Contents

• L2VPN Pseudowire Redundancy
• Finding Feature Information
• Prerequisites for L2VPN Pseudowire Redundancy
• Restrictions for L2VPN Pseudowire Redundancy
• Information About L2VPN Pseudowire Redundancy
• Introduction to L2VPN Pseudowire Redundancy
• Xconnect as a Client of BFD
• How to Configure L2VPN Pseudowire Redundancy
• Configuring the Pseudowire
• Configuring L2VPN Pseudowire Redundancy
• Configuring Xconnect as a Client of BFD
• Forcing a Manual Switchover to the Backup Pseudowire VC
• Verifying the L2VPN Pseudowire Redundancy Configuration
• Configuration Examples for L2VPN Pseudowire Redundancy
• L2VPN Pseudowire Redundancy and AToM Like to Like Examples
• L2VPN Pseudowire Redundancy and L2VPN Interworking Examples
• L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples
• Additional References
• Feature Information for L2VPN Pseudowire Redundancy

L2VPN Pseudowire Redundancy

---

• Finding Feature Information
• Prerequisites for L2VPN Pseudowire Redundancy
• Restrictions for L2VPN Pseudowire Redundancy
• Information About L2VPN Pseudowire Redundancy
• How to Configure L2VPN Pseudowire Redundancy
• Configuration Examples for L2VPN Pseudowire Redundancy
• Additional References
• Feature Information for L2VPN Pseudowire Redundancy

Information About L2VPN Pseudowire Redundancy

• Introduction to L2VPN Pseudowire Redundancy
• Xconnect as a Client of BFD

Introduction to L2VPN Pseudowire Redundancy

L2VPNs can provide pseudowire resiliency through their routing protocols. When connectivity between end-to-end PE devices fails, the L2VPN pseudowire redundancy can select and alternate path to the directed LDP session and the user data can take over. However, there are some parts of the network where this rerouting mechanism does not protect against interruptions in service. The figure below shows those parts of the network that are vulnerable to an interruption in service.

Figure 1. Points of Potential Failure in an L2VPN Network

The L2VPN Pseudowire Redundancy feature provides the ability to ensure that the CE2 device in the figure above can always maintain network connectivity, even if one or all the failures in the figure occur.

The L2VPN Pseudowire Redundancy feature enables you to set up backup pseudowires. You can configure the network with redundant pseudowires (PWs) and redundant network elements, which are shown in the three figures below.

The figure below shows a network with redundant pseudowires and redundant attachment circuits.

Figure 2. L2VPN Network with Redundant PWs and Attachment Circuits

The figure below shows a network with redundant pseudowires, attachment circuits, and CE devices.

Figure 3. L2VPN Network with Redundant PWs, Attachment Circuits, and CE devices

The figure below shows a network with redundant pseudowires, attachment circuits, CE devices, and PE devices.

Figure 4. L2VPN Network with Redundant PWs, Attachment Circuits, CE devices, and PE devices

Xconnect as a Client of BFD

Redundant pseudowires are deployed to provide fault tolerance and resiliency to L2VPN-backhauled connections. The speed at which a system recovers from failures, especially when scaled to large numbers of pseudowires, is critical to many service providers and service level agreements (SLAs). The configuration of a trigger for redundant pseudowire switchover reduces the time that it takes a large number of pseudowires to failover. A fundamental component of bidirectional forwarding detection (BFD) capability is enabled by fast-failure detection (FFD).

The configuration of this feature refers to a BFD configuration, such as the following (the second URL in the bfd map command is the loopback URL in the monitor peer bfd command):

bfd-template multi-hop mh
 interval min-tx 200 min-rx 200 multiplier 3 !
bfd map ipv4  10.1.1.0/24  10.1.1.1/32 mh

How to Configure L2VPN Pseudowire Redundancy

The L2VPN Pseudowire Redundancy feature enables you to configure a backup pseudowire in case the primary pseudowire fails. When the primary pseudowire fails, the PE router can switch to the backup pseudowire. You can have the primary pseudowire resume operation after it comes back up.

The default Label Distribution Protocol (LDP) session hold-down timer will enable the software to detect failures in about 180 seconds. That time can be configured so that the software can detect failures more quickly. See the mpls ldp holdtime command for more information.

• Configuring the Pseudowire
• Configuring L2VPN Pseudowire Redundancy
• Configuring Xconnect as a Client of BFD
• Forcing a Manual Switchover to the Backup Pseudowire VC
• Verifying the L2VPN Pseudowire Redundancy Configuration

Configuring the Pseudowire

The successful transmission of the Layer 2 frames between PE routers is due to the configuration of the PE routers. You set up the connection, called a pseudowire, between the routers.

The pseudowire-class configuration group specifies the characteristics of the tunneling mechanism, which are:

• Encapsulation type

• Control protocol

• Payload-specific options

You must specify the encapsulation mplscommand as part of the pseudowire class for the AToM VCs to work properly. If you omit the encapsulation mplscommand as part of the xconnectcommand, you receive the following error:

% Incomplete command.

