Solved

Difference betwwen vpls exclude and include

  • 11 November 2020
  • 5 replies
  • 70 views

I have test VPLS service as below design

 

CE1------>>PE1------>>P1-------->>P2-------->>PE2--------->>CE2

   

PE1 and PE2 are spoke router 

P1 and P2 are core router 

I have configured vpls spoke to core between PE1 and P1 , PE2 and P2

P1 and P2 has vpls core full mesh 

P1 and P2 vpls profile have confiugred dot1q exclude and PE2 and PE1 configured dot1q include 

 

I got ping access between CE1 and CE2 

Here ,I have a question

PE1 and PE2 send to P1 and P2 packet with S VMAN tag

P1 and P2 are configured dot1q exclude.

when they recevie packet with S VMAN tag ,how to handle its.

And I have captured packet in wireshark ,only see MPLS VC label and transit label 

Can’t see dot1q tag detial in packet and it have data 

I need to data packet details .

Please see my design and configuration 

 

 

 

PE1 Config

Loopback ip of PE1 is 22.22.22.22
 

Lab-PE1.1 # show vpls 
L2VPN Name      VPN ID Flags   Services Name   Peer IP         State Flags 
--------------- ------ ------- --------------- --------------- ----- -------
Test-Vpls       10     EAI-VL- test            1.1.1.1         Up    CAs-V-L


VPN Flags:  (E) Admin Enabled, (A) Oper Enabled, (I) Include Tag,
            (X) Exclude Tag, (T) Ethertype Configured,
            (V) VCCV HC Enabled, (W) VPN Type VPWS, (L) VPN Type VPLS,
            (M) CFM MIP Configured
Peer Flags: (C) Core Peer, (S) Spoke Peer, (A) Active Core,
            (p) Configured Primary Core, (s) Configured Secondary Core, 
            (N) Named LSP Configured, (V) VCCV HC Capabilities Negotiated, 
            (F) VCCV HC Failed, (L) LDP Signaled, (T) Static (Not Signaled)

 

L2VPN Name: Test-Vpls
   VPN ID                : 10                    Admin State   : Enabled
   Source Address        : 22.22.22.22           Oper State    : Enabled
   VCCV Status           : Enabled               MTU           : 1700
   VCCV Interval Time    : 5 sec.                Ethertype     : 0x88a8
   VCCV Fault Multiplier : 4                     .1q tag       : include
   L2VPN Type            : VPLS                  Redundancy    : None
   Service Interface     : test
   Created By            : CLI
 

--------------------------------------------------------------------------

P1 config

 

Loopback ip of P1 is 1.1.1.1

 

P1.1 # show vpls 
L2VPN Name      VPN ID Flags   Services Name   Peer IP         State Flags 
--------------- ------ ------- --------------- --------------- ----- -------
Test-Vpls       10     EAX-VL- test            2.2.2.2         Up    C---V-L
                                               22.22.22.22     Up    S---V-L


VPN Flags:  (E) Admin Enabled, (A) Oper Enabled, (I) Include Tag,
            (X) Exclude Tag, (T) Ethertype Configured,
            (V) VCCV HC Enabled, (W) VPN Type VPWS, (L) VPN Type VPLS,
            (M) CFM MIP Configured
Peer Flags: (C) Core Peer, (S) Spoke Peer, (A) Active Core,
            (p) Configured Primary Core, (s) Configured Secondary Core, 
            (N) Named LSP Configured, (V) VCCV HC Capabilities Negotiated, 
            (F) VCCV HC Failed, (L) LDP Signaled, (T) Static (Not Signaled)
 

P1.3 # show vpls Test-Vpls detail 
L2VPN Name: Test-Vpls
   VPN ID                : 10                    Admin State   : Enabled
   Source Address        : 1.1.1.1               Oper State    : Enabled
   VCCV Status           : Enabled               MTU           : 1700
   VCCV Interval Time    : 5 sec.                Ethertype     : 0x88a8
   VCCV Fault Multiplier : 4                     .1q tag       : exclude
   L2VPN Type            : VPLS                  Redundancy    : None
   Service Interface     : test
   Created By            : CLI
 

