Date created: Thursday, May 21, 2015 11:09:26 AM. Last modified: Thursday, November 11, 2021 10:16:33 AM
PWE3 Trunk/Tagged/QinQ
VC type 5 is more common moving forwards, VC type 4 is generally being phased out by vendors so some newer devices like the ASR1000s does not support popping of dummy VLAN on VC type 4. The ME3600-X/ME3800-X switches do support VC type dummy VLAN pushing/poping.
Pseudowire Examples:
IOS SVI-based
IOS SVI to IOS EFP
IOS port-based to IOS port-based tagged
IOS port-based to IOS port-based tagged (VC type 4)
IOS EFP to IOS EFP tagged (VC type 4)
IOS port-based to IOS-XE port-based tagged
IOS port-based to IOS-XE port-based tagged (VC Type 4)
IOS EFP to IOS-XE EFP tagged (VC Type 4)
IOS EFP to IOS EFP multiple tagged
IOS EFP to IOS-XE EFP multiple tagged (UNTESTED)
IOS port-based to IOS-XR port-based
IOS-XR port-based to IOS-XR port-based
IOS-XR sub-int to IOS-XR sub-int
IOS SVI based
transports frames as untagged, the tag has been PoP'ed as it enters the SVI
interface GigabitEthernet0/14 switchport trunk allowed vlan none switchport mode trunk service instance 1 ethernet encapsulation dot1q 10 second-dot1q 20 rewrite ingress tag pop 1 symmetric bridge-domain 2000 ! interface Vlan2000 no ip address xconnect 1.1.1.1 100 encapsulation mpls ! In this example, assuming the same config on both PEs, an ingress frame with single tag 11 matches EFP 1 and is pushed into BD 101 so tag 101 is pushed to the frame as an outer tag. SVI 101 will strip the outer tag 101 so it can process the frame at layer 3, however an xconnect is configured. The xconnect will carry the frame with one VLAN tag, 11, so if the frame is required to be carried over an xconnect with double tag the command "platform rewrite imposition tag push 1 symmetric" is pushing the tag 101 onto the frame before it enters the pseudowire so it is transmitted with outer tag 101, inner tag 11. The far-end PE has the same config with keyword "symmetric" so will pop outer tag 101 and let the frame enter BD 101 which links to EFP 1, the frame only has tag 11 present and egresses with the correct tag. interface GigabitEthernet0/15 switchport trunk allowed vlan none switchport mode trunk service instance 1 ethernet encapsulation dot1q 11 bridge-domain 101 ! interface Vlan101 no ip address platform rewrite imposition tag push 1 symmetric xconnect 12.12.12.12 300 encapsulation mpls ! This is another example using "platform rewrite imposition tag push 1 symmetric" where we have single tagged one end and double-tagged at the other end of the xconnect, so at the single tagged end we push on an addition tag to match the xconnect at both ends ! ME3600/ME3800 interface GigabitEthernet0/1 switchport trunk allowed vlan none switchport mode trunk service instance 10 ethernet encapsulation dot1q 10 bridge-domain 20 interface Vlan20 no ip address platform rewrite imposition tag push 1 symmetric xconnect 2.2.2.2 123 encapsulation mpls ! ASR9000 bridge group 1 bridge-domain 1 interface TenGigE0/0/0/0.10 neighbor 1.1.1.1 pw-id 123 interface TenGigE0/0/0/0.10 encapsulation dot1q 20 second-dot1q 10
IOS SVI to IOS EFP will transport frames untagged over the PWE3 but the EFP is push on the tag on egress at PE1 and PE2
! PE1 interface GigabitEthernet0/4 switchport trunk allowed vlan none switchport mode trunk service instance 1 ethernet encapsulation dot1q 10 rewrite ingress tag pop 1 symmetric xconnect 1.1.1.1 100 encapsulation mpls ! PE2 interface GigabitEthernet0/14 switchport trunk allowed vlan none switchport mode trunk service instance 1 ethernet encapsulation dot1q 10 rewrite ingress tag pop 1 symmetric bridge-domain 2000 ! interface Vlan2000 no ip address xconnect 2.2.2.2 100 encapsulation mpls
IOS port-based to IOS port-based tagged pseudowire (default is VC type 5 which will actually transport either untagged or tagged when used on port based pseudowire, L2CPs are forwarded)
! ME3800 interface Gi0/1 xconnect 2.2.2.2 19 encapsulation MPLS
IOS port-based to IOS port-based tagged (VC type 4) pseudowire (this will actually transport either untagged or tagged when used but pushes a dummy frame)
! ME3600 pseudowire-class EoMPLS-dot1q encapsulation mpls interworking vlan interface GigabitEthernet0/1 description ME3600-Gi0/3 no switchport no ip address xconnect 10.0.0.2 123 encapsulation mpls pw-class EoMPLS-dot1q
IOS EFP to IOS-XE EFP tagged (VC Type 4) pseudowire for tagged frames only (VC Type 4 could transport tagged and untagged frames depending on the EFP encapsulation, in this example its VLAN 11 only. This example was tested with ME3600 to ASR1001, the AR1K's can't pop the dummy VLAN imposed by a VC Type 4 pseudowire so in this example the traffic only successfullly flows in one direction ingressing the ASR1K, egressing the ME3600 which can pop the VC Type 4 dummy tag. In the other direction the ASR1K1can't PoP the exra dummy VLAN tag so traffic egressing the ASR1K is double tagged).