Perform this task to configure a pseudowire class.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    pseudowire-class name


4.    encapsulation mpls


5.    interworking {ethernet | ip}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	pseudowire-class name Example: Router(config)# pseudowire-class atom	Establishes a pseudowire class with a name that you specify. Enters pseudowire class configuration mode.
Step 4	encapsulation mpls Example: Router(config-pw-class)# encapsulation mpls	Specifies the tunneling encapsulation. For AToM, the encapsulation type is mpls.
Step 5	interworking {ethernet | ip} Example: Router(config-pw-class)# interworking ip	(Optional) Enables the translation between the different Layer 2 encapsulations.

Configuring L2VPN Pseudowire Redundancy

Use the following steps to configure the L2VPN Pseudowire Redundancy feature.

Before You Begin

For each transport type, the xconnectcommand is configured slightly differently. The following configuration steps use Ethernet VLAN over MPLS, which is configured in subinterface configuration mode. See Any Transport over MPLS to determine how to configure the xconnect command for other transport types.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    interface gigabitethernet slot / subslot / interface . subinterface


4.    encapsulation dot1q vlan-id


5.    xconnect peer-router-id vcid {encapsulation mpls| pw-class pw-class-name}


6.    backup peer peer-router-ip-addr vcid [pw-class pw-class-name]


7.    backup delay e nable-delay {disable-delay | never}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	interface gigabitethernet slot / subslot / interface . subinterface Example: Router(config)# interface gigabitethernet0/0/0.1	Specifies the Gigabit Ethernet subinterface and enters subinterface configuration mode. Make sure that the subinterface on the adjoining CE router is on the same VLAN as this PE router.
Step 4	encapsulation dot1q vlan-id Example: Router(config-subif)# encapsulation dot1q 100	Enables the subinterface to accept 802.1Q VLAN packets. The subinterfaces between the CE and PE routers that are running Ethernet over MPLS must be in the same subnet. All other subinterfaces and backbone routers do not.
Step 5	xconnect peer-router-id vcid {encapsulation mpls| pw-class pw-class-name} Example: Router(config-subif)# xconnect 10.0.0.1 123 pw-class atom	Binds the attachment circuit to a pseudowire VC. The syntax for this command is the same as for all other Layer 2 transports. Enters xconnect configuration mode.
Step 6	backup peer peer-router-ip-addr vcid [pw-class pw-class-name] Example: Router(config-if-xconn)# backup peer 10.0.0.3 125 pw-class atom	Specifies a redundant peer for the pseudowire VC. The pseudowire class name must match the name you specified when you created the pseudowire class, but you can use a different pw-class in the backup peer command than the name that you used in the primary xconnect command.
Step 7	backup delay e nable-delay {disable-delay | never} Example: Router(config-if-xconn)# backup delay 5 never	Specifies how long (in seconds) the backup pseudowire VC should wait to take over after the primary pseudowire VC goes down. The range is 0 to 180. Specifies how long the primary pseudowire should wait after it becomes active to take over for the backup pseudowire VC. The range is 0 to 180 seconds. If you specify the never keyword, the primary pseudowire VC never takes over for the backup.

Configuring Xconnect as a Client of BFD

Perform this task to configure a trigger for redundant pseudowire switchover.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    pseudowire-class mpls-ffd


• Enters pseudowire class configuration mode.

4.    encapsulation mpls


5.    monitor peer bfd [local interface interface-type interface-number]

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Device> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Device# configure terminal	Enters global configuration mode.
Step 3	pseudowire-class mpls-ffd Enters pseudowire class configuration mode. Example: Device(config)# pseudowire-class mpls-ffd	Establishes a pseudowire class for MPLS fast-failure detection.
Step 4	encapsulation mpls Example: Device(config-pw-class)# encapsulation mpls	Specifies the tunneling encapsulation to be MPLS.
Step 5	monitor peer bfd [local interface interface-type interface-number] Example: Device(config-pw-class)# monitor peer bfd local interface loopback 0	Enables the pseudowire fast-failure detection capability.

Forcing a Manual Switchover to the Backup Pseudowire VC

To force the router switch over to the backup or primary pseudowire, you can enter the xconnect backup force switchover command in privileged EXEC mode. You can specify either the interface of the primary attachment circuit (AC) to switch to or the IP-address and VC ID of the peer router.

A manual switchover can be made only if the interface or peer specified in the command is actually available and the xconnect will move to the fully active state when the command is entered.

SUMMARY STEPS

1.    enable


2.    xconnect backup force-switchover { interface interface-info | peer ip-address vcid}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	xconnect backup force-switchover { interface interface-info | peer ip-address vcid} Example: Router# xconnect backup force-switchover peer 10.10.10.1 123	Specifies that the router should switch to the backup or to the primary pseudowire.

Verifying the L2VPN Pseudowire Redundancy Configuration

Use the following commands to verify that the L2VPN Pseudowire Redundancy feature is correctly configured.