-----------------------------------------------

P2 config

 

Loopback ip of P2 is 2.2.2.2

 

Lab-P2.1 # show vpls 
L2VPN Name      VPN ID Flags   Services Name   Peer IP         State Flags 
--------------- ------ ------- --------------- --------------- ----- -------
Test-Vpls       10     EAX-VL- test            1.1.1.1         Up    C---V-L
                                               33.33.33.33     Up    S---V-L


VPN Flags:  (E) Admin Enabled, (A) Oper Enabled, (I) Include Tag,
            (X) Exclude Tag, (T) Ethertype Configured,
            (V) VCCV HC Enabled, (W) VPN Type VPWS, (L) VPN Type VPLS,
            (M) CFM MIP Configured
Peer Flags: (C) Core Peer, (S) Spoke Peer, (A) Active Core,
            (p) Configured Primary Core, (s) Configured Secondary Core, 
            (N) Named LSP Configured, (V) VCCV HC Capabilities Negotiated, 
            (F) VCCV HC Failed, (L) LDP Signaled, (T) Static (Not Signaled)
 

Lab-P2.3 # show vpls Test-Vpls detail 
L2VPN Name: Test-Vpls
   VPN ID                : 10                    Admin State   : Enabled
   Source Address        : 2.2.2.2               Oper State    : Enabled
   VCCV Status           : Enabled               MTU           : 1700
   VCCV Interval Time    : 5 sec.                Ethertype     : 0x88a8
   VCCV Fault Multiplier : 4                     .1q tag       : exclude
   L2VPN Type            : VPLS                  Redundancy    : None
   Service Interface     : test
   Created By            : CLI

--------------------------------------------------

PE2 config

 

Loopback ip of PE2 is 33.33.33.33

 

Lab-PE2.1 # show vpls Test-Vpls 
L2VPN Name      VPN ID Flags   Services Name   Peer IP         State Flags 
--------------- ------ ------- --------------- --------------- ----- -------
Test-Vpls       10     EAI-VL- test            2.2.2.2         Up    CAp-V-L

VPN Flags:  (E) Admin Enabled, (A) Oper Enabled, (I) Include Tag,
            (X) Exclude Tag, (T) Ethertype Configured,
            (V) VCCV HC Enabled, (W) VPN Type VPWS, (L) VPN Type VPLS,
            (M) CFM MIP Configured
Peer Flags: (C) Core Peer, (S) Spoke Peer, (A) Active Core,
            (p) Configured Primary Core, (s) Configured Secondary Core, 
            (N) Named LSP Configured, (V) VCCV HC Capabilities Negotiated, 
            (F) VCCV HC Failed, (L) LDP Signaled, (T) Static (Not Signaled)
 

 


Lab-PE2.2 # show vpls Test-Vpls detail 
L2VPN Name: Test-Vpls
   VPN ID                : 10                    Admin State   : Enabled
   Source Address        : 33.33.33.33           Oper State    : Enabled
   VCCV Status           : Enabled               MTU           : 1700
   VCCV Interval Time    : 5 sec.                Ethertype     : 0x88a8
   VCCV Fault Multiplier : 4                     .1q tag       : include
   L2VPN Type            : VPLS                  Redundancy    : None
   Service Interface     : test
   Created By            : CLI
 

Please see wireshark packets details

 

I need to know data packet and what have it under as like below image that is you says 

 it got from below link

https://gtacknowledge.extremenetworks.com/articles/Q_A/L2VPN-tag-dot1q-Include-or-Exclude/?q=vpls+include&l=en_US&fs=Search&pn=1

Please advice me and thanks

icon

Best answer by Necheporenko, Nikolay 17 November 2020, 14:35

Hello Zombie,

Each VPLS is VFI (virtual forwarding instance) with attached VP (virtual port), this VPs might be port/vlan or PWs. In your case packets should be forwarded between 2 PWs. Also in your design P-routers acts as PEs, as they strip off MPLS header and add new one (not only top label). So every PE in your case does encapsulation/decapsulation process. In your test ICMP packets is forwarded within VFI between 2 PWs so packets received from PW1 decapsulate and then encapsulate into PW2, and right now we could not confirm that this dec/enc process is the same as for packet which is received from local attached port/vlan. Probably some hardware registers should not be reprogrammed to keep latency low.

