ASR1001 VPLS Issue
Hello,
I am testing VPLS service on the ASR1001. I have three of them directly connected in a full mesh with autodiscovery mode. On the first two ASR1K I have a switch connected in order to test the end-to-end reachability.
The VCs are in UP state, ICMP, SSH (unicast) is OK between the switch but multicast traffic is blocked.
Here are the relevant configuration sections:
l2 vfi VPLS-123 autodiscovery
vpn id 123
bridge-domain 123
router bgp 123
bgp log-neighbor-changes
bgp update-delay 1
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 update-source Loopback0
neighbor 3.3.3.3 remote-as 123
neighbor 3.3.3.3 update-source Loopback0
address-family ipv4
exit-address-family
address-family l2vpn vpls
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
Interface facing to the switch (CE)
interface GigabitEthernet0/0/3
no ip address
negotiation auto
service instance 123 ethernet
encapsulation default
bridge-domain 123
Thank you for your help!
Youssef
Hi Youssef,
What's IOS code which you are running? Seems like you are hitting DDTS CSCtz10928
fix of CSCtz10928 may be required to pass multicast traffic through vpls
You will need to upgrade your IOS to IOS-XE 3.7, which is 152-4S.
Sudeep
Similar Messages
-
ASR1001-x clock timezone command doesn't seem to work
Our client has 2 ASR1001-x routers with IOS-XE sr1001x-universalk9.03.13.02.S.154-3.S2-ext.SPA.bin.
I can configure the clock summer-time:
clock summer-time BE recurring last Sun Mar 2:00 last Sun Oct 3:00
However I can't configure the clock timezone. When I enter the configuration rule "clock timezone BE 1 0" the router doesn't complain but afterwards this configuration rule doesn't appear in the configuration and the clock isn't adapted:
RT00BDCE1EX1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
RT00BDCE1EX1(config)#clock timezone BE 1 0
RT00BDCE1EX1(config)#exit
RT00BDCE1EX1#sho run | inc clock
clock summer-time BE recurring last Sun Mar 2:00 last Sun Oct 3:00
RT00BDCE1EX1#sho clo
11:58:32.032 BE Thu Apr 23 2015
RT00BDCE1EX1#
NTP is configured and is working properly:
RT00BDCE1EX1#sho ntp asso
address ref clock st when poll reach delay offset disp
*~10.136.13.217 10.136.2.83 3 39 1024 377 3.991 2753.49 1.116
+~10.136.13.125 10.136.2.83 3 337 1024 377 3.990 2748.64 1.093
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
RT00BDCE1EX1#
Is this a bug ? Is there a new way to configure the right timezone? Thanks in advance.
Best regards
MikeAfter a long search I found a configuration that worked:
clock timezone UTC 1 0
clock summer-time UTC+2 recurring last Sun Mar 2:00 last Sun Oct 3:00
RT00BDCE1EX1#sho clo
09:13:47.967 UTC+2 Wed Apr 29 2015
The only issue is that we can't show the timezone in the loggings or the debuggings because in winter time it will be UTC which is not correct (must be UTC+1). -
ASR1001 High Memory Usage - Healthy?
Hi,
My SolarWinds NPM shows very high memory utization (up to 99%) on all ASR1001. CLI outpu belows confirms this:
---------------sh platform software status control-processor br
Load Average
Slot Status 1-Min 5-Min 15-Min
RP0 Healthy 0.11 0.29 0.29
Memory (kB)
Slot Status Total Used (Pct) Free (Pct) Committed (Pct)
RP0 Healthy 3944728 3906172 (99%) 38556 ( 1%) 3801056 (96%)
CPU Utilization
Slot CPU User System Nice Idle IRQ SIRQ IOwait
RP0 0 2.80 2.90 0.00 94.29 0.00 0.00 0.00
1 3.60 5.60 0.00 90.80 0.00 0.00 0.00
Is this considered 'healthy' as in shown in the output?
Thanks.
LarryHi,
This is not normal. There are a couple of things that you should look at.
1-You don't have enough memory on the router and so you need to install more memory.
2-There is feature or could be bug that is hugging up 99% of your memory.
If this is a critical router for you, I suggest you start analyzing the issue sooner than later.
Opening a ticket with TAC may be the first step.
HTH -
Orange Hue on VPL-HW30ES viewing 3d
Hello all,
I have a projector VPL-HW30ES. Viewing in 2d is excellent !! However when viewing 3d content, I get an reddish-orange hue on the major portion of the right bottom of the screen. Also, the entire picture has a light greenish color -- especially viewing brightly colored pictures.
