L2VPN Pseudowire Switching

Last Updated: November 29, 2011

This feature module explains how to configure L2VPN Pseudowire Switching, which extends layer 2 virtual private network (L2VPN) pseudowires across an interautonomous system (inter-AS) boundary or across two separate multiprotocol label switching (MPLS) networks.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for L2VPN Pseudowire Switching

  • In Cisco IOS XE Release 2.4, Pseudowire Switching is supported on Ethernet over MPLS attachment circuits.
  • L2VPN Pseudowire Switching is supported with AToM.
  • Only static, on-box provisioning is supported.
  • Sequencing numbers in AToM packets are not processed by L2VPN Pseudowire Switching. The feature blindly passes the sequencing data through the xconnect packet paths, a process that is called transparent sequencing. The endpoint PE-CE connections enforce the sequencing.
  • You can ping the adjacent next-hop PE router. End-to-end LSP pings are not supported.
  • Do not configure IP or Ethernet interworking on a router where L2VPN Pseudowire Switching is enabled. Instead, configure interworking on the routers at the edge PEs of the network.
  • The control word negotiation results must match. If either segment does not negotiate the control word, the control word is disabled for both segments.
  • AToM Graceful Restart is negotiated independently on each pseudowire segment. If there is a transient loss of the LDP session between two AToM PE routers, packets continue to flow.
  • Per-pseudowire quality of service (QoS) is not supported. Traffic Engineering (TE) tunnel selection is supported.
  • Attachment circuit interworking is not supported.

Information About L2VPN Pseudowire Switching

How L2VPN Pseudowire Switching Works

L2VPN Pseudowire Switching allows the user to extend L2VPN pseudowires across an inter-AS boundary or across two separate MPLS networks, as shown in the figures below. L2VPN Pseudowire Switching connects two or more contiguous pseudowire segments to form an end-to-end multihop pseudowire. This end-to-end pseudowire functions as a single point-to-point pseudowire.

As shown in the second figure below, L2VPN Pseudowire Switching enables you to keep the IP addresses of the edge PE routers private across inter-AS boundaries. You can use the IP address of the autonomous system boundary routers (ASBRs) and treat them as pseudowire aggregation (PE-agg) routers. The ASBRs join the pseudowires of the two domains.

L2VPN Pseudowire Switching also enables you to keep different administrative or provisioning domains to manage the end-to-end service. At the boundaries of these networks, PE-agg routers delineate the management responsibilities.

Figure 1 L2VPN Pseudowire Switching in an Intra-AS Topology


Figure 2 L2VPN Pseudowire Switching in an Inter-AS Topology


How Packets Are Manipulated at the Aggregation Point

Switching AToM packets between two AToM pseudowires is the same as switching any MPLS packet. The MPLS switching data path switches AToM packets between two AToM pseudowires. The following list explains exceptions:

  • The outgoing virtual circuit (VC) label replaces the incoming VC label in the packet. New Internal Gateway Protocol (IGP) labels and Layer 2 encapsulation are added.
  • The incoming VC label time-to-live (TTL) field is decremented by one and copied to the outgoing VC label TTL field.
  • The incoming VC label EXP value is copied to the outgoing VC label EXP field.
  • The outgoing VC label 'Bottom of Stack' S bit in the outgoing VC label is set to1.
  • AToM control word processing is not performed at the L2VPN Pseudowire Switching aggregation point. Sequence numbers are not validated. Use the Router Alert label for LSP Ping; do not require control word inspection to determine an LSP Ping packet.

How to Configure L2VPN Pseudowire Switching

Configuring

Use the following procedure to configure L2VPN Pseudowire Switching on each of the PE-agg routers.

Before You Begin
  • This procedure assumes that you have configured basic AToM L2VPNs. This procedure does not explain how to configure basic AToM L2VPNs that transport Layer 2 packets over an MPLS backbone. For information on the basic configuration, see Any Transport over MPLS.
  • For inter-Autonomous configurations, ASBRs require a labeled interface.

Note

In this configuration, you are limited to two neighborcommands after entering the l2 vficommand.

>

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    l2 vfi name point-to-point

4.    neighbor ip-address vcid encapsulation mpls | pw-class pw-class-name

5.    exit

6.    exit

7.    show mpls l2transport vc [vcid [vc-id | [vc-id-min vc-id-max]] [interface name[local-circuit-id]] [destination ip-address | name] [detail]

8.    show vfi [vfi-name]

9.    ping [protocol] [tag] {host-name| system-address}


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
l2 vfi name point-to-point


Example:

Router(config)# l2 vfi atomtunnel point-to-point

 

Creates a point-to-point Layer 2 virtual forwarding interface (VFI) and enters VFI configuration mode.