To get more info on this additional tests are required, so if you are interested please raise service case.

 

Best Regards,

Nikolay

View original

5 replies

Userlevel 4

Hello Zombie,

The issue itself is not with the packets or EXOS config but with the “wireshark” settings as it could not filter out input correctly and print it like raw data. I’ve taken data from your picture “88 A2 00 77 5B 90 78 8A 20 BC 6E AD 88 A8 00 0A 81 00 00 64 08 00 45 00 00” and decoded it with https://hpd.gasmi.net and got correct data you are looking for 

 

So if you need to know data packet you have to tune wireshark settings or use “editcap” tool, which may strip first n bytes from the packets (mpls part), like in example below:

editcap -C 52 mpls.pcap  ## strip first 52 bytes

Best Regards,

Nikolay

Dear Nikolay ,

Thanks for your sharing packet strip off.
But I have one question that i asked above.
 

By recall,I have design vpls network design and test vpls 802.1q exclude and include 

As per GTAC knowledge ,
Exclude mean remove S-VMAN and include add S-VAMN tag 

So I test VPLS core- spoke design and PE router are configured vpls include , P router are configured vpls exclude 

 

So PE router that received packet from CE send to P router .In this situation , PE router send Packet with S VMAN tag to P router.As per i said above, P router are configured VPLS exclude and it found packet with S VMAN tag and how to handle packet.

Please see my vpls network topology

PE1(Spoke) to P1 (Core) configure vpls spoke to core
P1 (core) to P2 (core) is configure vpls core-full mesh

PE2 (spoke) to P2(core) configure vpls spoke to core 

And when I add another PC under P2, can i get ping from new CE to other CE1 and CE2

How to treat P router configured VPLS exclude  to PE router configured VPLS include 

In extreme switch, we can’t confiugre vpls exclude/include to each vpls neigbhor.

Please explain me about vpls exclude/include.

 

Thanks
Zombie​​​​​​

 

 

Userlevel 4

>>» So I test VPLS core- spoke design and PE router are configured vpls include , P router are configured vpls exclude  

 

If you configured VPLS service on P1 and P2 it means that both switches are PEs for local attached service, and will do exclude 1q header for locally received traffic, transit packets from PE1 to PE2 are forwarded based on the top label and P1 and P2 do not do lookup deeper than MPLS shim header.

 

/Nikolay

Dear Nikolay,

In my testing, I haven’t configure VPLS PE1 to PE2 directly.

I have configure three vpls segment. 
 

PE1 to P1 configure VPLS Spoke to Core 

 

P1 to P2 configure VPLS Core to Core 

 

P2 to PE2 configure VPLS Core to Spoke
So,When I ping from CE1 ,  PE1 received packet with C VLAN and tag S VMAN and MPLS top and button label 

And Send to P1 router. In this time, P1 router need to check top and button label 

Swap Label from packet and send to P2 

 

P1 and P2 are configure vpls exclude 

PE2 and PE1 are configure vpls include 

 

If I will add CE3 device under P1 , Can I get ping reply from CE1 and CE2

How to handle packet with S VMAN on P1 router .

Please explain me 

thanks

Userlevel 4

Hello Zombie,

Each VPLS is VFI (virtual forwarding instance) with attached VP (virtual port), this VPs might be port/vlan or PWs. In your case packets should be forwarded between 2 PWs. Also in your design P-routers acts as PEs, as they strip off MPLS header and add new one (not only top label). So every PE in your case does encapsulation/decapsulation process. In your test ICMP packets is forwarded within VFI between 2 PWs so packets received from PW1 decapsulate and then encapsulate into PW2, and right now we could not confirm that this dec/enc process is the same as for packet which is received from local attached port/vlan. Probably some hardware registers should not be reprogrammed to keep latency low.

To get more info on this additional tests are required, so if you are interested please raise service case.

 

Best Regards,

Nikolay

Reply