Port pseudowire
what is port pseudowire and why is it used and is it different than the normal pseudowire.
can anyone shed some light on this.
cheers
jack
Hi Jack
Port Based Psuedowire is one of the various options available for configuring a psuedowire between two endpoints.
In a Port-Based Psuedowire the ethernet frame is transparently encapsulated into an MPLS Packet and transported across the backbone to the other end where the MPLS Packet is decapsualted and the ethernet frame is sent out via the egress..This helps in providing a pure point-to-point link between the two remote endpoints as if a physical wire was used..
Other options available such as VLAN Based psuedowire where the SP reads the VLAN Tag information and removes the same before encapsulating the frame into an MPLS Packet. This means that the CEs can use different VLANs locally signficant till their respective PEs at each end and still communicate transparently..
Hope this provides some insight to your query...
You can try reading a very useful book" MPLS Configuration on CIsco IOS Softwares" which provides a very comprehensive insight into the various MPLS concepts.
Regards
Varma
Similar Messages
-
MPLS pseudowire Up on one side Down on the other
Hello,
I'm trying to setup another pseudowire between a 6509-E 12.2(17r)S4 and a 7201 12.4(12.2r)T. The 6509 says the vc is up:
Switch#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi4/1 Ethernet 172.29.255.7 77 UP
But on the 7201 I'm getting:
Router#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi0/3 Ethernet 172.29.255.10 77 DOWN
When I run show mpls l2transport vc detail it looks like:
Switch:
VC statistics:
transit packet totals: receive 0, send 35308
transit byte totals: receive 0, send 2745983
transit packet drops: receive 0, send 0
Router:
VC statistics:
packet totals: receive 35414, send 0
byte totals: receive 2754295, send 0
packet drops: receive 0, seq error 0, send 1421389
Weird that the switch is sending but not receiving and the router is receiving but not sending.
The topoligy is:
[6509-E] <-> [7201transit] <-> [7201]
The transit router has mpls ip enabled and has another functional pseudowire running across it.
Thanks in advance I'm pretty new to MPLS, please let me know if you need more information, I can post configs etc.
--WillHey Negandra,
Thank you for your response! How do I know if I have SIP/ES/ES+ cards? The two types of cards I have in the chassis are:
48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX
24 CEF720 24 port 1000mb SFP
Are either of those capable?
--Will
*EDIT*
Also I have tried to terminate the pseudowire to a SVI on the 6509-E but I can't get it to come online.
CORE#show mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
Gi4/3 Ethernet 172.x.x.x 2 ADMIN DOWN
Gi3/46 Ethernet 172.x.x.x 123 UP
Gi4/48 Ethernet 172.x.x.x 1337 DOWN
Gi4/5 Ethernet 172.x.x.x 4 ADMIN DOWN
Vl7 Eth VLAN 7 172.x.x.x 7 DOWN
CORE#show run int vlan7
Building configuration...
Current configuration : 91 bytes
interface Vlan7
no ip address
xconnect 172.29.255.7 7 encapsulation mpls
end
If I configure the pseudowire on a physical interface on the switch it comes up, what am I missing? Hardware limitation?
Thanks in advance,
--Will -
Port Forwarding & Access List Problems
Good morning all,
I am trying to set up port forwarding for a Webserver we have hosted here on ip: 192.168.0.250 - I have set up access lists, and port forwarding configurations and I can not seem to access the server from outside the network. . I've included my config file below, any help would be greatly appreciated! I've researched a lot lately but I'm still learning. Side note: I've replaced the external ip address with 1.1.1.1.
I've added the bold lines in the config file below in hopes to forward port 80 to 192.168.0.250 to no avail. You may notice I dont have access-list 102 that i created on any interfaces. This is because whenever I add it to FastEthernet0/0, our internal network loses connection to the internet.
