[j-nsp] VPLS issue...
Derick Winkworth
We have a two site VPLS setup using virtual-switches. Site "A" has an IRB in
the bridge-domain in the virtual-switch configuration. All is good when the two
PEs have a BGP session and the LSPs are up between the two PEs.
However, when Site "B" becomes unreachable, then the IRB and local interface at
site "A" go down and the customer can no longer route out using the IRB. I need
this irb and the local interface to stay up so Site A can still route out the
IRB even if Site "B" goes down...
I tried the "connectivity-type irb" knob, but it doesn't help.
Running 10.0S8 on MX240s...
Any thoughts?
_______________________________________________
juniper-nsp mailing list junip...@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Derick Winkworth
----- Forwarded Message ----
From: Derick Winkworth <dwink...@att.net>
To: Daniel Hilj <danie...@ipnett.se>
Sent: Thu, October 21, 2010 1:24:12 PM
Subject: Re: [j-nsp] VPLS issue...
I need the local interface to remain up too.
________________________________
From: Daniel Hilj <danie...@ipnett.se>
To: Derick Winkworth <dwink...@att.net>
Sent: Thu, October 21, 2010 11:26:49 AM
Subject: Re: [j-nsp] VPLS issue...
Hi,
To get around the fact of not having a local interface UP that you need for the
IRB to be UP you can configure an lt-interface and add it to you instance.
Best Regards/Med vänliga hälsningar
Daniel Hilj
Derick Winkworth
there is no clean way to keep a local interface up in a virtual-switch instance
if you lose connectivity to the remote peer, even if you have an irb configured
locally. Surely I am missing something, or Juniper needs to add the ability to
keep a local interface up even if there are no PE BGP peers established.
The hack we came up with was to run two trunks from our access switches, one for
layer2 and one for layer3.
-----------------
Derick Winkworth
I found three ways to keep the local interface up so it can hit the irb
interface even if all remote PEs for the VPLS instance are lost:
1. Use two physical ports to the PE from the CE, one for VPLS and one for L3.
You could put a switch in front of your PE to accomplish this. I think this is
the cleanest way.
2. Plug a cable into two ports on the same PE (both ends of cable going into
same box). Build a bridge-group for the VLAN. Put one end of the cable into
the bridge group. In the same bridge-group put the VLAN coming in from the CE.
The other end of the cable put into the VPLS switch instance. Traffic coming
from CE will be bridged to the one end of the cable then come back around into
the VPLS instance. The irb interface is specified in the bridge-group. The irb
interface can exist in any routing-instance.
3. Make an lt-x/x/x interface pair. Build a bridge-group for the VLAN, put the
VLAN coming from the CE into the bridge-group. Put one of the lt interfaces
into the bridge group. This lt interface should be "encapsulation vlan". The
other lt interface should be "encapsulation vlan-vpls" and put this into the
VPLS instance. The irb interface is specified in the bridge-group. The irb
interface can exist in any routing-instance.