MPLS PWHE (pseudowire head-end) in Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR
Anton Karneliuk
Hello my friend,
We have already reviewed the configuration of VPWS for a classical case, when we need to provide L2 transport over IP/MPLS network. But this is not the single application that uses VPWS. Another useful and widely used example is L3 termination of the clients, connected at L2 to access IP/MPLS network.
1 2 3 4 5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
Brief overview
There are numerous reasons, why you don’t terminate the clients directly at access node (AN). For example, low end routers can’t terminate such connections in IP VPN instance (VPRN for Nokia (Alcatel-Lucent) and VRF for Cisco) or termination of user services at BNG, which is connected via IP/MPLS in access network. The latter case can be also implemented via L2TP, if you network is pure routed without MPLS, but in case of IP/MPLS network usage of PWHE is much more recommended.
The idea of PWHE service is shown at the image below:
The client devices (CPE) is connected via normal Ethernet connection to AN, which starts VPWS service in the direction of BNG. BNG terminates this VPWS from AN and L2 segment from CPE, as BNG has IPv4/IPv6 address at L3 interface that terminates this pseudowire.
What are we going to test?
We are going to configure 2 PWHE services:
CPE (Cisco) – AN (Nokia (Alcatel-Lucent)) – BNG (Cisco)
CPE (Nokia (Alcatel-Lucent)) – AN (Cisco) – BNG (Nokia (Alcatel-Lucent))
The image of the service will be provided later in the configuration section
Topology
Physical topology has 4 routers: two Nokia (Alcatel-Lucent) VSR (SR 7750) and two Cisco IOS XRv (ASR 9000) routers. Those of you, who have read my articles previously, this topology is familiar:
Case 1 – Nokia (Alcatel-Lucent) as PWHE/BNG, Cisco as AN
We’ll configure two independent PWHE services with two independent VPWS to show the difference and configuration in Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR. The following image, as I’ve promised previously, will explain how to do it:
In order to show and explain some differences, we’ll configure these cases separately. The first one is Nokia (Alcatel-Lucent) SR OS acting as PWHE and Cisco IOS XR is AN:
More information about VPLS configuration and verification you will find in the dedicated article.
Here you can see two different options, how you can configure PWHE that depends on vendor. In case of Nokia (Alcatel-Lucent) SR OS is PWHE you configure pseudowire in ethernet mode without control-word, because it is not allowed to configure it in such a way (SR1 configuration). Also you terminate VPWS directly at L3 interface, which terminates this segment (it’s possible to attach more than one spoke-sdp). Then at Cisco IOS XR you need to configure pseudowire in the same way in order to bring it to life. Also you need to adapt MTU, because Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR treat MTU in different manner.
We need to assure that VPWS is established and that L3 interface at BNG router is up and running in proper VPRN.
A:SR1# show service id 31 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 31 Vpn Id : 0
Service Type : VPRN
Name : (Not Specified)
Description : (Not Specified)
Customer Id : 2 Creation Origin : manual
Last Status Change: 03/27/2017 18:50:04
Last Mgmt Change : 03/27/2017 18:50:04
Admin State : Up Oper State : Up
===============================================================================
Route Dist. : 10.0.255.3:100 VPRN Type : regular
Oper Route Dist : 10.0.255.3:100
Oper RD Type : configured
AS Number : None Router Id : 10.0.255.1
ECMP : Enabled ECMP Max Routes : 1
Max IPv4 Routes : No Limit
===============================================================================
Auto Bind Tunnel
Resolution : disabled
===============================================================================
Max IPv6 Routes : No Limit
Ignore NH Metric : Disabled
Hash Label : Disabled
Entropy Label : Disabled
Vrf Target : target:65000:100
Vrf Import : None
Vrf Export : None
MVPN Vrf Target : None
MVPN Vrf Import : None
MVPN Vrf Export : None
Car. Sup C-VPN : Disabled
Label mode : vrf
BGP VPN Backup : Disabled
BGP Export Inactv : Disabled
===============================================================================
SAP Count : 0 SDP Bind Count : 1
VSD Domain : <none>
===============================================================================
Service Access & Destination Points
===============================================================================
Identifier Type AdmMTU OprMTU Adm Opr
===============================================================================
sdp:31:1031 S(10.0.255.3) TLDP 1514 1514 Up Up
===============================================================================
!