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname pantera-office
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 $1$JP.D$6Oky5ZhtpOAbNT7fLyosy/
aaa new-model
aaa authentication login default local
aaa session-id common
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.150
ip dhcp excluded-address 192.168.0.251 192.168.0.254
ip dhcp pool private
import all
network 192.168.0.0 255.255.255.0
dns-server 8.8.8.8 8.8.4.4
default-router 192.168.0.1
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name network.local
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-4211276024
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4211276024
revocation-check none
rsakeypair TP-self-signed-4211276024
crypto pki certificate chain TP-self-signed-4211276024
certificate self-signed 01
3082025A 308201C3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34323131 32373630 3234301E 170D3132 30383232 32303535
31385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32313132
37363032 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B381 8073BAC2 C322B5F5 F9595F43 E0BE1A27 FED75A75 68DFC6DD 4C062626
31BFC71F 2C2EF48C BEC8991F 2FEEA980 EA5BC766 FEBEA679 58F15020 C5D04881
1D6DFA74 B49E233A 8D702553 1F748DB5 38FDA3E6 2A5DDB36 0D069EF7 528FEAA4
93C5FA11 FBBF9EA8 485DBF88 0E49DF51 F5F9ED11 9CF90FD4 4A4E572C D6BE8A96
D61B0203 010001A3 8181307F 300F0603 551D1301 01FF0405 30030101 FF302C06
03551D11 04253023 82217061 6E746572 612D6F66 66696365 2E70616E 74657261
746F6F6C 732E6C6F 63616C30 1F060355 1D230418 30168014 31F245F1 7E3CECEF
41FC9A27 62BD24CE F01819CD 301D0603 551D0E04 16041431 F245F17E 3CECEF41
FC9A2762 BD24CEF0 1819CD30 0D06092A 864886F7 0D010104 05000381 8100604D
14B9B30B D2CE4AC1 4E09C4B5 E58C9751 11119867 C30C7FDF 7A02BDE0 79EB7944
82D93E04 3D674AF7 E27D3B24 D081E689 87AD255F B6431F94 36B0D61D C6F37703
E2D0BE60 3117C0EC 71BB919A 2CF77604 F7DCD499 EA3D6DD5 AB3019CA C1521F79
D77A2692 DCD84674 202DFC97 D765ECC4 4D0FA1B7 0A00475B FD1B7288 12E8
quit
username pantera privilege 15 password 0 XXXX
username aneuron privilege 15 password 0 XXXX
archive
log config
hidekeys
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key xxxx address 2.2.2.2
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to 2.2.2.2
set peer 2.2.2.2
set transform-set ESP-3DES-SHA
match address 100
interface FastEthernet0/0
description $ETH-WAN$
ip address 2.2.2.2 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map SDM_CMAP_1
interface FastEthernet0/1
description $ETH-LAN$
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface Serial0/0/0
no ip address
shutdown
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 1.1.1.1
no ip http server
ip http authentication local
no ip http secure-server
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.254 20 1.1.1.1 20 extendable
ip nat inside source static tcp 192.168.0.254 21 1.1.1.1 21 extendable
ip nat inside source static tcp 192.168.0.252 22 1.1.1.1 22 extendable
ip nat inside source static tcp 192.168.0.252 25 1.1.1.1 25 extendable
ip nat inside source static tcp 192.168.0.250 80 1.1.1.1 80 extendable
ip nat inside source static tcp 192.168.0.252 110 1.1.1.1 110 extendable
ip nat inside source static tcp 192.168.0.250 443 1.1.1.1 443 extendable
ip nat inside source static tcp 192.168.0.252 587 1.1.1.1 587 extendable
ip nat inside source static tcp 192.168.0.252 995 1.1.1.1 995 extendable
ip nat inside source static tcp 192.168.0.252 8080 1.1.1.1 8080 extendable
ip nat inside source static tcp 192.168.0.249 8096 1.1.1.1 8096 extendable
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.0.0 0.0.0.255 10.0.100.0 0.0.0.255
access-list 101 remark CCP_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny ip 192.168.0.0 0.0.0.255 10.0.100.0 0.0.0.255
access-list 101 permit ip 192.168.0.0 0.0.0.255 any
access-list 102 remark Web Server ACL
access-list 102 permit tcp any any
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps ds1
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps envmon
snmp-server enable traps flash insertion removal
snmp-server enable traps icsudsu
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps ds0-busyout
snmp-server enable traps ds1-loopback
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps switch-over
snmp-server enable traps rogue-ap
snmp-server enable traps wlan-wep
snmp-server enable traps bgp
snmp-server enable traps cnpd
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps resource-policy
snmp-server enable traps event-manager
snmp-server enable traps frame-relay multilink bundle-mismatch
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface-old
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps pppoe
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps vtp
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps firewall serverstatus
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps ipsla
snmp-server enable traps rf
route-map SDM_RMAP_1 permit 1
match ip address 101
control-plane
line con 0
logging synchronous
line aux 0
line vty 0 4
scheduler allocate 20000 1000
end
Any/All help is greatly appreciated! I'm sorry if I sound like a newby!