SUMMARY STEPS

1.    show mpls l2transport vc


2.    show xconnect all


3.    xconnect logging redundancy

DETAILED STEPS

---

Step 1	show mpls l2transport vc In this example, the primary attachment circuit is up. The backup attachment circuit is available, but not currently selected. The show output displays as follows: Example: Router# show mpls l2transport vc Local intf Local circuit Dest address VC ID Status ------------- ----------------------- --------------- ---------- ---------- Et0/0.1 Eth VLAN 101 10.0.0.2 101 UP Et0/0.1 Eth VLAN 101 10.0.0.3 201 DOWN Router# show mpls l2transport vc detail Local interface: Et0/0.1 up, line protocol up, Eth VLAN 101 up Destination address 10.0.0.2 VC ID: 101, VC status UP . . . Local interface: Et0/0.1 down, line protocol down, Eth VLAN 101 down Destination address 10.0.0.3 VC ID: 201, VC status down . . .
Step 2	show xconnect all In this example, the topology is Attachment Circuit 1 to Pseudowire 1 with a Pseudowire 2 as a backup: Example: Router# show xconnect all Legend: XC ST=Xconnect State, S1=Segment1 State, S2=Segment2 State UP=Up, DN=Down, AD=Admin Down, IA=Inactive, NH=No Hardware XC ST Segment 1 S1 Segment 2 S2 ------+---------------------------------+--+---------------------------------+-- UP pri ac Et0/0(Ethernet) UP mpls 10.55.55.2:1000 UP IA sec ac Et0/0(Ethernet) UP mpls 10.55.55.3:1001 DN In this example, the topology is Attachment Circuit 1 to Attachment Circuit 2 with a Pseudowire backup for Attachment Circuit 2: Example: Router# show xconnect all Legend: XC ST=Xconnect State, S1=Segment1 State, S2=Segment2 State UP=Up, DN=Down, AD=Admin Down, IA=Inactive, NH=No Hardware XC ST Segment 1 S1 Segment 2 S2 ------+---------------------------------+--+---------------------------------+-- UP pri ac Se6/0:150(FR DLCI) UP ac Se8/0:150(FR DLCI) UP IA sec ac Se6/0:150(FR DLCI) UP mpls 10.55.55.3:7151 DN
Step 3	xconnect logging redundancy In addition to the show mpls l2transport vccommand and the show xconnect command, you can use the xconnect logging redundancy command to track the status of the xconnect redundancy group: Example: Router(config)# xconnect logging redundancy When this command is configured, the following messages will be generated during switchover events: Activating the primary member: Example: 00:01:07: %XCONNECT-5-REDUNDANCY: Activating primary member 10.55.55.2:1000 Activating the backup member: Example: 00:01:05: %XCONNECT-5-REDUNDANCY: Activating secondary member 10.55.55.3:1001

---

Configuration Examples for L2VPN Pseudowire Redundancy

Each of the configuration examples refers to one of the following pseudowire classes:

• AToM (like-to-like) pseudowire class:

pseudowire-class mpls
 encapsulation mpls

• L2VPN IP interworking:

pseudowire-class mpls-ip
 encapsulation mpls
 interworking ip

• L2VPN Pseudowire Redundancy and AToM Like to Like Examples
• L2VPN Pseudowire Redundancy and L2VPN Interworking Examples
• L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples

L2VPN Pseudowire Redundancy and AToM Like to Like Examples

The following example shows a High-Level Data Link Control (HDLC) attachment circuit xconnect with a backup pseudowire:

interface Serial4/0
 xconnect 10.55.55.2 4000 pw-class mpls
 backup peer 10.55.55.3 4001 pw-class mpls

The following example shows a Frame Relay attachment circuit xconnect with a backup pseudowire:

connect fr-fr-pw Serial6/0 225 l2transport
 xconnect 10.55.55.2 5225 pw-class mpls
 backup peer 10.55.55.3 5226 pw-class mpls

L2VPN Pseudowire Redundancy and L2VPN Interworking Examples

The following example shows an Ethernet attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Ethernet0/0
 xconnect 10.55.55.2 1000 pw-class mpls-ip
 backup peer 10.55.55.3 1001 pw-class mpls-ip

The following example shows an Ethernet VLAN attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Ethernet1/0.1
 encapsulation dot1Q 200
 no ip directed-broadcast
 xconnect 10.55.55.2 5200 pw-class mpls-ip
 backup peer 10.55.55.3 5201 pw-class mpls-ip

The following example shows a Frame Relay attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

connect fr-ppp-pw Serial6/0 250 l2transport
 xconnect 10.55.55.2 8250 pw-class mpls-ip
 backup peer 10.55.55.3 8251 pw-class mpls-ip

The following example shows a PPP attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Serial7/0
 encapsulation ppp
 xconnect 10.55.55.2 2175 pw-class mpls-ip
 backup peer 10.55.55.3 2176 pw-class mpls-ip

L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples

The following example shows an Ethernet VLAN-VLAN local switching xconnect with a pseudowire backup for Ethernet segment E2/0.2. If the subinterface associated with E2/0.2 goes down, the backup pseudowire is activated.

