Date created: Monday, September 15, 2014 1:04:58 PM. Last modified: Monday, September 15, 2014 1:16:57 PM

Basic L2TPv3 config with L2 loop

A basic L2TPv3 tunnel configuration between two customer sites with a loop present because the CPEs do not control the forwarding path. An intelligent switch instead of a "dumb" L2 GNS3 simulation switch should work. Side Note: GNS3 isn't the best at simulating a loop, it wasn't looping traffic (not even CDP frames) until I sent several ICMP pings and then it seemed to realise there was a loop (some L2 logic presumably wasn't working correctly) as duplicate ping requests and responses started showing in Wireshark and many CDP frames etc.

hostname CPE1
!
ip vrf cust1-lan1
 rd 192.168.1.1:1
 route-target export 1:1
 route-target import 1:1
!
ip vrf l2tpv3-lan
 rd 65005:5
 route-target export 5:5
 route-target import 5:5
!
pseudowire-class L2TPv3-pwclass
 encapsulation l2tpv3
 interworking ethernet
 ip local interface FastEthernet0/0
!
interface Loopback1
 ip vrf forwarding cust1-lan1
 ip address 192.168.0.1 255.255.255.255
!
interface FastEthernet0/0
 description Link to WAN
 ip address 192.168.100.1 255.255.255.252
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.1 255.255.255.252
!
interface FastEthernet1/0
 description Link to Switch
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no keepalive
 xconnect 192.168.100.10 12320 encapsulation l2tpv3 pw-class L2TPv3-pwclass
!
router bgp 65005
 bgp router-id vrf auto-assign
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 192.168.100.2 remote-as 65000
 !
 address-family ipv4
  redistribute connected
  neighbor 192.168.100.2 activate
  neighbor 192.168.100.2 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-lan1
  bgp router-id auto-assign
  redistribute connected
  neighbor 192.168.1.2 remote-as 65000
  neighbor 192.168.1.2 activate
  neighbor 192.168.1.2 next-hop-self
 exit-address-family

hostname CPE2
!
ip vrf cust1-lan1
 rd 192.168.1.5:1
 route-target export 1:1
 route-target import 1:1
!
ip vrf l2tpv3-lan
 rd 65005:5
 route-target export 5:5
 route-target import 5:5
!
pseudowire-class L2TPv3-pwclass
 encapsulation l2tpv3
 interworking ethernet
 ip local interface FastEthernet0/1
!
interface Loopback1
 ip vrf forwarding cust1-lan1
 ip address 192.168.0.2 255.255.255.255
!
interface FastEthernet0/1
 description Link to R3
 ip address 192.168.100.5 255.255.255.252
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.5 255.255.255.252
!
interface FastEthernet1/0
 description Link to Switch port 2
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 speed auto
 duplex auto
 no keepalive
 xconnect 192.168.100.10 22320 encapsulation l2tpv3 pw-class L2TPv3-pwclass
!
router bgp 65005
 bgp router-id vrf auto-assign
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 192.168.100.6 remote-as 65000
 !
 address-family ipv4
  neighbor 192.168.100.6 activate
  neighbor 192.168.100.6 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-lan1
  bgp router-id auto-assign
  network 192.168.0.2 mask 255.255.255.255
  redistribute connected
  neighbor 192.168.1.6 remote-as 65000
  neighbor 192.168.1.6 activate
  neighbor 192.168.1.6 next-hop-self
 exit-address-family

hostname CPE3
!
ip vrf cust1-lan1
 rd 192.168.1.10:1
 route-target export 1:1
 route-target import 1:1
!
ip vrf l2tpv3-lan
 rd 65005:5
 route-target export 5:5
 route-target import 5:5
!
pseudowire-class L2TPv3-pwclass
 encapsulation l2tpv3
 interworking ethernet
 ip local interface FastEthernet0/0
!
interface Loopback1
 ip vrf forwarding cust1-lan1
 ip address 192.168.0.3 255.255.255.255
!
interface FastEthernet0/0
 description Link to WAN
 ip address 192.168.100.10 255.255.255.252
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.10 255.255.255.252
!
interface FastEthernet1/0
 description Link to Switch port 1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no keepalive
 xconnect 192.168.100.1 12320 encapsulation l2tpv3 pw-class L2TPv3-pwclass
!
interface FastEthernet1/1
 description Link to Switch port 2
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no keepalive
 xconnect 192.168.100.5 22320 encapsulation l2tpv3 pw-class L2TPv3-pwclass
!
router bgp 65005
 bgp router-id vrf auto-assign
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 192.168.100.9 remote-as 65000
 !
 address-family ipv4
  redistribute connected
  neighbor 192.168.100.9 activate
  neighbor 192.168.100.9 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-lan1
  redistribute connected
  neighbor 192.168.1.9 remote-as 65000
  neighbor 192.168.1.9 activate
  neighbor 192.168.1.9 next-hop-self
 exit-address-family