-EvanHello,
According to the config you posted 2.2.2.2 is your wan ip address and 1.1.1.1 is the next hop address for your wan connection. The ip nat configuration for port forwarding should look like
Ip nat inside source static tcp 192.168.0.250 80 2.2.2.2 80
If your provider assigns you a dynamic ipv4 address to the wan interface you can use
Ip nat inside source static tcp 192.168.0.250 80 interface fastethernet0/0 80
Verify the settings with show ip nat translation.
Your access list 102 permits only tcp traffic. If you apply the acl to an interface dns won't work anymore (and all other udp traffic). You might want to use a statefull firewall solution like cbac or zbf combined with an inbound acl on the wan interface.
Best Regards
Lukasz -
I am to try to redirect port 3500 of dialer0 for an IP 192.168.1.2 in the Lan whit the same port number. Already I moved in nat. E I created rules ACL. But I did not obtain.
Router cisco 836
My config:
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname cisco5000
boot-start-marker
boot-end-marker
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip subnet-zero
ip name-server xxx.xxx.xxx.xxx
ip name-server xxx.xxx.xxx.xxx
ip cef
ip ips po max-events 100
vpdn enable
l2tp-class PTRP-L2TP
authentication
hello 50
password 7 xx
exit
pseudowire-class PTRP-PWC
encapsulation l2tpv2
protocol l2tpv2 PTRP-L2TP
ip local interface Dialer1
exit
no ftp-server write-enable
interface Ethernet0
description == LAN =
ip address 192.168.1.15 255.255.255.0
ip directed-broadcast
no ip proxy-arp
no ip mroute-cache
no keepalive
no cdp enable
exit
interface BRI0
no ip address
no cdp enable
exit
interface ATM0
no ip address
load-interval 30
no atm ilmi-keepalive
dsl operating-mode auto
exit
interface ATM0.1 point-to-point
pvc 0/35
encapsulation aal5snap
protocol ppp dialer
dialer pool-member 1
exit
interface FastEthernet1
no ip address
duplex auto
speed auto
exit
interface FastEthernet2
no ip address
duplex auto
speed auto
exit
interface FastEthernet3
no ip address
duplex auto
speed auto
exit
interface FastEthernet4
no ip address
duplex auto
speed auto
exit
interface Virtual-PPP1
description == Tunel L2TP BE-BT1 ==
ip address negotiated
backup delay 30 30
backup interface Virtual-PPP2
no cdp enable
ppp pap sent-username xx
pseudowire xxx.xxx.xxx.xxx pw-class PTRP-PWC
exit
interface Virtual-PPP2
description == Tunel L2TP BE ==
ip address negotiated
no cdp enable
ppp pap sent-username xx
pseudowire xxx.xxx.xxx.xxx 10 pw-class PTRP-PWC
exit
interface Dialer1
description == ADSL ==
ip address negotiated
ip access-group 111 in
no ip unreachables
encapsulation ppp
no ip route-cache cef
no ip route-cache
no ip mroute-cache
dialer pool 1
dialer remote-name xx
dialer idle-timeout 0
dialer-group 1
ppp pap sent-username xx
exit
ip classless
ip route 0.0.0.0 0.0.0.0 Virtual-PPP1 10
ip route 0.0.0.0 0.0.0.0 Virtual-PPP2 100
ip route xxx.xxx.xxx.xxx 255.255.255.255 Dialer1
ip route xxx.xxx.xxx.xxx 255.255.255.255 Dialer1
ip http server
ip http authentication local
ip http secure-server
access-list 7 remark === Remote CONF ===
access-list 7 permit xxx.xxx.xxx.xxx
access-list 7 permit xxx.xxx.xxx.xxx
access-list 111 remark === internet ===
access-list 111 permit ip host xxx.xxx.xxx.xxx any
access-list 111 permit ip host xxx.xxx.xxx.xxx any
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any time-exceeded
access-list 111 permit ip host xxx.xxx.xxx.xxx any
access-list 111 permit ip host xxx.xxx.xxx.xxx any
access-list 111 deny ip any any
dialer-list 1 protocol ip permit
no cdp run
control-plane
exit
line con 0
no modem enable
transport preferred all
transport output all
stopbits 1
exit
line aux 0
transport preferred all
transport output all
exit
line vty 0 4
access-class 7 in
transport preferred all
transport input all
transport output all
exit
scheduler max-task-time 5000
scheduler interval 500
exit
endcontent WEB_80
vip address 10.1.18.11
add service 1
protocol tcp
add service 2
port 80
advanced-balance sticky-srcip
active
In this example the request will come in through port 80, but for it to go out by port 3500 we can add the following command port xxxx (where xxxx is the number of the port) in a service. This will allow the CSS to redirect the request to the server on the desired port.