connect vlan-vlan Ethernet1/0.2 Ethernet2/0.2
 backup peer 10.55.55.3 1101 pw-class mpls

The following example shows a Frame Relay-to-Frame Relay local switching connect with a pseudowire backup for Frame Relay segment S8/0 150. If data-link connection identifier (DLCI) 150 on S8/0 goes down, the backup pseudowire is activated.

connect fr-fr-ls Serial6/0 150 Serial8/0 150
 backup peer 10.55.55.3 7151 pw-class mpls

Additional References

Related Documents

Related Topic	Document Title
Any Transport over MPLS	Any Transport over MPLS
High Availability for AToM	AToM Graceful Restart
L2VPN Interworking	L2VPN Interworking
Layer 2 local switching	Layer 2 Local Switching
PWE3 MIB	Pseudowire Emulation Edge-to-Edge MIBs for Ethernet and Frame Relay Services
Packet sequencing	Any Transport over MPLS (AToM) Sequencing Support
BFD configuration	IP Routing BFD Configuration Guide

Standards

Standards	Title
None	--

MIBs

MIBs	MIBs Link
None	To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http:/​/​www.cisco.com/​go/​mibs

RFCs

RFCs	Title
None	--

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http:/​/​www.cisco.com/​techsupport

Feature Information for L2VPN Pseudowire Redundancy

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Table 1 Feature Information for L2VPN Pseudowire Redundancy

Feature Name	Releases	Feature Information
L2VPN Pseudowire Redundancy	12.0(31)S 12.2(28)SB 12.2(22)SXI 12.2(33)SRB 12.4(11)T 15.0(1)S	This feature enables you to set up your network to detect a failure in the network and reroute the Layer 2 service to another endpoint that can continue to provide service. In Cisco IOS Release 12.0(31)S, the L2VPN Pseudowire Redundancy feature was introduced for Any Transport over MPLS (AToM) on the Cisco 12000 series routers. This feature was integrated into Cisco IOS Release 12.2(28)SB. This feature was integrated into Cisco IOS Release 12.4(11)T. This feature was integrated into Cisco IOS Release 12.2(33)SRB. This feature was integrated into Cisco IOS Release 12.2(33)SXI. The following commands were introduced or modified: backup delay (L2VPN local switching), backup peer, show xconnect, xconnect backup force-switchover, xconnect logging redundancy.
L2VPN Pseudowire Redundancy for L2TPv3	12.2(33)SRE 15.0(1)S	This feature provides L2VPN pseudowire redundancy for L2TPv3 xconnect configurations. In Cisco IOS Release 12.2(33)SRE, this feature was implemented on the Cisco 7600 series routers.
Xconnect as a Client of BFD	15.1(3)S	This feature provides fast-failure detection for L2VPN pseudowire redundancy. The following command was introduced: monitor peer bfd.
Resilient Pseudowire (RPW): PW Fast Recovery	15.2(1)S	This feature was integrated into Cisco IOS Release 15.2(1)S. The following commands were introduced or modified: aps hspw-icrm-grp , show hspw-aps-icrm.

Contents

• L2VPN Pseudowire Redundancy
• Finding Feature Information
• Prerequisites for L2VPN Pseudowire Redundancy
• Restrictions for L2VPN Pseudowire Redundancy
• Information About L2VPN Pseudowire Redundancy
• Introduction to L2VPN Pseudowire Redundancy
• Xconnect as a Client of BFD
• How to Configure L2VPN Pseudowire Redundancy
• Configuring the Pseudowire
• Configuring L2VPN Pseudowire Redundancy
• Configuring Xconnect as a Client of BFD
• Forcing a Manual Switchover to the Backup Pseudowire VC
• Verifying the L2VPN Pseudowire Redundancy Configuration
• Configuration Examples for L2VPN Pseudowire Redundancy
• L2VPN Pseudowire Redundancy and AToM Like to Like Examples
• L2VPN Pseudowire Redundancy and L2VPN Interworking Examples
• L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples
• Additional References
• Feature Information for L2VPN Pseudowire Redundancy

L2VPN Pseudowire Redundancy

---

The L2VPN Pseudowire Redundancy feature lets you configure your network to detect a failure in the network and reroute the Layer 2 (L2) service to another endpoint that can continue to provide service. This feature provides the ability to recover from a failure either of the remote provider edge (PE) router or of the link between the PE and customer edge (CE) routers.