!
A:SR1# show router 31 route-table
===============================================================================
Route Table (Service: 31)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
===============================================================================
10.10.31.0/24 Local Local 00h08m57s 0
PWHE 0
===============================================================================
No. of Routes: 1
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
If you have problems with VPWS establishment it’s also useful to check parameters those must be negotiated in LDP session:
A:SR1# show router ldp bindings services detail
===============================================================================
LDP Bindings (IPv4 LSR ID 10.0.255.1)
(IPv6 LSR ID fc00::10:0:255:1)
===============================================================================
Legend: U – Label In Use, N – Label Not In Use, W – Label Withdrawn
S – Status Signaled Up, D – Status Signaled Down
E – Epipe Service, V – VPLS Service, M – Mirror Service
A – Apipe Service, F – Fpipe Service, I – IES Service, R – VPRN service
P – Ipipe Service, WP – Label Withdraw Pending, C – Cpipe Service
BU – Alternate For Fast Re-Route, TLV – (Type, Length: Value)
LF – Lower FEC, UF – Upper FEC, e – Label ELC
===============================================================================
LDP Service FEC 128 Bindings
===============================================================================
Type : R-Eth VcId : 1031
SvcId : 31 SdpId : 31
Peer Address : 10.0.255.3:0
Vc-switching : No
LMTU : 1500 RMTU : 1500
Egr. Lbl : 24003S Egr. Ctl Word : No
Egr. Flags : None Egr. Status Bits : Supported (0x0)
Egr. Flow Label Tx : No Egr. Flow Label Rx : No
Egr. PW Status Sig : Enabled
Egr. Vccv CV Bits : lsp-ping
Egr. Vccv CC Bits : router-alert-label mpls-demux-label-tl1
Ing. Lbl : 262134U Ing. Ctl Word : No
Ing. Flags : None Ing. Status Bits : Supported (0x0)
Ing. Flow Label Tx : No Ing. Flow Label Rx : No
Ing. Wdraw Reason : N/A
Ing. PW Status Sig : Enabled
Ing. Vccv CV Bits : lsp-ping bfd-fault-detect
Ing. Vccv CC Bits : router-alert-label
===============================================================================
No. of VC Labels: 1
===============================================================================
At Cisco IOS XR side the only thing that must be checked is VPWS configuration:
RP/0/0/CPU0:XR3#show l2vpn xconnect detail
Group PWHE_TEST, XC PWHE_XR3_to_SR1, state is up; Interworking none
AC: GigabitEthernet0/0/0/0.1031, state is up
Type VLAN; Num Ranges: 1
VLAN ranges: [1031, 1031]
MTU 1500; XC ID 0x1; interworking none
Statistics:
packets: received 0, sent 0
bytes: received 0, sent 0
drops: illegal VLAN 0, illegal length 0
PW: neighbor 10.0.255.1, PW ID 1031, state is up ( established )
PW class VPWS, XC ID 0xfff80001
Encapsulation MPLS, protocol LDP
Source address 10.0.255.3
PW type Ethernet, control word disabled, interworking none
PW backup disable delay 0 sec
Sequencing not set
PW Status TLV in use
MPLS Local Remote
———— —————————— —————————–
Label 24003 262134
Group ID 0x40 unknown
Interface GigabitEthernet0/0/0/0.1031 unknown
MTU 1500 1500
Control word disabled disabled
PW type Ethernet Ethernet
VCCV CV type 0x2 0x6
(LSP ping verification) (LSP ping verification)
(BFD PW FD only)
VCCV CC type 0x6 0x2
(router alert label) (router alert label)
(TTL expiry)
———— —————————— —————————–
Incoming Status (PW Status TLV):
Status code: 0x0 (Up) in Notification message
Outgoing Status (PW Status TLV):
Status code: 0x0 (Up) in Notification message
MIB cpwVcIndex: 4294443009
Create time: 27/02/2017 22:42:56 (01:32:27 ago)
Last time status changed: 28/02/2017 00:04:56 (00:10:27 ago)
Last time PW went down: 28/02/2017 00:04:17 (00:11:06 ago)
Statistics:
packets: received 0, sent 0
bytes: received 0, sent 0
Unfortunatelly Cisco IOS XRv doesn’t support forwarding plane for L2 VPNs so we can’t make simulations. But as control plane is up and running, we can consider that our PWHE at Nokia (Alcatel-Lucent) SR OS router is working as proper.