This is just an example to let you see how and where to configurate it. -
Xconnect 20Gb Port-channel over MPLS Possible?
Can anybody confirm if you can establish an Xconnect between two 20Gb port-channels (2x 10Gig bundle). The core is 40Gig and running MPLS. We have many gigabit pseudowires running over it already.
Our intention is to terminate 10Gig server traffic on 4900M's and then have a 20Gb Port channel trunk link into a 6500 (which is part of the MPLS cloud). We would then issue the xconnect directly on the 20Gig port channel in order to traverse the MPLS Core.
Has anyone configured this before? Are there any caveats to watch out for? What sort of performance hit (if any does) xconnect functionality have on 10Gig Traffic.Hi,
Yes it's supported but test it first (as always ;-) )
HTH
Laurent. -
L2VPN Pseudowire Redundancy arquitecture
Hi,
I'm trying to configure L2VPN Pseudowire Redundancy. I've found some documentation in the link below:
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fspseudo.html
But my scenario is quite different from the one explained at this document. I have the following scenario:
So I need to create a L2VPN between CE-A and CE-B. I need to establish the main xconnect between PE-A1 and PE-B1, and the backup between PE-A2 and PE-B2, and I would like the CE to be able to switch between one circuit or the other automatically.
How can I do it? Anybody can help me, please??
Regards,
CristinaWhat I need is a layer 2 vpn over the MPLS, so configuring layer 3 routing protocol is not suitable for me.
Maybe it is important to say that I am the SP, so I manage either PE and CE equipment.
Actually, I've read that QinQ can solve my problem, but I'm trying implementing QinQ in this way and it doesn't have the behaviour I expect:
CE-A:
interface GigabitEthernet1/19
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 300-301
switchport mode trunk
end
interface GigabitEthernet1/20
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 300-301
switchport mode trunk
end
PE-A1:
pseudowire-class TEST-L2VPN-REDUN1
encapsulation mpls
preferred-path interface Tunnel11 disable-fallback (Tunnel11 is a tunnel to PE-B1)
interface GigabitEthernet2/15
description test l2vpn redundancy
switchport
switchport access vlan 500
switchport mode dot1q-tunnel
speed 1000
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable
interface Vlan500
description l2vpn redundancy
no ip address
xconnect 1.1.1.1 101 pw-class TEST-L2VPN-REDUN1 (1.1.1.1 is PE-B1 RouterID)
PE-A2:
pseudowire-class TEST-L2VPN-REDUN2
encapsulation mpls
preferred-path interface Tunnel12 disable-fallback (Tunnel12 is a tunnel to PE-B2)
interface GigabitEthernet2/15
description test l2vpn redundancy
switchport
switchport access vlan 500
switchport mode dot1q-tunnel
speed 1000
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable
interface Vlan500
description l2vpn redundancy
no ip address
xconnect 2.2.2.2 102 pw-class TEST-L2VPN-REDUN1 (2.2.2.2 is PE-B2 RouterID)
CE-B:
interface GigabitEthernet1/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 300-301
switchport mode trunk
end
interface GigabitEthernet1/2
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 300-301
switchport mode trunk
end
PE-B1:
pseudowire-class TEST-L2VPN-REDUN1
encapsulation mpls
preferred-path interface Tunnel13 disable-fallback (Tunnel13 is a tunnel to PE-A1)
interface GigabitEthernet2/15
description prova l2vpn redundancy
switchport
switchport access vlan 500
switchport mode dot1q-tunnel
speed 1000
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable
interface Vlan500
description l2vpn redundancy
no ip address
xconnect 3.3.3.3 101 pw-class TEST-L2VPN-REDUN1 (3.3.3.3 is PE-A1 routerID)
PE-A2:
pseudowire-class TEST-L2VPN-REDUN2
encapsulation mpls
preferred-path interface Tunnel14 disable-fallback (Tunnel14 is a tunnel to PE-A2)
interface GigabitEthernet2/15
description prova l2vpn redundancy
switchport
switchport access vlan 500
switchport mode dot1q-tunnel
speed 1000
l2protocol-tunnel cdp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable
interface Vlan500
description l2vpn redundancy
no ip address
xconnect 4.4.4.4 102 pw-class TEST-L2VPN-REDUN2 (4.4.4.4 is PE-A2 routerID)
The result of applying this configuration is VC 101 established and with layer 2 connectivity ok, but VC 102 down and interface Gi2/15 of PE-A2 in err-disable state. The behaviour I expected is that STP protocol acts and put the the ports of the second layer 2 paths in blocking state.