hostname PE1
!
ip vrf cust1-l2
 rd 10.0.0.1:2
 route-target export 65005:2
 route-target import 65005:2
!
ip vrf cust1-lan1
 rd 10.0.0.1:1
 route-target export 65005:1
 route-target import 65005:1
!
interface Loopback0
 ip address 10.0.0.1 255.255.255.255
!
interface FastEthernet0/0
 description link to R1
 ip vrf forwarding cust1-l2
 ip address 192.168.100.2 255.255.255.252
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.2 255.255.255.252
!
interface FastEthernet0/1
 description Linkt to R2
 ip vrf forwarding cust1-l2
 ip address 192.168.100.6 255.255.255.252
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.6 255.255.255.252
!
interface FastEthernet1/0
 description Link to R5
 ip address 10.0.35.3 255.255.255.0
 ip ospf 1 area 0
 mpls ip
!
router ospf 1
 router-id 10.0.0.1
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.0.0.1 0.0.0.0 area 0
!
router bgp 65000
 bgp router-id 10.0.0.1
 bgp log-neighbor-changes
 neighbor 10.0.0.2 remote-as 65000
 neighbor 10.0.0.2 update-source Loopback0
 !
 address-family vpnv4
  neighbor 10.0.0.2 activate
  neighbor 10.0.0.2 send-community extended
  neighbor 10.0.0.2 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-l2
  redistribute connected
  neighbor 192.168.100.1 remote-as 65005
  neighbor 192.168.100.1 activate
  neighbor 192.168.100.1 next-hop-self
  neighbor 192.168.100.5 remote-as 65005
  neighbor 192.168.100.5 activate
  neighbor 192.168.100.5 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-lan1
  network 0.0.0.0
  redistribute connected
  neighbor 192.168.1.1 remote-as 65005
  neighbor 192.168.1.1 activate
  neighbor 192.168.1.1 next-hop-self
  neighbor 192.168.1.5 remote-as 65005
  neighbor 192.168.1.5 activate
  neighbor 192.168.1.5 next-hop-self
  default-information originate
 exit-address-family

hostname PE2
!
ip vrf cust1-l2
 rd 10.0.0.2:2
 route-target export 65005:2
 route-target import 65005:2
!
ip vrf cust1-lan1
 rd 10.0.0.2:1
 route-target export 65005:1
 route-target import 65005:1
!
interface Loopback0
 ip address 10.0.0.2 255.255.255.255
!
interface FastEthernet0/0
 description Link to R4
 ip vrf forwarding cust1-l2
 ip address 192.168.100.9 255.255.255.252
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip vrf forwarding cust1-lan1
 ip address 192.168.1.9 255.255.255.252
!
interface FastEthernet1/0
 description Link to R3
 ip address 10.0.35.5 255.255.255.0
 ip ospf 1 area 0
 mpls ip
!
router ospf 1
 router-id 10.0.0.2
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.0.0.2 0.0.0.0 area 0
!
router bgp 65000
 bgp router-id 10.0.0.2
 bgp log-neighbor-changes
 neighbor 10.0.0.1 remote-as 65000
 neighbor 10.0.0.1 update-source Loopback0
 !
 address-family ipv4
  neighbor 10.0.0.1 activate
 exit-address-family
 !
 address-family vpnv4
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 send-community extended
  neighbor 10.0.0.1 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-l2
  redistribute connected
  neighbor 192.168.100.10 remote-as 65005
  neighbor 192.168.100.10 activate
  neighbor 192.168.100.10 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf cust1-lan1
  redistribute connected
  neighbor 192.168.1.10 remote-as 65005
  neighbor 192.168.1.10 activate
  neighbor 192.168.1.10 next-hop-self
 exit-address-family

hostname T1
!
interface FastEthernet0/0
 ip address 192.168.5.4 255.255.255.0

hostname T2
!
interface FastEthernet0/0
 ip address 192.168.5.5 255.255.255.0

^ Top

Previous page: Basic IPSEC Tunnel
Next page: GREoIPSECoGRE