! ME3600 pseudowire-class EoMPLS-VC4 encapsulation mpls interworking vlan interface GigabitEthernet0/1 description CPE1 switchport trunk allowed vlan none switchport mode trunk no cdp enable service instance 11 ethernet encapsulation dot1q 11 xconnect 10.0.0.5 123 pw-class EoMPLS-VC4 ! ASR1K1 pseudowire-class EoMPLS-VC4 encapsulation mpls interworking vlan interface GigabitEthernet0/0/0 description CPE2 no ip address no ip unreachables no ip proxy-arp negotiation auto service instance 11 ethernet encapsulation dot1q 11 xconnect 10.0.0.1 123 pw-class EoMPLS-VC4
IOS EFP to IOS EFP tagged (VC type 4) pseudowire for tagged frames (both tagged and untagged frames are actually forwarded here, in either case an extra dummy dot1q tag is added since this is VC type 4. ME3800/ME3600 have the ability to push and pop the dummy VLAN used for VC type 4).
pseudowire-class EoMPLS-VC4
encapsulation mpls
interworking vlan
interface GigabitEthernet0/1
description 1941-1-GI0/0
switchport trunk allowed vlan none
switchport mode trunk
no cdp enable
service instance 11 ethernet
encapsulation dot1q 11
l2protocol forward ! L2CPs are not being forwarded here in my lab test?
xconnect 10.0.0.5 123 pw-class EoMPLS-VC4
ME3800#show mpls l2transport binding 123
Destination Address: 10.0.0.5,VC ID: 123
Local Label: 20
Cbit: 1, VC Type: Eth VLAN, GroupID: 0
MTU: 1500, Interface Desc: 1941-1-GI0/0
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2], BFD/Raw [5]
Remote Label: 16
Cbit: 1, VC Type: Eth VLAN, GroupID: 0
MTU: 1500, Interface Desc: ME3800-Gi0/3
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2], BFD/Raw [5]
ME3800#show mpls l2transport vc 123 detail
Local interface: Gi0/1 up, line protocol up, Eth VLAN 11 up
Destination address: 10.0.0.5, VC ID: 123, VC status: up
Output interface: Vl20, imposed label stack 16
Preferred path: not configured
Default path: active
Next hop: 10.0.20.5
Create time: 00:13:01, last status change time: 00:00:44
Last label FSM state change time: 00:00:44
Signaling protocol: LDP, peer 10.0.0.5:0 up
Targeted Hello: 10.0.0.1(LDP Id) -> 10.0.0.5, LDP is UP
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 20, remote 16
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description: ME3800-Gi0/3
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
Dataplane:
SSM segment/switch IDs: 8268/4167 (used), PWID: 8
VC statistics:
transit packet totals: receive 16, send 30
transit byte totals: receive 3836, send 5278
transit packet drops: receive 0, seq error 0, send 0
IOS port-based to IOS-XE port-based pseudowire (this will actually forward untagged, tagged and double tagged frames as it's VC type 5, L2CP frames should be supported here too)
! ME3800
interface GigabitEthernet0/1
description ME3600-Gi0/3
no switchport
no ip address
xconnect 10.0.0.2 123 encapsulation mpls
! ASR1K1
interface GigabitEthernet0/0/0
description ME3600-Gi0/4
no ip address
xconnect 10.0.0.1 123 encapsulation mpls
ME3800#show mpls l2transport binding 123
Destination Address: 10.0.0.2,VC ID: 123
Local Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: ME3600-Gi0/3
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2], BFD/Raw [5]
Remote Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: ME3600-Gi0/4
VCCV: CC Type: CW [1], RA [2], TTL [3]
CV Type: LSPV [2]
ASR1K1#show mpls l2transport vc 123 detail
Local interface: Gi0/0/0 up, line protocol up, Ethernet up
Destination address: 10.0.0.1, VC ID: 123, VC status: up
Output interface: Gi0/0/1, imposed label stack 19
Preferred path: not configured
Default path: active
Next hop: 10.0.20.1
Create time: 00:00:35, last status change time: 00:00:22
Last label FSM state change time: 00:00:21