Any idea??
Thanks. -
can someone explain what is the difference of vc 4 and 5 in the pseudowire technology? in addition to this, in a pseudowire headend setup, what is the usage of VC 4 and 5?
Hi Wong
Below is the short difference between VC type 4 and VC type 5:-
A VC type 5 tunnels an Ethernet port over MPLS
Also check the below mentioned post.
http://www.mplsvpn.info/2009/12/modes-of-ethernet-over-mpls-eompls.html
regards
Shivlu Jain
A VC type 4 transports a VLAN over MPLS -
MST BPDU via EoMPLS Pseudowire Connections
Hi All,
I've been trying to change the STP mode of my MPLS aggrigation switches to MST due to many reasons but without success. (Currently all switches are working on PVST+.)
Below given my sample network topology, configurations on both switches and pseudowire configurations and error message.
ME3750(SW1) --- 7609 (EoMPLS pseudowire - VLAN 2500) 12406 -- ME3750(SW2)
Configurations
==========
ME3750(SW1)
=============
spanning-tree mode mst
spanning-tree extend system-id
spanning-tree mst configuration
name MPLS
revision 10
instance 10 vlan 2-99
instance 20 vlan 100-1999
instance 30 vlan 2000-4094
spanning-tree mst 0,10,20,30 priority 24576
vlan 3,100,850,2500,3030
7609-PE
=======
interface GigabitEthernet0/1.2500
description *** MST_TEST ***
encapsulation dot1Q 2500
xconnect 10.2.0.5 2500 encapsulation mpls
end
ME3750(SW2)
===========
spanning-tree mode mst
spanning-tree extend system-id
spanning-tree mst configuration
name MPLS
revision 10
instance 10 vlan 2-99
instance 20 vlan 100-1999
instance 30 vlan 2000-4094
12406-PE
=======
interface GigabitEthernet2/1/0.2500
description *** MST_TEST ***
encapsulation dot1Q 2500
xconnect 10.1.0.8 2500 encapsulation mpls
end
There is a VLAN bsed EoMPLS configuration on VLAN 2500 on MPLS edges.
When the MST configuration done; the uplink trunk port of the ME3750(SW1) blocked with following erroe.
*Mar 1 02:45:11.920: %SPANTREE-2-PVSTSIM_FAIL: Blocking designated port Gi0/1: Inconsitent superior PVST BPDU received on VLAN 2500, claiming root 24576:001a.a2b5.7d00
While I googled, i found one post saying to change the priority of the MST regions to higher, hence forcing one switch to become ROOT. Accordingly I changed the priority of ME3750(SW1) but still problem remains.
Can anyone of you experts help me out to get this sorted?
Note: I've not enabled native VLAN on both switches towards MPLE PEs and also hasn't enable any L2 protocols via speudowire connection.
Thank you all,
ChamindaHi Laurant,
Thanks for your reply.
Actually my requirement is to have local MST reigions per MPLS PE. That is why I psecificaly block native VLAN passing through the PW and did not enable any L2 protocols via PW.( believe this is a good practice.. ;-) )
BTW I'll clear STP protocol as you suggested and see the results.
Also I can not configure port mode PW, since all my L2 & L3 customers interface with MPLS PE via this Gig interface.
My understanding on MST BPDUs are passing through native VLAN. Hence in my scenarion, if i'm not passing native VLAN throught the PW, what could be the reason for blocking the entire port due to the "inconsistance superior BPDU receive via VLAN 2500"?
Do I need to block STP on 7609 box itself? (read on one blog asking to disable STP on SUP720 on 7609)
Pl clarify.
Thank You,
Chaminda -
I have an existing MPLS Pseudowire connection that I need to rework to be able to carry vlan tags instead of just plain L2 frames.