• Finding Feature Information
• Prerequisites for L2VPN Pseudowire Redundancy
• Restrictions for L2VPN Pseudowire Redundancy
• Information About L2VPN Pseudowire Redundancy
• How to Configure L2VPN Pseudowire Redundancy
• Configuration Examples for L2VPN Pseudowire Redundancy
• Additional References
• Feature Information for L2VPN Pseudowire Redundancy

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for L2VPN Pseudowire Redundancy

• This feature module requires that you understand how to configure basic L2 virtual private networks (VPNs). You can find that information in the following documents:

  • Any Transport over MPLS
  • L2 VPN Interworking
• The L2VPN Pseudowire Redundancy feature requires that the following mechanisms be in place to enable you to detect a failure in the network:

  • Label-switched paths (LSP) Ping/Traceroute and Any Transport over MPLS Virtual Circuit Connection Verification (AToM VCCV)
  • Local Management Interface (LMI)
  • Operation, Administration, and Maintenance (OAM)

Restrictions for L2VPN Pseudowire Redundancy

General Restrictions

• The primary and backup pseudowires must run the same type of transport service. The primary and backup pseudowires must be configured with AToM.

• Only static, on-box provisioning is supported.

• If you use L2VPN Pseudowire Redundancy with L2VPN Interworking, the interworking method must be the same for the primary and backup pseudowires.

• Setting the experimental (EXP) bit on the Multiprotocol Label Switching (MPLS) pseudowire is supported.

• Different pseudowire encapsulation types on the MPLS pseudowire are not supported.

• The mpls l2transport route command is not supported. Use the xconnect command instead.

• The ability to have the backup pseudowire fully operational at the same time that the primary pseudowire is operational is not supported. The backup pseudowire becomes active only after the primary pseudowire fails.

• The AToM VCCV feature is supported only on the active pseudowire.

• More than one backup pseudowire is not supported.

• Bidirectional Forwarding Detection over Virtual Circuit Connection Verification (BFDoVCCV) with status signaling is supported only on static pseudowires that do not have a backup peer. Explicit configuration of backup peers that violates this restriction is rejected.

• BFDoVCCV with status signaling through a pseudowire class is allowed. However, the feature is not supported on pseudowires that do not meet the restriction noted above.

Restrictions for Layer 2 Tunnel Protocol Version 3 (L2TPv3) Xconnect Configurations

• Interworking is not supported.

• Local switching backup by pseudowire redundancy is not supported.

• PPP, HDLC, and Frame-Relay attachment circuit (AC) types of L2TPv3 pseudowire redundancy are not supported.

• For the edge interface, only the Cisco 7600 series SPA Interface Processor-400 (SIP-400) linecard with the following shared port adapters (SPAs) is supported:

Cisco 2-Port Gigabit Ethernet Shared Port Adapter (SPA-2X1GE) Cisco 2-Port Gigabit Ethernet Shared Port Adapter, Version 2 (SPA-2X1GE-V2) Cisco 5-Port Gigabit Ethernet Shared Port Adapter, Version 2 (SPA-5X1GE-V2) Cisco 10-Port Gigabit Ethernet Shared Port Adapter, Version 2 (SPA-10X1GE-V2) Cisco 2-Port OC3c/STM1c ATM Shared Port Adapter (SPA-2XOC3-ATM) Cisco 4-Port OC3c/STM1c ATM Shared Port Adapter (SPA-4XOC3-ATM) Cisco 1-Port OC12c/STM4c ATM Shared Port Adapter (SPA-1XOC12-ATM) Cisco 1-Port OC-48c/STM-16 ATM Shared Port Adapter (SPA-1XOC48-ATM)

Information About L2VPN Pseudowire Redundancy

• Introduction to L2VPN Pseudowire Redundancy
• Xconnect as a Client of BFD

Introduction to L2VPN Pseudowire Redundancy

L2VPNs can provide pseudowire resiliency through their routing protocols. When connectivity between end-to-end PE devices fails, the L2VPN pseudowire redundancy can select and alternate path to the directed LDP session and the user data can take over. However, there are some parts of the network where this rerouting mechanism does not protect against interruptions in service. The figure below shows those parts of the network that are vulnerable to an interruption in service.

Figure 1. Points of Potential Failure in an L2VPN Network

The L2VPN Pseudowire Redundancy feature provides the ability to ensure that the CE2 device in the figure above can always maintain network connectivity, even if one or all the failures in the figure occur.

The L2VPN Pseudowire Redundancy feature enables you to set up backup pseudowires. You can configure the network with redundant pseudowires (PWs) and redundant network elements, which are shown in the three figures below.

The figure below shows a network with redundant pseudowires and redundant attachment circuits.

Figure 2. L2VPN Network with Redundant PWs and Attachment Circuits

The figure below shows a network with redundant pseudowires, attachment circuits, and CE devices.

Figure 3. L2VPN Network with Redundant PWs, Attachment Circuits, and CE devices

The figure below shows a network with redundant pseudowires, attachment circuits, CE devices, and PE devices.

Figure 4. L2VPN Network with Redundant PWs, Attachment Circuits, CE devices, and PE devices

Xconnect as a Client of BFD

Redundant pseudowires are deployed to provide fault tolerance and resiliency to L2VPN-backhauled connections. The speed at which a system recovers from failures, especially when scaled to large numbers of pseudowires, is critical to many service providers and service level agreements (SLAs). The configuration of a trigger for redundant pseudowire switchover reduces the time that it takes a large number of pseudowires to failover. A fundamental component of bidirectional forwarding detection (BFD) capability is enabled by fast-failure detection (FFD).