Signaling protocol: LDP, peer 10.0.0.1:0 up
Targeted Hello: 10.0.0.2(LDP Id) -> 10.0.0.1, LDP is UP
Graceful restart: not configured and not enabled
Non stop routing: not configured and not enabled
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 19, remote 19
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description: ME3600-Gi0/3
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
SSO Descriptor: 10.0.0.1/123, local label: 19
Dataplane:
SSM segment/switch IDs: 4098/4097 (used), PWID: 1
VC statistics:
transit packet totals: receive 11, send 5
transit byte totals: receive 660, send 410
transit packet drops: receive 0, seq error 0, send 0
IOS port-based to IOS-XE port-based (VC Type 4) pseudowire for tagged frames (both tagged and untagged frames are actually forwarded here, in either case an extra dummy dot1q tag is added since this is VC type 4 however some devices like the ASR1001 can't PoP the dummy tag though so testing ME3800 to ASR1K1 doesn't work, a single tagged frame that ingresses the ME3800 egresses the ASR1001 with two tags, but ME3800/ME3600 to ME3800/ME3600 does work).
IOS pseudowire-class EoMPLS-dot1q encapsulation mpls interworking vlan interface GigabitEthernet0/1 description ME3600-Gi0/3 no switchport no ip address xconnect 10.0.0.2 123 encapsulation mpls pw-class EoMPLS-dot1q IOS-XE (this actualy doesn't work with ASR1001) pseudowire-class EoMPLS-dot1q encapsulation mpls interworking vlan interface GigabitEthernet0/0/0 description ME3600-Gi0/4 no ip address xconnect 10.0.0.1 123 encapsulation mpls pw-class EoMPLS-dot1q
ME3800#show mpls l2transport binding 123 Destination Address: 10.0.0.2,VC ID: 123 Local Label: 20 Cbit: 1, VC Type: Eth VLAN, GroupID: 0 MTU: 1500, Interface Desc: ME3600-Gi0/3 VCCV: CC Type: CW [1], RA [2] CV Type: LSPV [2], BFD/Raw [5] Remote Label: 19 Cbit: 1, VC Type: Eth VLAN, GroupID: 0 MTU: 1500, Interface Desc: ME3600-Gi0/4 VCCV: CC Type: CW [1], RA [2], TTL [3] CV Type: LSPV [2]
ME3800#show mpls l2transport vc 123 detail Local interface: Gi0/1 up, line protocol up, Ethernet up Interworking type is Eth VLAN Destination address: 10.0.0.2, VC ID: 123, VC status: up Output interface: Gi0/2, imposed label stack 19 Preferred path: not configured Default path: active Next hop: 10.0.20.2 Create time: 00:23:10, last status change time: 00:22:34 Last label FSM state change time: 00:22:38 Signaling protocol: LDP, peer 10.0.0.2:0 up Targeted Hello: 10.0.0.1(LDP Id) -> 10.0.0.2, LDP is UP Graceful restart: not configured and not enabled Non stop routing: not configured and not enabled Status TLV support (local/remote) : enabled/supported LDP route watch : enabled Label/status state machine : established, LruRru Last local dataplane status rcvd: No fault Last BFD dataplane status rcvd: Not sent Last BFD peer monitor status rcvd: No fault Last local AC circuit status rcvd: No fault Last local AC circuit status sent: No fault Last local PW i/f circ status rcvd: No fault Last local LDP TLV status sent: No fault Last remote LDP TLV status rcvd: No fault Last remote LDP ADJ status rcvd: No fault MPLS VC labels: local 20, remote 19 Group ID: local 0, remote 0 MTU: local 1500, remote 1500 Remote interface description: ME3600-Gi0/4 Sequencing: receive disabled, send disabled Control Word: On (configured: autosense) Dataplane: SSM segment/switch IDs: 8215/4117 (used), PWID: 2 VC statistics: transit packet totals: receive 0, send 581 transit byte totals: receive 0, send 70882 transit packet drops: receive 0, seq error 0, send 0
IOS EFP to IOS EFP multiple tagged pseudowire. When used with "l2protocol tunnel" or "l2protocol forward" EFPs will forward L2CP frames.