Existing setup:
ME3400 <-> 7206VXR <-> 7206VXR <-> ME3400
The ME3400's customer facing int tags incoming frames, which go over a trunk interface to a 7206VXR subint. The subint is conf'd for pseudowire p2p to the remote 7206VXR which has an identical setup. Subint on a trunk int to a ME3400, cust facing int tied to a matching vlan.
My thought is use QinQ on the switches, with the question being will the 7206s correctly strip off one vlan tag layer, encapsulate the remaining vlan tagged L2 frame for psuedowire, and on the remote end take the pesuedowire packet, decapsulate it, add on the QinQ tag, and shove it back out to the switch? I won't know ahead of time what vlan tags the customer will be looking to pass, so I need to be able to support whatever they try to throw across this link.Hi,
You can definitely do that, The pseudowire has 2 labels , the outer label represent the (tunnel label), the inner label represent the (Vc label).
The egress 7206Vxr performs lookup at Vc label and forward the frames un labeled to the ME3400.
On the other hand, with QinQ, the customer vlan access port is tunneled across the Service provider Network, this has no affect in your MPLS Forwarding which done at the vxr7206, The outer vlan tag(tagged by the service provider) is stripped out when the frames forwarded firstly unlabeled to the ME3400 at the egress tunnel interface , the inner vlan tag (customer tag) is forwarded untouched (preserved) to the ingress ME3400 interface.
So, from different point,the MPLS provider is transparent for the Customer Vlan traffic even within the MPLS forwarding LSRs, The Only vlan that is binded to the inner label (Vc label) is the service provider access vlan provided to each customer.
HTH
Mohamed -
HP LaserJet Enterprise 500 color M551dn - Optional USB Device port
Hi, I'm hoping to buy the optional wireless print server (HP Jetdirect 2700w USB Wireless Print Server J8026A). There is one problem though, the optional USB device port seems to not exist on my printer. I only notice that the USB logo is present where the port is supposed to be. The plastic in the area is squared off as though it is some sort of break away tab and the port is underneath maybe.
There is no reference to this in the manual anywhere and I am really unsure how to proceed. I don't want to damage anything.
If someone experienced with this model (preferably an HP Employee) can confirm the availability of the port and tell me how to access it (Is it a break away tab?). Part of the reason why I bought this printer is the optional Wireless N print server.
Thank You in advance.Thank You for your reply. The port you are talking about is the front panel port for walk-up usb printing and firmware upgrades. This port is indeed available on the higher end LaserJet 500 (NON-MFP, printer only edition) as I just used it to upgrade the firmware. The port I am talking about is the one on the left side in the ports section which you use to plug in the optional print server (not the computer I/O port).
This is shown in the official manual and the spec sheet so I'm 85% sure the port is there, hp can't advertise and mention something that is not available as this would be a big problem and make the 2700w print server incompatible when it clearly states that it is. I just need someone to confirm the availability and clear my confusion (either from HP, or another owner who bought the wireless print server 2700w). -
Problem when we created the managed server to configure different ports.
I am trying to configure different ports for admin console and my communication service as we can’t share admin port to the outside world.
So that only admin can access admin console using admin port.
And out side clients can access my webapplication using different port.
For this i have created the managed server in weblogic.and I deployed the application on managed server.
Now admin server is running on 8001 port and my Communication Service application is running on 7001 port.
But when I tried to configure MBeans related to myCommunicationServiceApplication those were disapper on admin console. And the other wlng services are appearing on admin console.
1. Since my application deployed on managed server MBeans registration happened from myapplication hence it’s disappear on admin console.
Now If I want to configure Mbeans (related to my communication service) how can I configure it?
2. My communication service using configurationStore module and other wlng services.
When I tried to start my application on managed server I got the below error:
<Apr 28, 2009 12:22:44 PM IST> <Error> <Deployer> <BEA-149231> <dscp11166.TechMahindra.com> <Unable to set the activation state to true for the application 'wlng_nt_qualcomm_active_mediation [Version=1.0]'.
com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException: Configuration store module is not available.
3. I tried to target all wlngResources to manged server by editing config.xml file.
Then all wlng services disappears on admin console. If this is the case how can I configure container/account services on wlng?
I have created the Basicweblogic domain.
Below is the config.xml for reference.
"QualcommServer" is managed server name.
Can any one please suggest me how to configure this kind of scenarios?