I bought the glasses : Model number: TDG-PJ1 and also TDGBR250/B. Not sure what is going on here.
I am viewing the movie "THOR".
Is there an issue with the projector?
Thanks!
Solved!
Go to Solution.Hello Sai,
Welcome to the Sony Community.
I recommend you to you check the hdmi cable to make sure its marked "hdmi high-speed" for 3D. For more information regarding HDMI technology including HDMI cables, visit http://www.hdmi.org. While I don't think the issue that you experienced when watching 3d is caused by the projector, however, it's neccessary for you to do a factory settings reset as part of troubleshooting process.
Regards,
Charlie -
Maximum number of VPLS instances on ME3600X box
Hi,
Does anyone know what is the current maximum number of VPLS instances on ME3600X (Advanced Metro IP Access license)? I've found on one of the old presentations that this was only 26. And why is this limitation present?
Best regards,
KrzysztofHi Ricardo,
as for every platform, in the official limitations and restrictions there is a margin of prudence in what the platform can support. Let's say you can configure 40 VPLS instances (never tried) on your 3600X , and you do it with no apparent issue, this implementation would simply fall off the tests which Cisco did on that particular platform. Hence, any bad subsequent behaviour would not be "Cisco fault" and i actually see no reason for doing that.
HTH
Alessio -
ASR9K VPLS configuration assistance
Hi All,
we have 2 ASR9010 IOS XR version 6.0 at 2 sites and would like to span 2 VLANs across the MPLS network using VPLS. The config is below
PE1
interface bundle-eth2.200 l2transport
encapsulation dot1q 200 , 300
l2vpn
bridge group 2
bridge-domain Spansites
interface bundle-eth2.200
vfi 1
neighbor 10.1.1.1 pw-id 200
==============
PE2 config
nterface bundle-eth2.200 l2transport
encapsulation dot1q 200 , 300
l2vpn
bridge group 2
bridge-domain Spansites
interface bundle-eth2.200
vfi 1
neighbor 10.1.2.1 pw-id 200
=======
Both CEs are running etherchannel and trunk.
will the config above work? will the ASR forward incoming frame from VLAN 200(or 300) to PW with tag 200(or 300) or untag?
Regards,
Taoin principle this config will work but I dont think it is a recommended approach, let me explain.
In your scenario you are preserving the tag, so the single pw can carry both and on the remote side there is no issue either.
since you only have one AC and one PW, you might as well go for a cross connect. this is faster in the fowarding path and also saves mac learning resources, no concern about flooding or unnecessary replication when the received packet is a bcast or mcast.
in Xconn, the receive packet is just encapped and sent over, which is therefore much faster in terms of ucode cycles.
config for that would be:
l2vpn
xconn group BLA
p2p MINE
int bundle-e100.20
neighbor 10.1.2.1 pw-id 100
I would either do port mode, considering you mention trunk on the CE side.
Or I would create specific p2p's for those vlans you want to tunnel across.
But you can also leave them like this of course.
If you create individual p2p's or BD's for each vlan separately you can use the pop tag symmetric, which saves a few bytes vlan overhead on the mpls transport.
regards
xander -
Hi I am changing IOS of Cisco ASR 1001 from asr1001-universalk9.03.07.02.S.152-4.S2.bin
to asr1000rp1-adventerprisek9.03.04.02.S.151-3.S2.bin but everty time it boot up with old IOS universalk9.
Is it becaused of Licence issue.
Router#sh bootvar
BOOT variable = bootflash:asr1000rp1-adventerprisek9.03.04.02.S.151-3.S2.bin,12;bootflash:asr1001-universalk9.03.07.02.S.152-4.S2.bin,12;
CONFIG_FILE variable does not exist
BOOTLDR variable does not exist
Configuration register is 0x2102
License Level: advipservices
License Type: Permanent
Next reload license Level: advipservices
cisco ASR1001 (1RU) processor with 1155941K/6147K bytes of memory.
Processor board ID SSI1607042B
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
7741439K bytes of eUSB flash at bootflash:.
Configuration register is 0x2102You downloaded the wrong file. The file you wanted to run has "rp1" but the original file doesn't. You downloaded a file for a different model. Your router is an ASR 1001 with fixed RP but you've downloaded a file for a different sub-model of ASR, like the 1002 or 1004.