interface GigabitEthernet0/1
description 1941-1-GI0/0
switchport trunk allowed vlan none
switchport mode trunk
no cdp enable
service instance 11 ethernet
encapsulation dot1q 11,100,200,300
xconnect 10.0.0.5 123 encapsulation mpls
ME3800#show mpls l2transport binding 123
Destination Address: 10.0.0.5,VC ID: 123
Local Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: 1941-1-GI0/0
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2], BFD/Raw [5]
Remote Label: 19
Cbit: 1, VC Type: Ethernet, GroupID: 0
MTU: 1500, Interface Desc: ME3800-Gi0/3
VCCV: CC Type: CW [1], RA [2]
CV Type: LSPV [2], BFD/Raw [5]
IOS EFP to IOS-XE EFP multiple tagged (UNTESTED) pseudowire
ASR903
interface GigabitEthernet0/0/0
service instance trunk 1 ethernet
encapsulation dot1q 100,200,300
rewrite ingress tag pop 1 symmetric
xconnect 2.2.2.2 20 encapsulation mpls
ME3600
interface GigabitEthernet0/1
service instance trunk 1 ethernet
encapsulation dot1q 100,200,300
rewrite ingress tag pop 1 symmetric
xconnect 1.1.1.1 20 encapsulation mpls
IOS port-based to IOS-XR port-based pseudowire for tagged frames (this will actally transport untagged, tagged, double tagged)
IOS: interface TenGigabitEthernet2/1/4 ! 1500 MTU + 8 for QinQ (Ethernet headers included) mtu 1508 xconnect 2.2.2.2 105 encapsulation mpls IOS-XR: l2vpn pw-class ENCAP_MPLS encapsulation mpls xconnect group TEST p2p TESTP2P interface TenGigE0/1/0/3 neighbor ipv4 1.1.1.1 pw-id 105 interface TenGigE0/1/0/3 ! 1500 MTU + 8 for QinQ + 14 for headers mtu 1522 l2transport
IOS-XR port-based to IOS-XR port-based
interface TenGigE0/0/2/0 l2transport
l2vpn
pw-class EoMPLS
encapsulation mpls
xconnect group Sub-Int-EoMPLS
p2p PE1-PE2
interface TenGigE0/0/2/0
neighbor ipv4 1.1.1.1 pw-id 5555
pw-class EoMPLS
IOS-XR sub-int to IOS-XR sub-int (L2CP frames are forwarding by the ASR9K by default, the opposite of IOS, so L2CP frames that aren't wanted have to be filtered out).
EoMPLS between two sub-interfaces (EFPs). By default this nefotiates to VC type 5 so without any "rewrite" command the VLAN stack is maintained throught the pseudowire, so as long as it has VLAN 100 as the top most VLAN tag a single or double tag VLAN will be accepted here:
PE1:
interface TenGigE0/0/2/0.100 2transport
encapsulation dot1q 100
l2vpn
pw-class EoMPLS
encapsulation mpls
xconnect group Sub-Int-EoMPLS
p2p PE1-PE2
interface TenGigE0/0/2/0.100
neighbor ipv4 2.2.2.2 pw-id 5555
pw-class EoMPLS
PE2:
interface TenGigE0/0/2/0.100 l2transport
encapsulation dot1q 100
l2vpn
pw-class EoMPLS
encapsulation mpls
xconnect group Sub-Int-EoMPLS
p2p PE1-PE2
interface TenGigE0/0/2/0.100
neighbor ipv4 1.1.1.1 pw-id 5555
pw-class EoMPLS
To remove the top most VLAN tag if this were a single tagged frame (or perhaps remove an S-VLAN tag but leave the C-VLAN tag in place line with an NNI) use a re-write function. With single tagged VLANs this allows transport betwen sub-interfaces with different dot1q tags:
PE1:
interface TenGigE0/0/2/0.100 2transport
encapsulation dot1q 100
rewrite ingress tag pop 1
l2vpn
pw-class EoMPLS
encapsulation mpls
xconnect group Sub-Int-EoMPLS
p2p PE1-PE2
interface TenGigE0/0/2/0.100
neighbor ipv4 2.2.2.2 pw-id 5555
pw-class EoMPLS
PE2:
interface TenGigE0/0/2/0.200 l2transport
encapsulation dot1q 200
rewrite ingress tag pop 1
l2vpn
pw-class EoMPLS
encapsulation mpls
xconnect group Sub-Int-EoMPLS
p2p PE1-PE2
interface TenGigE0/0/2/0.200
neighbor ipv4 1.1.1.1 pw-id 5555
pw-class EoMPLS
Previous page: PWE3 IOS & XR to Junos
Next page: RPW (Routed Pseudowire) Examples