<server>
<name>AdminServer</name>
<machine>new_Machine_1</machine>
<listen-port>8001</listen-port>
<default-iiop-user>weblogic</default-iiop-user>
<default-iiop-password-encrypted>{3DES}W8nBdoJPRZ8TkwcXwAZoxA==</default-iiop-password-encrypted>
<listen-address>localhost</listen-address>
</server>
<server>
<name>QualcommServer</name>
<machine>new_Machine_1</machine>
<listen-address>localhost</listen-address>
<server-start>
<java-vendor>Sun</java-vendor>
<java-home>C:\Program Files\Java\jdk1.6.0</java-home>
<class-path>C:\bea\wlng400\server\lib\weblogic.jar;C:\bea\wlng_pds400\lib\wlng\wlng.jar</class-path>
<bea-home>C:\bea</bea-home>
<username>weblogic</username>
<password-encrypted>{3DES}W8nBdoJPRZ8TkwcXwAZoxA==</password-encrypted>
</server-start>
</server>
<embedded-ldap>
<name>managedserver</name>
<credential-encrypted>{3DES}9q80YuFJueVVJxoWduJA1OGhbqk14EpgQWWyTrzlmxo=</credential-encrypted>
</embedded-ldap>
<configuration-version>10.0.1.0</configuration-version>
<app-deployment>
<name>wlng_nt_session#4.0</name>
<target>QualcommServer</target>
<module-type>ear</module-type>
<source-path>C:\bea\wlng400/applications/wlng_nt_session.ear</source-path>
<security-dd-model>CustomRolesAndPolicies</security-dd-model>
</app-deployment>
<app-deployment>
<name>interceptors</name>
<target>QualcommServer</target>
<module-type>ear</module-type>
<source-path>C:\bea\wlng400/applications/interceptors.ear</source-path>
<security-dd-model>CustomRolesAndPolicies</security-dd-model>
</app-deployment>
<app-deployment>
<name>wlng_prm</name>
<target>QualcommServer</target>
<module-type>ear</module-type>
<source-path>C:\bea\wlng400/applications/wlng_prm.ear</source-path>
<security-dd-model>CustomRolesAndPolicies</security-dd-model>
</app-deployment>
<app-deployment>
<name>wlng_nt_qualcomm_active_mediation#1.0</name>
<target>QualcommServer</target>
<module-type>ear</module-type>
<source-path>servers\AdminServer\upload\wlng_nt_qualcomm_active_mediation.ear</source-path>
<security-dd-model>DDOnly</security-dd-model>
</app-deployment>
<machine>
<name>new_Machine_1</name>
<node-manager>
<name>new_Machine_1</name>
<listen-address>localhost</listen-address>
</node-manager>
</machine>
<jms-server>
<name>JMSServer-AdminServer</name>
<target>AdminServer</target>
</jms-server>
<jms-system-resource>
<name>WLNGJMSResource</name>
<target>QualcommServer</target>
<descriptor-file-name>jms/wlng-jms.xml</descriptor-file-name>
</jms-system-resource>
<custom-resource>
<name>networktier</name>
<target>AdminServer</target>
<descriptor-file-name>custom/nt.xml</descriptor-file-name>
<resource-class>com.bea.wlcp.wlng.management.descriptor.resource.WlngTierResource</resource-class>
<descriptor-bean-class>com.bea.wlcp.wlng.management.descriptor.bean.WlngTierBean</descriptor-bean-class>
</custom-resource>
<custom-resource>
<name>wlng-edr</name>
<target>AdminServer</target>
<descriptor-file-name>custom/wlng-edr.xml</descriptor-file-name>
<resource-class>com.bea.wlcp.wlng.management.descriptor.resource.WlngEdrResource</resource-class>
<descriptor-bean-class>com.bea.wlcp.wlng.management.descriptor.bean.WlngEdrBean</descriptor-bean-class>
</custom-resource>
<admin-server-name>AdminServer</admin-server-name>
<jdbc-system-resource>
<name>wlng.datasource</name>
<target>QualcommServer</target>
<descriptor-file-name>jdbc/wlng-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
<jdbc-system-resource>
<name>wlng.localTX.datasource</name>
<target>QualcommServer</target>
<descriptor-file-name>jdbc/wlng-localTX-jdbc.xml</descriptor-file-name>
</jdbc-system-resource>
Thanks,
Srinu Babu PDear Nariharan,
Today I faced a simlar issue, and this SAP Note helped me fix it: 1966807 - Duplication of AET table records in change processing
In my case, cardinality of AET table was 1:1, and I was getting duplicate PARENT_ID every time when trying to create a subsequent service request for my activity.
