Date created: Wednesday, August 26, 2015 10:32:47 AM. Last modified: Wednesday, March 28, 2018 4:51:21 PM
L2TPv3 Port-Based Xconnect
Testing port-based xconnect with L2TPv3, it can be seen that both tagged and untagged frames are transported including L2 PDUs for spanning-tree and CDP frames (initially CE1 was connected to PE1 and CE2 to PE2).
! CE1 interface FastEthernet0/0 description Link to PE1 ip address 192.168.0.1 255.255.255.252 interface FastEthernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.252 interface FastEthernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.252 ! PE1 pseudowire-class L2TPv3 encapsulation l2tpv3 ip local interface FastEthernet0/1 interface FastEthernet0/0 description Link to CE1 no ip address xconnect 192.0.2.2 123 pw-class L2TPv3 interface FastEthernet0/1 description Link to PE2 ip address 192.0.2.1 255.255.255.252 ! PE2 pseudowire-class L2TPv3 encapsulation l2tpv3 ip local interface FastEthernet0/1 interface FastEthernet0/0 description Link to CE2 no ip address xconnect 192.0.2.1 123 pw-class L2TPv3 interface FastEthernet0/1 description Link to PE1 ip address 192.0.2.2 255.255.255.252 ! CE2 interface FastEthernet0/0 description Link to PE2 ip address 192.168.0.2 255.255.255.252 interface FastEthernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.2 255.255.255.252 interface FastEthernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.2 255.255.255.252 CE1#ping 192.168.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 36/48/64 ms CE1#ping 192.168.10.2 repeat 1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds: . Success rate is 0 percent (0/1) CE1#ping 192.168.10.2 repeat 1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds: !
Pringing from CE1 to CE2 in a dot1q tagged sub-interface on VLAN 10. These are the raw packet captures from wireshark as it doesn't display the packet properly in the GUI:
! CE1 original ping request to CE2 (192.168.10.1->192.168.10.2) transmitted to PE1 ca 04 15 a4 00 08 ca 03 17 d0 00 08 81 00 00 14 08 00 45 00 00 64 00 0e 00 00 ff 01 12 37 c0 a8 14 01 c0 a8 14 02 08 00 c7 e6 00 0a 00 00 00 00 00 00 00 09 b6 50 ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ! PE1 L2TP encapsulated ping request frame being sent to PE2 ca 02 03 d0 00 06 ca 01 11 10 00 06 08 00 45 00 00 8e 00 37 00 00 fe 73 37 c2 c0 00 02 01 c0 00 02 02 7e 1e e4 22 ca 04 15 a4 00 08 ca 03 17 d0 00 08 81 00 00 14 08 00 45 00 00 64 00 0d 00 00 ff 01 12 38 c0 a8 14 01 c0 a8 14 02 08 00 57 19 00 09 00 00 00 00 00 00 00 08 27 20 ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ! The first part is the PE1 overhead ca 02 03 d0 00 06 ca 01 11 10 00 06 08 00 45 00 00 8e 00 37 00 00 fe 73 37 c2 c0 00 02 01 c0 00 02 02 7e 1e e4 22 ! The second part is the original ping request receives from CE1 ca 04 15 a4 00 08 ca 03 17 d0 00 08 81 00 00 14 08 00 45 00 00 64 00 0d 00 00 ff 01 12 38 c0 a8 14 01 c0 a8 14 02 08 00 57 19 00 09 00 00 00 00 00 00 00 08 27 20 ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd
Now with SW1 connected to PE1 and SW2 connected to PE2 we can see that L2CPs are forwarded over the port based pseudowire:
SW1#show spanning-tree vlan 10
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc05.1328.0001
Configured hello time 1, max age 6, forward delay 4
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Number of topology changes 1 last change occurred 00:08:57 ago
from FastEthernet1/0
Times: hold 1, topology change 10, notification 1
hello 1, max age 6, forward delay 4
Timers: hello 0, topology change 0, notification 0, aging 300
Port 41 (FastEthernet1/0) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.41.