Go here instead: http://software.cisco.com/download/release.html?mdfid=282993672&softwareid=282046477&release=3.10.3S&relind=AVAILABLE&rellifecycle=ED&reltype=latest -
VPLS PE to CPE hand-off restrictions...
Hello,
I am investigating the implementation of a VPLS roll out over an existing MPLS network. The current PE devices are running MPLS and M-BGP with no issues and layer-3 services are running for our customers. Recently we have began to have requests for layer-2 services and we have used the occassional xconnect without issues to achieve this, however we are looking to provide more advanced any-any connectivity for one of the customers which is making VPLS look like a good option for us. When we were using a layer-2 xconnect we would simply present the layer-2 connection on a sub-interface on the PE device and bridge it through the CPE router using bridge-groups - which is not very elegant but it does work. Sometime the downstream CPE device is actually a switch using SVI's and in this instance we can simply switch the connection straight though at layer-2.
My issue is that the CPE's in use are primarily routers (and not switches that can implement SVI's) so the connection configuration from the PE to the CPE is configured using sub-interfaces on routed ports rather than trunks and VLAN interfaces. I can amend this easily enough on the PE devices (6509 and 760x) however C290x, C1812 and C2811 devices only work using sub-interfaces so you cannot use SVIs - please correct me if this is wrong...
The configuration examples I have seen for VPLS implies its the whole interface that is configured on the PE device using "switchport mode dot1q-tunnel" or similar.
Existing - MPLS PE --> Trunk containing sub-interfaces with L3 P-2-P connections and L2 xconnect --> CPE router
Required - MPLS PE --> Trunk containing sub-interfaces with L3 P-2-P connections, VPLS and L2 xconnect --> CPE router
Is there any sneaky way to index sub-interfaces into VPLS or does it have to be the whole port? Q-in-Q for example appears to be a switch function and not router option as it requires switchport commands which are not available on a router CPE such as the C1812, C290x and C28xx.
If need be then I will recommend that the CPE devices need to be swapped out for a L3 switch, however this would add greatly to any design implementation costs and I would like to retain the existing CPE routers if possible.
In a nutshell here we have a remote CPE connected over a WAN link of some sort and I want to be able to offer existing Layer-3 services, EoMPLS xconnect services and VPLS all over the same WAN bearer where the CPE is a router and not a switch.
Thanks for any guidance.
KeithHello Keith
There is an option on 2900, 1800, 2800 series router to add switching modules and this will help add the switching funtionality and the CLI's related to it. It shall solve your purpose. Please refer to the below mentioned white paper:
http://www.cisco.com/en/US/prod/collateral/routers/ps5853/prod_white_paper0900aecd8064c9f4.html
Please let me know if you have any questions.
Regards
Vinit -
Why VPLS and not L3 VPNs ???
Hi all
Please bare with me, i know a lot has been written about what VPLS is, I have read the postings, but maybe someone can in simple terms answer my qn for me;
Why should one go for VPLS and not L3 VPNs or L3 VPNs and not VPLS, i need arguments from both the enterprise point and the ISP point
Hope you get my Question
Regards
MMWell..
VPLS:
+No need to involve the ISP for routing issues
+Support non-IP protocols - IPX, AppleTalk etc..
-Difficult to troubleshoot
-Possible to make a L2-loop
-Customers could overflow mac-tables.
L3-VPN:
+ISP control the routing process - or the customer could control the CE-PE, and control it's own routing.
+Loops are avoided with routing-protocols
-Non-IP protocols have to be encapsulated to work
Personally I liked the VPLS best before, but after choosing an ISP supporting PE-CE-protocols, not using static's and has a good support centre, I always recommend L3VPN's.
Also within our own MPLS-network we always use L3. (with no 7600's VPLS is not supported...) EoMPLS is not used permanently used within out MPLS, but could be used for moving a customer from one datacenter to another, or other special timelimited purpose...
L@rs -
ASR1001 interface won't come UP
Hi,
I need some help with the connection between a ASR1001 and a Catalyst 2960G. The interface on the ASR won't come up, and I am pretty sure this is a configuration issue but I can't figure it out
At first, both interfaces wouldn't come up, but since I have set speed and duplex to 1000/full on both sides, the switch port is up/up but the router port is still down...