Regards,
Andrew -
Does the mini DVI port cary audio if using a Mini-DVI to HDMI Adapter?
Hello everyone,
I've heard it is possible for a DVI port to transmit audio data to a HDMI connection if a DVI to HDMI cable is used, which will allow the sending of both audio and video to your TV. see: http://en.wikipedia.org/wiki/DigitalVisualInterface
I'm assuming this is not possible using apples mini DVI port, but just wanted to check to make sure. My main goal is to get surround sound out of my powerbook. To do this by simply adding a Mini-DVI to HDMI Adapter would be GREAT!Hi Jonathan,
I'm assuming this is not possible using apples mini DVI port
Yup, no audio, unfortunately. The audio will have to transmitted separately via the analog audio output.
Yang -
Mini-DVI port not working: wear and tear?
I had been happily using the mini-DVI port to play content on TV, using a DVI to Video adapter : plugging and unplugging probably twice a week.
Now it seems to have stopped, abruptly: no signal at all is reaching the TV. (Adapter still works fine on my MacBook.)
What are the chances of wear and tear damaging the DVI port? Is this a complicated fix? Any other thoughts? No recent upgrades or updates.
"About this Mac" reckons it's mirroring fine, so it feels like a hardware thing. Many thanks in advance.Hello ewfelton
It is very possible that the DVI port on the iMac has been damaged from wear and tear, as it's harder to get at than the MacBook.
I would disconnect everything from the iMac, grab a clean towel and turn it face down on the desk. Then with a magnifying glass and light inspect the DVI port for a broken or bent pin. In the process of inspecting the port your SMC will also be reset, follow the instruction for "How to reset the System Management Controller" when your done.
If the port seems OK and the SMC reset doesn't get it going use Disk Utility to Repair Disk Premissions and try it again.
Your local Apple Store or local Apple Service Provider can replace a bad or damaged DVI port.
Dennis -
Mini dvi to vga adapter doesn't fit Mac Book port
I bought a "mini dvi to vga" adapter at the local Apple store at the mall and it does not fit the mini DVI connection on my Mac Book. What is the correct mini dvi configuration or part number for the Mac Book Mini dvi port?
It may be. I threw the bag out so I can't check. I was in a hurry and thought I picked up the right adapter but guess not.
Thanks for your help. Know anyone that needs a mini vga to vga adapter? -
How can I connect my 3gen apple tv with HDMI to my BUSH LCD32TV022HD
This does not have an HDMI port but does have:-
1) S-Video I/P,
2) Video I/P,
3) Audio Input (Left & Right)
4) Audio In jack (for VGA and DVI source)
5) DVI input
6) VGA inputWelcome to the Apple community.
The Apple TV doesn't officially support a DVI connection, however you may be able to get it to work. You will first need to check that your TV supports either 720p or 1080p as well as HDCP. If you are able to get the video working over the DVI connection, you may also require a DAC in order to connect with Apple TV's optical audio output to the TVs audio imput.
You may well wish to make sure that the DVI connection works before spending any money on a DAC..
Maybe you are looking for
-
Importing video from hard drive causes windows to crash
Whenever I try to add video files to itunes either itunes freezes or windows crashes. I've tried comepletely reinstalling itunes and Quicktime as well as using selective configuration on startup but still keeps happening. Any suggestions? Windows X
-
Firefox does not open, profile manager does not open, not listed in task manager
firefox worked fine about two days back. Our norton expired so I downloaded Kaspersky Anti-Virus 12.0.0.374. I don't know if that has any connection to firefox not working. I click on the icon, nothing happens. The task is not mentioned in the task m
-
How to Copy Contents of One HD to Another HD?
I use a G4 QuickSilver 2002; run Mac OS X 10.5.8 Leopard. I would like to copy the contents of one old hard drive to the main hard drive. How do I do it? I tried using Disk Utility, but didn't know what to next once the Disk Utility folder appeare
-
HOW TO DISPLAY PICTURE IMAGE ON FORM - I HAVE THE SOLUTION NOW!!
Hi Kiran, I am very grateful to you and all who contributed to find a solution to my problem. I was stacked at the Page Definition properties in relation to the tutorial. I spent several overnights and later realized that the edit that would activate
-
Exchange on-premise 2010 Hot DR site on Azure
Hi, Customer has Exchange on-premise 2010 for which he wants hot back-up on cloud. In case his in-house server goes down the one on the cloud should be up & running giving him availability. Please share the info.