Posts from ‘VPN’


Probably one of the most confusing topics for people studying BGP/MPLS VPNs are EIGRP SoO and Cost communities. Not the concepts themselves, but rather their purpose. Lack of clear documentation makes it hard to understand why and how the specific features are implemented. In this blog post we discuss the BGP Cost community and EIGRP SoO attribute. First, a brief overview of MP-BGP is given along with general concepts of route redistribution in MPLS/BGP VPNs. Next, the problems that arise when using EIGRP in multihomed VPN environment are demonstrated. Lastly, the two specific EIGRP features are described and their use demonstrated. As usual, a reader is assumed to have basic understanding of fundamental L3 VPNs and PE-CE routing concepts. You may download the post in PDF format at the following link: Understanding EIGRP SoO and BGP Cost Community

Tags: , , ,


Let’s say you get a bunch of inexpensive (but a bit outdated) routers (36XX or 72Xx) and some really nice (maybe not so cheap) Cisco switches (e.g. 3550/3560) and you would like to provide a VPLS-like service to your customers. Since VPLS is a service available only on more powerful Cisco platforms, we have to figure a way to simulate Multipoint Ethernet L2 VPN over a packet switching network (PSN) using only “convenient” point-to-point L2 VPN services.

Let model a situation where we have a number of routers connected over (PSN), with an ethernet switch connected to router at every location:

VPLS with L2TPV3

What we can do, is connect ethernet ports using pseudowires to form a virtual ring topology over PSN. That is, refeferring to our picture, xconnect routers’ ethernet ports counter-clockwise, say xconnect E0/0 of R3 with E0/1 of R4, then E0/0 of R4 with E0/1 of R5 and finally E0/0 of R5 with E0/1 of R3. Effectively, we will form an ethernet ring, partially connected over convenient switches, and partially using L2VPN pseudowires. Router configurations look pretty much similar, for example at R3 we would have something like this

pseudowire-class PW_CLASS
 encapsulation l2tpv3
 ip local interface Loopback0
interface Loopback0
 ip address

! Xconnecting E0/0 of R3 with E0/1 of R4
interface Ethernet0/0
 no ip address
 xconnect 34 encapsulation l2tpv3 pw-class PW_CLASS

! Xconnecting E0/1 of R3 with E0/0 of R5
interface Ethernet0/1
 no ip address
 xconnect 35 pw-class PW_CLASS

! Frame-Relay is used to connect to other routers (PSN network)
interface Serial1/0
 no ip address
 encapsulation frame-relay
interface Serial1/0.34 point-to-point
 ip address
 frame-relay interface-dlci 304
interface Serial1/0.35 point-to-point
 ip address
 frame-relay interface-dlci 305 

! OSPF is used as a sample IGP
router ospf 1
 network area 0

Speaking honestly, it’s not “classic” VPLS in true sense:

Firstly, STP should be running over ring topology, in order to block redundant ports. One can use star topology and disable STP, but this will introduce a single point of failure into the network. Classic VPLS does not run STP over packet core, only a full-mesh of pseudowires.

Secondly, there is no MAC-address learning for pseudowires, since they are point-to-point in essense. MAC addresses are learned by switches, and this impose a usual scalability restriction (though cisco switches may allow you to scale to a few thousands of MAC addresses in their tables).

However, this is funny and simple example of how you can use a simple concept to come up with a more complicated solution.

Tags: , , , ,


CCIE Bloggers