Switch configuration :
interface GigabitEthernet0/6
switchport trunk allowed vlan 425,605
switchport mode trunk
speed 1000
duplex full
no cdp enable
spanning-tree bpdufilter enable
Router configuration :
interface GigabitEthernet0/0/0
no ip address
ip access-group InFilter in
speed 1000
no negotiation auto
ip virtual-reassembly
interface GigabitEthernet0/0/0.425
encapsulation dot1Q 425
ip address x.x.x.x 255.255.255.0
no ip redirects
no ip unreachables
standby 221 ip x.x.x.x
standby 221 timers msec 250 msec 800
standby 221 priority 90
ip virtual-reassembly
interface GigabitEthernet0/0/0.605
encapsulation dot1Q 605
ip address x.x.x.x 255.255.255.224
no ip redirects
no ip unreachables
ip virtual-reassembly
Any thoughts, ideas, suggestions...
Is there a debug I could turn on to troubleshoot the L2 on the ASR ?Hi,
Did you manage to sort this issue out?
I've currently mocked up a lab environment with an ASR1001-X and a 2960S (10G).
I have a similar setup to yourself but am using 10G between interfaces connected via MM fibre.
Interestingly, i'm not seeing any connectivity either.
I'll upgrade the 2960 to 15. code to see if it makes any difference. -
Disabling split horizon for H-VPLS on 7609
Hi,
We installed a new 7609 in our lab for doing H-VPLS interop. The sw Version is IOS (tm) s72033_rp Software (s72033_rp-PSV-M), Version 12.2(18)SXD7.
I do not see the "no-split-horizon" option when trying to configure the remote spoke PE.
l2 vfi PE3-VPLS-A manual
vpn id 200
neighbor 20.0.0.1 encapsulation mpls <no-split-horizon>
Is there a version problem or some config issue ?
Thanks
ATThe hw info is as follows :-
Mod Ports Card Type Model Serial No.
1 2 2+4 port GE-WAN OSM-2+4GE-WAN+ JAB0847061N
5 2 Supervisor Engine 720 (Active) WS-SUP720-BASE SAL0919113H
Mod Sub-Module Model Serial Hw Status
5 Policy Feature Card 3 WS-F6K-PFC3BXL SAL09253GNF 1.6 Ok
5 MSFC3 Daughterboard WS-SUP720 SAL09190TCD 2.5 Ok -
Hi,
Im having a strange issue with a BGP signalled VPLS on my ME3600. I'm running 15.3.2(s).
The VFI comes up but the virtual circuit stays down with the following error:-
SW1.THN-LON#show mpls L2transport vc 501 detail
Local interface: VFI FLVPLS001 vfi up
Interworking type is Ethernet
Destination address: 46.226.0.10, VC ID: 501, VC status: down
Last error: MPLS dataplane reported a fault to the nexthop
Output interface: none, imposed label stack {}
Preferred path: not configured
Default path: no route
No adjacency
Create time: 00:19:42, last status change time: 00:19:42
Last label FSM state change time: 00:19:42
Signaling protocol: BGP
Status TLV support (local/remote) : Not Applicable
LDP route watch : Not Applicable
Label/status state machine : activating, LruRruD
Last local dataplane status rcvd: DOWN(pw-tx-fault)
Last BFD dataplane status rcvd: Not Applicable
Last BFD peer monitor status rcvd: Not Applicable
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: DOWN(pw-rx-fault)
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: Not Applicable
Last remote LDP TLV status rcvd: Not Applicable
Last remote LDP ADJ status rcvd: Not Applicable
MPLS VC labels: local 27, remote 16
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Control Word: Off
Dataplane:
SSM segment/switch IDs: 0/10075 (used), PWID: 12
VC statistics:
transit packet totals: receive 0, send 0
transit byte totals: receive 0, send 0
transit packet drops: receive 0, seq error 0, send 0
SW1.THN-LON#show mpls for 46.226.0.10 detail
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
None 304720 46.226.0.10/32 0 Tu0 point2point
MAC/Encaps=14/18, MRU=9000, Label Stack{304720}, via Te0/2
A8D0E55DEB3D88F077938CDB8847 4A650000
The next hop is available and routable so not quite sure what the issue is. Any help greatly appreciated.Hi Nicholas,
VPLS use BGP to discover neighbors dynamically instead config it manually, so VPLS works with MPLS and use LDP on the infrastructure of MPLS. I can see that in the LFIB in your switch you don't have a local tag to your destination address. Maybe your LDP adyacency to your destination address is not comming up and it could be de reason why the virtual circuit stays down.
You should fix it first and then check if the virtual circuit came up.