Designated root has priority 32768, address cc05.1328.0001
Designated bridge has priority 32768, address cc05.1328.0001
Designated port id is 128.41, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 545, received 0
SW2#show spanning-tree vlan 10
VLAN10 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc06.17ec.0001
Configured hello time 1, max age 6, forward delay 4
Current root has priority 32768, address cc05.1328.0001
Root port is 41 (FastEthernet1/0), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 0 last change occurred 00:00:42 ago
Times: hold 1, topology change 10, notification 1
hello 1, max age 6, forward delay 4
Timers: hello 0, topology change 0, notification 0, aging 300
Port 41 (FastEthernet1/0) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.41.
Designated root has priority 32768, address cc05.1328.0001
Designated bridge has priority 32768, address cc05.1328.0001
Designated port id is 128.41, designated path cost 0
Timers: message age 1, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 0, received 42
SW2#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
PE2 Fas 1/0 158 R 7206VXR Fas 0/0
SW1 Fas 1/0 154 R S I 3660 Fas 1/0
The below packet captures show the VLAN 10 BPDUS
! SW1 original ST BPDU sent to SW2, transmitted to PE1 01 00 0c cc cc cd cc 05 13 28 f1 00 81 00 00 0a 00 32 aa aa 03 00 00 0c 01 0b 00 00 00 00 00 80 00 cc 05 13 28 00 01 00 00 00 00 80 00 cc 05 13 28 00 01 80 29 00 00 06 00 01 00 04 00 00 00 00 00 02 00 0a ! PE1 L2TP encapsulated BPDU transmitted to PE2 ca 02 03 d0 00 06 ca 01 11 10 00 06 08 00 45 00 00 5c 07 1f 00 00 fe 73 31 0c c0 00 02 01 c0 00 02 02 32 f8 c9 5d 01 00 0c cc cc cd cc 05 13 28 f1 00 81 00 00 0a 00 32 aa aa 03 00 00 0c 01 0b 00 00 00 00 00 80 00 cc 05 13 28 00 01 00 00 00 00 80 00 cc 05 13 28 00 01 80 29 00 00 06 00 01 00 04 00 00 00 00 00 02 00 0a
Output from PE1 showing L2TPv3 xconnect/tunnel info
PE1#show xconnect all detail
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware
XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Fa0/0(Ethernet) UP l2tp 192.0.2.2:123 UP
Interworking: none Session ID: 3255406499
Tunnel ID: 1083768332
Protocol State: UP
Remote Circuit State: UP
pw-class: L2TPv3
PE1#show l2tp
L2TP Tunnel and Session Information Total tunnels 1 sessions 1
LocTunID RemTunID Remote Name State Remote Address Sessn L2TP Class/
Count VPDN Group
1083768332 1688674825 PE2 est 192.0.2.2 1 l2tp_default_cl
LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
3255406499 855165277 1083768332 123, Fa0/0 est 00:33:03 1
PE1#show l2tp tunnel all id 1083768332
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 1083768332 is up, remote id is 1688674825, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 00:33:33
Tunnel transport is IP (115)
Remote tunnel name is PE2
Internet Address 192.0.2.2, port 0
Local tunnel name is PE1
Internet Address 192.0.2.1, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
6101 packets sent, 94 received
412051 bytes sent, 16564 received
Last clearing of counters never
Counters, ignoring last clear:
6101 packets sent, 94 received
412051 bytes sent, 16564 received
Control Ns 9, Nr 32
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 2
Total resends 0, ZLB ACKs sent 31
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
PE1#show l2tp counters tunnel id 1083768332
L2TP tunnel control message statistics:
Tunnel LocID: 1083768332 RemID: 1688674825
Local Address: 192.0.2.1
Remote Address: 192.0.2.2
XMIT RE-XMIT RCVD DROP
========== ========== ========== ==========
ZLB 33 0 7 0
SCCRQ 1 0 0 0
SCCRP 0 0 1 0
SCCCN 1 0 0 0
StopCCN 0 0 0 0
Hello 4 0 31 0
OCRQ 0 0 0 0
OCRP 0 0 0 0
OCCN 0 0 0 0
ICRQ 1 0 0 0
ICRP 0 0 1 0
ICCN 1 0 0 0
CDN 0 0 0 0
WEN 0 0 0 0
SLI 1 0 1 0
EXP ACK 0 0 0 0
SRRQ 0 0 0 0
SRRP 0 0 0 0
CiscoACK 0 0 0 0
Total 42 0 41 0
Previous page: GREoIPSECoGRE
Next page: L2TPv3 RPW