The configuration of this feature refers to a BFD configuration, such as the following (the second URL in the bfd map command is the loopback URL in the monitor peer bfd command):

bfd-template multi-hop mh
 interval min-tx 200 min-rx 200 multiplier 3 !
bfd map ipv4  10.1.1.0/24  10.1.1.1/32 mh

How to Configure L2VPN Pseudowire Redundancy

The L2VPN Pseudowire Redundancy feature enables you to configure a backup pseudowire in case the primary pseudowire fails. When the primary pseudowire fails, the PE router can switch to the backup pseudowire. You can have the primary pseudowire resume operation after it comes back up.

The default Label Distribution Protocol (LDP) session hold-down timer will enable the software to detect failures in about 180 seconds. That time can be configured so that the software can detect failures more quickly. See the mpls ldp holdtime command for more information.

• Configuring the Pseudowire
• Configuring L2VPN Pseudowire Redundancy
• Configuring Xconnect as a Client of BFD
• Forcing a Manual Switchover to the Backup Pseudowire VC
• Verifying the L2VPN Pseudowire Redundancy Configuration

Configuring the Pseudowire

The successful transmission of the Layer 2 frames between PE routers is due to the configuration of the PE routers. You set up the connection, called a pseudowire, between the routers.

The pseudowire-class configuration group specifies the characteristics of the tunneling mechanism, which are:

• Encapsulation type

• Control protocol

• Payload-specific options

You must specify the encapsulation mplscommand as part of the pseudowire class for the AToM VCs to work properly. If you omit the encapsulation mplscommand as part of the xconnectcommand, you receive the following error:

% Incomplete command.

Perform this task to configure a pseudowire class.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    pseudowire-class name


4.    encapsulation mpls


5.    interworking {ethernet | ip}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	pseudowire-class name Example: Router(config)# pseudowire-class atom	Establishes a pseudowire class with a name that you specify. Enters pseudowire class configuration mode.
Step 4	encapsulation mpls Example: Router(config-pw-class)# encapsulation mpls	Specifies the tunneling encapsulation. For AToM, the encapsulation type is mpls.
Step 5	interworking {ethernet | ip} Example: Router(config-pw-class)# interworking ip	(Optional) Enables the translation between the different Layer 2 encapsulations.

Configuring L2VPN Pseudowire Redundancy

Use the following steps to configure the L2VPN Pseudowire Redundancy feature.

Before You Begin

For each transport type, the xconnectcommand is configured slightly differently. The following configuration steps use Ethernet VLAN over MPLS, which is configured in subinterface configuration mode. See Any Transport over MPLS to determine how to configure the xconnect command for other transport types.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    interface gigabitethernet slot / subslot / interface . subinterface


4.    encapsulation dot1q vlan-id


5.    xconnect peer-router-id vcid {encapsulation mpls| pw-class pw-class-name}


6.    backup peer peer-router-ip-addr vcid [pw-class pw-class-name]


7.    backup delay e nable-delay {disable-delay | never}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	interface gigabitethernet slot / subslot / interface . subinterface Example: Router(config)# interface gigabitethernet0/0/0.1	Specifies the Gigabit Ethernet subinterface and enters subinterface configuration mode. Make sure that the subinterface on the adjoining CE router is on the same VLAN as this PE router.
Step 4	encapsulation dot1q vlan-id Example: Router(config-subif)# encapsulation dot1q 100	Enables the subinterface to accept 802.1Q VLAN packets. The subinterfaces between the CE and PE routers that are running Ethernet over MPLS must be in the same subnet. All other subinterfaces and backbone routers do not.
Step 5	xconnect peer-router-id vcid {encapsulation mpls| pw-class pw-class-name} Example: Router(config-subif)# xconnect 10.0.0.1 123 pw-class atom	Binds the attachment circuit to a pseudowire VC. The syntax for this command is the same as for all other Layer 2 transports. Enters xconnect configuration mode.
Step 6	backup peer peer-router-ip-addr vcid [pw-class pw-class-name] Example: Router(config-if-xconn)# backup peer 10.0.0.3 125 pw-class atom	Specifies a redundant peer for the pseudowire VC. The pseudowire class name must match the name you specified when you created the pseudowire class, but you can use a different pw-class in the backup peer command than the name that you used in the primary xconnect command.
Step 7	backup delay e nable-delay {disable-delay | never} Example: Router(config-if-xconn)# backup delay 5 never	Specifies how long (in seconds) the backup pseudowire VC should wait to take over after the primary pseudowire VC goes down. The range is 0 to 180. Specifies how long the primary pseudowire should wait after it becomes active to take over for the backup pseudowire VC. The range is 0 to 180 seconds. If you specify the never keyword, the primary pseudowire VC never takes over for the backup.

Configuring Xconnect as a Client of BFD

Perform this task to configure a trigger for redundant pseudowire switchover.

SUMMARY STEPS

1.    enable


2.    configure terminal


3.    pseudowire-class mpls-ffd


• Enters pseudowire class configuration mode.