Case 2 – Nokia (Alcatel-Lucent) as AN, Cisco as PWHE/BNG
Let’s briefly recap the topology:
Now we configure pseudowire termination (PWHE) at Cisco IOS XR and Nokia (Alcatel-Lucent) SR OS plays role of AN:
In case of Cisco IOS XR is configured as PWHE, you have two options. One option is the same as it was previously with Nokia (Alcatel-Lucent) SR OS, so you configure pseudowire in Ethernet mode (this time you can configure it with control-word as Cisco IOS XR allows it in PWHE). Then all the traffic will be mapped to a single PW-Ether interface.
Another option, which is actually configure in my example, is configuring pseudowire in VLAN mode, so that VLAN tag is preserved across the transmission in VPWS. When Cisco IOS XR become the traffic at this particular pseudowire, it puts the traffic to associated PW-Ether interface. If this interface has sub-interface in the corresponding VLAN, traffic is destined there. This allows you easily map traffic of the customers in particular VRFs.
One difference in Cisco IOS XR from Nokia (Alcatel-Lucent) SR OS is that you define interface list, which defines interfaces those are allowed to receive PWHE traffic.
Here the checks are quite opposite and we’ll start at Cisco IOS XR router XR4, what is PWHE in our lab:
RP/0/0/CPU0:XR4#show l2vpn xconnect detail
Group PWHE_TEST, XC PWHE_SR2_to_XR4, state is up; Interworking none
AC: PW-Ether1, state is up
Type PW-Ether
Interface-list: PWHE_INTERFACES
Replicate status:
Gi0/0/0/0: success
MTU 1500; interworking none
Internal label: 24003
Statistics:
packets: received 0, sent 0
bytes: received 0, sent 0
PW: neighbor 10.0.255.2, PW ID 1024, state is up ( established )
PW class VPWS, XC ID 0xfff80001
Encapsulation MPLS, protocol LDP
Source address 10.0.255.4
PW type Ethernet VLAN, control word enabled, interworking none
PW backup disable delay 0 sec
Sequencing not set
PW Status TLV in use
MPLS Local Remote
———— —————————— —————————–
Label 24004 262137
Group ID 0x1d0 unknown
Interface PW-Ether1 unknown
MTU 1500 1500
Control word enabled enabled
PW type Ethernet VLAN Ethernet VLAN
VCCV CV type 0x2 0x6
(LSP ping verification) (LSP ping verification)
(BFD PW FD only)
VCCV CC type 0x7 0x3
(control word) (control word)
(router alert label) (router alert label)
(TTL expiry)
———— —————————— —————————–
Incoming Status (PW Status TLV):
Status code: 0x0 (Up) in Notification message
Outgoing Status (PW Status TLV):
Status code: 0x0 (Up) in Notification message
MIB cpwVcIndex: 4294443009
Create time: 09/03/2017 01:42:47 (00:45:17 ago)
Last time status changed: 09/03/2017 02:14:38 (00:13:25 ago)
Last time PW went down: 09/03/2017 02:14:30 (00:13:33 ago)
Statistics:
packets: received 0, sent 0
bytes: received 0, sent 0
!
!
RP/0/0/CPU0:XR4#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
—— ———– —————— ———— ————— ————
24000 Pop 10.0.255.3/32 Gi0/0/0/0.34 10.0.0.6 1470
24001 262143 10.0.255.1/32 Gi0/0/0/0.14 10.0.0.8 9974
24002 262143 10.0.255.2/32 Gi0/0/0/0.24 10.0.0.4 23494
24003 262137 PW-HE(PE1) 10.0.255.2 1196
24004 Unlabelled PW(10.0.255.2:1024) \
PE1 PW-HE-Disp 0
!
!
RP/0/0/CPU0:XR4#show route vrf BNG
C 10.10.24.0/24 is directly connected, 00:14:14, PW-Ether1.1024
L 10.10.24.1/32 is directly connected, 00:14:14, PW-Ether1.1024
!
!