Regards
Fernando Ramos -
Cisco ASR1001-X SFP-10G-SR: unable to bring 10G port up
Dear colleagues,
I have connected a Cisco ASR1001-X 10G port to a 10G port on the Cisco 7606-S. The SFP on my ASR1001-X is SFP-10G-SR and the SFP on the 7606-S is XENPAK-10GB-LX4. I am using an MMF fibre patching. I am unable to bring the port up. I have a temp license for the ASR 10G port. Is that sufficient to bring the port up?
I have tried connecting the SFP-10G-SR to a XFP-10G-MM-SR on another ASR but this did not work either. I am able to connect the XFP-10G-MM-SR to one another and also the SFP-10G-SR to one another. So there appears to be an issue when I mix the SFPs.
Can any one help please?The SFP on my ASR1001-X is SFP-10G-SR and the SFP on the 7606-S is XENPAK-10GB-LX4. I am using an MMF fibre patching.
The two fibre optic modules are on different wavelengths so the link won't come up. -
Hello,
i am looking about some information about ASR 1001 with IDC:
1) I tried to use the configurator for ASR 1001 with IDC 2XOC3 (STM1) interfaces , but this option does not give me the option for SPA on the ASR 1001 , but when i tried ASR 1001 with IDC 4XT3 there is SPA available here, why there is no SPA slot available to configure with ASR 1001 2xOC3 (STM1) .
2) is the ASR 1001 and ASR1002 support VPLS , and what is the limitation if it is support it?
3) what is the maximum number of VPN (L3VPN) and what is the maximum route per VRF.Hi Alex,
thanks for Your answer. I tried this, but it didn't help.
But doing some more research I think I have taken the wrong image:
bootflash:/asr1001-universal.03.09.01.S.153-2.S1.bin
==> I should have taken the "k9"-version instead....
Meanwhile I rebooted with the "asr1001-universalk9.03.10.01.S.153-3.S1-ext.bin" image, and now it works fine ;-)
Sorry for my blindness...
Kind regards,
Stefan -
Hi All,
We are planning to run VPLS over the DSL link and i think MTU cab be an issue in such scenario as the MTU size will depends uppon the DSL provider settings. So i am not sure how to acheive this solution in terms of MTU issues and also can some one please guide me how to calculate the required MTU for running VPLS in DSL access media ?
MTU on interface to CE ?
MTU on interface to the Core ?
Thanks in advance guys.
SreeHi Sree,
the rule for MPLS (hence for VPLS too) is to have the highest MTU you can configure on the core interfaces. Usually ISPs have nowaday 9000.
If this is not possible for VPLS you need to take into consideration the following for Max Frame Size:
Max Frame Size = Link Header + Tunnel label + VC label + Control Word +Transported L2 Header + Payload.
Link Header is the one of your DSL circuit (likely using ATM link header.. anyway it something you should know/ask your provider).
Tunnel label + VC label + Control Word = 12 Bytes (4 bytes per label + 4 bytes for control word which is optional as it sepends on underlying transport media and on vendor implementation... anyway you should consider it)
Transported L2 Header = it depends on what you transport. For Ethernet II encapsulation with dot1q consider 18 bytes (or 14 bytes if customer vlan id is not transported. This depends on implementations once again).
So in the worst scenario where you have CW and you transport customer vlan id you need at least 1530 Bytes + the DSL link header on the core facing interface.
On the customer facing interface I would leave the interface MTU you have (1500 if it is Ethernet - even though the actual value is higher as it considers the L2 link overhead already). Or else you need to change the MTU on every host.. not too handy.
Riccardo
Maybe you are looking for
-
Steps in bursting Xml publisher report
hey, can anyone give all the steps required to burst a xml report. like the output should go to different destinations like mail,fax etc. thanks RDM
-
How do I download a book from Itunes to my ipod nano?
I see that I've purchased a book on my ITunes Store list, but it does not show up on my IPod nano. Can you help?
-
Can't see external HD partition on finder, changed Ownership & Permissions
Hi all, a friend has a particular issue with his external HD. He clicked one of the partitions on his external HD and started restricting the options under Ownership & Permissions, until he got ALL permissions set to "no access". Now the HD appears,
-
Adobe Shockwave Player for OSX 10.7.1
Hello everyone, I tried downloading and installing Adobe Shockwave player 11 (11.7 Megabytes) for Mac OSX, and I could not find neither the plug-in on Safari, nor the files that should have been copied to my disk. I've tried downloading alternate ver
-
Will the case mate tough extreme case for the iPhone 5 fit the 5c phone
I am having trouble finding a case tht will fit the 5c. Will the Case Mate Tough Extreme fir the 5c