4.    encapsulation mpls


5.    monitor peer bfd [local interface interface-type interface-number]

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Device> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: Device# configure terminal	Enters global configuration mode.
Step 3	pseudowire-class mpls-ffd Enters pseudowire class configuration mode. Example: Device(config)# pseudowire-class mpls-ffd	Establishes a pseudowire class for MPLS fast-failure detection.
Step 4	encapsulation mpls Example: Device(config-pw-class)# encapsulation mpls	Specifies the tunneling encapsulation to be MPLS.
Step 5	monitor peer bfd [local interface interface-type interface-number] Example: Device(config-pw-class)# monitor peer bfd local interface loopback 0	Enables the pseudowire fast-failure detection capability.

Forcing a Manual Switchover to the Backup Pseudowire VC

To force the router switch over to the backup or primary pseudowire, you can enter the xconnect backup force switchover command in privileged EXEC mode. You can specify either the interface of the primary attachment circuit (AC) to switch to or the IP-address and VC ID of the peer router.

A manual switchover can be made only if the interface or peer specified in the command is actually available and the xconnect will move to the fully active state when the command is entered.

SUMMARY STEPS

1.    enable


2.    xconnect backup force-switchover { interface interface-info | peer ip-address vcid}

DETAILED STEPS

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	xconnect backup force-switchover { interface interface-info | peer ip-address vcid} Example: Router# xconnect backup force-switchover peer 10.10.10.1 123	Specifies that the router should switch to the backup or to the primary pseudowire.

Verifying the L2VPN Pseudowire Redundancy Configuration

Use the following commands to verify that the L2VPN Pseudowire Redundancy feature is correctly configured.

SUMMARY STEPS

1.    show mpls l2transport vc


2.    show xconnect all


3.    xconnect logging redundancy

DETAILED STEPS

---

Step 1	show mpls l2transport vc In this example, the primary attachment circuit is up. The backup attachment circuit is available, but not currently selected. The show output displays as follows: Example: Router# show mpls l2transport vc Local intf Local circuit Dest address VC ID Status ------------- ----------------------- --------------- ---------- ---------- Et0/0.1 Eth VLAN 101 10.0.0.2 101 UP Et0/0.1 Eth VLAN 101 10.0.0.3 201 DOWN Router# show mpls l2transport vc detail Local interface: Et0/0.1 up, line protocol up, Eth VLAN 101 up Destination address 10.0.0.2 VC ID: 101, VC status UP . . . Local interface: Et0/0.1 down, line protocol down, Eth VLAN 101 down Destination address 10.0.0.3 VC ID: 201, VC status down . . .
Step 2	show xconnect all In this example, the topology is Attachment Circuit 1 to Pseudowire 1 with a Pseudowire 2 as a backup: Example: Router# show xconnect all Legend: XC ST=Xconnect State, S1=Segment1 State, S2=Segment2 State UP=Up, DN=Down, AD=Admin Down, IA=Inactive, NH=No Hardware XC ST Segment 1 S1 Segment 2 S2 ------+---------------------------------+--+---------------------------------+-- UP pri ac Et0/0(Ethernet) UP mpls 10.55.55.2:1000 UP IA sec ac Et0/0(Ethernet) UP mpls 10.55.55.3:1001 DN In this example, the topology is Attachment Circuit 1 to Attachment Circuit 2 with a Pseudowire backup for Attachment Circuit 2: Example: Router# show xconnect all Legend: XC ST=Xconnect State, S1=Segment1 State, S2=Segment2 State UP=Up, DN=Down, AD=Admin Down, IA=Inactive, NH=No Hardware XC ST Segment 1 S1 Segment 2 S2 ------+---------------------------------+--+---------------------------------+-- UP pri ac Se6/0:150(FR DLCI) UP ac Se8/0:150(FR DLCI) UP IA sec ac Se6/0:150(FR DLCI) UP mpls 10.55.55.3:7151 DN
Step 3	xconnect logging redundancy In addition to the show mpls l2transport vccommand and the show xconnect command, you can use the xconnect logging redundancy command to track the status of the xconnect redundancy group: Example: Router(config)# xconnect logging redundancy When this command is configured, the following messages will be generated during switchover events: Activating the primary member: Example: 00:01:07: %XCONNECT-5-REDUNDANCY: Activating primary member 10.55.55.2:1000 Activating the backup member: Example: 00:01:05: %XCONNECT-5-REDUNDANCY: Activating secondary member 10.55.55.3:1001

---

Configuration Examples for L2VPN Pseudowire Redundancy

Each of the configuration examples refers to one of the following pseudowire classes:

• AToM (like-to-like) pseudowire class:

pseudowire-class mpls
 encapsulation mpls

• L2VPN IP interworking:

pseudowire-class mpls-ip
 encapsulation mpls
 interworking ip

• L2VPN Pseudowire Redundancy and AToM Like to Like Examples
• L2VPN Pseudowire Redundancy and L2VPN Interworking Examples
• L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples

L2VPN Pseudowire Redundancy and AToM Like to Like Examples

The following example shows a High-Level Data Link Control (HDLC) attachment circuit xconnect with a backup pseudowire:

interface Serial4/0
 xconnect 10.55.55.2 4000 pw-class mpls
 backup peer 10.55.55.3 4001 pw-class mpls

The following example shows a Frame Relay attachment circuit xconnect with a backup pseudowire:

connect fr-fr-pw Serial6/0 225 l2transport
 xconnect 10.55.55.2 5225 pw-class mpls
 backup peer 10.55.55.3 5226 pw-class mpls

L2VPN Pseudowire Redundancy and L2VPN Interworking Examples

The following example shows an Ethernet attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Ethernet0/0
 xconnect 10.55.55.2 1000 pw-class mpls-ip
 backup peer 10.55.55.3 1001 pw-class mpls-ip

The following example shows an Ethernet VLAN attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Ethernet1/0.1
 encapsulation dot1Q 200
 no ip directed-broadcast
 xconnect 10.55.55.2 5200 pw-class mpls-ip
 backup peer 10.55.55.3 5201 pw-class mpls-ip

The following example shows a Frame Relay attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

connect fr-ppp-pw Serial6/0 250 l2transport
 xconnect 10.55.55.2 8250 pw-class mpls-ip
 backup peer 10.55.55.3 8251 pw-class mpls-ip

The following example shows a PPP attachment circuit xconnect with L2VPN IP interworking and a backup pseudowire:

interface Serial7/0
 encapsulation ppp
 xconnect 10.55.55.2 2175 pw-class mpls-ip
 backup peer 10.55.55.3 2176 pw-class mpls-ip

L2VPN Pseudowire Redundancy with Layer 2 Local Switching Examples

The following example shows an Ethernet VLAN-VLAN local switching xconnect with a pseudowire backup for Ethernet segment E2/0.2. If the subinterface associated with E2/0.2 goes down, the backup pseudowire is activated.

connect vlan-vlan Ethernet1/0.2 Ethernet2/0.2
 backup peer 10.55.55.3 1101 pw-class mpls

The following example shows a Frame Relay-to-Frame Relay local switching connect with a pseudowire backup for Frame Relay segment S8/0 150. If data-link connection identifier (DLCI) 150 on S8/0 goes down, the backup pseudowire is activated.

connect fr-fr-ls Serial6/0 150 Serial8/0 150
 backup peer 10.55.55.3 7151 pw-class mpls

Additional References

Related Documents

Related Topic	Document Title
Any Transport over MPLS	Any Transport over MPLS
High Availability for AToM	AToM Graceful Restart
L2VPN Interworking	L2VPN Interworking
Layer 2 local switching	Layer 2 Local Switching
PWE3 MIB	Pseudowire Emulation Edge-to-Edge MIBs for Ethernet and Frame Relay Services
Packet sequencing	Any Transport over MPLS (AToM) Sequencing Support
BFD configuration	IP Routing BFD Configuration Guide

Standards

Standards	Title
None	--

MIBs

MIBs	MIBs Link
None	To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http:/​/​www.cisco.com/​go/​mibs

RFCs

RFCs	Title
None	--

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http:/​/​www.cisco.com/​techsupport

Feature Information for L2VPN Pseudowire Redundancy

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Table 1 Feature Information for L2VPN Pseudowire Redundancy

Feature Name	Releases	Feature Information
L2VPN Pseudowire Redundancy	12.0(31)S 12.2(28)SB 12.2(22)SXI 12.2(33)SRB 12.4(11)T 15.0(1)S	This feature enables you to set up your network to detect a failure in the network and reroute the Layer 2 service to another endpoint that can continue to provide service. In Cisco IOS Release 12.0(31)S, the L2VPN Pseudowire Redundancy feature was introduced for Any Transport over MPLS (AToM) on the Cisco 12000 series routers. This feature was integrated into Cisco IOS Release 12.2(28)SB. This feature was integrated into Cisco IOS Release 12.4(11)T. This feature was integrated into Cisco IOS Release 12.2(33)SRB. This feature was integrated into Cisco IOS Release 12.2(33)SXI. The following commands were introduced or modified: backup delay (L2VPN local switching), backup peer, show xconnect, xconnect backup force-switchover, xconnect logging redundancy.
L2VPN Pseudowire Redundancy for L2TPv3	12.2(33)SRE 15.0(1)S	This feature provides L2VPN pseudowire redundancy for L2TPv3 xconnect configurations. In Cisco IOS Release 12.2(33)SRE, this feature was implemented on the Cisco 7600 series routers.
Xconnect as a Client of BFD	15.1(3)S	This feature provides fast-failure detection for L2VPN pseudowire redundancy. The following command was introduced: monitor peer bfd.
Resilient Pseudowire (RPW): PW Fast Recovery	15.2(1)S	This feature was integrated into Cisco IOS Release 15.2(1)S. The following commands were introduced or modified: aps hspw-icrm-grp , show hspw-aps-icrm.