RP/0/0/CPU0:XR4#show route vrf BNG ipv6
C fc00:10:10:24::/64 is directly connected,
00:14:32, PW-Ether1.1024
L fc00:10:10:24::1/128 is directly connected,
00:14:32, PW-Ether1.1024
!
!
RP/0/0/CPU0:XR4#show l2vpn pwhe interface PW-Ether 1 detail
Interface: PW-Ether1 Interface State: Up, Admin state: Up
Interface handle 0x1d0
MTU: 1514
BW: 10000 Kbit
Interface MAC addresses: 0000.c5c0.0001
Label: 24003
L2-overhead: 64
VC-type: 4
CW: Y
Generic-interface-list: PWHE_INTERFACES (id: 1)
Gi0/0/0/0, state: Up, replication: success
—————————————————
At Nokia (Alcatel-Lucent) SR OS side we just need to check the status of our VPWS (epipe) service:
A:SR2# show service id 1 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 1 Vpn Id : 0
Service Type : Epipe
Name : (Not Specified)
Description : (Not Specified)
Customer Id : 2 Creation Origin : manual
Last Status Change: 03/27/2017 18:55:45
Last Mgmt Change : 03/27/2017 18:52:05
Test Service : No
Admin State : Up Oper State : Up
MTU : 1514
Vc Switching : False
SAP Count : 1 SDP Bind Count : 1
Per Svc Hashing : Disabled
Force QTag Fwd : Disabled
===============================================================================
Service Access & Destination Points
===============================================================================
Identifier Type AdmMTU OprMTU Adm Opr
===============================================================================
sap:1/1/2:2014 q-tag 1518 1518 Up Up
sdp:24:1024 S(10.0.255.4) Spok 1530 1530 Up Up
===============================================================================
!
!
A:SR2# show router ldp bindings services detail
===============================================================================
LDP Bindings (IPv4 LSR ID 10.0.255.2)
(IPv6 LSR ID fc00::10:0:255:2)
===============================================================================
Legend: U – Label In Use, N – Label Not In Use, W – Label Withdrawn
S – Status Signaled Up, D – Status Signaled Down
E – Epipe Service, V – VPLS Service, M – Mirror Service
A – Apipe Service, F – Fpipe Service, I – IES Service, R – VPRN service
P – Ipipe Service, WP – Label Withdraw Pending, C – Cpipe Service
BU – Alternate For Fast Re-Route, TLV – (Type, Length: Value)
LF – Lower FEC, UF – Upper FEC, e – Label ELC
===============================================================================
LDP Service FEC 128 Bindings
===============================================================================
Type : E-Vlan VcId : 1024
SvcId : 1 SdpId : 24
Peer Address : 10.0.255.4:0
Vc-switching : No
LMTU : 1500 RMTU : 1500
Egr. Lbl : 24004S Egr. Ctl Word : Yes
Egr. Flags : None Egr. Status Bits : Supported (0x0)
Egr. Flow Label Tx : No Egr. Flow Label Rx : No
Egr. PW Status Sig : Enabled
Egr. Vccv CV Bits : lsp-ping
Egr. Vccv CC Bits : pwe3-control-word router-alert-label mpls-demux-label-tl1
Ing. Lbl : 262137U Ing. Ctl Word : Yes
Ing. Flags : None Ing. Status Bits : Supported (0x0)
Ing. Flow Label Tx : No Ing. Flow Label Rx : No
Ing. Wdraw Reason : N/A
Ing. PW Status Sig : Enabled
Ing. Vccv CV Bits : lsp-ping bfd-fault-detect
Ing. Vccv CC Bits : pwe3-control-word router-alert-label
===============================================================================
No. of VC Labels: 1
===============================================================================
That’s it. As in the previous lab, we unfortunately can’t perform simulation as Cisco IOS XRv doesn’t support data plane for L2 VPNs.
If something works in one direction it doesn’t mean that it works in the reverse direction in the same way. This is fully applicably for our case, where Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR can have different pseudowire types depending on who is BNG and who is AN. Knowing (or testing of these nuances) helps you to define the most efficient solution.
Conclusion
PWHE is one of the most useful solution today, if your access network is IP/MPLS. You can compare it to VPDN/L2TP as user termination technology in case of purely routed IP network. The goal is just the same: backhaul the customer traffic to the BNG. And here VPWS plays very helpful role for you by providing this backhauling. Use MPLS. Take care and good bye!