 
Step 4
neighbor ip-address vcid encapsulation mpls | pw-class pw-class-name


Example:

Router(config-vfi)# neighbor 10.0.0.1 100 pw-class mpls

 

Sets up an emulated VC. Specify the IP address and the VC ID of the remote router. Also specify the pseudowire class to use for the emulated VC.

Note    Only two neighborcommands are allowed for each l2 vfi point-to-point command.
 
Step 5
exit


Example:

Router(config-vfi)# exit

 

Exits VFI configuration mode.

 
Step 6
exit


Example:

Router(config)# exit

 

Exits global configuration mode.

 
Step 7
show mpls l2transport vc [vcid [vc-id | [vc-id-min vc-id-max]] [interface name[local-circuit-id]] [destination ip-address | name] [detail]


Example:

Router# show mpls l2transport vc

 

Verifies that the L2VPN Pseudowire Switching session has been established.

 
Step 8
show vfi [vfi-name]


Example:

Router# show vfi atomtunnel

 

Verifies that a point-to-point VFI has been established.

 
Step 9
ping [protocol] [tag] {host-name| system-address}


Example:

Router# ping 10.1.1.1

 

When issued from the CE routers, this command verifies end-to-end connectivity.

 

Examples

The following example displays the output of the show mpls l2transport vc command: 

Router# show mpls l2transport vc
Local intf     Local circuit              Dest address    VC ID Status   
-------------  -------------------------- --------------- ----- ---- 
MPLS PW        10.0.1.1:100               10.0.1.1        100   UP 
MPLS PW        10.0.1.1:100               10.0.1.1        100   UP

The following example displays the output of the show vficommand: 

Router# show vfi
VFI name: test, type: point-to-point
 Neighbors connected via pseudowires:
   Router ID        Pseudowire ID
   10.0.1.1         100      
   10.0.1.1         100

Configuration Examples for L2VPN Pseudowire Switching

L2VPN Pseudowire Switching in an Inter-AS Configuration Example

Two separate autonomous systems are able to pass L2VPN packets, because the two PE-agg routers have been configured with L2VPN Pseudowire Switching. This example configuration is shown in the figure below.

Figure 3 L2VPN Pseudowire Switching in an InterAutonomous System


CE1

CE2 

version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname [ce1]
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$o9N6$LSrxHufTn0vjCY0nW8hQX.
!
ip subnet-zero
ip cef
no ip domain-lookup
!
interface FastEthernet0/0/0
 ip address 10.0.0.1 255.255.255.252
 no ip directed-broadcast
!
ip classless
!
control-plane
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 login
!
no cns aaa enable
end
 
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname [ce2]
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$YHo6$LQ4z5PdrF5B9dnL75Xvvm1
!
ip subnet-zero
ip cef
no ip domain-lookup
!
interface FastEthernet0/0/0
 ip address 10.0.0.2 255.255.255.252
 no ip directed-broadcast
!
ip classless
!
control-plane
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 login
!
no cns aaa enable
end

Additional References

The following sections provide references related to L2VPN Pseudowire Switching.

Related Documents

Related Topic

Document Title

Description of commands associated with MPLS and MPLS applications

Cisco IOS Multiprotocol Label Switching Command Reference

Any Transport over MPLS

Any Transport over MPLS

Pseudowire redundancy

L2VPN Pseudowire Redundancy

High availability for AToM

AToM Graceful Restart

L2VPN interworking

L2VPN Interworking

Layer 2 local switching

Layer 2 Local Switching

PWE3 MIB

Pseudowire Emulation Edge-to-Edge MIBs for Ethernet and Frame Relay Services

Packet sequencing

Any Transport over MPLS (AToM) Sequencing Support

Standards

Standard

Title

draft-ietf-pwe3-control-protocol-14.txt

Pseudowire Setup and Maintenance using LDP

draft-martini-pwe3-pw-switching-01.txt

Pseudo Wire Switching

MIBs

MIB

MIBs Link

  • CISCO-IETF-PW-MIB
  • CISCO-IETF-PW-MPLS-MIB
  • CISCO-IETF-PW-ENET-MIB
  • CISCO-IETF-PW-FR-MIB

To locate and download MIBs for selected platforms, Cisco IOS XE software releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFCs

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

--

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport

Feature Information for L2VPN Pseudowire Switching

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1 Feature Information for L2VPN Pseudowire Switching

Feature Name

Releases

Feature Information

L2VPN Pseudowire Switching

Cisco IOS XE Release 2.4

The L2VPN Pseudowire Switching feature extends layer 2 virtual private network (L2VPN) pseudowires across an interautonomous system (inter-AS) boundary or across two separate multiprotocol label switching (MPLS) networks.

In Cisco IOS XE Release 2.4, The L2VPN Pseudowire Switching feature is supported with Ethernet over MPLS.

The following commands were introduced or modified: l2 vfi point-to-point, neighbor(L2VPN Pseudowire Switching), show vfi.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2011 Cisco Systems, Inc. All rights reserved.