these are the main attributes that must match by default, otherwise the PW won’t come UP:
- PW signalling protocol
- LDP and FEC 128 in this case, for instance, an example of a transport signaling mismatch would be if you tried to signal L2VPN Kompella (BGP VPWS) on one PE and L2VPN Martini (LDP VPWS) on the other PE
- MTU of the AC (attachment circuit)
Network Design Tip
Some vendors allow you to ignore some mismatch types though. On Junos 15.1, it’s possible to ignore both MTU and VC-type mismatches 2. These ignore commands can remedy some network designs. For instance, the ignore MTU command could be handy if you had a PE which aggregates multiple PWs to several remote PEs and these remote PEs had different MTU values configured on their AC. In this case, it would be reasonable to use the ignore MTU command.
The topology that will be used for the configuration and the basic verification of this interoperability case is illustrated in Figure 1. As you can see, there are two PEs, vMX1 and CSR2, configured with L2VPN Martini and one SVLAN 1024, which is the AC of this L2 circuit/L2VPN. All core-facing interfaces are running MPLS/LDP/OSPF A0.
For simplicity’s sake, the configuration presented in the following subsections are only related to L2VPN Martini.
Network Design Tip
As a network design best practice, make sure you’ve got set an appropriate MTU to account for all the encapsulation overhead in place on your MPLS backbone (which I omitted in the configuration snippet). Otherwise, you can experience silent packet drop, especially when transporting large data packets, if there isn’t enough room MTU-wise.
Before we start the verification, let’s double check all the main signaled attributes real quick:
|PW Signaling protocol||LDP and FEC 128||LDP and FEC 128||YES|
Why the MTU value isn’t the same on both AC interfaces? Well, here’s where the fun begins due to particular details of vendor implementation. On IOS-XE, the MTU signaled is literally the explicit MTU value configured. In other words, on IOS-XE the MTU value configured doesn’t include the overhead of the L2 header encapsulation in place, whereas on Junos it does. So, in this case, assuming that you’d like to have a MTU of 1800 bytes of data, you’re expected to set extra 18 bytes (14 byte Ethernet header + 4 byte VLAN header of the encapsulation VLAN CCC) on the MTU configuration command. Alternatively, if for some reason, you’re not allowed to change the hardware MTU on the access interface, you can explicitly signal the MTU on the PW configuration. On Junon 15.1, you can find this under the
On Cisco, IOS 15.5(3)S, you can set the signaled MTU under the PW interface:
So far so good, the control plane looks solid. Let’s move on and check the data plane now. From CE1’s perspective, it’s OK. It’s possible to ping CE2:
If you don’t have access to your CE devices, you can verify from your PE. Also, let’s make sure that this PW can successfully transport 1800 bytes of data over the MPLS backbone:
Sweet! There you go, we just transported 1800 bytes of data. In fact, on the MPLS backbone, as you can see in Figure 2, there are 1822 bytes on wire because of the overhead encapsulation (new Ethernet header + VC-Label + MPLS ControlWord).
Keep in mind that since these PEs are directly connected, they both make use of PHP, otherwise we would’ve seen more 4 bytes of overhead of the LSP transport label
All in all, L2VPN Martini works smoothly between Juniper and Cisco. Always make sure you match the main signaled attributes, which are VC-ID, signaling protocol, MTU and VC-type. Also, before setting up L2VPN martini, do some research to find out how the vendor implementation signals the MTU of the AC because this is usually the trickiest part.